So it looks like I am going to get some time to write about my setup after all. If you read my post yesterday, I recently setup a failover load balancing cluster for my company’s public web servers. My previous company did something similar with two F5 Big-IP appliances for about $90,000 or so. I however did it completely for free using Ubuntu Linux and HAProxy!
I mentioned in my post yesterday how to install HAProxy on Ubuntu 11.04, and what you need to do to get it to start correctly at boot up. Today I am going to tell you how to add a second HAProxy server, and configure failover using Keepalived.
- Stand up two identical Ubuntu servers and install HAProxy using my instructions here: (How to Install HAProxy)
- Configure your /etc/haproxy/haproxy.cfg file on Node1, and copy to to Node2 using scp sudo scp /etc/haproxy/haproxy.cfg root@node2:/etc/haproxy/
- Install Keepalived on both servers sudo apt-get install keepalived
- On both servers edit the /etc/sysctl.conf with your favorite text editor (i.e. sudo nano /etc/sysctl.conf) and add the following at the bottom of the file so HAProxy can bind with our virtual IP address(es). net.ipv4.ip_nonlocal_bind=1
- Run sudo sysctl –p
- Run sudo nano /etc/keepalived/keepalived.conf to create your Keepalived configuration, and paste in the following, make sure to change the IP address to match your VIP (Virtual/shared IP address):
vrrp_script chk_haproxy { # Requires keepalived-1.1.13 script "killall -0 haproxy" # cheaper than pidof interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 101 # 101 on master, 100 on backup virtual_ipaddress { 192.168.0.99 } track_script { chk_haproxy } }
- Do the same on Node2, but change the priority to 100 to make Node2 the slave.
- Run the following to start Keepalived: sudo /etc/init.d/keepalived start
- Run the following on Node1 to check to make sure it is listening to your virtual IP address (VIP/Shared IP): ip addr sh eth0
- Start Keepalived on Node2, and run the command above to make sure Node2 is NOT listening to the VIP.
- If it’s not running already, start HAProxy on both servers by running the following:
sudo /etc/init.d/haproxy start
- To test, you can run a constant ping on the VIP and reboot Node1, you should only see one dropped packet if done correctly.
Pretty cool right? One thing to node is that you can have your HAProxy cluster server load balancing to more than one server farm, with multiple IP’s. Just add the multiple VIPs to your /etc/keepalived/keepalived.conf file. For instance, lets say you have to IP’s you want to act as VIPs for two sets of web servers. One VIP is going to be 192.168.0.98 and the other is going to be 192.168.0.99 then add the two IP’s to your config in the virtual IP section like so:
virtual_ipaddress { 192.168.0.98
192.168.0.99}
If you have to add more IP’s later, you can do so and simply restart the Keepalived service. As far as how to create an HAProxy config file, I am going to let you look that up on your own. There are many different settings you can configure for HAProxy including both HTTP modes and TCP modes. I will tell you that I am using HTTP mode for port 80 HTTP traffic, and TCP mode for HTTPS/SSL traffic.
What do you use for load balancing? An appliance like Netscaler, or F5? Maybe an open source option like Pound that provides SSL offload? Let me know what you use and why in the comments.
Via [HowtoForge]
Related articles