Установка и настройка keepalived на Centos 7

Установка keepalived на серверах
sudo yum -y install keepalived

После установки на основном сервере MASTER редактируем файл
sudo vim /etc/keepalived/keepalived.conf

global_defs {
notification_email {
admin@isavel.pro
}
notification_email_from keepalived@isavel.pro
smtp_server 172.16.10.2
smtp_connect_timeout 30
router_id msk-gw2
}

vrrp_instance WAN {
state MASTER
interface enp11s0f1
virtual_router_id 1
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass password123
}
virtual_ipaddress {
89.100.100.100/27 dev enp11s0f1
}
}

vrrp_instance LAN {
state MASTER
interface enp11s0f0
virtual_router_id 2
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass password123
}
virtual_ipaddress {
172.16.10.100/24 dev enp11s0f0
}
}

На втором сервере BACKUP редактируём
sudo vim /etc/keepalived/keepalived.conf

global_defs {
notification_email {
admin@isavel.pro
}
notification_email_from keepalived@isavel.pro
smtp_server 172.16.10.2
smtp_connect_timeout 30
router_id msk-gw3
}

vrrp_instance WAN {
state BACKUP
interface enp7s0
virtual_router_id 1
priority 1
advert_int 1
authentication {
auth_type PASS
auth_pass password123
}
virtual_ipaddress {
89.100.100.100/27 dev enp7s0
}
}

vrrp_instance LAN {
state BACKUP
interface enp6s0
virtual_router_id 2
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass password123
}
virtual_ipaddress {
172.16.10.100/24 dev enp6s0
}
}

После изменений в файлах включаем и стартуем службы
sudo systemctl enable keepalived && sudo systemctl start keepalived

Разрешить multicast на firewall
IPTABLES -A INPUT -i eth0 -s 89.100.100.98 -d 224.0.0.0/8 -j ACCEPT  для master
IPTABLES -A INPUT -i eth0 -s 89.100.100.99 -d 224.0.0.0/8 -j ACCEPT  для backup

Leave a Reply

Ваш e-mail не будет опубликован. Обязательные поля помечены *