High Availability with keepalived

High Availability with keepalived

- 3 mins

INTRODUCTION

keepalived can be used to monitor services or systems and to automatically failover to a standby node if problems occur. High availability is achieved by the Virtual Redundancy Routing Protocol (VRRP). As a result, high availabilty can be maintained across your environment.

WHAT IS KEEPALIVED

keepalived is a system daemon in Linux systems that provides frameworks for both high availability and load balancing.

IMPORTANT TERMINOLOGY

  1. VIP — Virtual IP, a virtual IP address able to automatically switch between the servers in case of a failure.
  2. Master — a server the VIP is currently active on.
  3. Backup — a server the VIP will switch to in case of a Master failure.
  4. VRID — Virtual Router ID.

IMPORTANT CONCEPTS

  1. Basic operation algorithm: at fixed intervals, the Master server sends VRRP packets (heartbeats) to the specific multicasting address 224.0.0.18, and all slave server listen to this address.
  2. If a Backup Server does not receive any heartbeat packets, it starts the Master selection procedure.


In this example, I go through the process of configuring keepalived on 2 Red Hat CentOS boxes.


REQUIREMENTS

  1. Lab environronment & 2 running instances of CentOS 7 LVS.

DEPLOYMENT PROCESS OVERVIEW

  1. Install keepalived
  2. Configure Master Server keepalived.conf File
  3. Configure Backup Server keepalived.conf File
  4. Verify Configuration

TIME TO IMPLEMENT: 15 minutes

INSTALL KEEPALIVED

  1. First, run the following commands to make sure everything is up to date/upgraded.
  2. sudo yum -y update
    sudo yum -y upgrade
  3. Run the following command to install keepalived
  4. sudo yum -y install keepalived

CONFIGURATION OVERVIEW

Note: in this example we are configuring 2 Linux Virtual Servers with keepalived. keepalived uses /etc/keepalived/keepalive.conf as its primary configuration file. In this file, we will need specifiy the following on each server:

  1. Router ID - unique identifier for the server.
  2. State - state of server (Master of Slave).
  3. Priority - what server has priority (highest is selected as Master)
  4. Authentication - type of authentication (PASS) and what password.
  5. VIP - Virtual IP Address.

CONFIGURE THE KEEPALIVED.CONF FILE [MASTER SERVER]

  1. Open the keepalive.conf file in vim on LVS1 by issuing the following command:
  2. sudo vim /etc/keepalived/keepalive.conf
  3. In /etc/keepalived/keepalive.conf configuration file, you need to specify the following:
  4. #MASTER SERVER
    global_defs {
        notification_email {
            andrew@haratine.net
        }
        notification_email_from andrew@haratine.net
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        router_id main_server
    }
    vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 51
        priority 100
        nopreempt
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass passwordhere
        }
    
        virtual_ipaddress {
            # virtual IP address
            10.10.10.10
        }
    }
    
  5. Feel free to add additional configurations, as noted under global_defs. Save and close keepalive.conf file.
  6. Run the following commmands to start the daemon:
  7. systemctl enable keepalived
    systemctl start keepalived
    

CONFIGURE THE KEEPALIVED.CONF FILE [BACKUP SERVER]

  1. Open the keepalive.conf file in vim on LVS1 by issuing the following command:
  2. sudo vim /etc/keepalived/keepalive.conf
  3. In /etc/keepalived/keepalive.conf configuration file, you need to specify the following:
  4. #BACKUP SERVER
    global_defs {
        notification_email {
            andrew@haratine.net
        }
        notification_email_from andrew@haratine.net
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        router_id backup_server
    }
    vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        virtual_router_id 51
        priority 99
        nopreempt
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass passwordhere
        }
    
        virtual_ipaddress {
            # virtual IP address
            10.10.10.10
        }
    }
    
  5. Save and close keepalive.conf file.
  6. Run the following commmands to start the daemon:
  7. systemctl enable keepalived
    systemctl start keepalived 
    


01keepalived

VERIFY CONFIGURATIONS

  1. To test the configuration, run the following command on both machines:
  2. sudo systemctl status keepalived


02keepalived

SUMMARY

  1. Minimal congiruation is needed to configure high availibility.
  2. Attention to detail is key: ensure the Backup server has a lower priority than the Master, the STATE is set appropriately, and the VIP is not being used by another DHCP host in your environment.
  3. To be sure, keepalived is a great option if you are considering high availability for your critical infrastructure.
comments powered by Disqus
rss facebook twitter github gitlab youtube mail spotify lastfm instagram linkedin google google-plus pinterest medium vimeo stackoverflow reddit quora quora