heartbeat/keepalived+mysql master-slave high availability. After turning on the firewall, it was found that both the master library and the slave library generated VIPs. This is because the firewall intercepted vrrp multicast, and heartbeat used UDP port 694, which was also intercepted. Yes, we need to open up the policy and allow communication.
Iptables:
heartbeat:
#vi /etc/sysconfig/iptables
-A INPUT -p udp --dport 694 -j ACCEPT
# service iptables restart
keepalived:
#vi /etc/sysconfig/iptables
-A INPUT -p vrrp -j ACCEPT
# service iptables restart
Firewalld:
heartbeat:
#firewall-cmd --zone=public --add-port=694/udp --permanent
#firewall-cmd --reload
keepalived:
#firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
#firewall-cmd --reload