Failover Service with CARP

Brief introduction

About the protocol itself is very well written in Wikipedia. Who are interested in the details and history - there . In a few words about it you can say this: it is a redundancy protocol that allows two or more computers on the same subnet to have the same IP address at the same time, while setting up this group of computers interchangeably is possible (the main computer has disconnected / broken - instead the same is taken for the work of another, whose priority is higher) and so on in a circle, thus ensuring almost 100% availability of services. ARP is native to OpenBSD, FreeBSD, and NetBSD. On Linux with a kernel above 2.4 is available through ucarp.

A little messy, but in the future, I hope, the situation will become clearer.

Environment

For this description, I used Debian GNU / Linux 4.0 under VMWare ESX. We will test the Apache web server service.

Start. Installation

The first thing we put ucarp. Under debian everything is very simple:
')

apt-get install ucarp

The installation of the sorcers should not cause too much difficulty.

wget download.pureftpd.org/pub/ucarp/ucarp-1.2.tar.bz2
tar jxf ucarp-1.2.tar.bz2
cd ucarp-1.2
./configure
make
make install

At the same time we put a web server

apt-get install apache2

UCARP Configuration

The main part of the configuration is common for both the master and the slave (we will look at the differences separately)

First of all, we will create a .conf file in which we will write the parameters for the start of ucarp and the configuration of virtual interfaces

mkdir /etc/ucarp
touch /etc/ucarp/ucarp.conf

/etc/ucarp/ucarp.conf:

# ucarp
UCARP_INTERFACE=eth0

# ip
UCARP_IF_ALIAS=eth0:0

# ip . .
UCARP_SRCIP=172.16.0.11

# CARP ID
UCARP_VHID=1

# , .
# ,
UCARP_ADVBASE=1

# hmac ( sha1).
UCARP_PASS=geheim

# ip
UCARP_ADDR=172.16.0.1

#
UCARP_MASK=255.255.0.0

# /
UCARP_UPSCRIPT=/etc/ucarp/ucarp-up.sh
UCARP_DOWNSCRIPT=/etc/ucarp/ucarp-down.sh

Now it's time to write scripts that will raise the virtual interface when management (master status) will go to the current host and vice versa.

cd /etc/ucarp
touch ./ucarp-up.sh
touch ./ucarp-down.sh

/etc/ucarp/ucarp-up.sh

#!/bin/bash
source /etc/ucarp/ucarp.conf
ifconfig $UCARP_IF_ALIAS $UCARP_ADDR netmask $UCARP_NETMASK

/etc/ucarp/ucarp-down.sh

#!/bin/bash
source /etc/ucarp/ucarp.conf
ifconfig $UCARP_IF_ALIAS down

ucarp-up.sh will be launched when the node is activated. Parameters for alias, virtual interface, address and mask are taken from the ucarp.conf file. As soon as the node loses master status, ucarp-down.sh is launched and the virtual interface is disabled.

The next step is to create a script for running UCARP itself (alternatively, you can create an init script). The script is called start.sh and put in / etc / ucarp.

source /etc/ucarp/ucarp.conf

ucarp /
--interface=$UCARP_INTERFACE /
--srcip=$UCARP_SRCIP /
--vhid=$UCARP_VHID /
--pass=$UCARP_PASS /
--advbase=$UCARP_ADVBASE /
--preempt /
--addr=$UCARP_ADDR /
--daemonize /
--upscript=$UCARP_UPSCRIPT /
--downscript=$UCARP_DOWNSCRIPT

The first line connects our config ucarp.conf, all variables are taken from there. The --daemonize option starts UCARP in daemon mode. Important is the option --preemt which will be present only for the wizard. The final step is to make our scripts run from under the root.

chmod 0700 /etc/ucarp/*.sh

To start testing, I cloned MasterVm and made changes to the following parameters.

- ip address
- Hostname
- UCARP_SRCIP in /etc/ucarp/ucarp.conf

also in the /var/www/apache2-default/index.html file I specified the server name in order to know which node I’d hit.

Go

We start the master and the slave using the /etc/ucarp/start.sh script. Since we specified the --daemonize parameter, no messages will be displayed. Through ifconfig on the wizard, we see the running virtual interface:

  eth0 Link encap: Ethernet HWaddr 00: 22: 15: 6a: 80: d8
           inet addr: 172.16.0.11 Bcast: 172.16.255.255 Mask: 255.255.0.0
           inet6 addr: fe80 :: 250: 56ff: fe82: 352c / 64 
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           RX packets: 402618 errors: 0 dropped: 0 overruns: 0 frame: 0
           TX packets: 9019 errors: 0 dropped: 0 overruns: 0 carrier: 0
           collisions: 0 txqueuelen: 1000
           RX bytes: 34064624 (32.4 MiB) TX bytes: 623570 (608.9 KiB)
           Interrupt: 177

 eth0: 0 Link encap: Ethernet HWaddr 00: 22: 15: 6a: 80: d8
           inet addr: 172.16.0.1 Bcast: 172.20.255.255 Maske: 255.255.0.0
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           Interrupt: 177 

There is no virtual interface on the slave, of course not, it will only be launched when the master status is transferred. The status of the ucap node is written to / var / log / syslog. It looks like this:

On the master:

Nov 26 03:49:17 vmdebian01 ucarp[2327]: [WARNING] Switching to state: MASTER
Nov 26 03:49:17 vmdebian01 ucarp[2327]: [WARNING] Spawning [/etc/ucarp/ucarp-up.sh eth0]

On the slave

Nov 26 03:50:24 vmdebian02 ucarp[3802]: [WARNING] Switching to state: BACKUP
Nov 26 03:50:24 vmdebian02 ucarp[3802]: [WARNING] Spawning [/etc/ucarp/ucarp-down.sh eth0]

When accessing the virtual ip, we find ourselves on server number 1 (running as a master). When the wizard is disconnected from the network, the slave immediately changes its status and starts the interface that is accessible via the cluster ip / mac. Reloading the page in the browser shows that we are already number 2 on the server. When the wizard is connected, everything returns to its place.

Total

Of course, all of the above is a simplified version of the ucarp configuration. in real life, you will also have to think about synchronization of the application level, sessions if it is a web server, files in the case of FTP, etc.