Setting up Keepalived for Routing

tested on slackware current (oct 2021) and debian12

Keep it brutal

we’re being brutal as we want to keep the same configuration around the cluster. for that, we’re defining BACKUP as the initial state of the instance on all nodes, and with the lowest priority.

# debian
# /usr/share/doc/conntrackd/examples/sync/keepalived.conf

mv -i /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.dist
vi /etc/keepalived/keepalived.conf

Simple failover IP

global_defs {
        max_auto_priority -1
        notification_email {
                root@localhost
        }
        notification_email_from keepalive@DOMAIN.TLD
        checker_log_all_failures
        default_interface xenbr0
        enable_script_security
        script_user keepalive keepalive
}

vrrp_instance VRRP1 {
        state BACKUP
        interface xenbr0
        virtual_router_id 51
        priority 1
        advert_int 1

        virtual_ipaddress {
                10.0.0.209/24
        }

        # default route remains anyhow
    #virtual_routes {
    #   0.0.0.0/0 via x.x.x.x dev xenbr0
    #}

        notify "/var/tmp/notify.bash"
}

Keep the states

    global_defs {
            max_auto_priority -1

            notification_email {
                    support@angrycow.ru
            }

            notification_email_from support@angrycow.ru
            checker_log_all_failures
            default_interface eth0

            # need root for conntrackd
            #enable_script_security
            #script_user keepalive keepalive
    }

    vrrp_sync_group nat {
            group {
                    front-vip
                    guest-vip
            }

            # active/passive
            notify_master   "/usr/share/doc/conntrackd/examples/sync/primary-backup.sh primary"
            notify_backup   "/usr/share/doc/conntrackd/examples/sync/primary-backup.sh backup"
            notify_fault    "/usr/share/doc/conntrackd/examples/sync/primary-backup.sh fault"
    }

    vrrp_instance front-vip {
            state BACKUP
            interface eth0
            virtual_router_id 1
            priority 1
            advert_int 1

            virtual_ipaddress {
                    217.19.208.157/29
            }

    # default route remains anyhow
            #virtual_routes {
            #       0.0.0.0/0 via 217.19.208.153 dev eth0
            #}

    #notify "/var/tmp/notify.bash"
    }

    vrrp_instance guest-vip {
            state BACKUP
            interface eth1
            virtual_router_id 2
            priority 1
            advert_int 1

            virtual_ipaddress {
                    10.1.255.254/16
            }

    #notify "/var/tmp/notify.bash"
    }

Ready to go

back to the main guide

Resources

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/load_balancer_administration/s1-initial-setup-conf-dr-vsa ==> direct routing

https://github.com/acassen/keepalived/issues/748 ==> virtual_routes was not available back then?


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun