Table of Contents
Keepalived is a high-availability and load-balancing tool. Using keepalived, virtual IPs and Linux Virtual Server and Virtual Router Redundancy setups can be managed very effectively between two or more hosts. From the Keepalived site: “The main goal of the keepalived project is to add a strong & robust keepalive facility to the Linux Virtual Server project. his project is written in C with multilayer TCP/IP stack checks. Keepalived implements a framework based on three family checks: Layer3, Layer4 & Layer5/7. This framework gives the daemon the ability of checking a LVS server pool states. When one of the server of the LVS server pool is down, keepalived informs the linux kernel via a setsockopt call to remove this server entry from the LVS topology. In addition keepalived implements an independent VRRPv2 stack to handle director failover. So in short keepalived is a userspace daemon for LVS cluster nodes healthchecks and LVS directors failover.”
In our case we are mostly interested in the Virtual Router Redundancy Protocol (VRRP) part. A comprehensive introduction into VRRP can be found in the IBM Redpaper "Virtual Router Redundancy Protocol (VRRP) on VM Guest LANS" (see Link section below).
To install keepalived add kpalived.lrp and the additionally required packages libpopt.lrp, libssl.lrp, libcrpto.lrp to leaf.cfg. Check the Bering-uClibc Installation Guide to learn how to do that.
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.1.200
smtp_connect_timeout 30
lvs_id LVS1
}
! sync groups bond instances together. they are tricky,
! so read the documentation and/or mailing lists before using them.
!vrrp_sync_group LVS1 BACKUP {
! VI_1
! VI_2
! }
vrrp_instance VI_1 {
state MASTER
track_interface {
eth0
}
interface eth2 # interface to send multicast heartbeat on
virtual_router_id 51
priority 150 # the highest priority is the master
advert_int 2 # rate of multicast heartbeats (seconds)
authentication {
auth_type PASS # don't use IPSEC, it is buggy
auth_pass SECRETPASS
}
virtual_ipaddress {
192.168.1.210 # list as many IPs as you want, one perline. see SYNOPSIS
}
}
vrrp_instance VI_2 {
state SLAVE
track_interface {
eth0
}
interface eth2
virtual_router_id 52
priority 100
advert_int 2
authentication {
auth_type PASS
auth_pass SECRETPASS
}
virtual_ipaddress {
192.168.1.211
}
}If you are using a SMP server and having problems with "vrrp wdog socket" startup, try starting vrrp and the checker threads separately, e.g.:
keepalived --vrrp keepalived --check
Please view the following links for more information:
Documentation:
http://www.keepalived.org/documentation.html
http://world.anarchy.com/~peter/keepalived.conf.SYNOPSIS
(If the SYNOPSIS link is out of date, please send an email to pmueller at sidestep.com, thanks!)
Mailing list:
http://www.keepalived.org/listes.html
Searchable, threadable mail archive