I have a simple two host graylog cluster for which i need to load balance udp syslog traffic, I'm using keepalived, floating ip and load balancing work perfectly, but it still directs traffic to all nodes even to those on which healthcheck failed, i want it to direct a traffic to healthy nodes only, here's my keepalived.conf:
global_defs {
enable_script_security
script_user root root
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface enp0s3
virtual_router_id 216
priority 200
advert_int 1
preempt_delay 30
authentication {
auth_type PASS
auth_pass redacted
}
virtual_ipaddress {
192.168.0.X
}
}
virtual_server 192.168.0.X 514 {
delay_loop 1
protocol UDP
lb_algo wrr # makes no difference
lb_kind NAT # no difference too
real_server 192.168.0.A 514 {
weight 1
HTTP_GET {
url {
path "/api/system/lbstatus"
status_code 200
}
connect_timeout 3
connect_port 9000
}
}
real_server 192.168.0.B 514 {
weight 1
HTTP_GET {
url {
path "/api/system/lbstatus"
status_code 200
}
connect_timeout 3
connect_port 9000
}
}
}
it's the same on the second host, except state BACKUP and lower priority, both keepalived instances cooperate, I see healthchecks fails and successes, adding and removing services from and to VS etc in logs, but both hosts receive data even though healthcheck on one failed (verified with tcpdump)
What am I doing wrong?
