Aug 31 14:52:36 haproxy-01 Keepalived_vrrp[1074]: (Line 23) Truncating auth_pass to 8 characters
Aug 31 14:52:36 haproxy-01 Keepalived_vrrp[1074]: Initializing ipvs
Aug 31 14:52:36 haproxy-01 modprobe[1075]: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/5.11.22-4-pve/modules.dep.bin'
Aug 31 14:52:36 haproxy-01 modprobe[1075]: FATAL: Module ip_vs not found in directory /lib/modules/5.11.22-4-pve
Aug 31 14:52:36 haproxy-01 Keepalived_vrrp[1074]: IPVS: Can't initialize ipvs: Permission denied (you must be root)
Aug 31 14:52:36 haproxy-01 Keepalived_vrrp[1074]: Stopped
Aug 31 14:52:36 haproxy-01 Keepalived[1066]: Keepalived_vrrp exited with permanent error FATAL. Terminating
Aug 31 14:52:36 haproxy-01 systemd[1]: keepalived.service: Succeeded.
Aug 31 14:52:36 haproxy-01 Keepalived[1066]: Stopped Keepalived v2.0.10 (11/12,2018)
Aug 31 14:52:36 haproxy-01 systemd[1]: keepalived.service: Consumed 60ms CPU time.
lxc.cgroup.devices.allow: a
lxc.cap.drop:
lxc.mount.auto: proc:rw sys:rw
lxc.mount.entry: /lib/modules lib/modules none ro,bind 0 0
Aug 31 15:03:11 haproxy-01 Keepalived_vrrp[1090]: (Line 20) (VI_1) Specifying lvs_sync_daemon_interface against a vrrp is deprecated.
Aug 31 15:03:11 haproxy-01 Keepalived_vrrp[1090]: (Line 20) Please use global lvs_sync_daemon
Aug 31 15:03:11 haproxy-01 Keepalived_vrrp[1090]: (Line 23) Truncating auth_pass to 8 characters
Aug 31 15:03:11 haproxy-01 Keepalived_vrrp[1090]: Initializing ipvs
Aug 31 15:03:11 haproxy-01 Keepalived_vrrp[1090]: IPVS: Can't initialize ipvs: Permission denied (you must be root)
Aug 31 15:03:11 haproxy-01 Keepalived_vrrp[1090]: Stopped
Aug 31 15:03:11 haproxy-01 Keepalived[1081]: Keepalived_vrrp exited with permanent error FATAL. Terminating
Aug 31 15:03:11 haproxy-01 Keepalived[1081]: Stopped Keepalived v2.0.10 (11/12,2018)
Aug 31 15:03:11 haproxy-01 systemd[1]: keepalived.service: Succeeded.
This is the opposite of what was suggested:added to container config:
Code:lxc.cgroup.devices.allow: a lxc.cap.drop: lxc.mount.auto: proc:rw sys:rw lxc.mount.entry: /lib/modules lib/modules none ro,bind 0 0
Try runningjust load the modules in the node and see if this works
modprobe ip_vs
on the Proxmox host before starting the container and then try keepalived. Maybe you need more modules (I don't know keepalived) but you can load them the same way. You can add all required modules to /etc/modules
once you have it working so it will automatically load those.Proxmox VE6 or ProxmoxVE7 ? Any special config on the host also?I run keepalived inside my unprivileged Pihole LXCs without editing anything special to the LXCs config file. Atleast with Debian 11 LXCs it works fine here out of the box.
use_vmac
to the instances inside the keepalived.conf
to prevent both nodes in the keepalive pair from obtaining the virtual IP. Currently still on Proxmox 6.4 on the hosts. Upgrading to 7.3 after the new year.Proxmox VE7.Proxmox VE6 or ProxmoxVE7 ? Any special config on the host also?
pct set 100 --mp0 /lib/modules,mp=/lib/modules,ro=1
open_without_symlink: 1289 Too many levels of symbolic links - lib in /usr/lib/x86_64-linux-gnu/lxc/rootfs/lib/modules was a symbolic link!