How To Create a High Availability Setup with Heartbeat and Floating IPs on Ubuntu 16.04
0

Introduction

Heartbeat is an program that is open-source provides cluster infrastructure capabilities — cluster membership and messaging — to client servers. These capabilities are a component that is critical a high accessibility (HA) host infrastructure. Inside guide, we are going to show how exactly to produce a HA that is 2-node server simply by making use of Heartbeat and a DigitalOcean Floating IP.

Heartbeat is usually utilized in combination with a group resource supervisor (CRM), such as for example Pacemaker, to reach a HA that is complete setup. If you are looking to create a more HA that is robust setup consider making use of Corosync and Pacemaker or Keepalived.

Goal

whenever finished, the HA setup will contain two Ubuntu 16.04 servers in an configuration that is active/passive. This will be accomplished by pointing a IP that is floating that will be exactly how your users will access your solutions or internet site, to point out the main — or active — host unless a deep failing is detected. When the Heartbeat solution detects your server that is primary unavailable, the additional host will immediately run a script to reassign the drifting internet protocol address to it self through the DigitalOcean API. Hence, subsequent system traffic on drifting internet protocol address may be directed towards additional host, that may become the active host before main host becomes available once more (of which point, the main host will reassign the drifting internet protocol address to it self).

Active/passive Diagram

Note: This guide is supposed for demonstration purposes and just covers a few of the facets of establishing a HA that is reliable solution
The primary takeaways of the document will be the information on how exactly to install active/passive nodes within gateway degree also to connect them as much as a drifting IP.
To keep carefully the tutorial easier, rather than configuring reverse-proxy load balancers for each host, we are going to configure them to react using their particular hostname and general public ip.

To accomplish this objective, we are going to follow these actions:

  • Create 2 Droplets which will get traffic
  • Create a IP that is floating designate it to 1 for the Droplets
  • Create a DNS accurate documentation that tips on IP that is floatingoptional)
  • Install Heartbeat on Droplets
  • Configure Heartbeat to perform drifting internet protocol address reassignment solution
  • Create drifting internet protocol address reassignment solution
  • Test failover

With this objective in your mind, we could start taking care of establishing our HA setup.

Prerequisites

In purchase to automate the IP that is floating, we must use the DigitalOcean API. This means that you need to generate a Personal Access Token (PAT), which is an API token that can be used to authenticate to your DigitalOcean account, with read and write access. You can achieve this by following the How To Generate a Personal Access Token section of the API tutorial. Your PAT shall be utilized in a script that’ll be put into both servers within group. It’s important as it allows full access to your DigitalOcean account.( that you keep it somewhere safe for reference,*********)

In addition on API, this guide makes use of the next DigitalOcean features:

Please browse the connected tutorials about them.( if you want to learn more*********)

Create Droplets

The first rung on the ladder is always to produce two Ubuntu Droplets in identical datacenter, that may become the main and additional servers described above. Inside our instance setup, we shall name them “primary” and “secondary” for easy reference. We shall install Nginx on both Droplets and change their index pages with information that uniquely identifies them. This can enable united states a way that is simple demonstrate that the HA setup is working. For a production setup, your servers should run the web load or server balancer of one’s option.

Create two Ubuntu 16.04 Droplets, primary and secondary, with this particular bash script once the individual information:

Example consumer Data

#!/bin/bash

Apt-get update that is-y
Apt-get install nginx that is-y
export HOSTNAME=$(curl -s http://169.254.169.254/metadata/v1/hostname)
export PUBLIC_IPV4=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)
echo Droplet: $HOSTNAME, ip: $PUBLIC_IPV4 > /var/www/html/index.html

This will install Nginx and change the articles of index.html utilizing the Droplet’s hostname and ip (by referencing the Metadata solution). Accessing either Droplet via its general public ip will show a webpage that is basic the Droplet hostname and ip, which is ideal for evaluation which Droplet the drifting internet protocol address is pointing to at a minute.

