> Running in a virtualized OpenStack environment, nowadays we have 3 boxes,For a Sentinel to try to get voted, ODOWN must be reached, otherwise
> 1-server 1-sentinel each. Both slaves are attached to the master. Sentinels
> are
> configured with quorum=2.
>
>
> When the box with the master fails (network wise: the processes are still
> working
> on each box, but the boxes cannot reach each other), the remaining 2
> sentinels
> just see the sdown state, but don't vote for a new master. Also both slaves
> detects
> the "master link down" state. But nothing reacts. Just stays the same way.
the failover can't be triggered.
If it is not reached, usually it is a problem of the Sentinels not
able to communicate since port 26379 is closed.
But it can be a bug as well, the system is every week more mature but
not immune to bugs at all...
In virtualized ecosystems (like Amazon EC2 or custom OpenStack),the network configuration is kind of special: the system will haveconfigured an IP address that is only know by the current virtualinstance; most of the systems call it the "private IP" and is associatedto the system network interface (i.e.: eth0).This IP is unreachable from other virtual instances in the sameenvironment.
Leo, I think that this is the same issue Matt Stancliff fixed for Redis Cluster.
Is it enough if outgoing connections, and the announcement itself, is
limited to the IP address you bind in sentinel.conf via the "bind"
directive?
We could create a config parameter to define “fixed-source-address x.x.x.x” instead of using internally bound IPs for advertising Sentinel communication.
Leo Volinier <leonardo...@gmail.com> wrote:
> Just a recomendation: could we stick to its concept and name it simple like: listen-address? Is there any other concept in Redis named Listen Address?
What would ‘listen-address’ do differently from the exiting ‘bind’ option?
I could imagine users getting confused between the wording of ‘bind’ and ‘listen-address’ since ‘bind’ already listens on multiple IPs.
I think what we’re trying to fix is Redis lacking the option to say “this is the official IP address of this instance.”
Right now, ‘bind’ has three scenarios: undefined and listen on all interfaces, listen on a single IP address, or listen on up to 16 unique IP addresses. Redis currently trusts the system to just “do the right thing” when connecting to other hosts. The issue we have is Redis re-advertises IP:Port combinations it passively discovers to other hosts. Redis uses IP addresses discovered from socket connections to advertise Redis services to different hosts, but the other hosts may not be able to access the advertised hosts because of system or network configuration issues (since they were passively discovered and not directly announced as “I am reachable as instance 4.2.2.2:35000”).
We have an in-progress fix at https://github.com/antirez/redis/pull/1708 — Note: the fix requires you specify the required IP address as the first `bind` address for each instance in your config file. You should have proper firewall rules in place prohibiting any servers not under your control from accessing your Redis and Sentinel ports.
I've read Matt's pull request[1], and it seems to me that is not the same issue.
What I understood from Matt's comments, it's just a convention to take the first bind_addr to announce to other cluster nodes where they can find the current node. But if you cannot bind to that address, Redis will shutdown.In the case I'm describing you're not able to bind to that address since the system doesn't know it.
On other hand, what I'm asking for should include the case that Matt is trying to tackle.
On Jun 16, 2014, at 5:00 PM, Dara Kong <dara...@gmail.com> wrote:
> I tried your branch mattsta:sentinel-bind-source-address and updated my sentinel.conf with my public IP:
>
> bind 54.XX.XX.XX
>
> But sentinel fails to start:
You’ll have to configure Linux to allow you to bind address that don’t exist on your machine.
Check out this comment: https://github.com/antirez/redis/issues/1667#issuecomment-39751990 along with http://linux.die.net/man/8/setcap.
> Would it make sense to create a separate config option for specifying sentinel source address instead of "first bind entry”?
Yeah, that’s currently just a limitation of how Redis networking has worked forever. It’s currently being reviewed for potential improvements. I’d love to have new behavior for specifying network addresses starting with Redis 3.0 since it’s a major version bump anyway and that’s a great time to throw in maybe backwards incompatible changes.