here config of keepalive
```
# Global Configuration
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp_server smtp.foo.bar
smtp_connect_timeout 30
router_id fqdn_of_host
}
# describe virtual service ip
vrrp_instance front-loadbalancer {
state MASTER
interface ens192
virtual_router_id 164
priority 100
authentication {
auth_type PASS
auth_pass XXXXXXX
}
virtual_ipaddress {
aa.bb.cc.dd
}
# Invoked to master transition
notify_master "/etc/keepalived/bypass_ipvs.sh del aa.bb.cc.dd"
# Invoked to slave transition
notify_backup "/etc/keepalived/bypass_ipvs.sh add aa.bb.cc.dd"
# Invoked to fault transition
notify_fault "/etc/keepalived/bypass_ipvs.sh add aa.bb.cc.dd"
# Invoked to stop transition
notify_stop "/etc/keepalived/bypass_ipvs.sh add aa.bb.cc.dd"
}
# describe virtual mail server
virtual_server aa.bb.cc.dd 10514 {
delay_loop 5
lb_algo rr
lb_kind DR
protocol TCP
real_server dd.cc.bb.aa1 10514 {
MISC_CHECK {
misc_path "/usr/bin/curl -XGET http://dd.cc.bb.aa1:9601";
misc_timeout 10
}
}
real_server dd.cc.bb.aa2 10514 {
MISC_CHECK {
misc_path "/usr/bin/curl -XGET http://dd.cc.bb.aa2:9601";
misc_timeout 10
}
}
}
virtual_server aa.bb.cc.dd 10514 {
delay_loop 5
lb_algo rr
lb_kind DR
#persistence_timeout 50
ops
protocol UDP
real_server dd.cc.bb.aa1 10514 {
MISC_CHECK {
misc_path "/usr/bin/curl -XGET http://dd.cc.bb.aa1:9601";
misc_timeout 10
}
}
real_server dd.cc.bb.aa2 10514 {
MISC_CHECK {
misc_path "/usr/bin/curl -XGET http://dd.cc.bb.aa2:9601";
misc_timeout 10
}
}
}
```
and bypass script
```
#! /bin/bash
#set -x
#
# Gael Charriere <[email protected]>
# 10.11.2008
#
# Invoked by keepalived from master/slave
# to slave/master transition to add or remove
# a PREROUTING rule
#
# Essential for slave to redirect incoming
# service packet to localhost. Otherwise a
# loop can appear between master and slave.
#
# The routing table is consulted when a packet
# that creates a new connection is encountered.
# PREROUTING rule alters packets as soon as they come in.
# REDIRECT statement redirects the packet to the machine
# itself by changing the destination IP to the primary
# address of the incoming interface (locally-generated
# packets are mapped to the 127.0.0.1 address).
# Check number of command line args
EXPECTED_ARGS=2
if [ $# -ne $EXPECTED_ARGS ]; then
echo "Usage: $0 {add|del} ipaddress"
exit 1
fi
# Check if second arg is a valid ip address
VIP=$2
OLD_IFS=$IFS
IFS="."
VIP=( $VIP )
IFS=$OLD_IFS
# Check that ip has 4 parts
if [ ${#VIP[@]} -ne 4 ]; then
echo "IP address must have 4 parts"
echo "Usage: $0 {add|del} ipaddress"
exit 1
fi
# Check that each parts is a number which
# varies between 0 and 255
for oct in ${VIP[@]} ; do
echo $oct | egrep "^[0-9]+$" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "$oct: Not numeric"
echo "Usage: $0 {add|del} ipaddress"
exit 1
else
if [ $oct -lt 0 -o $oct -gt 255 ]; then
echo "$oct: Out of range"
echo "Usage: $0 {add|del} ipaddress"
exit 1
fi
fi
done
# If we are here, ip address is validated
VIP="${VIP[0]}.${VIP[1]}.${VIP[2]}.${VIP[3]}"
# Add or remove the prerouting rule
case "$1" in
add)
# check if the rule was already specified
n=$(iptables -n -t nat -L| grep $VIP | wc -l)
t=$(iptables -n -t nat -L| grep 'dpt:514' | wc -l)
if [[ $t > 0 ]]; then
#iptables -D PREROUTING -t nat -p tcp --dport 514 -j DNAT
--to-destination $VIP:10514
iptables -D PREROUTING -t nat -p tcp --dport 514 -j REDIRECT --to-port
10514
iptables -D PREROUTING -t nat -p udp --dport 514 -j REDIRECT --to-port
10514
fi
if [[ $n == 0 ]]; then
# the rule was not found, add it
iptables -A PREROUTING -t nat -d $VIP -p tcp -j REDIRECT
iptables -A PREROUTING -t nat -d $VIP -p udp -j REDIRECT
fi
;;
del)
# check if the rule was already specified
n=$(iptables -n -t nat -L| grep $VIP | wc -l)
t=$(iptables -n -t nat -L| grep 'dpt:514' | wc -l)
if [[ $t == 0 ]]; then
#iptables -A PREROUTING -t nat -p tcp --dport 514 -j DNAT
--to-destination $VIP:10514
iptables -A PREROUTING -t nat -p tcp --dport 514 -j REDIRECT --to-port
10514
iptables -A PREROUTING -t nat -p udp --dport 514 -j REDIRECT --to-port
10514
fi
while [[ $n > 0 ]]; do
# remove the rule
iptables -D PREROUTING -t nat -d $VIP -p tcp -j REDIRECT
iptables -D PREROUTING -t nat -d $VIP -p udp -j REDIRECT
n=$(($n-1))
done
;;
*)
echo "Usage: $0 {add|del} ipaddress"
exit 1
esac
exit 0
```
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820245
Title:
Netplan and Keepalived not work
To manage notifications about this bug go to:
https://bugs.launchpad.net/netplan/+bug/1820245/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
