I have recently tried to load balance my application using HAProxy and was able to do it successfully. Later, I have come across a concept called Floating IP, which can be used along with keepalived to make the load balancer highly available. I wasn't able to understand how to create the floating Ip though. How can I create Floating IP and use it to configure HAProxy? Thanks.
How to create Floating IP and use it to configure HAProxy [closed]
Asked Answered
Assumptions:
- This works on Ubuntu 14.04
- haproxy-primary IP: 198.51.100.10
- haproxy-secondary IP: 198.51.100.20
- shared IP: 198.51.100.50
- Any DNS rules should point to the shared IP (198.51.100.50)
Steps:
- Add a firewall rule for keepalived # 224.0.0.18 is the keepalived multicast address
sudo ufw allow in from 198.51.100.20 to 224.0.0.18
# on 198.51.100.10sudo ufw allow in from 198.51.100.10 to 224.0.0.18
# on 198.51.100.20
- Allow access to a shared IP address
- edit
/etc/sysctl.conf
- set
net.ipv4.ip_nonlocal_bind=1
sudo sysctl -p
# reload config change
- edit
- Install keepalived
sudo apt-get install keepalived
- Configure keepalived on both servers
- Edit/create
/etc/keepalived/keepalived.conf
- See example file below # the priority MUST be different on the primary and secondary servers!
- Edit/create
- Restart keepalived
- sudo service keepalived restart
- Listen on the shared IP address
- Edit
/etc/haproxy/haproxy.cfg
bind 198.51.100.50:80
- Edit
- Restart haproxy (on both haproxy servers)
sudo service haproxy restart
- Verify proper failover
- primary:
sudo ip addr show | grep eth0
# should list the shared IP - secondary:
sudo ip addr show | grep eth0
# should NOT list the shared IP - primary:
sudo service haproxy stop
- primary:
sudo ip addr show | grep eth0
# should NOT list the shared IP - secondary:
sudo ip addr show | grep eth0
# should list the shared IP - primary:
sudo service haproxy start
- primary:
sudo ip addr show | grep eth0
# should list the shared IP - secondary:
sudo ip addr show | grep eth0
# should NOT list the shared IP
- primary:
/etc/keepalived/keepalived.conf
vrrp_script chk_haproxy { # Requires keepalived-1.1.13
script "killall -0 haproxy" # cheaper than pidof
interval 2 # check every 2 seconds
weight 2 # add 2 points of priority if OK
}
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 51
priority 101 # 101 on primary, 100 on secondary
virtual_ipaddress {
198.51.100.50
}
track_script {
chk_haproxy
}
}
The answer from Matt Rice is excellent, but be aware that if you're running SELinux enforcing on Red Hat EL 7, you'll need
sudo setsebool haproxy_connect_any on
...or haproxy will fail to start on the system that does not currently have the virtual ipaddress, with a complaint that it can't bind.
© 2022 - 2024 — McMap. All rights reserved.