$theTitle=wp_title(" - ", false); if($theTitle != "") { ?> } else { ?> } ?>
by Andrew Johnstone
In: Linux
2 Apr 2010We have re-written parts of the default configuration for ucarp & haproxy to run several VIPs on the same interface. This works on debian, however some minor modifications maybe needed for other distributions.
/etc/network/if-up.d/ucarp
#!/bin/sh UCARP=/usr/sbin/ucarp EXTRA_PARAMS="" if [ ! -x $UCARP ]; then exit 0 fi if [ -z "$IF_UCARP_UPSCRIPT" ]; then IF_UCARP_UPSCRIPT=/usr/share/ucarp/vip-up fi if [ -z "$IF_UCARP_DOWNSCRIPT" ]; then IF_UCARP_DOWNSCRIPT=/usr/share/ucarp/vip-down fi if [ -n "$IF_UCARP_MASTER" ]; then if ! expr "$IF_UCARP_MASTER" : "no|off|false|0" > /dev/null; then EXTRA_PARAMS="-P" fi fi if [ -n "$IF_UCARP_ADVSKEW" ]; then EXTRA_PARAMS="$EXTRA_PARAMS -k $IF_UCARP_ADVSKEW" fi if [ -n "$IF_UCARP_ADVBASE" ]; then EXTRA_PARAMS="$EXTRA_PARAMS -b $IF_UCARP_ADVBASE" fi # Allow logging to custom facility if [ -n "$IF_UCARP_FACILITY" ] ; then EXTRA_PARAMS="$EXTRA_PARAMS -f $IF_UCARP_FACILITY" fi # Modified to use start / stop /daemon if [ -n "$IF_UCARP_VID" -a -n "$IF_UCARP_VIP" -a -n "$IF_UCARP_PASSWORD" ]; then start-stop-daemon -b -m -S -p "/var/run/ucarp.$IF_UCARP_VIP.pid" -x $UCARP -- -i $IFACE -s $IF_ADDRESS -z -v $IF_UCARP_VID -p $IF_UCARP_PASSWORD -a $IF_UCARP_VIP -u $IF_UCARP_UPSCRIPT -d $IF_UCARP_DOWNSCRIPT $EXTRA_PARAMS fi
/etc/network/if-down.d/ucarp
#!/bin/sh UCARP=/usr/sbin/ucarp EXTRA_PARAMS="" if [ ! -x $UCARP ]; then exit 0 fi if [ -z "$IF_UCARP_UPSCRIPT" ]; then IF_UCARP_UPSCRIPT=/usr/share/ucarp/vip-up fi if [ -z "$IF_UCARP_DOWNSCRIPT" ]; then IF_UCARP_DOWNSCRIPT=/usr/share/ucarp/vip-down fi if [ -n "$IF_UCARP_MASTER" ]; then if ! expr "$IF_UCARP_MASTER" : "no|off|false|0" > /dev/null; then EXTRA_PARAMS="-P" fi fi if [ -n "$IF_UCARP_ADVSKEW" ]; then EXTRA_PARAMS="$EXTRA_PARAMS -k $IF_UCARP_ADVSKEW" fi if [ -n "$IF_UCARP_ADVBASE" ]; then EXTRA_PARAMS="$EXTRA_PARAMS -b $IF_UCARP_ADVBASE" fi # Allow logging to custom facility if [ -n "$IF_UCARP_FACILITY" ] ; then EXTRA_PARAMS="$EXTRA_PARAMS -f $IF_UCARP_FACILITY" fi # Modified to use start / stop /daemon if [ -n "$IF_UCARP_VID" -a -n "$IF_UCARP_VIP" -a -n "$IF_UCARP_PASSWORD" ]; then start-stop-daemon -K -p "/var/run/ucarp.$IF_UCARP_VIP.pid" -x $UCARP -- -i $IFACE -s $IF_ADDRESS -z -v $IF_UCARP_VID -p $IF_UCARP_PASSWORD -a $IF_UCARP_VIP -u $IF_UCARP_UPSCRIPT -d $IF_UCARP_DOWNSCRIPT $EXTRA_PARAMS fi
/etc/network/interfaces
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 100.100.100.14 netmask 255.255.255.192 broadcast 100.100.100.63 gateway 100.100.100.1 up /bin/ip address add 100.100.100.32/32 dev eth0 scope host up /sbin/arptables -I OUTPUT -s 100.100.100.32 -j DROP down /bin/ip address del 100.100.100.32/32 dev eth0 scope host down /sbin/arptables -F up /sbin/ifup eth0:1 down /sbin/ifdown eth0:1 up /sbin/ifup eth0:2 down /sbin/ifdown eth0:2 up /sbin/ifup eth0:3 down /sbin/ifdown eth0:3 auto eth0:1 iface eth0:1 inet static