[lvs-users] [ANNOUNCE] keepalived 2.0.0
acassen at gmail.com
Sun May 27 22:52:39 BST 2018
I am very excited to announce a real major Keepalived release. This
release is 2.0.0 and include a HUGE set of extensions in order to push
it to the next level... These extensions are targetting high
performances and efficiency. The is the the fruit of 2years of hard
work, and I would really like the thanks Quentin Armitage here for
having performed such a great job. Quentin, it is a real pleasure to
have you on board !
In a near future we are going to target documentation (since it is
really out of date) and extensions (such as usability and many others).
This code can be found on www.keepalived.org website or on
If you choose to build keepalived from master github source tree, you
will need to have automake and autoconf installed, and will need to
execute ./build_setup in the root of the git tree before running
anything else. This is documented in the INSTALL file.
ChangeLog for this release is :
2018-05-26 Quentin Armitage <quentin at armitage.org.uk>
* Beta branch merge into master branch ! 2years of dev here !
* Transition to master as soon as decision is made to do so
Previously keepalived waited one further advert interval
This meant that previously if a master went down and sent
priority 0 message, there was one extra advert interval
before the highest priority backup configured the VIP
addresses. Now if vrrp instances have high priorities (i.e.
close to 255), then the transition to master and
configuration of addresses will now occur in a small
multiple of advert_interval/256.
* Process interface state changes immediately.
Previously keepalived waited for advert timer expiry. The
problem was that if an interface went down and came back up
before the next timer expiry, and addresses, routes and
VMACs that we had configured on that interface would be
removed, but we wouldn't know about it.
* Add support for hot-swappable NICs
This also handles interfaces being deleted and restored.
* Add vrrp_track_file option.
This allows track_scripts, which are run on a frequent
scheduled basis, to be replaced with a vrrp_track_file,
which contains a number as a text string which is used in
the same way as the exit status from a track script. The
track_files are only read if they are changed, so external
events can update a track file, rather than their status
needing to be detected by polling by track scripts.
* Add notify fifos.
Rather than sending notifications via notify scripts it is
now possible to send notify messages via fifos. Not only
does this mean that the overhead of executing script for
each notification is removed, but it also guarantees the
delivery of notifications in the correct order, whereas if
the notification is via scripts, there is no guarantee that
the scripts will execute in the desired order if two or more
notifications are sent in quick succession. There can be a
global fifo to process all notifies, and also separate fifos
for vrrp and checkers. It is possible to specify a script
for keepalived to execute to process the messages on the
* Stop logging address addition/deletions if addresses not ours
The -a option can be used to override this behaviour and log
all address changes.
* Transition to fault state if source address for adverts is
deleted from interface
* Transition to backup state if a VIP or eVIP is removed
When we next transition to master the addresses will be
restored. If nopreempt is not set, that will be almost
* Make address owner (priority 255) transition to master
* Don't process a received advert if the authentication fails
* Ignore invalid received adverts totally
Previously the master down timer was being updated, which
meant that a backup could be stuck in backup state even if
the only received adverts were invalid.
* Don't reset timer before sending next advert if receive a
lower priority advert.
This was stopping a higher priority backup instance to stay
in backup state.
* Log if receive invalid authentication header
* Ignore lower priority adverts when backup (to comply with
This also means that the master down timer wasn't reset,
which was causing a delay to becoming master
* Fix first advert interval of vrrp instances in a sync group.
* Stop two vrrp instances with preempt delay and equal
priorities flip-flopping between master and backup state
* Make sync group members transition state at same time
When first instance makes transition (i.e. when the trigger
event occurs) rather than wait for next timer expiry
* Process vrrp track script returning a new status code
immediately For all instances (and their sync group
members), rather than waiting for the next timer expiry on
each instance, the instance will transition update it's
* On reload, make track scripts inherit the state from before
reload. This stops vrrp instances transitioning to down and
coming back up once the script has run.
