Eu consegui configurar isso, e aqui está como eu fiz:
-
Eu criei um endereço IP global usando o painel de controle do SoftLayer.
-
Eu tenho o Debian 7 em ambos os servidores virtuais HAProxy. Eu adicionei o endereço IP global à interface eth1 em ambos os servidores.
-
Aqui estão as configurações do HAProxy usadas nos dois servidores:
global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 4096 user haproxy group haproxy defaults log global mode http option httplog option dontlognull retries 3 maxconn 2000 option redispatch timeout connect 5000 timeout client 50000 timeout server 50000 stats uri / haproxy listen webfarm 0.0.0.0:80 mode http stats enable stats uri /haproxy?stats stats realm Haproxy\ Statistics stats auth haproxy:stats balance roundrobin cookie LBN insert indirect nocache option httpclose option forwardfor server app1-west <public_ip>:8080 cookie node1 check server app2-west <public_ip>:8080 cookie node2 check
-
Veja as configurações do Keepalived no servidor MASTER:
global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_MASTER_ACTIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 51 priority 101 smtp_alert authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }
-
Veja as configurações do Keepalived no servidor BACKUP:
global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_BACKUP_PASSIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 51 priority 100 smtp_alert advert_int 1 authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }
-
Como dito acima, estou executando o Debian 7. Como pode ser visto nas configurações do keepalive, eu tenho um script notify_master. Aqui está tudo o que é necessário para executar o script:
apt-get install cpanminus libssl-dev build-essential libxml2-dev libexpat1-dev cpanm SOAP::Lite XML::Hash::LX IO::Interface git clone https://github.com/softlayer/softlayer-api-perl-client.git mv softlayer-api-perl-client/SoftLayer /usr/share/perl5
-
Agora que todas as dependências estão no lugar, o script deve funcionar. Aqui está o script, que salvei como
/usr/bin/reroute_global
:#!/usr/bin/env perl use strict; use warnings; use SoftLayer::API::SOAP; use IO::Interface::Simple; # SoftLayer API Information my $api_user = 'YOUR_API_USERNAME'; my $api_key = 'YOUR_API_KEY'; # Get the IP address associated with eth1 my $if = IO::Interface::Simple->new('eth1'); # Create client object to SoftLayer_Account my $client = SoftLayer::API::SOAP->new('SoftLayer_Account', undef, $api_user, $api_key); # Get global IP address ID of first global IP address. my $global_ip_id = $client->getGlobalIpRecords()->result->[0]->{id}; # Create client object to SoftLayer_Network_Subnet_IpAddress_Global $client = SoftLayer::API::SOAP->new('SoftLayer_Network_Subnet_IpAddress_Global', $global_ip_id, $api_user, $api_key); # Reroute global IP address to this systems public IP $client->route($if->address);
Você precisaria alterar a API_USERNAME / KEY para corresponder às suas credenciais da API. O script captura o primeiro IP global dos endereços IP globais do SoftLayer e, em seguida, redireciona o IP global para o sistema. No caso de um failover, o BACKUP torna-se MASTER e executa o script, que encaminha o endereço IP global para si mesmo.
Teste
-
curl http://<global_IP>
- No servidor mestre,
service haproxy stop
-
No backup:
tail -f /var/log/syslog
. Você deveria ver algo assim:Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: VRRP_Script(chk_haproxy) succeeded Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: SMTP alert successfully sent. Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:30 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Transition to MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Entering MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: Opening script file /usr/bin/reroute_global
-
curl http://<global_IP>
(deve funcionar se o failover funcionar)