keepalived // simple failover ip

install | setup | simple | routing states | check-ha

tested on debian12

IMAGE HERE

global_defs {
    max_auto_priority -1
    notification_email {
        root@localhost
    }
    notification_email_from keepalive@demo.nethence.com
    checker_log_all_failures
    default_interface eth0
    enable_script_security
    script_user keepalive keepalive
}

vrrp_instance VRRP-FRONT {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 1
    advert_int 1

    virtual_ipaddress {
        192.168.122.209/24
    }

    # default route remains anyhow
    #virtual_routes {
    #   0.0.0.0/0 via x.x.x.x dev eth0
    #}

    notify "/var/tmp/notify.bash"
}

acceptance

check which node has the vip

on the nodes themselves

ip a show dev eth0

from the workstation

arp -a

ping the vip

from the workstation

ping 192.168.122.209

show the notify logs live on the backup node

tail -F /var/tmp/notify.log

brutally stop the node holding the vip

==> results as follows

ping continues
arp has changed
notify logs show the fail-over

e.g.

Sat May 18 02:08:06 PM UTC 2024 -- bookworm-2 received INSTANCE VRRP-FRONT MASTER 1

resources

acceptance

https://www.virtualtothecore.com/manual-failover-of-keepalived/ ==> trigger the fail-over by other means

moar – DR

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/load_balancer_administration/ch-initial-setup-vsa ==> TCP_CHECK

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/load_balancer_administration/s1-initial-setup-conf-dr-vsa ==> direct routing & TCP_CHECK again

moar – changing gateway

https://github.com/acassen/keepalived/issues/748 ==> virtual_routes was not available back then?