1KEEPALIVED(8)               System Manager's Manual              KEEPALIVED(8)
2
3
4

NAME

6       keepalived - load-balancing and high-availability service
7
8

SYNOPSIS

10       keepalived [-f|--use-file=FILE] [-P|--vrrp] [-C|--check] [-B|--no_bfd]
11       [--all] [-l|--log-console] [-D|--log-detail] [-S|--log-facility={0-7}]
12       [-g|--log-file=FILE] [--flush-log-file] [-G|--no-syslog]
13       [-X|--release-vips] [-V|--dont-release-vrrp] [-I|--dont-release-ipvs]
14       [-R|--dont-respawn] [-n|--dont-fork] [-d|--dump-conf] [-p|--pid=FILE]
15       [-r|--vrrp_pid=FILE] [-c|--checkers_pid=FILE] [-a|--address-monitoring]
16       [-b|--bfd_pid=FILE] [-s|--namespace=NAME] [-i|--config-id id]
17       [-x|--snmp] [-A|--snmp-agent-socket=FILE] [-u|--umask=NUMBER]
18       [-m|--core-dump] [-M|--core-dump-pattern[=PATTERN]] [--signum=SIGFUNC]
19       [-t|--config-test[=FILE]] [--perf[={all|run|end}]] [--debug[=debug-
20       options]] [-v|--version] [-h|--help]
21
22

DESCRIPTION

24       Keepalived provides simple and robust facilities for load-balancing and
25       high-availability. The load-balancing framework relies on the
26       well-known and widely used Linux Virtual Server (IPVS) kernel module
27       providing Layer4 load-balancing. Keepalived implements a set of
28       checkers to dynamically and adaptively maintain and manage a
29       load-balanced server pool according to their health. Keepalived also
30       implements the VRRPv2 and VRRPv3 protocols to achieve high-availability
31       with director failover.
32
33

OPTIONS

35        -f, --use-file=FILE
36              Use the specified configuration file. The default configuration
37              file is "/etc/keepalived/keepalived.conf".
38
39        -P, --vrrp
40              Only run the VRRP subsystem. This is useful for configurations
41              that do not use the IPVS load balancer.
42
43        -C, --check
44              Only run the healthcheck subsystem. This is useful for
45              configurations that use the IPVS load balancer with a single
46              director with no failover.
47
48        -B, --no_bfd
49              Don't run the BFD subsystem.
50
51        --all Run all subsystems, even if they have no configuration.
52
53        -l, --log-console
54              Log messages to the local console. The default behavior is to
55              log messages to syslog.
56
57        -D, --log-detail
58              Detailed log messages.
59
60        -S, --log-facility=[0-7]
61              Set syslog facility to LOG_LOCAL[0-7]. The default syslog
62              facility is LOG_DAEMON.
63
64        -g, --log-file=FILE
65              Write log entries to FILE. FILE will have _vrrp,
66              _healthcheckers, and _bfd inserted before the last '.' in FILE
67              for the log output for those processes.
68
69        --flush-log-file
70              If using the -g option, the log file stream will be flushed
71              after each write.
72
73        -G, --no-syslog
74              Do not write log entries to syslog. This can be useful if the
75              rate of writing log entries is sufficiently high that syslog
76              will rate limit them, and the -g option is used instead.
77
78        -X, --release-vips
79              Drop VIP on transition from signal.
80
81        -V, --dont-release-vrrp
82              Don't remove VRRP VIPs and VROUTEs on daemon stop. The default
83              behavior is to remove all VIPs and VROUTEs when keepalived
84              exits.
85
86        -I, --dont-release-ipvs
87              Don't remove IPVS topology on daemon stop. The default behavior
88              it to remove all entries from the IPVS virtual server table when
89              keepalived exits.
90
91        -R, --dont-respawn
92              Don't respawn child processes. The default behavior is to
93              restart the VRRP and checker processes if either process exits.
94
95        -n, --dont-fork
96              Don't fork the daemon process. This option will cause keepalived
97              to run in the foreground.
98
99        -d, --dump-conf
100              Dump the configuration data.
101
102        -p, --pid=FILE
103              Use the specified pidfile for the parent keepalived process. The
104              default pidfile for keepalived is "/var/run/keepalived.pid",
105              unless a network namespace is being used. See NAMESPACES below
106              for more details.
107
108        -r, --vrrp_pid=FILE
109              Use the specified pidfile for the VRRP child process. The
110              default pidfile for the VRRP child process is
111              "/var/run/keepalived_vrrp.pid", unless a network namespace is
112              being used.
113
114        -c, --checkers_pid=FILE
115              Use the specified pidfile for checkers child process. The
116              default pidfile for the checker child process is
117              "/var/run/keepalived_checkers.pid" unless a network namespace is
118              being used.
119
120        -a, --address-monitoring
121              Log all address additions/deletions reported by netlink.
122
123        -b, --bfd_pid=FILE
124              Use the specified pidfile for the BFD child process. The default
125              pidfile for the BFD child process is
126              "/var/run/keepalived_bfd.pid" unless a network namespace is
127              being used.
128
129        -s, --namespace=NAME
130              Run keepalived in network namespace NAME. See NAMESPACES below
131              for more details.
132
133        -i, --config-id ID
134              Use configuration id ID, for conditional configuration (defaults
135              to hostname without the domain name).
136
137        -x, --snmp
138              Enable the SNMP subsystem.
139
140        -A, --snmp-agent-socket=FILE
141              Use the specified socket for connection to SNMP master agent.
142
143        -u, --umask=NUMBER
144              The umask specified in the usual numeric way - see man umask(2)
145
146        -m, --core-dump
147              Override the RLIMIT_CORE hard and soft limits to enable
148              keepalived to produce a coredump in the event of a segfault or
149              other failure.  This is most useful if keepalived has been built
150              with 'make debug'.  Core dumps will be created in /, unless
151              keepalived is run with the --dont-fork option, in which case
152              they will be created in the directory from which keepalived was
153              run, or they will be created in the directory of a configuraton
154              file if the fault occurs while reading the file.
155
156        -M, --core-dump-pattern[=PATTERN]
157              Sets option --core-dump, and also updates
158              /proc/sys/kernel/core_pattern to the pattern specified, or
159              'core' if none specified.  Provided the parent process doesn't
160              terminate abnormally, it will restore
161              /proc/sys/kernel/core_pattern to its original value on exit.
162
163              Note: This will also affect any other process producing a core
164              dump while keepalived is running.
165
166        --signum=PATTERN
167              Returns the signal number to use for STOP, RELOAD, DATA, STATS
168              and JSON.  For example, to stop keepalived running, execute:
169
170              kill -s $(keepalived --signum=STOP) $(cat /var/run/keepalived.pid)
171
172        -t, --config-test[=FILE]
173              Keepalived will check the configuration file and exit with non-
174              zero exit status if there are errors in the configuration,
175              otherwise it exits with exit status 0 (see Exit status below for
176              details).
177
178              Rather that writing to syslog, it will write diagnostic messages
179              to stderr unless file is specified, in which case it will write
180              to the file.
181
182        --perf[={all|run|end}]
183              Record perf data for vrrp process. Data will be written to
184              /perf_vrrp.data.  The data recorded is for use with the perf
185              tool.
186
187        --debug[=debug-options]]
188              Enables debug options if they have been compiled into
189              keepalived.  debug-options is made up of a sequence of strings
190              of the form Ulll.
191              The upper case letter specifies the debug option, and the lower
192              case letters specify for which processes the option is to be
193              enabled.
194              If a debug option is not followed by any lower case letters, the
195              debug option is enabled for all processes.
196
197              The characters to identify the processes are:
198
199              Chr   Process
200              ──────────────────────
201               p    Parent process
202               b    BFD process
203               c    Checker process
204               v    VRRP process
205
206              The characters used to identify the debug options are:
207
208              Chr   Debug option
209              ────────────────────────
210               D    Epoll thread dump
211               E    Epoll debug
212               F    VRRP fd debug
213               N    Netlink timers
214               P    Network timestamp
215               X    Regex timers
216               M    Email alert debug
217               T    Timer debug
218               S    TSM debug
219               R    Regex debug
220
221              Example: --debug=DvEcvNR
222
223        -v, --version
224              Display the version and exit.
225
226        -h, --help
227              Display this help message and exit.
228
229   Exit status:
230       0      if OK
231
232       1      if unable to malloc memory
233
234       2      if cannot initialise subsystems
235
236       3      if running with --config-test and configuration cannot be run
237
238       4      if running with --config-test and there are configuration errors
239              but keepalived will run after modifying the configuration
240
241       5      if running with --config-test and script security hasn't been
242              enabled but scripts are configured.
243

