Hot Standby HA of No E/ALB by Unicast VRRP
This Hot Standby HA Architecture Pattern realizes VRRP monitor by Unicast in the AWS network that Multicast can not use.
In particular, this design is a useful HA architecture pattern in staging environments of small projects and so on which costs such as E/ALB SaaS need not be paid.
In particular, this design is a useful HA architecture pattern in staging environments of small projects and so on which costs such as E/ALB SaaS need not be paid.
EC2 + RHEL7 + Unicast VRRP + Failure Scripts
- IaaS: AWS EC2
- OS: RHEL 7 or CentOS 7
- Unicast VRRP: keepalived
- Failover & Failback Scripts: Bash + AWS CLI
keepalived Install & Configuration
$ : Node 1 $ sudo yum -y install keepalived $ sudo cp -a /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.org $ sudo vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
admin@example.com
}
notification_email_from node1@example.com
smtp_server mail.example.com
smtp_connect_timeout 30
router_id node1.example.com
}
vrrp_instance VI_0 {
state MASTER
interface eth0
virtual_router_id 10
priority 101
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass foo
}
! VIP
virtual_ipaddress {
10.10.10.10 dev eth0
}
! Node 1
unicast_src_ip 10.10.10.11
! Node2
unicast_peer {
10.10.10.12
}
}
$ : Node 2 $ sudo yum -y install keepalived $ sudo cp -a /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.org $ sudo vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
admin@example.com
}
notification_email_from node2@example.com
smtp_server mail.example.com
smtp_connect_timeout 30
router_id node2.example.com
}
vrrp_instance VI_0 {
state BACKUP
interface eth0
virtual_router_id 10
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass foo
}
! VIP
virtual_ipaddress {
10.10.10.10 dev eth0
}
! Node 2
unicast_src_ip 10.10.10.12
! Node 1
unicast_peer {
10.10.10.11
}
! Failover Script
notify_master "/etc/keepalived/failover.sh"
}
Failback Script (Bash + AWS CLI)
$ : Node 1 $ : for manual failback $ sudo touch /etc/keepalived/failback.sh $ sudo vim /etc/keepalived/failback.sh
#!/bin/bash
# failback.sh
# LAN VIP
VIP=10.10.10.10
# WAN VIP
ALLOCATION_ID=eipalloc-xxxxxxx0
# Instance 1 eth0 IF
INTERFACE_ID_1=eni-xxxxxxx1
# Instance 2 eth0 IF
INTERFACE_ID_2=eni-xxxxxxx2
# Instance ID
INSTANCE_ID=`curl -s http://169.254.169.254/latest/meta-data/instance-id`
# Auth
export AWS_DEFAULT_REGION=`curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | rev | cut -c 2- | rev`
# LAN VIP Unassitnment
aws ec2 unassign-private-ip-addresses --private-ip-addresses $VIP --network-interface-id $INTERFACE_ID_2
# LAN VIP Assignment
aws ec2 assign-private-ip-addresses --private-ip-addresses $VIP --network-interface-id $INTERFACE_ID_1 --allow-reassignment
# WAN VIP Asoociation
aws ec2 associate-address --allocation-id $ALLOCATION_ID --network-interface-id $INTERFACE_ID_1 --private-ip-address $VIP
Failover Script (Bash + AWS CLI)
$ : Node 2 $ : for auto failover $ sudo touch /etc/keepalived/faiover.sh $ sudo vim /etc/keepalived/faiover.sh
#!/bin/bash
# failover.sh
# LAN VIP
VIP=10.10.10.10
# WAN VIP
ALLOCATION_ID=eipalloc-xxxxxxx0
# Instance 1 eth0 IF
INTERFACE_ID_1=eni-xxxxxxx1
# Instance 2 eth0 IF
INTERFACE_ID_2=eni-xxxxxxx2
# Instance ID
INSTANCE_ID=`curl -s http://169.254.169.254/latest/meta-data/instance-id`
# Auth
export AWS_DEFAULT_REGION=`curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | rev | cut -c 2- | rev`
# LAN VIP Unassitnment
aws ec2 unassign-private-ip-addresses --private-ip-addresses $VIP --network-interface-id $INTERFACE_ID_1
# LAN VIP Assignment
aws ec2 assign-private-ip-addresses --private-ip-addresses $VIP --network-interface-id $INTERFACE_ID_2 --allow-reassignment
# WAN VIP Asoociation
aws ec2 associate-address --allocation-id $ALLOCATION_ID --network-interface-id $INTERFACE_ID_2 --private-ip-address $VIP
keepalived Daemon Start
$ : Node 1 $ sudo systemctl start keepalived $ sudo systemctl enable keepalived $ sudo systemctl status keepalived $ sudo ip addr
$ : Node 2 $ sudo systemctl start keepalived $ sudo systemctl enable keepalived $ sudo systemctl status keepalived $ sudo ip addr
Auto Failover Test
$ : Node 1 $ sudo systemctl stop keepalived $ sudo systemctl status keepalived $ sudo ip addr
$ : Node 2 $ sudo ip addr
Manual Failback Test
$ : Node 1 $ sudo systemctl start keepalived $ sudo systemctl status keepalived
$ : Node 2 $ sudo /etc/keepalived/failback.sh $ sudo ip addr
$ : Node 1 $ sudo ip addr
No comments:
Post a Comment