5 Setting Up Wackamole/Spread
We've just configured HAProxy to listen on the virtual IP address 192.168.0.99, but someone has to tell lb1 and lb2 that they should listen on that IP address. This is done by Wackamole and Spread which we install like this:
lb1/lb2:
apt-get install wackamole
To allow HAProxy to bind to the shared IP address, we add the following line to /etc/sysctl.conf:
vi /etc/sysctl.conf
[...] net.ipv4.ip_nonlocal_bind=1 |
... and run:
sysctl -p
Next we modify /etc/default/spread and set ENABLED to 1:
vi /etc/default/spread
# Change to enable spread ENABLED=1 # Options, see spread.1 for list OPTIONS="" |
The Spread configuration is located in /etc/spread/spread.conf. We create a backup of the original file and edit spread.conf as follows:
cp /etc/spread/spread.conf /etc/spread/spread.conf_orig
cat /dev/null > /etc/spread/spread.conf
vi /etc/spread/spread.conf
Spread can send broadcast or multicast messages, therefore you have two choices for configuring Spread.
Option 1 (Broadcast Messages):
Spread_Segment 192.168.0.255 { lb1.example.com 192.168.0.100 lb2.example.com 192.168.0.101 } EventLogFile = /var/log/spread.log EventTimeStamp |
Option 2 (Multicast Messages):
Spread_Segment 225.0.1.1 { lb1.example.com 192.168.0.100 lb2.example.com 192.168.0.101 } EventLogFile = /var/log/spread.log EventTimeStamp |
Spread will feel free to use broadcast messages within a sub-network if you use broadcast messages. If IP-multicast is supported by the operating system, then the messages will only be received by those machines who are in the group and not by all others in the same sub-network as happens with broadcast addresses
Now we can start Spread:
/etc/init.d/spread start
On to the Wackamole configuration. Open /etc/default/wackamole and set ENABLED to 1:
vi /etc/default/wackamole
# Change to enable wackamole ENABLED=1 # Options OPTIONS="" |
Then configure Wackamole as follows:
cp /etc/wackamole.conf /etc/wackamole.conf_orig
cat /dev/null > /etc/wackamole.conf
vi /etc/wackamole.conf
Spread = 4803 SpreadRetryInterval = 5s Group = wack1 Control = /var/run/wackamole/wackamole.it Prefer None VirtualInterfaces { eth0:192.168.0.99/24 } Arp-Cache = 60s Notify { eth0:192.168.0.1/32 eth0:192.0.0.0/24 arp-cache } balance { AcquisitionsPerRound = all interval = 4s } mature = 5s |
The VirtualInterfaces stanza is the most important part - it conatins our network interface (eth0 in this example) together with our virtual IP address (192.168.0.99).
The Notify stanza contains hosts (e.g. your router) or subnets to notify when the virtual IP switches. It is not necessary, so you can leave out that stanza, if you like.
(You can learn more about the Wackamole configuration by taking a look at
man 5 wackamole.conf
)
Finally we start Wackamole on both load balancers:
/etc/init.d/wackamole start
Then run:
ifconfig
on both load balancers. The outputs should be different - one load balancer should now own the virtual IP address, e.g. like this:
lb1:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:A5:5B:93
inet addr:192.168.0.100 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fea5:5b93/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9578 errors:0 dropped:0 overruns:0 frame:0
TX packets:6347 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8849468 (8.4 MiB) TX bytes:811454 (792.4 KiB)
Interrupt:177 Base address:0x1400
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:A5:5B:93
inet addr:192.168.0.99 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:177 Base address:0x1400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:51 errors:0 dropped:0 overruns:0 frame:0
TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3528 (3.4 KiB) TX bytes:3528 (3.4 KiB)
lb1:~#
On the other load balancer, the output should be like this:
lb2:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:E0:78:92
inet addr:192.168.0.101 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee0:7892/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6550 errors:0 dropped:0 overruns:0 frame:0
TX packets:4109 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8591676 (8.1 MiB) TX bytes:377481 (368.6 KiB)
Interrupt:177 Base address:0x1400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:824 (824.0 b) TX bytes:824 (824.0 b)
lb2:~#
6 Starting HAProxy
Now we can start HAProxy:
lb1/lb2:
/etc/init.d/haproxy start
7 Testing
Our high-availability load balancer is now up and running.
You can now make HTTP requests to the virtual IP address 192.168.0.99 (or to any domain/hostname that is pointing to the virtual IP address), and you should get content from the backend web servers.
You can test its high-availability/failover capabilities by switching off one backend web server - the load balancer should then redirect all requests to the remaining backend web server. Afterwards, switch off the active load balancer (lb1) or stop Wackamole on the active load balancer - lb2 should take over immediately. You can check that by running:
lb2:
ifconfig
You should now see the virtual IP address in the output on lb2:
lb2:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:e0:78:92
inet addr:192.168.0.101 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee0:7892/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:99050 errors:0 dropped:0 overruns:0 frame:0
TX packets:56342 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:144164308 (137.4 MiB) TX bytes:4502509 (4.2 MiB)
Interrupt:177 Base address:0x1400
eth0:1 Link encap:Ethernet HWaddr 00:0c:29:e0:78:92
inet addr:192.168.0.99 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:177 Base address:0x1400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:60 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4296 (4.1 KiB) TX bytes:4296 (4.1 KiB)
lb2:~#
8 HAProxy Statistics
You might have noticed that we have used the options stats enable and stats auth someuser:somepassword in the HAProxy configuration in chapter 4. This allow us to access (password-protected) HAProxy statistics under the URL http://192.168.0.99/haproxy?stats. This is how it looks:
If you don't need the statistics, just comment out or remove the stats lines from the HAProxy configuration.
9 Links
- HAProxy: http://haproxy.1wt.eu
- Wackamole: http://www.backhand.org/wackamole/
- Spread: http://www.spread.org/
- Debian: http://www.debian.org