Create a IP( that is floating***********)

In the DigitalOcean control interface, simply click Networking, within the menu that is top then Floating IPs within the sub menu.

No Floating IPs

Assign a IP that is floating your primary Droplet, then click on the Assign drifting IP key.

After the drifting internet protocol address is assigned, check always in a web browser.( that you can reach the Droplet that it was assigned to by visiting it*********)

http://your_floating_ip

You should start to see the index web page of one’s main Droplet.

Configure DNS (Optional)

If you intend to have the ability to access your HA setup via a domain title, go right ahead and produce an A record within DNS that points your domain towards IP that is floating address. If your domain is using DigitalOcean’s nameservers, follow step three of the How To Set Up a Host Name with DigitalOcean tutorial. Once that propagates, you may access your server that is active via domain title.

The instance domain title we will make use of is example.com. You should use the Floating IP address instead.( if you don’t have a domain name right now,*********)

Install Heartbeat

The next thing is always to install Heartbeat on both servers. The way that is simplest to put in Heartbeat is to utilize apt-get:

sudo apt-get up-date
Sudo install heartbeat that is apt-get

Heartbeat happens to be set up nonetheless it must be configured before it’s going to do just about anything.

Configure Heartbeat

In purchase for our desired group ready to go, we should produce and create these Heartbeat setup files identically both in servers’ /etc/ha.d directories:

  1. ha.cf — international setup for the Heartbeat group, including its user nodes
  2. authkeys — Contains a protection key that delivers nodes ways to authenticate on group
  3. haresources — Specifies the solutions which are handled by the group while the node this is the owner that is preferred of solutions. Remember that this file just isn’t utilized in a setup that utilizes a CRM like Pacemaker

We also must offer a script which will perform the IP that is floating in the function your main Droplet’s accessibility modifications.

Gather Node Information

Before configuring ha.cf, we ought to look the names up of each and every node. Heartbeat calls for that each and every node title fits their particular uname -n production.

On both servers, run this demand to check up the node that is appropriate:

Note the production for the demand. The instance node names are "primary" and "secondary", which fits that which we known as the Droplets.

To determine which nodes can be found, we are going to must also lookup the system software and ip that each and every node uses to talk to other group. You might make use of any system software, provided that each node can achieve another nodes within the group. We will utilize the general public software of our Droplets, which is eth0.

On both servers, make use of this demand to check the IP address up for the eth0 software (or look it within the DigitalOcean control interface):

ip addr reveal eth0 production:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP team standard qlen 1000 link/ether 04:01:76:a5:45:01 brd ff:ff:ff:ff:ff:ff inet 198.51.100.5/24 brd 198.51.100.255 Scope eth0 that is global valid_lft forever preferred_lft forever inet 10.17.0.28/16 range eth0 that is global valid_lft forever preferred_lft forever inet6 fe80::601:76ff:fea5:4501/64 range website link valid_lft forever preferred_lft forever

Note the ip for the system software (highlighted within the instance). Make sure you have the internet protocol address details of both servers.

Create ha.cf File

On both servers, available /etc/ha.d/ha.cf within favorite editor. We will make use of nano:

  • sudo nano /etc/ha.d/ha.cf

The file should really be brand new and empty. We must include the system interfaces and names of each and every node within our group.

Copy and paste this setup to the file, then change the particular names that are node internet protocol address details utilizing the values that individuals seemed up earlier in the day. Inside instance, primary's ip is 198.51.100.5 and secondary's ip is 198.51.100.6:

/etc/ha.d/ha.cf

node primary
ucast eth0 198.51.100.5
node secondary
ucast eth0 198.51.100.6

Save and exit the file. Next, we will set the cluster up's authorization key.

Create authkeys File

The authorization key can be used to permit group users to participate a group. We are able to merely create a key that is random this function.

