keepalived: Install and configure keepalivedkeepalived::config: Configure keepalived modulekeepalived::global_defs: Manage keepalived notifictionskeepalived::install: Install keepalived packagekeepalived::service: Manage keepalived service
keepalived::lvs::real_server: Add a real server to a Linux Virtual Server with keepalivedkeepalived::lvs::virtual_server: Configure a Linux Virtual Server with keepalived
Work in progress, supports:
- single IP/port virtual servers
- TCP_CHECK healthchecks
keepalived::vrrp::instance: Configure VRRP instancekeepalived::vrrp::script: Configure VRRP scriptkeepalived::vrrp::sync_group: Configure the group for instancekeepalived::vrrp::track_file: Configure the tracker filekeepalived::vrrp::track_process: Configure the process trackerkeepalived::vrrp::vrrp_track_file: Configure the tracker file
keepalived::vrrp::unicast_peer: Define a unicast peer for a vrrp instance.
Keepalived::Global_defs::Lvs_sync_daemon: Defines parameters for lvs_sync_daemon as documented inman 5 keepalived.confKeepalived::Options: keepalived::optionsKeepalived::Vrrp::Instance::VRule: Translates directly to rules to be added as perip-rule(8)
Install and configure keepalived
The following parameters are available in the keepalived class:
sysconf_dirsysconf_optionsconfig_dirconfig_dir_modeconfig_file_modeconfig_validate_cmdconfig_groupconfig_ownerdaemon_groupdaemon_userpkg_ensurepkg_listservice_enableservice_ensureservice_hasrestartservice_hasstatusservice_manageservice_nameservice_restartglobal_defsvrrp_instancevrrp_scriptvrrp_track_processvrrp_sync_grouplvs_real_serverlvs_virtual_serverinclude_external_conf_filesmanage_package
Data type: String[1]
Data type: String
Data type: Stdlib::Absolutepath
Default value: '/etc/keepalived'
Data type: Stdlib::Filemode
Default value: '0755'
Data type: Stdlib::Filemode
Default value: '0644'
Data type: Variant[String, Undef]
Input for the validate_cmd param of the keepalived.conf concat fragment.
Default value: '/usr/sbin/keepalived -l -t -f %'
Data type: String[1]
Default value: 'root'
Data type: String[1]
Default value: 'root'
Data type: String[1]
Default value: 'root'
Data type: String[1]
Default value: 'root'
Data type: String[1]
Default value: 'present'
Data type: Array[String[1]]
Default value: ['keepalived']
Data type: Boolean
Default value: true
Data type: Stdlib::Ensure::Service
Default value: 'running'
Data type: Optional[Boolean]
Default value: undef
Data type: Optional[Boolean]
Default value: undef
Data type: Boolean
Default value: true
Data type: String[1]
Default value: 'keepalived'
Data type: Optional[String[1]]
Default value: undef
Data type: Optional[Hash]
Default value: undef
Data type: Hash
Default value: {}
Data type: Hash
Default value: {}
Data type: Hash
Default value: {}
Data type: Hash
Default value: {}
Data type: Hash
Default value: {}
Data type: Hash
Default value: {}
Data type: Array[Stdlib::Absolutepath]
Default value: []
Data type: Boolean
Default value: true
Configure keepalived module
Manage keepalived notifictions
The following parameters are available in the keepalived::global_defs class:
notification_emailnotification_email_fromsmtp_serversmtp_connect_timeoutrouter_idscript_userenable_script_securitysnmp_socketenable_snmp_keepalivedenable_snmp_vrrpenable_snmp_checkerenable_snmp_rfcenable_snmp_rfcv2enable_snmp_rfcv3enable_trapsenable_dbusvrrp_higher_prio_send_advertvrrp_min_garpvrrp_garp_lower_prio_repeatvrrp_garp_master_delayvrrp_garp_master_refreshvrrp_garp_master_repeatvrrp_garp_master_refresh_repeatvrrp_garp_lower_prio_delayvrrp_startup_delaybfd_rlimit_rttimechecker_rlimit_rttimevrrp_rlimit_rttimebfd_prioritychecker_priorityvrrp_prioritybfd_rt_prioritychecker_rt_priorityvrrp_rt_prioritybfd_no_swapchecker_no_swapvrrp_no_swapvrrp_check_unicast_srcvrrp_versionmax_auto_prioritydynamic_interfacesvrrp_notify_fifovrrp_notify_fifo_scriptlvs_sync_daemon
Data type: Any
Array of notification email Recipients.
