BestHub
Sign in
Operations 13 min read

How to Build a High‑Availability Web Service on CentOS 7 with Keepalived & LVS

This guide walks you through setting up a highly available web service on CentOS 7 by using Vagrant to create four virtual machines, installing Keepalived and OpenResty, configuring VRRP and LVS for load balancing, binding a virtual IP, and testing failover to ensure continuous service delivery.

21CTO
21CTO
21CTO
How to Build a High‑Availability Web Service on CentOS 7 with Keepalived & LVS

In this tutorial we show how to achieve high availability and load balancing for a web service on CentOS 7 using Keepalived and LVS.

Preparation

If you prefer a quick start, clone the mylxsw/keepalived-example repository and run make create to provision the entire demo environment automatically.

Create test VMs with Vagrant

Four virtual machines are defined in a Vagrantfile. Replace the placeholder IP addresses in the configuration files as follows:

keepalived (master) – 192.168.88.8 – Load‑balancer master

keepalived‑backup – 192.168.88.9 – Load‑balancer backup

node‑1 – 192.168.88.10 – Web server

node‑2 – 192.168.88.11 – Web server

client – 192.168.88.2 – Test client (any IP can be used)

The virtual IP (VIP) used for the service is 192.168.88.100, and the client accesses the service via this address.

Start Vagrant environment

vagrant up

Log into each VM with: vagrant ssh All commands require root privileges; you can switch to root with su root (password: vagrant) or prefix commands with sudo.

Set hostnames

# On 192.168.88.8
hostnamectl set-hostname keepalived
# On 192.168.88.9
hostnamectl set-hostname keepalived-backup
# On 192.168.88.10
hostnamectl set-hostname node-1
# On 192.168.88.11
hostnamectl set-hostname node-2

Install Keepalived

yum install -y keepalived ipvsadm

Enable it to start on boot:

systemctl enable keepalived

Install web service (OpenResty/Nginx)

yum install -y yum-utils
yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
yum install -y openresty

Modify the default page to display the server’s IP address:

ip addr show eth1 | grep '192.168.88.' | awk '{print $2}' > /usr/local/openresty/nginx/html/index.html

Enable and start the web server:

systemctl enable openresty
systemctl start openresty

Configure Keepalived for high availability

The following is the core of /etc/keepalived/keepalived.conf (both keepalived nodes use the same file except for the priority value).

global_defs {
    router_id LVS_8808
}

vrrp_instance HA_WebServer {
    state MASTER
    interface eth1
    virtual_router_id 18
    garp_master_refresh 10
    garp_master_refresh_repeat 2
    priority 100   # set to 99 on the backup node
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        192.168.88.100/24
    }
}

virtual_server 192.168.88.100 80 {
    delay_loop 6
    lb_algo wlc
    lb_kind DR
    protocol TCP
    nat_mask 255.255.255.0
    real_server 192.168.88.10 80 {
        weight 3
        HTTP_GET {
            url {
                path /
                status_code 200
            }
            connect_timeout 1
        }
    }
    real_server 192.168.88.11 80 {
        weight 3
        HTTP_GET {
            url {
                path /
                status_code 200
            }
            connect_timeout 1
        }
    }
}

After editing, restart Keepalived on both nodes:

systemctl restart keepalived

Bind the VIP on the web servers (DSR mode)

Because we use Direct Server Return (DR) mode, each web server must bind the VIP to its loopback interface: ip addr add 192.168.88.100/32 dev lo To make the binding persistent, create /etc/sysconfig/network-scripts/ifcfg-lo:0 with the following content:

DEVICE=lo:0
IPADDR=192.168.88.100
NETMASK=255.255.255.255
ONBOOT=yes
NAME=loopback

Restart the network service:

systemctl restart network

Testing failover

Access the service via the VIP (e.g., http://192.168.88.100) and you will see responses from both web servers. Stop Keepalived on the master node: systemctl stop keepalived The backup node automatically takes over, and the VIP moves to it. Verify the change with ipvsadm -Ln and by checking the logs in /var/log/message. Restart Keepalived on the original master to see the VIP migrate back.

Conclusion

Following this guide you now have a functional high‑availability web service using Keepalived and LVS. The same approach can be applied to other critical services such as MySQL, Redis, or RabbitMQ.

References

24 Hours 365 Days Continuous Service: Core Technologies of Server Infrastructure

Topology diagram
Topology diagram
Keepalived master status
Keepalived master status
Keepalived backup status
Keepalived backup status
VIP after failover
VIP after failover
VIP after master recovery
VIP after master recovery
LVS connection table
LVS connection table
LVS after removing a failed node
LVS after removing a failed node
Client request distribution
Client request distribution
LVS statistics
LVS statistics
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

high availabilityCentOSLVSkeepalivedVagrant
21CTO
Written by

21CTO

21CTO (21CTO.com) offers developers community, training, and services, making it your go‑to learning and service platform.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment