High availability with KeepAliveD

In this guide we have 2 machines with 2 network interfaces each, one for external (enp0s3) network and one for internal (enp0s8) VRRP communication.

[root@keep1]# yum update
[root@keep1]# yum install keepalived

Prepare the Network

[root@keep1]# cd /etc/sysconfig/network-scripts/
[root@keep1]# vim ifcfg-enp0s8

DEVICE=enp0s8
BOOTPROTO=none
ONBOOT=yes
PREFIX=24
IPADDR=10.0.2.1

[root@keep1]# reboot

Add Firewall Rules

[root@keep1]# firewall-cmd --add-rich-rule='rule protocol value="vrrp" accept' --permanent
[root@keep1]# firewall-cmd --reload

Configure the Keep Alive Daemon

[root@keep1]# vim /etc/keepalived/keepalived.conf

vrrp_instance VI_1 {
        state MASTER
        interface enp0s8
        virtual_router_id 51
        priority 255
        advert_int 1
        authentication {
              auth_type PASS
              auth_pass 12345
        }
        virtual_ipaddress {
              192.168.10.153/24 dev enp0s3
        }
}

[root@keep1]# systemctl start keepalived

Do the same procedure on the second node with a few differences to the configuration.

DEVICE=enp0s8
BOOTPROTO=none
ONBOOT=yes
PREFIX=24
IPADDR=10.0.2.2

On the secondary node set state to “BACKUP” and lower the priority to “254”

vrrp_instance VI_1 {
        state BACKUP
        interface enp0s8
        virtual_router_id 51
        priority 254
        advert_int 1
        authentication {
              auth_type PASS
              auth_pass 12345
        }
        virtual_ipaddress {
              192.168.10.153/24 dev enp0s3
        }
}

First of all, make sure your VIP is active on the master node

[root@keep1]# ip a

    2: enp0s3:
         inet 192.168.10.151/24
         inet 192.168.10.153/24

Stop the KeepAliveD on master node #1 and check if the VIP switches to node #2

[root@keep1]# systemctl stop keepalived

To see what is happening on the internal network, use the tcpdump command.

[root@keep1]# tcpdump -i ensp08