On Wed, Sep 18, 2024 at 07:29:09PM +0000, Castelli, Anton wrote:
> David,
> 
> Yes, that one instance was a mistake when I was anonymizing the
> IPs. Sorry for the confusion.
> 
> Following your suggestion, I was able to set the sysctl value
> 'net.ipv4.ip_nonlocal_bind=1'. After that, I was able to
> successfully start the rootless container on the secondary server
> (that did not have the VRRP IP). You were correct that pasta emitted
> a warning, but it started anyway.

Ok.

> With this workaround, I can now successfully start rootless
> containers on both the primary and secondary servers. The primary
> server responds to UDP queries on both its main IP address and the
> VRRP IP address. I tried a manual failover to the secondary server,
> which then also responds on the VRRP IP address in addition to its
> main IP address. Everything appears to be working as intended.

Superb!

> Thank you so much for taking the time to help find a workaround to
> this issue! I'll be updating the bug report with the details on the
> workaround in case anyone else runs into the issue.

Thanks for that.  We have a _lot_ of edge cases of varying obscurity
to sort out eventually; recording the details so they're not forgotten
is super helpful.

-- 
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson