Configuración

tag-icon tag-icon snmp
Configuración

No puedo consultar información sobre el estado de keepalived a través de snmp, todo lo que obtengo es el siguiente error:

$ snmpwalk -v 2c -c public localhost 1.3.6.1.4.1.9586.100.5
1.3.6.1.4.1.9586.100.5 = No Such Object available on this agent at this OID

o al usar mib:

$ snmpwalk -v 2c -c public 127.0.0.1 KEEPALIVED-MIB
KEEPALIVED-MIB: Unknown Object Identifier (Sub-id not found: (top) -> KEEPALIVED-MIB)

Configuración

SNMP-Deamon

snmpd es la versión 5.7.3

/etc/snmp/snmpd.conf

master agentx
agentaddress udp:127.0.0.1:161
rocommunity public 127.0.0.1

trapcommunity public 
trap2sink 127.0.0.1

Mantener vivo

Keepalived es la versión 1.3.2 compilada conSNMP_V3_FOR_V2 SNMP SNMP_KEEPALIVED SNMP_CHECKER SNMP_RFC SNMP_RFCV2 SNMP_RFCV3

/etc/keepalived/keepalived.conf

# Managed by Puppet
global_defs {
  [...]

  snmp_socket udp:127.0.0.1:161
  enable_snmp_keepalived
  enable_traps
}

[...]

/etc/default/keepalived

DAEMON_ARGS="--snmp"

Servicios

El siguiente es el resultado del diario, que me parece bien. Este es el resultado de:systemctl start snmpd; systemctl restart keepalived

# Here snmpd is starting
Jun 07 18:12:42 vhrz1250 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Jun 07 18:12:42 vhrz1250 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
Jun 07 18:12:42 vhrz1250 snmpd[41254]: error on subcontainer 'ia_addr' insert (-1)
Jun 07 18:12:42 vhrz1250 snmpd[41254]: Turning on AgentX master support.
Jun 07 18:12:42 vhrz1250 snmpd[41254]: NET-SNMP version 5.7.3

# Here keepalived seems to be preparing for shutdown
Jun 07 18:12:56 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:58059->[127.0.0.1]:161
Jun 07 18:12:56 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:44178->[127.0.0.1]:161
Jun 07 18:13:05 vhrz1250 systemd[1]: Stopping Keepalive Daemon (LVS and VRRP)...
Jun 07 18:13:05 vhrz1250 Keepalived[38575]: Stopping
Jun 07 18:13:05 vhrz1250 Keepalived_healthcheckers[38576]: Stopped
Jun 07 18:13:05 vhrz1250 Keepalived_vrrp[38578]: VRRP_Instance(VI_10) sent 0 priority
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[38578]: Stopped
Jun 07 18:13:06 vhrz1250 Keepalived[38575]: Stopped Keepalived v1.3.2 (12/03,2016)
Jun 07 18:13:06 vhrz1250 systemd[1]: Stopped Keepalive Daemon (LVS and VRRP).

# Here keepalived stopped and spins back up again
Jun 07 18:13:06 vhrz1250 systemd[1]: Starting Keepalive Daemon (LVS and VRRP)...
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Starting Keepalived v1.3.2 (12/03,2016)
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Setting default script user to 'keepalived_script', uid:gid 1000:1000
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 07 18:13:06 vhrz1250 Keepalived[41295]: Starting Healthcheck child process, pid=41296
Jun 07 18:13:06 vhrz1250 Keepalived[41295]: Starting VRRP child process, pid=41297
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering Kernel netlink reflector
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering Kernel netlink command channel
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering gratuitous ARP shared channel
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 07 18:13:06 vhrz1250 systemd[1]: Started Keepalive Daemon (LVS and VRRP).
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Initializing ipvs

# Here keepalived starts SNMP subagent for vrrp
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Starting SNMP subagent
Jun 07 18:13:06 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:52941->[127.0.0.1]:161

# Keepalived continues starting up
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Registering Kernel netlink reflector
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Registering Kernel netlink command channel
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Opening file '/etc/keepalived/keepalived.conf'.

# Here keepalived starts SNMP subagent for healthchecks
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Starting SNMP subagent
Jun 07 18:13:06 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:53980->[127.0.0.1]:161

# Keepalived continues starting up
Jun 07 18:13:07 vhrz1250 Keepalived_healthcheckers[41296]: Using LinkWatch kernel netlink reflector...
Jun 07 18:13:07 vhrz1250 Keepalived_vrrp[41297]: Using LinkWatch kernel netlink reflector...
Jun 07 18:13:08 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10) Transition to MASTER STATE
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10) Entering MASTER STATE
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: Opening script file /usr/local/bin/keepalived_statechange
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification vrrpTrapNewMaster
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification vrrpv3NotifyNewMaster, reason 2
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: Remote SMTP server [137.248.1.36]:25 connected.
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: SMTP alert successfully sent.

# This might be connections from the VRRP instance snmp subagents
Jun 07 18:13:12 vhrz1250 snmpd[41254]: error on subcontainer 'ia_addr' insert (-1)
Jun 07 18:13:22 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:50917->[127.0.0.1]:161
Jun 07 18:13:22 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:38560->[127.0.0.1]:161

Respuesta1

Bien, encontré el problema. Siempre pensé que el snmpd.confconmutador master agentxhabilitaba la funcionalidad AgentX que se implementaría en la misma dirección que el agente normal (por ejemplo, según lo configurado por agentaddress).

Sin embargo, este no es el caso y, en su lugar, la dirección/socket de AgentX se controla a través de agentXSocket.

Entonces la configuración mínima debería verse así:

/etc/snmp/snmpd.conf

rocommunity public
master agentx

# Note: This is the AgentX address/socket
agentXSocket tcp:127.0.0.1:700

# Note: This is the address/socket used for snmpwalk and such
# agentaddress udp:127.0.0.1:161

/etc/snmp/snmp.conf

# Note: This is optional!
#  To enable keepalived mib, download
#  https://github.com/acassen/keepalived/blob/master/doc/KEEPALIVED-MIB.txt
#  to /usr/share/snmp/mibs (keep the .txt extension) and enable
#  it with the following line
mibs +KEEPALIVED-MIB

/etc/keepalived/keepalived.conf

global_defs {
  [...]

  # Note: This is the AgentX address/socket
  snmp_socket tcp:127.0.0.1:700
}
[...]

/etc/default/keepalived

DAEMON_ARGS="--snmp"

información relacionada