VRRP and Load Balancing configuration in Keepalived

# VRRP and Load Balancing configuration in Keepalived ###### tags: `vrrp` `keepalived` `linux` We use the Keepalived for high availability and load balancing. This is a simple scenario; two load balance servers and multiple back-end servers (eg. nginx web server). The load balance servers need two NICs for connecting public network and private network. ### On the both load balancer, enable "ip_non_local_bind" and "ip_forward". ``` echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind echo 1 > /proc/sys/net/ipv4/ip_forward ``` ### keepalived.conf on the Load Balancer 1 (lb1) ``` root@lb1:~# cat /etc/keepalived/keepalived.conf global_defs { notification_email { test_email@gmail.com } notification_email_from test_email@gmail.com smtp_server host smtp_connect_timeout 30 lvs_id lvs_1 } vrrp_instance vip1 { state MASTER interface enp0s8 virtual_router_id 51 priority 101 advert_int 1 authentication { auth_type PASS auth_pass my_pass } virtual_ipaddress { 192.168.56.100 } } vrrp_instance vip2 { state MASTER interface enp0s3 virtual_router_id 52 priority 101 advert_int 1 authentication { auth_type PASS auth_pass my_pass } virtual_ipaddress { 10.0.2.100 } } virtual_server 192.168.56.100 80 { delay_loop 5 lb_algo rr lb_kind NAT protocol TCP persistence_timeout 10 real_server 10.0.2.103 80 { TCP_CHECK { connect_timeout 3 } } real_server 10.0.2.104 80 { TCP_CHECK { connect_timeout 3 } } } ``` ### keepalived.conf on the Load Balancer 2 (lb2) ``` root@lb2:~# cat /etc/keepalived/keepalived.conf global_defs { notification_email { test_email@gmail.com } notification_email_from test_email@gmail.com smtp_server host smtp_connect_timeout 30 lvs_id lvs_1 } vrrp_instance vip1{ state MASTER interface enp0s8 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass my_pass } virtual_ipaddress { 192.168.56.100 } } vrrp_instance vip2 { state MASTER interface enp0s3 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass my_pass } virtual_ipaddress { 10.0.2.100 } } virtual_server 192.168.56.100 80 { delay_loop 5 lb_algo rr lb_kind NAT protocol TCP persistence_timeout 10 real_server 10.0.2.103 80 { TCP_CHECK { connect_timeout 3 } } real_server 10.0.2.104 80 { TCP_CHECK { connect_timeout 3 } } } ```