A setup for simple implementation of load balance of service, example ssh.
Two machines will be accepting SSH connections, and at the same time act as master/backup failover.
The two machines are connected to a local network and will be assigned a new virtual ip by keepalived.
Steps:
1. On the two debian/ubuntu machines, do
$ sudo apt-get install keepalived
2. Copy the config for keepalived on the first machine:
First Server(Ubuntu Gutsy):
/etc/keepalived/keepalived.conf
global_defs { lvs_id LVS_MAIN } virtual_server 192.168.1.100 22 { delay_loop 30 lb_algo wrr lb_kind NAT persistence_timeout 50 protocol TCP #sorry_server 192.168.100.100 80 real_server 192.168.1.50 22 { weight 2 inhibit_on_failure TCP_CHECK { connect_port 22 connect_timeout 3 nb_get_retry 3 delay_before_retry 1 } } real_server 192.168.1.3 22 { weight 1 inhibit_on_failure TCP_CHECK { connect_port 22 connect_timeout 3 nb_get_retry 3 delay_before_retry 1 } } } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 1 priority 100 #authentication { # auth_type PASS # auth_pass #} virtual_ipaddress { 192.168.1.100/24 brd 192.168.1.255 dev eth0 } }
3. Run the keepalived daemon by,
$ sudo /etc/init.d/keepalived start
4. Check the IP address now loading:
$ ip addr show eth0
5. Or via:
$ sudo tail -f /var/log/messages
6. Now for the second server, Same copy of of the First Server conf but with changes below:
Second Server Configuration(Debian Etch):
/etc/keepalived/keepalived.conf
vrrp_instance VI_1 { state MASTER #interface eth1 #CHANGES: it was in eth0 so, interface eth1 virtual_router_id 1 #CHANGES: it will be a backup, set priority to 100. priority 100 virtual_ipaddress { #192.168.1.100/24 brd 192.168.1.255 dev eth1 # CHANGES: it was in eth0,set as eth0 192.168.1.100/24 brd 192.168.1.255 dev eth0 } }
7. Run keepadlived daemon:
$ sudo /etc/init.d/keepalived start
8. Check the log files of the second server:
$ sudo tail -f /var/log/messages
To test failover, disable the network interface at the first server:
$ sudo /sbin/ifdown eth0
After disable the network interface at First Server, notice the resulting message in the log file showing the transition of the backup server as a master. When the master server is brought back, it automatically set back as backup.
Jun 15 12:30:31 debian Keepalived_healthcheckers: Using MII-BMSR NIC polling thread…
Jun 15 12:30:31 debian Keepalived_healthcheckers: Registering Kernel netlink reflector
Jun 15 12:30:31 debian Keepalived_healthcheckers: Registering Kernel netlink command channel
Jun 15 12:30:31 debian Keepalived_healthcheckers: Configuration is using : 10050 Bytes
Jun 15 12:30:31 debian Keepalived_healthcheckers: IPVS: Module is wrong version
Jun 15 12:30:31 debian last message repeated 2 times
Jun 15 12:30:31 debian Keepalived_healthcheckers: Activating healtchecker for service [192.168.1.50:22]
Jun 15 12:30:31 debian Keepalived_healthcheckers: Activating healtchecker for service [192.168.1.3:22]
Jun 15 12:30:31 debian Keepalived_vrrp: Using MII-BMSR NIC polling thread…
Jun 15 12:30:31 debian Keepalived_vrrp: Registering Kernel netlink reflector
Jun 15 12:30:31 debian Keepalived_vrrp: Registering Kernel netlink command channel
Jun 15 12:30:31 debian Keepalived_vrrp: Registering gratutious ARP shared channel
Jun 15 12:30:31 debian Keepalived_vrrp: Configuration is using : 33353 Bytes
Jun 15 12:30:32 debian Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 15 12:30:33 debian Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 15 12:30:35 debian Keepalived_healthcheckers: TCP connection to [192.168.1.50:22] failed !!!
Jun 15 12:30:35 debian Keepalived_healthcheckers: Disabling service [192.168.1.50:22] from VS [192.168.1.100:22]
Jun 15 12:30:35 debian Keepalived_healthcheckers: IPVS: Module is wrong version
Jun 15 12:31:00 debian Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
Jun 15 12:31:00 debian Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 15 12:31:05 debian Keepalived_healthcheckers: TCP connection to [192.168.1.50:22] success.
Jun 15 12:31:05 debian Keepalived_healthcheckers: Enabling service [192.168.1.50:22] to VS [192.168.1.100:22]
On my test, I got the error Module is wrong since the first server has ubuntu ipvsadm version 1.2.1 and the second server debian etch version 1.0.11. The setup works but hoping there would be any problem with the two different version. I still believe it’s good to have identical version for the ipvsadm for this setup.
The idea is clear enough where you can setup your web service to have a load balanced and failover capabilities.