snmpを介して接続保持状態情報を照会することはできません。次のエラーのみが表示されます。
$ snmpwalk -v 2c -c public localhost 1.3.6.1.4.1.9586.100.5
1.3.6.1.4.1.9586.100.5 = No Such Object available on this agent at this OID
またはmibを使用する場合:
$ snmpwalk -v 2c -c public 127.0.0.1 KEEPALIVED-MIB
KEEPALIVED-MIB: Unknown Object Identifier (Sub-id not found: (top) -> KEEPALIVED-MIB)
構成
SNMPデーモン
snmpd バージョンは 5.7.3 です。
/etc/snmp/snmpd.conf
master agentx
agentaddress udp:127.0.0.1:161
rocommunity public 127.0.0.1
trapcommunity public
trap2sink 127.0.0.1
生き続ける
Keepalivedのバージョンは1.3.2で構築されました。SNMP_V3_FOR_V2 SNMP SNMP_KEEPALIVED SNMP_CHECKER SNMP_RFC SNMP_RFCV2 SNMP_RFCV3
/etc/keepalived/keepalived.conf
# Managed by Puppet
global_defs {
[...]
snmp_socket udp:127.0.0.1:161
enable_snmp_keepalived
enable_traps
}
[...]
/etc/default/keepalived
DAEMON_ARGS="--snmp"
提供する
以下は私にとっては大丈夫に見えるログ出力です。結果は次のとおりです。systemctl start snmpd; systemctl restart keepalived
# Here snmpd is starting
Jun 07 18:12:42 vhrz1250 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Jun 07 18:12:42 vhrz1250 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
Jun 07 18:12:42 vhrz1250 snmpd[41254]: error on subcontainer 'ia_addr' insert (-1)
Jun 07 18:12:42 vhrz1250 snmpd[41254]: Turning on AgentX master support.
Jun 07 18:12:42 vhrz1250 snmpd[41254]: NET-SNMP version 5.7.3
# Here keepalived seems to be preparing for shutdown
Jun 07 18:12:56 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:58059->[127.0.0.1]:161
Jun 07 18:12:56 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:44178->[127.0.0.1]:161
Jun 07 18:13:05 vhrz1250 systemd[1]: Stopping Keepalive Daemon (LVS and VRRP)...
Jun 07 18:13:05 vhrz1250 Keepalived[38575]: Stopping
Jun 07 18:13:05 vhrz1250 Keepalived_healthcheckers[38576]: Stopped
Jun 07 18:13:05 vhrz1250 Keepalived_vrrp[38578]: VRRP_Instance(VI_10) sent 0 priority
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[38578]: Stopped
Jun 07 18:13:06 vhrz1250 Keepalived[38575]: Stopped Keepalived v1.3.2 (12/03,2016)
Jun 07 18:13:06 vhrz1250 systemd[1]: Stopped Keepalive Daemon (LVS and VRRP).
# Here keepalived stopped and spins back up again
Jun 07 18:13:06 vhrz1250 systemd[1]: Starting Keepalive Daemon (LVS and VRRP)...
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Starting Keepalived v1.3.2 (12/03,2016)
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Setting default script user to 'keepalived_script', uid:gid 1000:1000
Jun 07 18:13:06 vhrz1250 Keepalived[41293]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 07 18:13:06 vhrz1250 Keepalived[41295]: Starting Healthcheck child process, pid=41296
Jun 07 18:13:06 vhrz1250 Keepalived[41295]: Starting VRRP child process, pid=41297
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering Kernel netlink reflector
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering Kernel netlink command channel
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Registering gratuitous ARP shared channel
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 07 18:13:06 vhrz1250 systemd[1]: Started Keepalive Daemon (LVS and VRRP).
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Initializing ipvs
# Here keepalived starts SNMP subagent for vrrp
Jun 07 18:13:06 vhrz1250 Keepalived_vrrp[41297]: Starting SNMP subagent
Jun 07 18:13:06 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:52941->[127.0.0.1]:161
# Keepalived continues starting up
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Registering Kernel netlink reflector
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Registering Kernel netlink command channel
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Opening file '/etc/keepalived/keepalived.conf'.
# Here keepalived starts SNMP subagent for healthchecks
Jun 07 18:13:06 vhrz1250 Keepalived_healthcheckers[41296]: Starting SNMP subagent
Jun 07 18:13:06 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:53980->[127.0.0.1]:161
# Keepalived continues starting up
Jun 07 18:13:07 vhrz1250 Keepalived_healthcheckers[41296]: Using LinkWatch kernel netlink reflector...
Jun 07 18:13:07 vhrz1250 Keepalived_vrrp[41297]: Using LinkWatch kernel netlink reflector...
Jun 07 18:13:08 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10) Transition to MASTER STATE
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10) Entering MASTER STATE
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: Opening script file /usr/local/bin/keepalived_statechange
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification vrrpTrapNewMaster
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: VRRP_Instance(VI_10): Sending SNMP notification vrrpv3NotifyNewMaster, reason 2
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: Remote SMTP server [137.248.1.36]:25 connected.
Jun 07 18:13:10 vhrz1250 Keepalived_vrrp[41297]: SMTP alert successfully sent.
# This might be connections from the VRRP instance snmp subagents
Jun 07 18:13:12 vhrz1250 snmpd[41254]: error on subcontainer 'ia_addr' insert (-1)
Jun 07 18:13:22 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:50917->[127.0.0.1]:161
Jun 07 18:13:22 vhrz1250 snmpd[41254]: Connection from UDP: [127.0.0.1]:38560->[127.0.0.1]:161
答え1
さて、問題を見つけました。私はいつもsnmpd.conf
スイッチでmaster agentx
AgentX機能が有効になっていると思いましたagentaddress
。
ただし、そうではなく、AgentXアドレス/ソケットはを介して制御されますagentXSocket
。
したがって、最小構成は次のようにする必要があります。
/etc/snmp/snmpd.conf
rocommunity public
master agentx
# Note: This is the AgentX address/socket
agentXSocket tcp:127.0.0.1:700
# Note: This is the address/socket used for snmpwalk and such
# agentaddress udp:127.0.0.1:161
/etc/snmp/snmp.conf
# Note: This is optional!
# To enable keepalived mib, download
# https://github.com/acassen/keepalived/blob/master/doc/KEEPALIVED-MIB.txt
# to /usr/share/snmp/mibs (keep the .txt extension) and enable
# it with the following line
mibs +KEEPALIVED-MIB
/etc/keepalived/keepalived.conf
global_defs {
[...]
# Note: This is the AgentX address/socket
snmp_socket tcp:127.0.0.1:700
}
[...]
/etc/default/keepalived
DAEMON_ARGS="--snmp"