Load balancing with Keepalived
Load balancing is a method for distributing IP traffic across a cluster of real servers, providing one or more virtual services for high availability.
Keepalived provides a working environment for load balancing and hence high availability. Keepalived runs based on a Linux Virtual Server (IPVS) kernel module at layer 4. It also implements a set of state checkers to dynamically manage and maintain server clusters based on their state. High availability is achieved through the Virtual Redundancy Routing Protocol (VRRP). VRRP is a fundamental building block for router failover. In this context, the load balancer can also be referred to as a director or LVS router.
Keepalived installation
Keepalived must be installed on each of the machines that will integrate the load balancing scheme. For more information click on the following link:
https://www.keepalived.org/doc/installing_keepalived.html
Installation on Rocky Linux 8
With root user rights, it runs in a terminal window:
dnf install keepalived
Installation on Ubuntu server 22.04
With root user rights, it runs in a terminal window:
apt install keepalived
Keepalived configuration
Once Keepalived is installed on each and every one of the machines that make up the load balancing work environment, the file to be configured with a text editor (Vim, Nano, etc.) is as follows:
/etc/keepalived/keepalived.conf
Instance configuration
vrrp_instance
will contain the name of the load balancing instance, which must be the same on all nodes.- In
interface
the name of the network interface (NIC) used for load balancing is assigned, e.g.eth1
. - The state token will be different in each node, for example, the main one could be called state
state primary
and the others statestate secondary1
,state secondary2
, and so on (the hierarchy order should be consistent with the next token,priority
). priority
a numerical value indicating the priority, with the highest value being the main value and decrementing at each node according to the previous token (state
).unicast_src_ip
on each node specifies its own IP address to be served in load balancing.unicast_peer
the IP addresses of the rest of the nodes.
Floating IP address configuration
In the instance defined, a separate section called virtual_ipaddress
will contain the possible IP addresses to be served, for example:
virtual_ipaddress { <vip>/24 }
Security configuration
In the defined instance, a separate section called authentication
will contain a password authentication method (auth_type PASS
) and the password itself (length of exactly 8 characters), for example:
authentication {
auth_type PASS
auth_pass <8_digit_pass>
}
Example
In scheme called VI_1, with a main node called MASTER
and a secondary node called BACKUP
with fixed IP addresses <ha1_ip>
and <ha2_ip>
, and a floating IP address (<vip>
) to balance its load:
HA1:
vrrp_instance VI_1 {
state MASTER
interface <if_name_1>
virtual_router_id 55
priority 150
advert_int 1
unicast_src_ip <ha1_ip>
unicast_peer {
<ha2_ip>
}
authentication {
auth_type PASS
auth_pass <8_digit_pass>
}
virtual_ipaddress {
<vip>/24
}
}
HA2:
vrrp_instance VI_1 {
state BACKUP
interface <if_name_2>
virtual_router_id 55
priority 100
advert_int 1
unicast_src_ip <ha2_ip>
unicast_peer {
<ha1_ip>
}
authentication {
auth_type PASS
auth_pass <8_digit_pass>
}
virtual_ipaddress {
<vip>/24
}
}
Keepalived activation
Persistent execution must be enabled on each reboot of the machine with the following command executed on each node:
systemctl enable --now keepalived
The status of each node can be checked at any time by executing the following command:
systemctl status keepalived