Default value: undef
Data type: Any
Define the notification email Sender.
Default value: undef
Data type: Any
Define the smtp server addres.
Default value: undef
Data type: Any
Define the smtp connect timeout.
Default value: undef
Data type: Any
Define the router ID.
Default value: undef
Data type: Any
Set the global script_user option.
Default value: undef
Data type: Any
Set the enable_script_security option.
Default value: undef
Data type: Any
Define snmp master agent socker
Default value: 'unix:/var/agentx/master'
Data type: Any
Set enable_snmp_keepalived option.
Default value: undef
Data type: Any
Set enable_snmp_vrrp option.
Default value: undef
Data type: Any
Set enable_snmp_checker option
Default value: undef
Data type: Any
Set enable_snmp_rfc option.
Default value: undef
Data type: Any
Set enable_snmp_rfcv2 option.
Default value: undef
Data type: Any
Set enable_snmp_rfcv3 option.
Default value: undef
Data type: Any
Set enable_traps option.
Default value: undef
Data type: Boolean
Set enable_dbus option
Default value: false
Data type: Optional[Boolean]
Set vrrp_higher_prio_send_advert option.
Default value: undef
Data type: Optional[Boolean]
Set vrrp_min_garp option.
Default value: undef
Data type: Optional[Integer]
Set vrrp_garp_lower_prio_repeat option.
Default value: undef
Data type: Optional[Integer]
Set vrrp_garp_master_delay option
Default value: undef
Data type: Optional[Integer]
Set vrrp_garp_master_refresh option.
Default value: undef
Data type: Optional[Integer]
Set vrrp_garp_master_repeat option
Default value: undef
Data type: Optional[Integer]
Set vrrp_garp_master_refresh_repeat option
Default value: undef
Data type: Optional[Integer]
Set vrrp_garp_lower_prio_delay option.
Default value: undef
Data type: Optional[Float]
Set vrrp_startup_delay option.
Default value: undef
Data type: Optional[Integer]
Set bfd_rlimit_rttime option.
Default value: undef
Data type: Optional[Integer]
Set checker_rlimit_rttime option.
Default value: undef
Data type: Optional[Integer]
Set vrrp_rlimit_rttime option.
Default value: undef
Data type: Optional[Integer[-20, 19]]
Set bfd_priority option.
Default value: undef
Data type: Optional[Integer[-20, 19]]
Set checker_priority option.
Default value: undef
Data type: Optional[Integer[-20, 19]]
Set vrrp_priority option.
Default value: undef
Data type: Optional[Integer[1, 99]]
Set bfd_rt_priority option.
Default value: undef
Data type: Optional[Integer[1, 99]]
Set checker_rt_priority option.
Default value: undef
Data type: Optional[Integer[1, 99]]
Set vrrp_rt_priority option.
Default value: undef
Data type: Boolean
Set bfd_no_swap option.
Default value: false
Data type: Boolean
Set checker_no_swap option.
Default value: false
Data type: Boolean
Set vrrp_no_swap option.
Default value: false
Data type: Boolean
Set vrrp_check_unicast_src option.
Default value: false
Data type: Optional[Integer[2, 3]]
Set vrrp_version option.
Default value: undef
Data type: Optional[Integer[-1, 99]]
Set max_auto_priority option.