NAMESPACES

245       keepalived can be run in a network namespace (see keepalived.conf(5)
246       for configuration details). When run in a network namespace, a local
247       mount namespace is also created, and
248       /var/run/keepalived/keepalived_NamespaceName is mounted on
249       /var/run/keepalived. By default, pid files with the usual default names
250       are then created in /var/run/keepalived from the perspective of a
251       process in the mount namespace, and they will be visible in
252       /var/run/keepalived/keepalived_NamespaceName for a process running in
253       the default mount namespace.
254
255

SIGNALS

257       keepalived reacts to a set of signals.  You can send a signal to the
258       parent keepalived process using the following:
259
260              kill -SIGNAL $(cat /var/run/keepalived.pid)
261
262       or better:
263
264              kill -s $(keepalived --signum=SIGFUNC) $(cat /var/run/keepalived.pid)
265
266       Note that if the first option is used, -SIGNAL must be replaced with
267       the actual signal you are trying to send, e.g. with HUP. So it then
268       becomes:
269
270              kill -HUP $(cat /var/run/keepalived.pid)
271
272       Signals other than for STOP, RELOAD, DATA and STATS may change
273       depending on the kernel, and also what functionality is included in the
274       version of the keepalived depending on the build options used.
275
276       HUP or SIGFUNC=RELOAD
277              This causes keepalived to close down all interfaces, reload its
278              configuration, and start up with the new configuration.
279
280       TERM, INT or SIGFUNC=STOP
281              keepalived will shut down.
282
283       USR1 or SIGFUNC=DATA
284              Write configuration data to /tmp/keepalived.data
285
286       USR2 or SIGFUNC=STATS
287              Write statistics info to /tmp/keepalived.stats
288
289       SIGFUNC=JSON
290              Write configuration data in JSON format to /tmp/keepalived.json
291

USING KEEPALIVED WITH FIREWALLD

293       If you are running a firewall (see firewalld(8)) you must allow VRRP
294       protocol traffic through the firewall. For example if this instance of
295       keepalived(8) has a peer node on IPv4 address 192.168.0.1:
296
297              # firewall-cmd \
298                  --add-rich-rule="rule family='ipv4' \
299                                   source address='192.168.0.1' \
300                                   protocol value='vrrp' accept" --permanent
301              # firewall-cmd --reload
302

SEE ALSO

304       keepalived.conf(5), ipvsadm(8)
305
306

AUTHOR

308       This man page was written by Ryan O'Hara <rohara@redhat.com>
309
310
311
312                                   July 2018                     KEEPALIVED(8)
Impressum