[SOLVED] Redis with IPsec, sentinels do not promote slave when IPsec is flushed
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Ubuntu 10.04 (used to be Red Hat 7.1, then Red Hat 9, then FC 2, FC 5, FC 6, FC 9 and Ubuntu 8.04)
Posts: 105
Rep:
Redis with IPsec, sentinels do not promote slave when IPsec is flushed
I have three redis servers, each one is also running a redis sentinel. The comms between the servers is encrypted with IPsec. When all IPsec connections are working, then stopping the redis replication master is recognised by the sentinels and they promote a slave to be the new master.
But when I flush IPsec (using setkey -F and setkey -FP) then the comms between the master and slaves is broken, but the sentinels do NOT promote a slave to become a new master.
The redis slaves recognise the fact that their master appears to be unavailable, because I can see this type of stuff in the redis server log:
11002:S 04 Apr 15:49:49.258 * Connecting to MASTER 192.168.106.246:6379
11002:S 04 Apr 15:49:49.259 * MASTER <-> SLAVE sync started
11002:S 04 Apr 15:50:50.425 # Timeout connecting to the MASTER...
If I subsequently activate IPsec again on the redis master, then the replication catches up, and the master remains as the master.
But while IPsec is flushed, then updates on the master can happen and they are not replicated to slaves.
Is there a setting for the sentinels that will recognise that the master is down?
Last edited by hairysocks; 04-07-2016 at 07:11 AM.
Reason: Added solved tag to subject
Distribution: Ubuntu 10.04 (used to be Red Hat 7.1, then Red Hat 9, then FC 2, FC 5, FC 6, FC 9 and Ubuntu 8.04)
Posts: 105
Original Poster
Rep:
I have solved the problem by adding another redis sentinel. I think the problem was that when one of the three sentinels could no longer communicate, then the remaining two could not agree to promote a slave to be the new master for replication. The redis sentinel documentation says don't try a setup with just two sentinels. But adding a fourth sentinel, then when the master, and its sentinel, became inaccessible, then there were still three sentinels left to vote up a new replication master.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.