Howto setup High-Available HAProxy with Keepalived
http://blog.laimbock.com/2014/10/01/howto-setup-high-available-haproxy-with-keepalived/Posted on October 1, 2014 by Patrick
Summary
This blog post explains how to setup HAProxy and Keepalived for use with for example the MariaDB Galera cluster setup described here.
The combination of HAProxy and Keepalived will make the MariaDB Galera cluster more resilient and high-available by adding load balancing and transparent failover when a MariaDB cluster node goes down. HAProxy also allows you to separate read and write actions to the MariaDB Galera cluster which is very useful if you want to loadbalance read actions across all MariaDB nodes but want to write to only one MariaDB node.
Since only one of anything is a Single Point of Failure (SPoF) I’ll be using two HAProxy nodes in a high-availability setup. Should the primary HAProxy node fail then Keepalived will initiate an automatic andtransparent failover to the secondary HAProxy node.
Requirements
This tutorial requires the MariaDB Galera cluster setup mentioned above. You will also need 2 nodes (VMs or bare metal) called haproxy1 and haproxy2 each with one IP address. In addition you will also need a third IP address that will be used as the floating Virtual IP (VIP) address between the two HAProxy nodes. The HAProxy nodes don’t need a lot of power, memory or storage. One CPU with 512MB to 1GB memory and an8GB disk are fine.
Let’s get started.
Install HAProxy and Keepalived on both HAProxy nodes
On haproxy1 install HAProxy and Keepalived.
# yum -y install haproxy keepalivedLoaded plugins: fastestmirror, prestoLoading mirror speeds from cached hostfileSetting up Install ProcessResolving Dependencies--> Running transaction check---> Package haproxy.x86_64 0:1.4.24-2.el6 will be installed---> Package keepalived.x86_64 0:1.2.7-3.el6 will be installed--> Finished Dependency ResolutionDependencies Resolved================================================================================Package Arch Version Repository > 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# yum -y install haproxy keepalived
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package haproxy.x86_64 0:1.4.24-2.el6 will be installed
---> Package keepalived.x86_64 0:1.2.7-3.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository > ================================================================================
Installing:
haproxy x86_64 1.4.24-2.el6 base-local 457 k
keepalived x86_64 1.2.7-3.el6 base-local 174 k
Transaction Summary
================================================================================
Install 2 Package(s)
Total download>
Installed> Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 632 k
(1/2): haproxy-1.4.24-2.el6.x86_64.rpm | 457 kB 00:00
(2/2): keepalived-1.2.7-3.el6.x86_64.rpm | 174 kB 00:00
--------------------------------------------------------------------------------
Total 5.6 MB/s | 632 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : keepalived-1.2.7-3.el6.x86_64 1/2
Installing : haproxy-1.4.24-2.el6.x86_64 2/2
Verifying: haproxy-1.4.24-2.el6.x86_64 1/2
Verifying: keepalived-1.2.7-3.el6.x86_64 2/2
Installed:
haproxy.x86_64 0:1.4.24-2.el6 keepalived.x86_64 0:1.2.7-3.el6
Complete!
Now make sure both services start at boot:
# chkconfig haproxy on# chkconfig keepalived on
1
2
# chkconfig haproxy on
# chkconfig keepalived on
Check if both services are properly activated:
# chkconfig | egrep 'haproxy|keepalived'haproxy 0:off1:off2:on3:on4:on5:on6:offkeepalived 0:off1:off2:on3:on4:on5:on6:off
1
2
3
# chkconfig | egrep 'haproxy|keepalived'
haproxy 0:off1:off2:on3:on4:on5:on6:off
keepalived 0:off1:off2:on3:on4:on5:on6:off
That looks good so on to the next node.