Default value: undef
Data type: Boolean
Set the dynamic_interfaces option.
Default value: false
Data type: Optional[Stdlib::Absolutepath]
Set the vrrp_notify_fifo option.
Default value: undef
Data type: Optional[Stdlib::Absolutepath]
Set the vrrp_notify_fifo_script option.
Default value: undef
Data type: Optional[Keepalived::Global_defs::Lvs_sync_daemon]
Set the lvs_sync_daemon option.
Default value: undef
Install keepalived package
Manage keepalived service
Add a real server to a Linux Virtual Server with keepalived
The following parameters are available in the keepalived::lvs::real_server defined type:
Data type: String[1]
The name of the virtual server this real server will be added to
Data type: Stdlib::IP::Address
The ip address of the real server
Data type: Stdlib::Port
Real sever IP port. (if ommitted the port defaults to the VIP port)
Data type: Keepalived::Options
One or more options to include in the real_server block
@example options => { inhibit_on_failure => true, SMTP_CHECK => { connect_timeout => 10 host => { connect_ip => '127.0.0.1' } } }
Default value: {}
Configure a Linux Virtual Server with keepalived
Work in progress, supports:
- single IP/port virtual servers
- TCP_CHECK healthchecks
real_server_options => {
inhibit_on_failure => true,
SMTP_CHECK => {
connect_timeout => 10
host => {
connect_ip => '127.0.0.1'
}
}
}The following parameters are available in the keepalived::lvs::virtual_server defined type:
ip_addressportfwmarklb_algodelay_loopprotocollb_kindha_suspendalphaomegamh_portmh_fallbacksh_portsh_fallbackquorumquorum_upquorum_downhysteresistcp_checkreal_server_optionssorry_serversorry_server_inhibitpersistence_timeoutvirtualhostreal_serverscollect_exported
Data type: Optional[Stdlib::IP::Address]
Virtual server IP address.
Default value: undef
Data type: Optional[Stdlib::Port]
Virtual sever IP port.
Default value: undef
Data type: Optional[Integer[1]]
Virtual Server firewall mark. (overrides ip_address and port)
Default value: undef
Data type: Enum['rr','wrr','lc','wlc','lblc','sh','dh', 'mh']
Must be one of rr, wrr, lc, wlc, lblc, sh, mh, dh
Data type: Optional[Integer[1]]
Default value: undef
Data type: Enum['TCP','UDP']
Default value: 'TCP'
Data type: Enum['NAT','DR','TUN']
Must be one of NAT, TUN, DR.
Default value: 'NAT'
Data type: Boolean
Default value: false
Data type: Boolean
Default value: false
Data type: Boolean
Default value: false
Data type: Boolean
Enable mh-port for mh scheduler
Default value: false
Data type: Boolean
Enable mh-fallback for mh scheduler
Default value: false
Data type: Boolean
Enable sh-port for sh scheduler
Default value: false
Data type: Boolean
Enable sh-fallback for sh scheduler
Default value: false
Data type: Optional[Integer[1]]
Default value: undef
Data type: Optional[String[1]]
Default value: undef
Data type: Optional[String[1]]
Default value: undef
Data type: Optional[Integer[0]]
Default value: undef
Data type: Optional[Hash]
The TCP_CHECK to configure for real_servers.
Default value: undef
Data type: Hash
One or more options to apply to all real_server blocks inside this virtual_server.
Default value: {}
Data type: Optional[Struct[{ ip_address => Stdlib::IP::Address, port => Stdlib::Port }]]
The sorry_server to define
Default value: undef
Data type: Boolean
Default value: false
Data type: Optional[Integer[1]]
Default value: undef
Data type: Optional[Stdlib::Fqdn]
Default value: undef
Data type: Array[Hash]
The real servers to balance to.
Default value: []
Data type: Boolean
Boolean. Automatically collect exported @@keepalived::lvs::real_servers with a virtual_server equal to the name/title of this resource. This allows you to easily export a real_server resource on each node in the pool.
