High availability HAProxy

From StdOut
This page is currently a draft. Please check back later for additional changes.

A lot of my homelab traffic goes through the HAProxy reverse proxy — making it a single point of failure. This can be fixed by having two HAProxy servers and a floating IP.

High availability (HA) is a characteristic of a system, which aims to ensure an agreed level of operational performance, usually uptime, for a higher than normal period. (source: Wikipedia)

heartbeat vs keepalived

(...) So in short, I would not like to have my router/firewall/load balancer running on heartbeat, as well as I would not like to have my fileserver/ disk storage/database run on keepalived. -Willy Tarreau

HAProxy was written in 2000 by Willy Tarreau, a core contributor to the Linux kernel, who still maintains the project. (source: Wikipedia)

Installing keepalived

$ sudo apt-get install linux-headers-$(uname -r)
$ sudo apt-get install keepalived

Configuring keepalived

$ sudo vim /etc/keepalived/keepalived.conf
vrrp_script chk_haproxy {
    script "/usr/bin/killall -0 haproxy"
    interval 2
    user root
}

global_defs {
    notification_email {
        root@server.com
    }

    notification_email_from keepalived@haproxy.lan.server.com
    smtp_server localhost
    smtp_connect_timeout 30
    enable_script_security
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 101
    priority 101
    advert_int 1
    smtp_alert

    authentication {
        auth_type PASS
        auth_pass password
    }

    virtual_ipaddress {
        10.0.0.1
    }

    virtual_ipaddress_excluded {
        2001:0db8:85a3:0000:0000:8a2e:0370:7334
    }

    track_script {
        chk_haproxy
    }
}
  1. priority value will be higher on Master server, It doesn’t matter what you used in state. If your state is MASTER but your priority is lower than the router with BACKUP, you will lose the MASTER state.
    • I used 101 on master, and 100 on the slave.
  2. virtual_router_id should be same on both LB1 and LB2 servers.
  3. By default single vrrp_instance support up to 20 virtual_ipaddress. In order to add more addresses you need to add more vrrp_instance
  4. state is set to MASTER and BACKUP respectively.
  5. interface needs to match the network interface device name.

Now we start keepalived and verify that master has taken the floating IPs:

$ sudo systemctl start keepalived
$ ip addr show eth0

Resources