Do the same on haproxy2:
# yum -y install haproxy keepalivedLoaded plugins: fastestmirror, prestoLoading mirror speeds from cached hostfileSetting up Install ProcessResolving Dependencies--> Running transaction check---> Package haproxy.x86_64 0:1.4.24-2.el6 will be installed---> Package keepalived.x86_64 0:1.2.7-3.el6 will be installed--> Finished Dependency ResolutionDependencies Resolved================================================================================Package Arch Version Repository > 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# yum -y install haproxy keepalived
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package haproxy.x86_64 0:1.4.24-2.el6 will be installed
---> Package keepalived.x86_64 0:1.2.7-3.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository > ================================================================================
Installing:
haproxy x86_64 1.4.24-2.el6 base-local 457 k
keepalived x86_64 1.2.7-3.el6 base-local 174 k
Transaction Summary
================================================================================
Install 2 Package(s)
Total download>
Installed> Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 632 k
(1/2): haproxy-1.4.24-2.el6.x86_64.rpm | 457 kB 00:00
(2/2): keepalived-1.2.7-3.el6.x86_64.rpm | 174 kB 00:00
--------------------------------------------------------------------------------
Total 5.6 MB/s | 632 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : keepalived-1.2.7-3.el6.x86_64 1/2
Installing : haproxy-1.4.24-2.el6.x86_64 2/2
Verifying: haproxy-1.4.24-2.el6.x86_64 1/2
Verifying: keepalived-1.2.7-3.el6.x86_64 2/2
Installed:
haproxy.x86_64 0:1.4.24-2.el6 keepalived.x86_64 0:1.2.7-3.el6
Complete!
Now make sure both services start at boot:
# chkconfig haproxy on# chkconfig keepalived on
1
2
# chkconfig haproxy on
# chkconfig keepalived on
Check if both services are properly activated:
# chkconfig | egrep 'haproxy|keepalived'haproxy 0:off1:off2:on3:on4:on5:on6:offkeepalived 0:off1:off2:on3:on4:on5:on6:off
1
2
3
# chkconfig | egrep 'haproxy|keepalived'
haproxy 0:off1:off2:on3:on4:on5:on6:off
keepalived 0:off1:off2:on3:on4:on5:on6:off
That looks good so on to the next step.
Allow non-local Virtual IPs on all HAProxy nodes
Make binding to non-local Virtual IPs on all nodes:
# vi /etc/sysctl.confnet.ipv4.ip_nonlocal_bind = 1# sysctl -p
1
2
3
4
# vi /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
# sysctl -p
# vi /etc/sysctl.confnet.ipv4.ip_nonlocal_bind = 1# sysctl -p
1
2
3
4
# vi /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
# sysctl -p
Add HAProxy user to the MariaDB database
Make sure a HAProxy user exists on all MAriaDB nodes so HAProxy can access all the MariaDB nodes to check if they are still up. I’m using the user ‘haproxy’ and use the IPs of all the ethernet interfaces on thetwo HAProxy nodes (not the VIP address):
$ mysql -u root -pEnter password:MariaDB [(none)]> CREATE USER 'haproxy'@'10.0.0.15';MariaDB [(none)]> CREATE USER 'haproxy'@'10.0.0.17';MariaDB [(none)]> FLUSH PRIVILEGES;MariaDB [(none)]> exit
1
2
3
4
5
6
$ mysql -u root -p
Enter password:
MariaDB [(none)]> CREATE USER 'haproxy'@'10.0.0.15';
MariaDB [(none)]> CREATE USER 'haproxy'@'10.0.0.17';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit
Since this information is automatically replicated to db2 and db3 we only
have to do this on db1. You can check if the information was replicated
with:
$ mysql -u root -p -e "select * from mysql.user" | grep haproxy | cut -d$'\t' -f1,2Enter password: 10.0.0.15haproxy10.0.0.17haproxy
1
2
3
4
$ mysql -u root -p -e "select * from mysql.user" | grep haproxy | cut -d$'\t' -f1,2
Enter password:
10.0.0.15haproxy
10.0.0.17haproxy
That looks good. On to the next step.
Setup rsyslog logging for HAProxy
By default HAProxy does not do any logging which obviously needs fixing. To enable HAProxy to log to rsyslog we need to add a rsyslog config file on both HAProxy nodes.
On node haproxy1:
# cat >> /etc/rsyslog.d/haproxy.conf > /etc/rsyslog.d/haproxy.conf > /etc/rsyslog.d/haproxy.conf > /etc/rsyslog.d/haproxy.conf > /etc/haproxy/haproxy.cfg > /etc/haproxy/haproxy.cfg > /etc/haproxy/haproxy.cfg > /etc/haproxy/haproxy.cfg Add Keepalived config
On node haproxy1 first save the default Keepalived configuration:
# cd /etc/keepalived/# mv keepalived.cfg keepalived.cfg.orig
1
2
# cd /etc/keepalived/
# mv keepalived.cfg keepalived.cfg.orig
On node haproxy1 create the Keepalived configuration file:
# cat >> /etc/keepalived/keepalived.cfg > /etc/keepalived/keepalived.cfg > /etc/keepalived/keepalived.cfg > /etc/keepalived/keepalived.cfg
页:
[1]