Table of Contents
CentOS - Keepalived (VRRP)
What is Keepalived (VRRP)
(Explanation of Keepalived (VRRP) is overtaken from: http://keepalived.org/ )
Keepalived is a routing software written in C. The main goal of this project is to provide simple and robust facilities for loadbalancing and high-availability to Linux system and Linux based infrastructures. Loadbalancing framework relies on well-known and widely used Linux Virtual Server (IPVS) kernel module providing Layer4 loadbalancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage loadbalanced server pool according their health. On the other hand high-availability is achieved by VRRP protocol. VRRP is a fundamental brick for router failover. In addition, Keepalived implements a set of hooks to the VRRP finite state machine providing low-level and high-speed protocol interactions. Keepalived frameworks can be used independently or all together to provide resilient infrastructures.
Keepalived is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version
Install
In our cause we will need to install on our servers the “keepalive” software. According to this please run on all servers this command:
#yum install keepalived
Configuration
Target
I do have 2 servers that are running same service (but thy are located in different locations with different power connection). In the cause that one server will have any issue I will need to switch over the VIP to the failover device. In this way you can still provide the service to your without interruption.
Node 1 (main):
Where:
“ /etc/sysconfig/keepalived “
” /etc/keepalived/keepalived.conf ”
“ /etc/sysconfig/iptables “
” /etc/init.d/keepalived “
” /var/log/messages ”
Backup default config:
# cd /etc/keepalived # cp keepalived.conf keepalived.conf.def
Create a new config:
#> /etc/keepalived/keepalived.conf # To delete old config
# vi /etc/keepalived/keepalived.conf # Paste this configuration in to this file:
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 51
priority 101 # Priority off the node
authentication {
auth_type PASS
auth_pass test_passwd # Password to use between nodes for health checks
}
virtual_ipaddress {
10.0.12.15/24 dev eth0 # VIP and the interface
}
}
iptables
# vi /etc/sysconfig/iptables -A INPUT -s <REAL_IP_OF_NODE_2> -j ACCEPT # Add in to right please this line to Accept traffic from 2nd node # /etc/init.d/iptables restart # Reload iptables configuration
Start:
# /etc/init.d/keepalived start
# ip a # Check if you can see this on MAIN VRRP server
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:63:83:d9 brd ff:ff:ff:ff:ff:ff
inet 10.0.12.111/24 brd 10.0.12.255 scope global eth0
inet 10.0.12.15/24 scope global secondary eth0 # VIP need to be present just on MAIN server
inet6 fe80::a00:27ff:fe63:83d9/64 scope link
valid_lft forever preferred_lft forever
# ''tail -f /var/log/messages # To see more details about the demon check logs
Make sure that it will start after reboot:
# chkconfig --level 2345 keepalived on # chkconfig --list | grep keepalived # Check if it is correctly configured keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Node 2 (failover):
Where:
“ /etc/sysconfig/keepalived “
” /etc/keepalived/keepalived.conf ”
“ /etc/sysconfig/iptables “
” /etc/init.d/keepalived “
” /var/log/messages ”
Backup default config:
# cd /etc/keepalived # cp keepalived.conf keepalived.conf.def
Create a new config:
#> /etc/keepalived/keepalived.conf # To delete old config
# vi /etc/keepalived/keepalived.conf # Paste this configuration in to this file:
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 51
priority 100 # Priority off the node
authentication {
auth_type PASS
auth_pass test_passwd # Password to use between nodes for health checks
}
virtual_ipaddress {
10.0.12.15/24 dev eth0 # VIP and the interface
}
}
iptables
# vi /etc/sysconfig/iptables -A INPUT -s <REAL_IP_OF_NODE_1> -j ACCEPT # Add in to right please this line to Accept traffic from 1st node # /etc/init.d/iptables restart # Reload iptables configuration
Start:
# /etc/init.d/keepalived start
# ip a # Check if you can see this on MAIN VRRP server
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:63:83:d9 brd ff:ff:ff:ff:ff:ff
inet 10.0.12.111/24 brd 10.0.12.255 scope global eth0
inet 10.0.12.15/24 scope global secondary eth0 # VIP need to be present just on MAIN server
inet6 fe80::a00:27ff:fe63:83d9/64 scope link
valid_lft forever preferred_lft forever
# ''tail -f /var/log/messages # To see more details about the demon check logs
Make sure that it will start after reboot:
# chkconfig --level 2345 keepalived on # chkconfig --list | grep keepalived # Check if it is correctly configured keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Tested on:
CentOS 6.5