Default value: true
Configure VRRP instance
May be specified as either:
a) ip address (or array of IP addresses)
e.g. `'10.0.0.1'`
b) a hash (or array of hashes) containing
extra properties
e.g. `{ 'ip' => '10.0.0.1', 'label' => 'webvip' }`
Supported properties: dev, brd, label, scope.May be specified as a hash (or array of hashes)
containing extra properties
e.g. `{ 'src' => '10.0.0.1',
'to' => '192.168.30.0/24',
'via' => '10.0.0.254',
'metric' => '15' }`
Supported properties: src, to, via, dev, scope, table, metricMay be specified as a hash (or array of hashes)
containing extra properties
e.g. `{ 'from' => '10.0.0.1',
'via' => '10.0.0.254',
'lookup' => 'customroute',
'metric' => '15' }`
Supported properties: from, to, dev, lookup, metricMay be specified as either:
a) ip address (or array of IP addresses)
e.g. `'10.0.0.1'`
b) a hash (or array of hashes) containing
extra properties
e.g. `{ 'ip'=>'10.0.0.1', 'scope'=>'local' }`
Supported properties: dev, brd, label, scope.The following parameters are available in the keepalived::vrrp::instance defined type:
interfaceprioritystatevirtual_ipaddress_intvirtual_ipaddresspromote_secondariesvirtual_routesvirtual_rulesvirtual_ipaddress_excludedvirtual_router_idauth_typeauth_passtrack_scripttrack_processtrack_filevrrp_track_filetrack_interfacelvs_interfacesmtp_alertnopreemptpreempt_delayadvert_intgarp_master_delaygarp_master_refreshnotify_script_masternotify_script_backupnotify_script_faultnotify_script_stopnotify_scriptmulticast_source_ipnotify_script_master_rx_lower_priunicast_source_ipunicast_peersdont_track_primaryuse_vmacvmac_xmit_baseuse_vmac_addrnative_ipv6garp_lower_prio_repeathigher_prio_send_advertcollect_unicast_peers
Data type: Any
Define which interface to listen on.
Data type: Integer[1,254]
Set instance priority.
Data type: Any
Set instance state.
Data type: Any
Set interface for VIP to be assigned to,
Default value: undef
Data type: Any
Set floating IP address.
Default value: undef
Data type: Boolean
Set the promote_secondaries flag on the interface to stop other addresses in the same CIDR being removed when 1 of them is removed For example if 10.1.1.2/24 and 10.1.1.3/24 are both configured on an interface, and one is removed, unless promote_secondaries is set on the interface the other address will also be removed.
Default value: false
Data type: Any
Set floating routes.
Default value: undef
Data type: Array[Keepalived::Vrrp::Instance::VRule]
Set floating rules.
Default value: []
Data type: Any
For cases with large numbers (eg 200) of IPs on the same interface. To decrease the number of packets sent in adverts, you can exclude most IPs from adverts.
Default value: undef
Data type: Integer[1,255]
Set virtual router id.
Data type: Any
Set authentication method.
Default value: undef
Data type: Optional[Variant[String, Sensitive[String]]]
Authentication password.
Default value: undef
Data type: Array[String[1]]
Define which scripts to run to track service states. Must be specified as an Array of Strings with multiple Scriptnames.
Default value: []
Data type: Array[String[1]]
Define which process trackers to run.
Default value: []
Data type: Array[String[1]]
Define which file trackers to run. References a track_file block that can be created with keepalived::vrrp::track_file.
Default value: []
Data type: Array[String[1]]
Define which file trackers to run. Deprecated, for keepalived < 2.1.0. References a vrrp_track_file block that can be created with keepalived::vrrp::vrrp_track_file.
Default value: []
Data type: Array[String[1]]
Define which interface(s) to monitor. Go to FAULT state if one of these interfaces goes down. May be specified as either: a) interface name b) array of interfaces names
Default value: []
Data type: Any
Define lvs_sync_daemon_interface.
