Chapter 12. Using keepalived with LEAF Bering-uClibc

Revision History
Revision 0.12004-10-14kp
Initial version

Table of Contents

Objectives
Load the keepalived and additionally required packages
Configuration
Troubleshooting
Links

Objectives

Keepalived is a high-availability and load-balancing tool. Using keepalived, virtual IPs and Linux Virtual Server and Virtual Router Redundancy setups can be managed very effectively between two or more hosts. From the Keepalived site: “The main goal of the keepalived project is to add a strong & robust keepalive facility to the Linux Virtual Server project. his project is written in C with multilayer TCP/IP stack checks. Keepalived implements a framework based on three family checks: Layer3, Layer4 & Layer5/7. This framework gives the daemon the ability of checking a LVS server pool states. When one of the server of the LVS server pool is down, keepalived informs the linux kernel via a setsockopt call to remove this server entry from the LVS topology. In addition keepalived implements an independent VRRPv2 stack to handle director failover. So in short keepalived is a userspace daemon for LVS cluster nodes healthchecks and LVS directors failover.

In our case we are mostly interested in the Virtual Router Redundancy Protocol (VRRP) part. A comprehensive introduction into VRRP can be found in the IBM Redpaper "Virtual Router Redundancy Protocol (VRRP) on VM Guest LANS" (see Link section below).

Load the keepalived and additionally required packages

To install keepalived add kpalived.lrp and the additionally required packages libpopt.lrp, libssl.lrp, libcrpto.lrp to leaf.cfg. Check the Bering-uClibc Installation Guide to learn how to do that.

Configuration

! Configuration File for keepalived

global_defs {
   notification_email {
     sysadmin@yourcompany.com
   }
   notification_email_from keepalived@yourcompany.com
   smtp_server 192.168.1.200
   smtp_connect_timeout 30
   lvs_id LVS1
}

! sync groups bond instances together.  they are tricky,
! so read the documentation and/or mailing lists before using them.

!vrrp_sync_group LVS1 BACKUP {
!    VI_1
!    VI_2
!    }

vrrp_instance VI_1 {
    state MASTER
    track_interface {
        eth0
    }
    interface eth2 # interface to send multicast heartbeat on
    virtual_router_id 51
    priority 150  # the highest priority is the master
    advert_int 2  # rate of multicast heartbeats (seconds)
    authentication {
        auth_type PASS # don't use IPSEC, it is buggy
        auth_pass SECRETPASS
    }
    virtual_ipaddress {
        192.168.1.210  # list as many IPs as you want, one perline.  see SYNOPSIS
    }
}

vrrp_instance VI_2 {
    state SLAVE
    track_interface {
        eth0
    }
    interface eth2
    virtual_router_id 52
    priority 100
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass SECRETPASS
    }
    virtual_ipaddress {
        192.168.1.211
    }
}

Troubleshooting

If you are using a SMP server and having problems with "vrrp wdog socket" startup, try starting vrrp and the checker threads separately, e.g.:

keepalived --vrrp
keepalived --check

Links

Please view the following links for more information:

Documentation:

http://www.keepalived.org/documentation.html

http://world.anarchy.com/~peter/keepalived.conf.SYNOPSIS

(If the SYNOPSIS link is out of date, please send an email to pmueller at sidestep.com, thanks!)

IBM Redbook VRRP paper

Mailing list:

http://www.keepalived.org/listes.html

Searchable, threadable mail archive

http://marc.theaimsgroup.com/?l=keepalived-devel&r=1&w=2