Difference between revisions of "Keepalived"
Jump to navigation
Jump to search
| (5 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
- https://nutss.wordpress.com/2019/07/12/high-availability-support-keepalived-and-nginx-on-ubuntu-debian/ | - https://nutss.wordpress.com/2019/07/12/high-availability-support-keepalived-and-nginx-on-ubuntu-debian/ | ||
- https://askubuntu.com/questions/1312333/keepalived-not-working-on-20-04 | - https://askubuntu.com/questions/1312333/keepalived-not-working-on-20-04 | ||
| + | - https://www.ibm.com/docs/en/elm/6.0.5?topic=SSYMRC_6.0.5/com.ibm.jazz.install.doc/topics/t_setup_haproxy_ha.html | ||
| + | |||
``` | ``` | ||
| − | sudo | + | apt update && apt install keepalived |
| − | + | sudo useradd -r -s /bin/false keepalived_script | |
``` | ``` | ||
| + | /etc/keepalived/keepalived.conf | ||
``` | ``` | ||
global_defs { | global_defs { | ||
| − | + | notification_email { | |
| − | + | sysadmin@example.com | |
| − | + | failover@example.com | |
| − | + | } | |
| − | + | # notification_email_from no-reply@example.com | |
| − | + | # smtp_server 192.168.200.1 | |
| − | + | # smtp_connect_timeout 30 | |
| − | + | # vrrp_strict # Breaks auth_type PASS restriction - https://askubuntu.com/questions/1312333/keepalived-not-working-on-20-04 | |
| − | + | router_id ADC_DEV | |
| − | + | vrrp_skip_check_adv_addr | |
| − | + | vrrp_garp_interval .001 | |
| − | + | vrrp_gna_interval .001 | |
| − | + | enable_script_security | |
| + | script_user nobody | ||
} | } | ||
| + | |||
| + | |||
| + | vrrp_script chk_ipaddr { | ||
| + | script "/usr/bin/ping -c 1 172.16.0.1" | ||
| + | interval 2 | ||
| + | weight 2 | ||
| + | } | ||
| + | |||
| + | |||
| + | vrrp_script chk_nginx { | ||
| + | script "/usr/bin/pgrep '^nginx$'" | ||
| + | interval 2 | ||
| + | weight 2 | ||
| + | } | ||
| + | |||
vrrp_instance VI_1 { | vrrp_instance VI_1 { | ||
| Line 40: | Line 59: | ||
192.168.200.17 | 192.168.200.17 | ||
192.168.200.18 | 192.168.200.18 | ||
| + | } | ||
| + | track_script { | ||
| + | chk_ipaddr | ||
| + | chk_nginx | ||
} | } | ||
} | } | ||
| + | ``` | ||
| + | |||
| + | Logs | ||
| + | ``` | ||
| + | systemctl status keepalived | ||
| + | journalctl -f | ||
| + | ``` | ||
| + | |||
| + | capture multicast traffic | ||
| + | ``` | ||
| + | sudo tcpdump -npi eth0 net 224 | ||
| + | 16:10:05.472897 IP 172.16.0.167 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 28 | ||
| + | ``` | ||
``` | ``` | ||
Latest revision as of 17:58, 26 July 2022
Refs
- https://github.com/acassen/keepalived/blob/master/keepalived/etc/keepalived/keepalived.conf.in-
- https://nutss.wordpress.com/2019/07/12/high-availability-support-keepalived-and-nginx-on-ubuntu-debian/
- https://askubuntu.com/questions/1312333/keepalived-not-working-on-20-04
- https://www.ibm.com/docs/en/elm/6.0.5?topic=SSYMRC_6.0.5/com.ibm.jazz.install.doc/topics/t_setup_haproxy_ha.html
apt update && apt install keepalived sudo useradd -r -s /bin/false keepalived_script
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
sysadmin@example.com
failover@example.com
}
# notification_email_from no-reply@example.com
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
# vrrp_strict # Breaks auth_type PASS restriction - https://askubuntu.com/questions/1312333/keepalived-not-working-on-20-04
router_id ADC_DEV
vrrp_skip_check_adv_addr
vrrp_garp_interval .001
vrrp_gna_interval .001
enable_script_security
script_user nobody
}
vrrp_script chk_ipaddr {
script "/usr/bin/ping -c 1 172.16.0.1"
interval 2
weight 2
}
vrrp_script chk_nginx {
script "/usr/bin/pgrep '^nginx$'"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.16
192.168.200.17
192.168.200.18
}
track_script {
chk_ipaddr
chk_nginx
}
}
Logs
systemctl status keepalived journalctl -f
capture multicast traffic
sudo tcpdump -npi eth0 net 224 16:10:05.472897 IP 172.16.0.167 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 28
```