Default value: undef
Data type: Any
Send status alerts via SMTP. Requires user provided in SMTP settings in keepalived::global_defs class.
Default value: false
Data type: Any
Allows the lower priority machine to maintain the master role, when a higher priority machine comes back online. NOTE: For this to work, the initial state of this entry must be BACKUP
Default value: false
Data type: Any
Seconds after startup until preemption Range: 0 to 1,000 NOTE: For this to work, the initial state of this entry must be BACKUP
Default value: undef
Data type: Any
The interval between VRRP packets
Default value: 1
Data type: Any
The delay for gratuitous ARP after transition to MASTER
Default value: 5
Data type: Any
Repeat gratuitous ARP after transition to MASTER this often.
Default value: undef
Data type: Any
Define the notify master script.
Default value: undef
Data type: Any
Define the notify backup script.
Default value: undef
Data type: Any
Define the notify fault script.
Default value: undef
Data type: Any
Define the notify stop script.
Default value: undef
Data type: Any
Define the notify script.
Default value: undef
Data type: Any
default IP for binding vrrpd is the primary IP on interface. If you want to hide the location of vrrpd, use this IP as src_addr for multicast vrrp packets.
Default value: undef
Data type: Optional[Stdlib::Absolutepath]
Define the notify_master_rx_lower_pri script. This is executed if a master receives an advert with priority lower than the master's advert.
Default value: undef
Data type: Optional[Stdlib::IP::Address]
default IP for binding vrrpd is the primary IP on interface. If you want to hide the location of vrrpd, use this IP as src_addr for unicast vrrp packets.
Default value: undef
Data type: Variant[Array[Stdlib::IP::Address], Stdlib::IP::Address]
Do not send VRRP adverts over VRRP multicast group. Instead send adverts to the list of ip addresses using a unicast design fashion.
May be specified as an array with ip addresses
Default value: []
Data type: Any
Tells keepalived to ignore VRRP interface faults. Can be useful on setup where two routers are connected directly to each other on the interface used for VRRP. Without this feature the link down caused by one router crashing would also inspire the other router to lose (or not gain) MASTER state, since it was also tracking link status. Default: false.
Default value: false
Data type: Any
Use virtual MAC address for VRRP packages.
Default value: false
Data type: Any
When using virtual MAC addresses transmit and receive VRRP messaged on the underlying interface whilst ARP will happen from the the VMAC interface.
Default value: true
Data type: Boolean
Use virtual MAC address for virtual IP addresses.
Default value: false
Data type: Boolean
Force instance to use IPv6 (when mixed IPv4 and IPv6 config)
Default value: false
Data type: Optional[Integer]
Default value: undef
Data type: Optional[Boolean]
Default value: undef
Data type: Boolean
Default value: false
Configure VRRP script
The following parameters are available in the keepalived::vrrp::script defined type:
Data type: Any
Set the interval to run the vrrp script.
Default value: '2'
Data type: String[1]
Which command or script to execute.
Data type: Any
The weight the script should add to the instance.
Default value: undef
Data type: Any
required number of failures for KO switch.
Default value: undef
Data type: Any
required number of successes for OK switch.
Default value: undef
Data type: Any
max time to wait for the vrrp script to return.
Default value: undef
Data type: Any
user to run the vrrp script under.
Default value: undef
Data type: Any
group to run the vrrp script under - only used if $user is also set.
Default value: undef
Data type: Any
Default value: false
Data type: Any
assume script initially is in failed state if true.
Default value: false
Configure the group for instance
The following parameters are available in the keepalived::vrrp::sync_group defined type:
groupnotify_script_mastertrack_scripttrack_processnotify_script_backupnotify_script_faultnotify_scriptnotify_script_master_rx_lower_prismtp_alertnopreemptglobal_trackingtrack_interface
Data type: Any
Define vrrp instances to group (Array)
Data type: Any
Define the notify master script.
