HA script for DNS round-robin

install | setup | simple | routing states | check-ha

descr

this is a PoC with thttpd but one could imagine haproxy instead. you would have at least two VIPs and either DNS round-robin –or– CDN load-balance against it – tune MASTER vs. BACKUP and priority accordingly on every node.

the vrrp_script features sets up a restriction for the node to become master.

one could also imagine thise as for an highly-available outbound MTA

warning

we should avoid being contra-productive, the check restriction needs to be as light as possible, as with pidof. using the command directly instead of a script eventually makes it even more simple and reliable.

setup

easily identify the nodes

echo '<p>hello this is node1' > /var/www/thttpd/index.html
echo '<p>hello this is node2' > /var/www/thttpd/index.html
echo '<p>hello this is node3' > /var/www/thttpd/index.html

we’re enabling the check script without specific notify_* actions

vi /etc/keepalived/keepalived.conf

global_defs {
        max_auto_priority -1
        notification_email {
                root@localhost
        }
        notification_email_from keepalive@demo.nethence.com
        checker_log_all_failures

        # eventually run the check script as user
        #enable_script_security
        #script_user keepalive keepalive
}

vrrp_script check-thttpd {
    script "/sbin/pidof thttpd"
    interval 1
    rise 1
    fall 2
}

vrrp_instance vrrp-thttpd1 {
    state MASTER
    #state BACKUP
    interface eth0
    virtual_router_id 51
    priority 2
    #priority 1
    advert_int 1
    virtual_ipaddress {
        192.168.122.201/24
    }
    track_script {
        check-thttpd
    }
    notify "/var/tmp/notify.bash"
}

vrrp_instance vrrp-thttpd2 {
    #state MASTER
    state BACKUP
    interface eth0
    virtual_router_id 51
    #priority 2
    priority 1
    advert_int 1
    virtual_ipaddress {
        192.168.122.202/24
    }
    track_script {
        check-thttpd
    }
    notify "/var/tmp/notify.bash"
}

more vrrp_script options

#weight 50
#init_fail

Resources

check & notify

16.11 About Keepalived Notification and Tracking Scripts https://docs.oracle.com/cd/E37670_01/E41138/html/section_hxz_zdw_pr.html

Keepalived Check and Notify Scripts https://tobru.ch/keepalived-check-and-notify-scripts/

Keepalived check and notify scripts https://wenchma.github.io/2017/04/19/keepalived-check-and-notify-scripts.html

https://tobru.ch/keepalived-check-and-notify-scripts/ ==> check vs. notify

squid HA with check script

https://woshub.com/keepalived-high-availability-with-ip-failover/ ==> track_script

nginx HA with check script

https://www.digitalocean.com/community/tutorials/how-to-set-up-highly-available-web-servers-with-keepalived-and-reserved-ips-on-ubuntu-14-04 ==> system/service ha with check script

Nginx and Keepalived https://warlord0blog.wordpress.com/2018/05/15/nginx-and-keepalived/

https://docs.nginx.com/nginx/admin-guide/high-availability/ha-keepalived/ ==> that’s for nginx plus

Active-Passive HA for NGINX Plus on AWS Using Elastic IP Addresses https://docs.nginx.com/nginx/deployment-guides/amazon-web-services/high-availability-keepalived/

aws-ha-elastic-ip/nginx-ha-notify https://github.com/nginxinc/aws-ha-elastic-ip/blob/master/nginx-ha-notify

Split-brain split brain problem (Keepalived) https://titanwolf.org/Network/Articles/Article?AID=abc85391-3972-4f2f-8a1a-a4817b4174ea

How to set up Keepalived for High Availability and Load Balancing https://www.marksei.com/howto-keepalived-high-availability-load-balancing/