address 100.100.100.26 netmask 255.255.255.192 broadcast 100.100.100.63 ucarp-vid 6 ucarp-vip 100.100.100.34 ucarp-password password ucarp-advskew 14 ucarp-advbase 1 ucarp-facility local1 ucarp-master no ucarp-upscript /etc/network/local/vip-up-mywebsite1.com ucarp-downscript /etc/network/local/vip-down-mywebsite1.com iface eth0:1:ucarp inet static address 100.100.100.34 netmask 255.255.255.192 auto eth0:2 iface eth0:2 inet static address 100.100.100.40 netmask 255.255.255.192 broadcast 100.100.100.63 ucarp-vid 9 ucarp-vip 100.100.100.36 ucarp-password password ucarp-advskew 14 ucarp-advbase 1 ucarp-facility local1 ucarp-master no ucarp-upscript /etc/network/local/vip-up-mywebsite2.com ucarp-downscript /etc/network/local/vip-down-mywebsite2.com iface eth0:2:ucarp inet static address 100.100.100.36 netmask 255.255.255.192 auto eth0:3 iface eth0:3 inet static address 100.100.100.44 netmask 255.255.255.192 broadcast 100.100.100.63 ucarp-vid 12 ucarp-vip 100.100.100.31 ucarp-password password ucarp-advskew 100 ucarp-advbase 1 ucarp-facility local1 ucarp-master no ucarp-upscript /etc/network/local/vip-up-mywebsite3.com ucarp-downscript /etc/network/local/vip-down-mywebsite3.com iface eth0:3:ucarp inet static address 100.100.100.31 netmask 255.255.255.192
This needs to be stored for each VIP in the listed interfaces above
/etc/network/local/vip-up-mywebsite1.com
#!/bin/sh /sbin/ifup $1:ucarp start-stop-daemon -S -p /var/run/haproxy.mywebsite1.com.pid -x /usr/sbin/haproxy -- -f /etc/haproxy/haproxy.mywebsite1.com.cfg -D -p /var/run/haproxy.mywebsite1.com.pid
/etc/network/local/vip-down-mywebsite1.com
#!/bin/bash start-stop-daemon -K -p /var/run/haproxy.mywebsite1.com.pid -x /usr/sbin/haproxy -- -f /etc/haproxy/haproxy.mywebsite1.com.cfg -D -p /var/run/haproxy.mywebsite1.com.pid /sbin/ifdown $1:ucarp
/etc/haproxy/haproxy.mywebsite1.com.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1 global log /dev/log local1 #log loghost local0 info maxconn 4096 #chroot /usr/share/haproxy user haproxy group haproxy daemon #debug #quiet defaults log global mode http option httplog option dontlognull retries 3 option redispatch # option httpclose maxconn 2000 contimeout 50000 clitimeout 50000 srvtimeout 120000 # option httpclose option forwardfor listen myweb1 100.100.100.31:80 mode http balance roundrobin stats enable stats realm HaProxy Statistics stats auth stats:password stats scope . stats uri /haproxy?stats server web1 100.100.100.44:80 check inter 2000 fall 3 server web2 100.100.100.45:80 check inter 2000 fall 3 server web3 100.100.100.46:80 check inter 2000 fall 3
Disable the startup of haproxy and ifup the interfaces.
sed -i 's/ENABLED=1/ENABLED=0/g' /etc/init.d/haproxy stop
I have been a developer for roughly 10 years and have worked with an extensive range of technologies. Whilst working for relatively small companies, I have worked with all aspects of the development life cycle, which has given me a broad and in-depth experience.