Default value: undef
Data type: Array[String]
Define which script to run to track service states.
Default value: []
Data type: Array[String]
Define which process check to run to track processes.
Default value: []
Data type: Any
Define the notify backup script.
Default value: undef
Data type: Any
Define the notify fault script.
Default value: undef
Data type: Any
Define the notify script.
Default value: undef
Data type: Optional[Stdlib::Absolutepath]
Define the notify_master_rx_lower_pri script. This is executed if a master receives an advert with priority lower than the master's advert.
Default value: undef
Data type: Any
Send email on status change
Default value: undef
Data type: Any
Default value: undef
Data type: Boolean
Default value: false
Data type: Optional[Variant[String, Array[String]]]
Define which interface(s) to monitor. Go to FAULT state if one of these interfaces goes down. May be specified as either: a) interface name b) array of interfaces names
Default value: undef
the specified file at startup if the file doesn't exist, unless overwrite is specified in which case any existing file contents will be overwritten with the specified value.
The following parameters are available in the keepalived::vrrp::track_file defined type:
Data type: String[1]
name of track file
Data type: Integer
The weight that should add to the instance.
Default value: 1
Data type: Optional[String[1]]
create the file and/or initialise the value
Default value: undef
Data type: Boolean
This causes VALUE (default 0) to be written to
Default value: false
Configure the process tracker
The following parameters are available in the keepalived::vrrp::track_process defined type:
Data type: String[1]
process name to track
Data type: Optional[Integer[0]]
The weight that should add to the instance.
Default value: undef
Data type: Integer[0]
Number of processes to expect running
Default value: 1
Data type: Optional[Integer[0]]
this sets fork_delay and terminate_delay (for keepalived => 2.0.16), before terminate_delay
Default value: undef
Data type: Optional[Integer[0]]
time to delay after process quorum gained after fork before consider process up
Default value: undef
Data type: Optional[Integer[0]]
time to delay after process quorum lost before consider process down
Default value: undef
Data type: Boolean
Match entire process cmdline
Default value: false
Data type: Optional[Enum['initial','partial']]
Set inital if command has no parameters or use partial if first n parameters match
Default value: undef
the specified file at startup if the file doesn't exist, unless overwrite is specified in which case any existing file contents will be overwritten with the specified value.
The following parameters are available in the keepalived::vrrp::vrrp_track_file defined type:
Data type: String[1]
name of track file
Data type: Integer
The weight that should add to the instance.
Default value: 1
Data type: Optional[String[1]]
create the file and/or initialise the value
Default value: undef
Data type: Boolean
This causes VALUE (default 0) to be written to
Default value: false
Defines parameters for lvs_sync_daemon as documented in man 5 keepalived.conf
Alias of
Struct[{
interface => String[1],
vrrp_instance => String[1],
Optional[id] => Integer[0, 255],
Optional[maxlen] => Integer[1, 65507],
Optional[port] => Stdlib::Port,
Optional[ttl] => Integer[1, 255],
Optional[group] => Stdlib::IP::Address,
}]keepalived::options
Alias of Hash[String[1], Any]
Translates directly to rules to be added as per ip-rule(8)
Alias of
Struct[{
Optional[from] => String,
Optional[to] => String,
Optional[iif] => String,
Optional[oof] => String,
Optional[lookup] => String,
Optional[table] => String,
Optional[tos] => String,
Optional[dsfield] => String,
Optional[fwmark] => String,
Optional[uidrange] => String,
Optional[ipproto] => String,
Optional[sport] => String,
Optional[dport] => String,
Optional[priority] => String,
Optional[preference] => String,
Optional[order] => String,
Optional[protocol] => String,
Optional[suppress_prefixlength] => String,
Optional[suppress_ifgroup] => String,
Optional[realms] => String,
Optional[nat] => String,
}]