VRRP with notify_fifo script

This basic example uses keepalived for VRRP and ifstate as vrrp_fifo script:

use keepalived for VRRP
use ifstate as notify_fifo script to configure the floating virtual IP

ifstate.yamlNixOS

parameters:
  defaults:
    # do not force state for HA soft-fail-over links
    - match:
        - ifname: ^HA-.+$
      clear_addresses: true

interfaces:
  # used as fail-over switch for all VRRP instances
  HA:
    link:
      kind: dummy
      state: up

  # used for soft-fail-over a single VRRP instance
  # (after boot the interface is intentionally down)
  HA-VIP1:
    link:
      kind: dummy

  # physical interface used for VRRP
  eth0:
    addresses:
      - 192.0.2.2/29
    link:
      state: up
      kind: physical
    identify:
      parent_dev_name: "0000:10:00.3"
      parent_dev_bus_name: pci

  # virtual interface for the VIP
  VIP1:
    addresses:
      - 192.0.2.1/29
    link:
      kind: macvlan
      state: up
      address: 42:0d:ef:a0:00:21
      link: eth0
    vrrp:
      name: VIP1
      type: instance
      states:
        - master

{
  networking.ifstate = {
    enable = true;
    settings = {
      parameters = {
        # do not force state for HA soft-fail-over links
        defaults = [{
          match = [{ ifname = "^HA-.+$"; }];
          clear_addresses = true;
        }];
      };
      interfaces = {
        # used as fail-over switch for all VRRP instances
        HA = {
          link = {
            kind = "dummy";
            state = "up";
          };
        };

        # used for soft-fail-over a single VRRP instance
        # (after boot the interface is intentionally down)
        HA-VIP1.link.kind = "dummy";

        # physical interface used for VRRP
        eth0 = {
          addresses = [ "192.0.2.2/29" ];
          link = {
            state = "up";
            kind = "physical";
          };
          identify = {
            parent_dev_name = "0000:10:00.3";
            parent_dev_bus_name = "pci";
          };
        };

        # virtual interface for the VIP
        VIP1 = {
          addresses = [ "192.0.2.1/29" ];
          link = {
            kind = "macvlan";
            state = "up";
            address = "42:0d:ef:a0:00:21";
            link = "eth0";
          };
          vrrp = {
            name = "VIP1";
            type = "instance";
            states = [ "master" ];
          };
        };
      };
    };
  };
}

keepalived

The following example keepalived.conf only contains a minimalistic setup, you should consider more VRRP related tuning (VRRP version, timers, multicast vs. unicast mode, …).

keepalived.conf

global_defs {
  # script settings
  script_user root
  enable_script_security

  # vrrp notify fifo (ifstate)
  vrrp_notify_fifo /run/vrrp-ifstate.fifo
  vrrp_notify_fifo_script "/usr/bin/ifstatecli vrrp-fifo"
}

vrrp_instance VIP1 {
  # start-up default state
  state BACKUP

  # VRRP interface
  interface eth0

  # VRRP w/o VIP (requires keepalived 2.2.8+)
  no_virtual_ipaddress

  # VRRP state depending on other interfaces
  track_interface {
    HA
    HA-VIP1 weight 20
  }

  # VRRP router id
  virtual_router_id 21

  # instance priority
  priority 100

  # preemption delay
  preempt_delay 30
}