Differences

This shows you the differences between two versions of the page.

--- userdoc:tt_high_availability [2018/07/29 19:45]
abelbeck [Example Basic Configuration]
+++ userdoc:tt_high_availability [2018/08/02 10:51] (current)
abelbeck
@@ Line 1: / Line 1: @@
-====== High Availability (keepalived) ======
+====== VRRP High Availability Daemon (keepalived) ======
 AstLinux now supports the [[http://www.keepalived.org/|keepalived]] package, High Availability (HA) is achieved via the VRRP protocol. VRRP is a fundamental brick for implementing router failover.
@@ Line 21: / Line 21: @@
   service keepalived init
+\\
 ===== Example Basic Configuration =====
-As a very basic example, we are creating a hot standby (backup) to a master AstLinux box.  It is assumed that all the important file storage bits of the master are kept in sync with the backup AstLinux box.
+As a very basic example, we are creating a hot standby (backup) to a master AstLinux box.
+!!Note ->!! For a production solution it is assumed that all the important file storage bits of the master are kept in sync with the backup AstLinux box.  Ignored for this example.
 Both boxes share the same ''10.10.50.0/24'' network off the external interface ''eth0''.
@@ Line 34: / Line 36: @@
 The virtual IPv4 address ''10.10.50.244'' labeled ''eth0:10'' will float between "master" and "backup", preferring "master" as long as it is available.
-Master, Primary IPv4: ''10.10.50.62'', Configuration: ''/mnt/kd/keepalived/keepalived.conf''
+Master, primary IPv4: ''10.10.50.62''\\
+Configuration: ''/mnt/kd/keepalived/keepalived.conf''
   ! Configuration File for keepalived
@@ Line 67: / Line 70: @@
   }
-Backup, Primary IPv4: ''10.10.50.65'', Configuration: ''/mnt/kd/keepalived/keepalived.conf''
+Backup, primary IPv4: ''10.10.50.65''\\
+Configuration: ''/mnt/kd/keepalived/keepalived.conf''
   ! Configuration File for keepalived
@@ Line 100: / Line 104: @@
   }
-After the ''/mnt/kd/keepalived/keepalived.conf'' is created, start the ''keepalived'' service on each box via the CLI with:
+After the ''/mnt/kd/keepalived/keepalived.conf'' files are created, start the ''keepalived'' service on each box via the CLI with:
   service keepalived init
-!!Tip ->!! Watch the VRRP packets with ''tcpdump -i eth0 -vvn vrrp''
+!!Tip ->!! Watch the VRRP packets with: ''tcpdump -i eth0 -vvn vrrp''
+At this point on the master ''ip addr show dev eth0'' should display a line containing ''10.10.50.244''
+  inet 10.10.50.244/32 scope global eth0:10
+and the backup box should not display ''10.10.50.244'' .  Note that if something blocked VRRP packets between the boxes then both boxes would think they are the master and both would have ''10.10.50.244'' assigned, which is not good.  Only one occurrence of ''10.10.50.244'' should exist at a time.
+Now test, disconnect the ''eth0'' cable from the master box ... watch the backup box acquire the ''10.10.50.244'' address, then reattach the network cable and watch ''10.10.50.244'' move back to the master.  For added fun, perform a ''ping 10.10.50.244'' from a local device and watch it (almost) not miss a beat during this test.
+More testing, edit the ''/mnt/kd/keepalived/keepalived.conf'' file on the backup and change ''priority 99'' to ''priority 101'', restart ''keepalived'' by:
+  service keepalived restart
+now the backup box should be the master since it has a higher priority.  Undo the priority change and watch it return to normal.
+Now you get the idea, to make this a production solution a few more details will need to be addressed, research the topic and build upon this basic example.
+\\
 ===== Keepalived Scripts =====
@@ Line 112: / Line 132: @@
 If your scripts need a runtime, non-persistent state file, the ''/var/state/keepalived/'' directory is provided for such files.
+\\
 ===== Firewall Configuration =====