On the primary node, run these commands to build a authorization that is suitable in a breeding ground variable known as AUTH_KEY:

if [ -z "${AUTH_KEY}" ]; then
  export AUTH_KEY="$(command dd if='/dev/urandom' bs=512 count=1 2>'/dev/null' 
      | demand openssl sha1 
      | demand cut --delimiter=' ' --fields=2)"
fi

Then compose the /etc/ha.d/authkeys file with one of these commands:

sudo bash -c "{
  echo auth1
  echo 1 sha1 $AUTH_KEY
} > /etc/ha.d/authkeys"

Check the articles for the authkeys file similar to this:

  • sudo pet /etc/ha.d/authkeys

It should look something such as this (with a authorization that is different):

/etc/ha.d/authkeys

auth1
1 sha1 d1e6557e2fcb30ff8d4d3ae65b50345fa46a2faa

Ensure your file is readable by the main individual:

  • sudo chmod 600 /etc/ha.d/authkeys

Now content the /etc/ha.d/authkeys file from your own node that is primary to additional node. This can be done by hand, or with scp.

On the secondary host, make sure to set the permissions for the authkeys file:

  • sudo chmod 600 /etc/ha.d/authkeys

At this aspect, both servers must have the identical /etc/ha.d/authkeys file.

Create haresources File

The haresources file specifies preferred hosts combined with solutions your group manages. The host that is preferred the node that should run the associated service(s) if the node is available. If the host that is preferred**************)is maybe not available, in other words. it is really not reachable by the group, among the other nodes takes over. The secondary server will take over if the primary server goes down.( in other words*********)

On both servers, available the haresources file within favorite editor. We will make use of nano:

  • sudo nano /etc/ha.d/haresources

Now include this line on file, replacing within main node's title if it's ( that is different*********)

/etc/ha.d/haresources

primary floatip

Save and exit the file. This configures the primary host once the host that is preferred the floatip solution, that will be at this time undefined. Let us create the floatip solution next.

Create Drifting internet protocol address Reassignment Provider

Our Heartbeat group is configured to keep up the floatip solution, which a node may use to designate the drifting internet protocol address to it self, but we nevertheless must produce the solution. Itself, however, let's create a script that will assign the Floating IP, via the DigitalOcean API, to the node that runs it before we set up the service. Then we will create the floatip service which will run the IP that is floating script.

Create assign-ip Script

For our instance, we will install a python that is basic that assigns a drifting internet protocol address to confirmed Droplet ID, utilising the DigitalOcean API.

On both servers, down load the assign-ip Python script:

  • sudo curl -L -o /usr/local/bin/assign-ip http://do.co/assign-ip

On both servers, allow it to be ( that is executable*********)

  • sudo chmod/usr/local/bin/assign-ip that is +x

Since our script is implementing to an API, we’ll require the Python Requests collection installed:

sudo apt-get python-requests that are install

Use for the assign-ip script calls for the next details:

  • Floating internet protocol address: initial argument on script, the drifting internet protocol address which being assigned
  • Droplet ID: the argument that is second the script, the Droplet ID your drifting internet protocol address should really be assigned to
  • DigitalOcean PAT (APwe token): passed away in once the environment adjustable DO_TOKEN, your read/write DigitalOcean PAT

Feel absolve to review the articles for the script before continuing.

Now we are prepared to produce the floatip solution.

Create floatip provider

To create the floatip solution, all we have to do is produce an init script that invokes the assign-ip script that individuals created early in the day, and reacts to start and stop subcommands. This init script shall be responsible for looking up the Droplet ID of the server, via the Droplet Metadata service. Also, it will require the IP that is floating may be reassigned, while the DigitalOcean API token (the non-public Access Token pointed out within the prerequisites area).

On both servers, include available /etc/init.d/floatip in an editor:

  • sudo nano /etc/init.d/floatip

Then content and paste within init script, changing the parts that are highlighted your DigitalOcean API key while the Floating internet protocol address that ought to be reassigned:

/etc/init.d/floatip

  • #!/bin/bash
  • param=$1
  • export DO_TOKEN='your_DO_API_token'
  • IP='your_floating_IP_address'
  • ID=$(curl -s http://169.254.169.254/metadata/v1/id)
  • if [ "start" == "$param" ] ; then
  • python /usr/local/bin/assign-ip $internet protocol address $ID
  • exit 0
  • elif [ "stop" == "$param" ] ; then
  • exit 0;
  • elif [ "status" == "$param" ] ; then
  • exit 0;
  • else
  • echo "no such command $param"
  • exit 1;
  • fi

Save and exit the file.

