The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.
The following example uses Keepalived in direct routing (DR) mode
to implement a simple failover and load balancing configuration on
two servers. One server acts as the primary server and the other
acts as a backup. The primary server has a higher priority than
the backup server. Each of Keepalived servers has a single network
interface and the servers are connected to the same network
segment (10.0.0.0/24
) on which two web servers
are accessible.
Figure 17.4
shows that the Keepalived primary server has network addresses
10.0.0.11
and 10.0.0.1
(virtual). The Keepalived backup server has network address
10.0.0.12
. The web servers,
websvr1
and websvr2
, have
the network addresses 10.0.0.71
and
10.0.0.72
, respectively. In addition, both web
servers are configured with the virtual IP address
10.0.0.1
to enable them to accept packets with
that destination address. Incoming requests are received by the
primary server and redirected to the web servers, which respond
directly.
You might use the following configuration in
/etc/keepalived/keepalived.conf
on the primary
(master) server:
global_defs {
notification_email {
root@mydomain.com
}
notification_email_from svr1@mydomain.com
smtp_server localhost
smtp_connect_timeout 30
}
vrrp_instance external {
state MASTER
interface eth0
virtual_router_id 91
priority 200
advert_int 1
authentication {
auth_type PASS
auth_pass 1215
}
virtual_ipaddress {
10.0.0.1/24
}
}
virtual_server 10.0.0.1 80 {
delay_loop 10
protocol TCP
lb_algo rr
# Use direct routing
lb_kind DR
persistence_timeout 7200
real_server 10.0.0.71 80 {
weight 1
TCP_CHECK {
connect_timeout 5
connect_port 80
}
}
real_server 10.0.0.72 80 {
weight 1
TCP_CHECK {
connect_timeout 5
connect_port 80
}
}
}
The virtual server configuration is similar to that given in
Section 17.7, “Configuring Load Balancing Using Keepalived in NAT Mode” except that the value
of lb_kind
is set to DR
(Direct Routing), which means that the Keepalived server handles
all inbound network traffic from the client before routing it to
the back-end servers, which reply directly to the client,
bypassing the Keepalived server. This configuration reduces the
load on the Keepalived server but is less secure as each back-end
server requires external access and is potentially exposed as an
attack surface. Some implementations use an additional network
interface with a dedicated gateway for each web server to handle
the response network traffic.
The configuration of the backup server is the same except for the
values of notification_email_from
,
state
, priority
, and
possibly interface
if the system hardware
configuration is different:
global_defs { notification_email { root@mydomain.com } notification_email_from svr2@mydomain.com smtp_server localhost smtp_connect_timeout 30 } vrrp_instance external { state BACKUP interface eth0 virtual_router_id 91 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1215 } virtual_ipaddress { 10.0.0.1/24 } } virtual_server 10.0.0.1 80 { delay_loop 10 protocol TCP lb_algo rr # Use direct routing lb_kind DR persistence_timeout 7200 real_server 10.0.0.71 80 { weight 1 TCP_CHECK { connect_timeout 5 connect_port 80 } } real_server 10.0.0.72 80 { weight 1 TCP_CHECK { connect_timeout 5 connect_port 80 } } }
Two further configuration changes are required:
Configure firewall rules on each Keepalived server (primary and backup) that you configure as a load balancer, as described in Section 17.8.1, “Configuring Firewall Rules for Keepalived DR-Mode Load Balancing”.
Configure the
arp_ignore
andarp_announce
ARP parameters and the virtual IP address for the network interface on each back-end server that you intend to use with the Keepalived load balancer, as described in Section 17.8.2, “Configuring the Back-End Servers for Keepalived DR-Mode Load Balancing”.
See Section 17.5, “Installing and Configuring Keepalived” for details of how to install and configure Keepalived.