What is Keepalived?
Keepalived
is an open-source software that provides high availability by using the Virtual Router Redundancy Protocol (VRRP) for Linux systems. Its primary use is to ensure service availability by routing network traffic to a backup server if the primary server fails.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Part 1: Unpacking the Architecture and Theory
The Mechanics of VRRP:
The Virtual Router Redundancy Protocol (VRRP) is at the heart of
keepalived
. This protocol facilitates the creation of a virtual router, an abstracted set of machines that appear as a single entity to other network participants. This abstraction ensures uninterrupted service even if one of the participants (or nodes) becomes unavailable.The VRRP setup includes:
Keepalived’s Dual Roles:
High Availability: As highlighted before,
keepalived
is most known for this. By constantly checking the health of nodes, it quickly responds to failures, transitioning the VIP from a failed Master to a Backup.Load Balancing: Via integration with the Linux Virtual Server (LVS),
keepalived
can also distribute inbound traffic to optimize resource utilization and maximize throughput.Part 2: ### Installation and Basic Configuration of Keepalived for High Availability
Update Your System: Before installing any new software, it’s a good practice to update the system packages.
Use the package manager to install
keepalived
.Now, let’s delve into the basic configuration.
Define the VRRP Instance: Let’s set up a basic VRRP instance. This example assumes you are setting up the master server. For backup servers, adjust the
state
andpriority
fields.Enable and start your keepalived service
Use your preferred text editor to edit the
keepalived
configuration file.Outcome of the Configuration
Establishment of a Virtual Router:
VI_1
.keepalived
configuration.Virtual IP Ownership:
MASTER
for the virtual IP192.168.1.10
.192.168.1.10
will be received by it.Automatic Failover:
BACKUP
with a similarkeepalived
configuration (and sharing the samevirtual_router_id
andauthentication
details), they’ll be in standby mode.MASTER
) encounter an issue or go down, one of theBACKUP
servers will detect the absence of the regular VRRP advertisements and promote itself toMASTER
status, thereby taking over the virtual IP192.168.1.10
.priority
value. The backup server with the highest priority will become the newMASTER
.Protected Communication:
MASTER
andBACKUP
servers is secured by a basic password authentication mechanism (auth_type PASS
). This ensures that only servers with the correct password (mysecretpass
in this configuration) can participate in the VRRP grouping for this virtual router.Regular Health Announcements:
MASTER
, sends out health announcements or “advertisements” every second (advert_int 1
). This lets all other participating servers know that it’s active and healthy.Network Presence:
keepalived
process will ensure that the virtual IP (192.168.1.10
) is attached to the specified interface (eth0
) whenever this server is in theMASTER
state. If it transitions toBACKUP
state (e.g., another server with a higher priority comes online), the virtual IP will be relinquished.In essence, the outcome of this configuration is a resilient and adaptive networking setup where the system ensures uninterrupted traffic flow to the virtual IP (
192.168.1.10
), irrespective of individual server failures. This forms the crux of high availability setups, minimizing downtime and ensuring consistent service availability.Further Configuration and Testing:
Setting Up a Backup Node: For the backup node, copy the same configuration, but change
state
toBACKUP
andpriority
to a lower value, like50
.Testing Failover: To test the failover mechanism, you can temporarily bring down the master node’s networking or stop its
keepalived
service. Monitor the backup server to see if it takes over the virtual IP.Firewall Considerations: Ensure that the VRRP protocol (protocol number
112
) is allowed in your firewall settings on both master and backup servers. This is crucial for the servers to communicate their statuses.Part 3: Dive into Configuration
Deeper into VRRP Configuration:
keepalived
instance:nopreempt
directive:Advanced Load Balancing Configuration:
Defining Virtual Servers:
Here, the
lb_algo
is set to round-robin (rr
). The LVS mode is Direct Routing (DR
). Thereal_server
section describes backend servers, with a health check endpoint/healthcheck
.Persistent Connections: For some applications, ensuring a user remains connected to the same backend server is essential. This can be achieved with the
persistence_timeout
setting.Part 4: Best Practices and Troubleshooting
keepalived
configuration for syntactical correctness using:Logging: Monitor
/var/log/syslog
forkeepalived
logs. For deeper insights, you can adjustkeepalived
’s verbosity levels.Priority Management: The
priority
setting in your VRRP instance is crucial. In setups with multiple backups, ensure each has a unique priority to dictate the failover order.Optimized Health Checks: Design lightweight health check endpoints for backend servers. Overly complex health checks can add unnecessary load.
Conclusion
Keepalived
offers a blend of simplicity and functionality, making it a staple in many high-availability setups. By deeply understanding its mechanics and nuances, administrators can craft resilient infrastructure landscapes that gracefully handle node failures and maintain service continuity.