Keepalived : Monitor with script2025/10/09 |
|
It's possible to monitor processes or services and other state of programs with script by Keepalived. This example is based on the environment like follows.
VIP:10.0.0.30
+----------------------+ | +----------------------+
| [node01.srv.world] |10.0.0.51 | 10.0.0.52| [node02.srv.world] |
| Keepalived#1 +----------+----------+ Keepalived#2 |
| | | |
+----------------------+ +----------------------+
|
| [1] | |
| [2] | For example, in addition to basic Keepalived settings, add settings to monitor HAProxy service and HTTP port. |
|
root@node01:~#
vi /etc/keepalived/keepalived.conf
global_defs {
router_id node01
notification_email {
root@localhost
}
notification_email_from root@node01.srv.world
smtp_server localhost
smtp_connect_timeout 30
# add
enable_script_security
# specify a user who runs script
# for security reasons, it should not use root
script_user root
}
# add monitoring setting for haproxy service
# possible to set any commands or your original scripts for [script] argument
vrrp_script track_haproxy {
script "systemctl is-active haproxy"
# interval to run the script above (sec)
interval 5
# if script returns non-zero 4 times, enter FAULT state
fall 4
# if script returns zero 2 times, exit FAULT state
rise 2
}
# add monitoring setting for HTTP port
vrrp_script track_http_port {
script "nc -zv localhost 80"
interval 5
fall 4
rise 2
}
vrrp_instance VRRP1 {
state MASTER
# nopreempt
interface enp1s0
virtual_router_id 101
priority 200
advert_int 1
virtual_ipaddress {
10.0.0.30/24
}
# add
track_script {
track_haproxy
track_http_port
}
smtp_alert
}
root@node01:~# systemctl restart keepalived
|
| [3] | That's OK. Verify failover and failback when HAProxy would be down. |
|
# primary node root@node01:~# ip address show enp1s0
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:54:51:f0 brd ff:ff:ff:ff:ff:ff
altname enx5254005451f0
inet 10.0.0.51/24 brd 10.0.0.255 scope global enp1s0
valid_lft forever preferred_lft forever
inet 10.0.0.30/24 scope global secondary proto keepalived enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe54:51f0/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
root@node01:~# systemctl stop haproxy root@node01:~# systemctl is-active haproxy inactive root@node01:~# echo $? 3 root@node01:~# nc -zv localhost 80 nc: connect to localhost (127.0.0.1) port 80 (tcp) failed: Connection refused root@node01:~# echo $? 1 root@node01:~# ip address show enp1s0
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:54:51:f0 brd ff:ff:ff:ff:ff:ff
altname enx5254005451f0
inet 10.0.0.51/24 brd 10.0.0.255 scope global enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe54:51f0/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
root@node01:~# ssh debian@node02 "ip address show enp1s0"
debian@node02's password:
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:99:69:06 brd ff:ff:ff:ff:ff:ff
altname enx525400996906
inet 10.0.0.52/24 brd 10.0.0.255 scope global enp1s0
valid_lft forever preferred_lft forever
inet 10.0.0.30/24 scope global secondary proto 0x12 enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe99:6906/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
|
| Sponsored Link |
|
|