Here are some scripts that allows reliably failover Elastic IP with Keepalived.
As there may be some delays or even failures in Elastic IP switchover, Keepalived should constantly check owner of Elastic IP and allow other instance to become MASTER if something went wrong.
- VRRP protocol must be allowed for Inbound Secuirty Group.
- Instances must belong to IAM role with permissions to assign Elastic IP.
- You have to replace
%PROCESS%,%REGION%,%LOCAL_IP%,%PEER_IP%,%ELASTIC_IP%with your actual values. - Or you could add tag
aws_ha_keepalivedto instances with the value of your Elastic IP and rungenerate_aws_ha_keepalived.shscript. For that case each instance must have exactly one secondary private ip address which will be used for Keepalived unicast communications and for Elastic IP address assignment.