Make the script ( that is executable*********)

  • sudo chmod/etc/init.d/floatip that is u+x

whenever this floatip solution is started, it's going to merely phone the assign-ip Python script and assign the specified Floating internet protocol address on Droplet that executed the script. Here is the script that'll be called by the secondary host, in the event that primary host fails, to reassign the IP that is floating itself, . Likewise, the script that is same be utilised by the primary host, to reclaim the drifting internet protocol address, as soon as it rejoins the group.

Start Heartbeat

Now that Heartbeat is configured and all sorts of the scripts it depends on are create, we are prepared to begin the Heartbeat group!

On both servers, run this demand to start out Heartbeat:

  • sudo systemctl begin heartbeat

Our HA setup happens to be complete! Before moving forward, let us test it works as meant.

Test Tall Availability

Itis important to check that a availability that is high works, therefore let us accomplish that now.

Currently, the IP that is floating assigned to the primary node. Accessing the IP that is floating, through the ip or by the domain title which pointing to it, only will show the index web page for the primary host. It will look something like this:( if you used the example user data script,*********)

Floating internet protocol address is pointing to main host

Droplet: primary, ip: 198.51.100.5

This shows your IP that is floating, actually, assigned on main Droplet.

Now, let us start an area terminal and make use of curl to gain access to the drifting internet protocol address on a loop that is 1-second. Use this command to do so, but be sure to replace the URL with your domain or IP address:( that is floating*********)

  • while real; do curl http://example.com; rest 1; done

Currently, this may output similar Droplet title and ip for the server that is primary. It off or stopping the Heartbeat service, we will see if the Floating IP gets reassigned to the secondary server.( if we cause the primary server to fail, by powering*********)

Let's reboot the primary host now. Do this through the DigitalOcean control interface or by operating this demand on server:( that is primary*********)

After minutes, the server that is primary be unavailable. Look closely at the production for the curl cycle which operating within the terminal. You need to notice production that seems like this:

curl cycle production:

Droplet: primary, ip: 198.51.100.5 ... curl: (7) didn't connect with example.com slot 80: Connection declined Droplet: secondary, Ip: 198.51.100.6 Droplet: secondary, Ip: 198.51.100.6 ...

That is, the IP that is floating should be reassigned to point to the IP address of the secondary server. That means that your HA setup is working, as a successful failover that is automatic taken place.

You may or may well not start to see the Connection refused mistake, which could take place in the event that you attempt to access the drifting internet protocol address involving the main host failure while the IP reassignment completion that is floating.

Now, you might power in your primary Droplet, through the DigitalOcean control interface. The floating IP will automatically point back to the primary server as soon as it becomes available again.( because Heartbeat is configured with the primary Droplet as the preferred host to run the Floating IP reassignment script*********)

Conclusion

Congratulations! at this point you have actually a HA that is basic server making use of Heartbeat and a DigitalOcean Floating IP.

If you're looking generate a far more HA that is robust setup consider making use of Corosync and Pacemaker or Keepalived.

In this instance, we’ve set up Nginx as a fundamental load balancer but you could do so by either configuring Nginx as one, or using HAProxy.( if you wanted to improve your Heartbeat setup utilizing a reverse-proxy load balancer,*********)

Please take into account that with either alternative you decide to make use of, you should bind your load balancer/reverse-proxy on anchor ip which means your users can simply access your servers through the IP that is floating (and never through the general public ip of each and every host).

Just how to Install phpIPAM on Ubuntu 16.04

Previous article

Just how to Install WordPress on Nginx + HHVM VPS

Next article

You may also like

Comments

Leave a reply

Your email address will not be published. Required fields are marked *