Virtual IP Configuration

virtual_ipaddress {
  10.0.0.3/24 dev eth0 label eth0:1
}
track_script {
  health_check
}

Failover Testing

[root@lb01 ~]# systemctl is-active nginx
active
[root@lb01 ~]# ip a | grep 0.3
inet 10.0.0.3/24 scope global secondary eth0:1
[root@lb01 ~]# systemctl stop nginx
[root@lb01 ~]# ip a | grep 0.3
# VIP migrated after service stop

Dual Master Configuration

Primary Node Configuration

global_defs {
  router_id lb01
}

vrrp_script health_check {
  script "/scripts/health_check.sh"
  interval 2
  weight 1
}

vrrp_instance VI_1 {
  state MASTER
  interface eth0
  virtual_router_id 51
  priority 150
  advert_int 1
  authentication {
    auth_type PASS
    auth_pass 1111
  }
  virtual_ipaddress {
    10.0.0.3/24 dev eth0 label eth0:1
  }
  track_script {
    health_check
  }
}

vrrp_instance VI_2 {
  state BACKUP
  interface eth0
  virtual_router_id 52
  priority 100
  advert_int 1
  authentication {
    auth_type PASS
    auth_pass 1111
  }
  virtual_ipaddress {
    10.0.0.4/24 dev eth0 label eth0:2
  }
}

IP-Based Virtual Hosts

upstream backend_servers {
  server 10.0.0.7:80 weight=1 max_fails=3 fail_timeout=10s;
  server 10.0.0.8:80 weight=1 max_fails=3 fail_timeout=10s;
}

server {
  listen 10.0.0.3:80;
  server_name www.domain.com;
  location / {
    proxy_pass http://backend_servers;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
  }
}

server {
  listen 10.0.0.4:80;
  server_name blog.domain.com;
  location / {
    proxy_pass http://backend_servers;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
  }
}

Kernel Parameter Tuning

[root@lb01 ~]# echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
[root@lb01 ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1

Split-Brain Scenario