* Correct the use of adver_int and master_adver_int
* Ensure when leaving fault state that a vrrp instance
transitions to backup unless it has priority 255
* Remove quick_sync functionality since no longer needed.
* Improved code efficiency:
* Finding vrrp instance after read timeout
* When getting interface information for a new vmac, only
request information for that i/f.
* Directly update effective priority of vrrp instances when
scripts return new status rather than scheduling a thread
to do it
* Don't run a read timeout on vrrp instance in fault state
* Don't run a track script if no vrrp instance is tracking it
* Stop checking interface status after every timer expiry
since processing interface state changes is now done
* The timeout for the select call had a maximum timeout of 1
second, it now times out only when something needs to
* The timeout on netlink reads was 500 seconds and this has
been extended to 1 day.
* Streamline signal handling between main process and child
process by using signalfd if available, rather than using a
* Minimise searching for an interface struct based on its
index by using pointers to the interface structures
* Stop opening and closing vrrp scripts before running them.
We can detect they are missing from the return of the exec
* Allow threads that don't need a timeout to never timeout
* Calculate the maximum fd number when calling select() rather
than specifying the maximum of 1024.
* Ignore netlink NEWLINK messages that are only wireless state
* Don't check whether timers have expired after select()
returns if its timeout didn't expire.
* Termination of child processes (scripts) were being handled
* Don't generate the IP header checksum since the kernel will
always generate it.
* Maintain pointers to tracking scripts to save seaching a
list to find the relevant script.
* Vrrp instances to have pointer to interface structure to
avoid having to search based in index
* Fix the checksum calculation for VRRPv3 unicast peers.
* Don't regenerate the full advert packet each time an advert is
sent Keepalived now simply updates the necessary fields and
calculates the change needed to the checksum.
* Detect a vmac interface going down, and make the vrrp instance
transition to fault state.
Previously the instance would only go down if the underlying
interface went down.
* Stop weighted track scripts updating priority of sync group
* Make vrrp instances go straight to fault state at startup if a
relevant interface is down
Previously an instance would start in up state and
transition to fault at next timer expiry
* Ensure that a sync group starts in backup state unless all
members are address owners
* Restore master down timer after leaving fault state
* Use execve() to execute scripts rather than system().
This saves a fork and an extra process, and also allows the
parameters to be parsed once only at startup, rather than
each time the script is invoked.
* Don't treat a failure to execute a script as a failure of the
* Ensure all scripts receive TERM signal when keepalived
* If keepalived is running with an elevated priority, stop
running scripts with that elevated priority.
* Enable an unweighted tracking script make a vrrp instance
which is an address owner transition to fault state
* Delay bringing vrrp instances up at startup until after the
first completion of the tracking scripts
This stops an instance coming up an then being brought back
down again after the script completes with a failure.
* Reduce number of error messages if a script is not executable
* Add linkbeat option per vrrp instance
* Fix timer addition on 32-bit systems
* Ignore netlink messages for interfaces using linkbeat polling
* If priority of vrrp instance changes when in backup due to a
vrrp script, reschedule the read timeout
* If re-using a VMAC after a reload, ensure it is correctly
* Don't send priority 0 adverts when transition to fault state
unless were in master mode
* Identify routes added by keepalived as belonging to keepalived
* Enable vrrp instances to be put into fault state if their
routes are removed
* Add track scripts, track files and track_if to sync groups and
(use sync_group_tracking_weight instead, but only if
* Improve AH authentication sequence number handling, and
(re)enable sequence number checking for VMACs and sync groups
* Remove autoconf/automake generated files from git repo.
Script build_setup will create the necessary build
* Improve and standardise notifications
* Fix not sending RS and VS notifies if omega set
* Add no_checker_emails to not send emails every time a checker
changes state, but only if a real server changes state
* Monitor VIP/eVIP deletion and transition to backup if a
VIP/eVIP is removed unloes it is configured with the no-track
More information about the lvs-users