Skip to main content

Keepalived configuration

Once Keepalived is installed on each and every one of the machines that make up the load balancing work environment, the file to be configured with a text editor (Vim, Nano, etc.) is as follows:

/etc/keepalived/keepalived.conf

Instance configuration

  • vrrp_instance will contain the name of the load balancing instance, which must be the same on all nodes.
  • In interface the name of the network interface (NIC) used for load balancing is assigned, e.g. eth1.
  • The state token will be different in each node, for example, the main one could be called state state primary and the others state state secondary1, state secondary2, and so on (the hierarchy order should be consistent with the next token, priority).
  • priority a numerical value indicating the priority, with the highest value being the main value and decrementing at each node according to the previous token (state).
  • unicast_src_ip on each node specifies its own IP address to be served in load balancing.
  • unicast_peer the IP addresses of the rest of the nodes.

Floating IP address configuration

In the instance defined, a separate section called virtual_ipaddress will contain the possible IP addresses to be served, for example:

virtual_ipaddress { <vip>/24 }

Security configuration

In the defined instance, a separate section called authentication will contain a password authentication method (auth_type PASS) and the password itself (length of exactly 8 characters), for example:

authentication {
  auth_type PASS
  auth_pass <8_digit_pass>
}

Example

In scheme called VI_1, with a main node called MASTER and a secondary node called BACKUP with fixed IP addresses <ha1_ip> and <ha2_ip>, and a floating IP address (<vip>) to balance its load:

HA1:

vrrp_instance VI_1 {
  state MASTER
  interface <if_name_1>
  virtual_router_id 55
  priority 150
  advert_int 1
  unicast_src_ip <ha1_ip>
  unicast_peer {
    <ha2_ip>
  }

  authentication {
    auth_type PASS
    auth_pass <8_digit_pass>
  }

  virtual_ipaddress {
    <vip>/24
  }
}

HA2:

vrrp_instance VI_1 {
  state BACKUP
  interface <if_name_2>
  virtual_router_id 55
  priority 100
  advert_int 1
  unicast_src_ip <ha2_ip>
  unicast_peer {
    <ha1_ip>
  }

  authentication {
    auth_type PASS
    auth_pass <8_digit_pass>
  }

  virtual_ipaddress {
    <vip>/24
  }
}

Back to top