This file describe all the Keepalived available keywords. The keepalived.conf file is compounded by three configurations parts : * Globals configurations * VRRP configuration * LVS configuration 0. Comment string There is 2 valid comment valid string : # or ! If you want to add comment in you configuration file use this char. 1. Globals configurations This block is divided in 2 sub-block : * Global definitions * Static routes 1.1. Global definitions The configuration block looks like : global_defs { # Block identification notification_email { # Email to send alertes to # Standard email address ... } notification_email_from # Email From dealing with SMTP proto smtp_server # SMTP server IP address smtp_connect_timeout # Number of seconds timeout connect # remote SMTP server lvs_id # String identifying router } 1.2. Static addresses The configuration block looks like : static_ipaddress { # block identification / brd dev scope / brd dev scope ... } SCOPE can take the following values : * site * link * host * nowhere * global 1.3. Static routes The configuration block looks like : static_routes { # block identification src [to] / via|gw dev scope table # to is optional src [to] / via|gw dev scope table # to is optional ... } SCOPE can take the following values : * site * link * host * nowhere * global 2. VRRP configuration This block is divided in 2 sub-block : * VRRP synchronization group * VRRP instance 2.1. VRRP synchronization group The configuration block looks like : vrrp_sync_group { # VRRP sync group declaration group { # group of instance to sync together # a # set ... # of VRRP_Instance string } notify_master | # Script to run during MASTER transit notify_backup | # Script to run during BACKUP transit notify_fault | # Script to run during FAULT transit notify | # Script to run during ANY state transit (1) smtp_alert # Send email notif during state transit } (1) The "notify" script is called AFTER the corresponding notify_* script has been called, and is given exactly 3 arguments (the whole string is interpreted as a litteral filename so don't add parameters!): $1 = A string indicating whether it's a "GROUP" or an "INSTANCE" $2 = The name of said group or instance $3 = The state it's transitioning to ("MASTER", "BACKUP" or "FAULT") $1 and $3 are ALWAYS sent in uppercase, and the possible strings sent are the same ones listed above ("GROUP"/"INSTANCE", "MASTER"/"BACKUP"/"FAULT"). 2.2. VRRP instance The configuration block looks like : vrrp_instance { # VRRP instance declaration state MASTER|BACKUP # Start-up default state interface # Binding interface track_interface { # Interfaces state we monitor ... } mcast_src_ip # src_ip to use into the VRRP packets lvs_sync_daemon_interface # Binding interface for lvs syncd garp_master_delay # delay for gratuitous ARP after MASTER # state transition virtual_router_id # VRRP VRID priority # VRRP PRIO advert_int # VRRP Advert interval (use default) authentication { # Authentication block auth_type PASS|AH # Simple Passwd or IPSEC AH auth_pass # Password string } virtual_ipaddress { # VRRP IP addres block / brd dev scope / brd dev scope ... } virtual_ipaddress_excluded { # VRRP IP excluded from VRRP / brd dev scope # packets / brd dev scope ... } virtual_routes { # VRRP virtual routes src [to] / via|gw dev scope table # to is optional src [to] / via|gw dev scope table # to is optional ... } preempt # VRRP preempt mode (default set) debug # Debug level notify_master | # Same as vrrp_sync_group notify_backup | # Same as vrrp_sync_group notify_fault | # Same as vrrp_sync_group notify | # Same as vrrp_sync_group smtp_alert # Same as vrrp_sync_group } SCOPE can take the following values : * site * link * host * nowhere * global 3. LVS configuration This block is divided in 2 sub-block : * Virtual server group * Virtual server 3.1. Virtual server group The configuration block looks like : virtual_server_group { # VIP VPORT ... # VIP range VPORT ... fwmark # fwmark fwmark ... } Note: has the form of : XXX.YYY.ZZZ.WWW-VVV, define the IP address range starting at WWW and monotonaly incremented by one to VVV. Example : 192.168.200.1-10 means .1 to .10 IP addresses. 3.2. Virtual server The configuration block looks like : A virtual_server can be either : * vip vport declaration * fwmark declaration * group declaration virtual_server { # VS IP/PORT declaration virtual_server fwmark { # VS fwmark declaration virtual_server group { # VS group declaration delay_loop # delay timer for service polling lb_algo rr|wrr|lc|wlc|lblc|sh|dh # LVS scheduler used lb_kind NAT|DR|TUN # LVS method used persistence_timeout # LVS persistence timeout persistence_granularity # LVS granularity mask protocol TCP # Only TCP is implemented ha_suspend # If VS IP address is not set, suspend # healthcheckers activity virtualhost # VirtualHost string to use for # HTTP_GET or SSL_GET sorry_server # RS to add to LVS topology when all # realserver are down real_server { # RS declaration weight # weight to use (default: 1) inhibit_on_failure # Set weight to 0 on healtchecker # failure notify_up | # Script to launch when # healthchecker consider service # as up. notify_down | # Script to launch when # healthchecker consider service # as down. HTTP_GET|SSL_GET { # HTTP and SSL healthcheckers url { # A set of url to test path # Path digest # Digest computed with genhash status_code # status code returned into the HTTP } # header. url { path digest status_code } ... connect_port # TCP port to connect bindto # IP address to bind to connect_timeout # Timeout connection nb_get_retry # number of get retry delay_before_retry # delay before retry } } real_server { # Idem weight # Idem inhibit_on_failure # Idem notify_up | # Idem notify_down | # Idem TCP_CHECK { # TCP healthchecker connect_port # TCP port to connect bindto # IP address to bind to connect_timeout # Timeout connection } } real_server { # Idem weight # Idem inhibit_on_failure # Idem notify_up | # Idem notify_down | # Idem MISC_CHECK { # MISC healthchecker misc_path | # External system script or program misc_timeout # Script execution timeout } } }