The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.

17.6 Configuring Simple Virtual IP Address Failover Using Keepalived

A typical Keepalived high availability configuration consists of one primary server and one or more backup servers. One or more virtual IP addresses, defined as VRRP instances, are assigned to the primary server's network interfaces so that it can service network clients. The backup servers listen for multicast VRRP advertisement packets that the primary server transmits at regular intervals. The default advertisement interval is one second. If the backup nodes fail to receive three consecutive VRRP advertisements, the backup server with the highest assigned priority takes over as the primary server and assigns the virtual IP addresses to its own network interfaces. If several backup servers have the same priority, the backup server with the highest IP address value becomes the primary server.

The following example uses Keepalived to implement a simple failover configuration on two servers. One server acts as the primary server and the other server acts as a backup. The primary server has a higher priority than the backup server.

Figure 17.2 shows how the virtual IP address 10.0.0.100 is initially assigned to the primary server (10.0.0.71). When the primary server fails, the backup server (10.0.0.72) becomes the new primary server and is assigned the virtual IP address 10.0.0.100.

Figure 17.2 Example Keepalived Configuration for Virtual IP Address Failover

The diagram shows how the virtual IP address 10.0.0.100 is initially assigned to the primary server (10.0.0.71). When the primary server fails, the backup server (10.0.0.72) becomes the new primary server and is assigned the virtual IP address 10.0.0.100.


You might use the following configuration in /etc/keepalived/keepalived.conf on the primary (master) server: 

global_defs {
   notification_email {
     root@mydomain.com
   }
   notification_email_from svr1@mydomain.com
   smtp_server localhost
   smtp_connect_timeout 30
}

vrrp_instance VRRP1 {
    state MASTER
#   Specify the network interface to which the virtual address is assigned
    interface eth0
#   The virtual router ID must be unique to each VRRP instance that you define
    virtual_router_id 41
#   Set the value of priority higher on the master server than on a backup server
    priority 200
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1066
    }
    virtual_ipaddress {
        10.0.0.100/24
    }
}

The backup server's configuration is the same, except for the values of notification_email_from, state, priority, and possibly interface if the system hardware configuration is different: 

global_defs {
   notification_email {
     root@mydomain.com
   }
   notification_email_from svr2@mydomain.com
   smtp_server localhost
   smtp_connect_timeout 30
}

vrrp_instance VRRP1 {
    state BACKUP
#   Specify the network interface to which the virtual address is assigned
    interface eth0
    virtual_router_id 41
#   Set the value of priority lower on the backup server than on the master server
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1066
    }
    virtual_ipaddress {
        10.0.0.100/24
    }
}

In the event that the primary server (svr1) fails, keepalived assigns the virtual IP address 10.0.0.100/24 to the eth0 interface on the backup server (svr2), which then becomes the primary server.

To determine whether a server is acting as the primary server, you can use the ip command to determine whether the virtual address is active: 

# ip addr list eth0
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:cb:a6:8d brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.72/24 brd 10.0.0.255 scope global eth0
    inet 10.0.0.100/24 scope global eth0
    inet6 fe80::a00:27ff:fecb:a68d/64 scope link 
       valid_lft forever preferred_lft forever

You can also search for Keepalived messages in /var/log/messages, which show transitions between states, for example: 

...51:55 ... VRRP_Instance(VRRP1) Entering BACKUP STATE
...
...53:08 ... VRRP_Instance(VRRP1) Transition to MASTER STATE
...53:09 ... VRRP_Instance(VRRP1) Entering MASTER STATE
...53:09 ... VRRP_Instance(VRRP1) setting protocol VIPs.
...53:09 ... VRRP_Instance(VRRP1) Sending gratuitous ARPs on eth0 for 10.0.0.100
Note

Only one server should be active as the primary server at any time. If more than one server is configured as the primary, it is likely that there is a problem with VRRP communication between the servers. Check the network settings for each interface on each server and check that the firewall allows both incoming and outgoing VRRP packets for multicast IP address 224.0.0.18.

See Section 17.5, “Installing and Configuring Keepalived” for details of how to install and configure Keepalived.

Copyright © 2013, 2021, Oracle and/or its affiliates. Legal Notices