by Andrew Johnstone
In: Linux
2 Apr 2010We have re-written parts of the default configuration for ucarp & haproxy to run several VIPs on the same interface. This works on debian, however some minor modifications maybe needed for other distributions.
/etc/network/if-up.d/ucarp
#!/bin/sh
UCARP=/usr/sbin/ucarp
EXTRA_PARAMS=""
if [ ! -x $UCARP ]; then
exit 0
fi
if [ -z "$IF_UCARP_UPSCRIPT" ]; then
IF_UCARP_UPSCRIPT=/usr/share/ucarp/vip-up
fi
if [ -z "$IF_UCARP_DOWNSCRIPT" ]; then
IF_UCARP_DOWNSCRIPT=/usr/share/ucarp/vip-down
fi
if [ -n "$IF_UCARP_MASTER" ]; then
if ! expr "$IF_UCARP_MASTER" : "no|off|false|0" > /dev/null; then
EXTRA_PARAMS="-P"
fi
fi
if [ -n "$IF_UCARP_ADVSKEW" ]; then
EXTRA_PARAMS="$EXTRA_PARAMS -k $IF_UCARP_ADVSKEW"
fi
if [ -n "$IF_UCARP_ADVBASE" ]; then
EXTRA_PARAMS="$EXTRA_PARAMS -b $IF_UCARP_ADVBASE"
fi
# Allow logging to custom facility
if [ -n "$IF_UCARP_FACILITY" ] ; then
EXTRA_PARAMS="$EXTRA_PARAMS -f $IF_UCARP_FACILITY"
fi
# Modified to use start / stop /daemon
if [ -n "$IF_UCARP_VID" -a -n "$IF_UCARP_VIP" -a
-n "$IF_UCARP_PASSWORD" ]; then
start-stop-daemon -b -m -S -p "/var/run/ucarp.$IF_UCARP_VIP.pid" -x $UCARP -- -i $IFACE -s $IF_ADDRESS -z
-v $IF_UCARP_VID -p $IF_UCARP_PASSWORD -a $IF_UCARP_VIP
-u $IF_UCARP_UPSCRIPT -d $IF_UCARP_DOWNSCRIPT
$EXTRA_PARAMS
fi
/etc/network/if-down.d/ucarp
#!/bin/sh
UCARP=/usr/sbin/ucarp
EXTRA_PARAMS=""
if [ ! -x $UCARP ]; then
exit 0
fi
if [ -z "$IF_UCARP_UPSCRIPT" ]; then
IF_UCARP_UPSCRIPT=/usr/share/ucarp/vip-up
fi
if [ -z "$IF_UCARP_DOWNSCRIPT" ]; then
IF_UCARP_DOWNSCRIPT=/usr/share/ucarp/vip-down
fi
if [ -n "$IF_UCARP_MASTER" ]; then
if ! expr "$IF_UCARP_MASTER" : "no|off|false|0" > /dev/null; then
EXTRA_PARAMS="-P"
fi
fi
if [ -n "$IF_UCARP_ADVSKEW" ]; then
EXTRA_PARAMS="$EXTRA_PARAMS -k $IF_UCARP_ADVSKEW"
fi
if [ -n "$IF_UCARP_ADVBASE" ]; then
EXTRA_PARAMS="$EXTRA_PARAMS -b $IF_UCARP_ADVBASE"
fi
# Allow logging to custom facility
if [ -n "$IF_UCARP_FACILITY" ] ; then
EXTRA_PARAMS="$EXTRA_PARAMS -f $IF_UCARP_FACILITY"
fi
# Modified to use start / stop /daemon
if [ -n "$IF_UCARP_VID" -a -n "$IF_UCARP_VIP" -a
-n "$IF_UCARP_PASSWORD" ]; then
start-stop-daemon -K -p "/var/run/ucarp.$IF_UCARP_VIP.pid" -x $UCARP -- -i $IFACE -s $IF_ADDRESS -z
-v $IF_UCARP_VID -p $IF_UCARP_PASSWORD -a $IF_UCARP_VIP
-u $IF_UCARP_UPSCRIPT -d $IF_UCARP_DOWNSCRIPT
$EXTRA_PARAMS
fi
/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 100.100.100.14
netmask 255.255.255.192
broadcast 100.100.100.63
gateway 100.100.100.1
up /bin/ip address add 100.100.100.32/32 dev eth0 scope host
up /sbin/arptables -I OUTPUT -s 100.100.100.32 -j DROP
down /bin/ip address del 100.100.100.32/32 dev eth0 scope host
down /sbin/arptables -F
up /sbin/ifup eth0:1
down /sbin/ifdown eth0:1
up /sbin/ifup eth0:2
down /sbin/ifdown eth0:2
up /sbin/ifup eth0:3
down /sbin/ifdown eth0:3
auto eth0:1
iface eth0:1 inet static
address 100.100.100.26
netmask 255.255.255.192
broadcast 100.100.100.63
ucarp-vid 6
ucarp-vip 100.100.100.34
ucarp-password password
ucarp-advskew 14
ucarp-advbase 1
ucarp-facility local1
ucarp-master no
ucarp-upscript /etc/network/local/vip-up-mywebsite1.com
ucarp-downscript /etc/network/local/vip-down-mywebsite1.com
iface eth0:1:ucarp inet static
address 100.100.100.34
netmask 255.255.255.192
auto eth0:2
iface eth0:2 inet static
address 100.100.100.40
netmask 255.255.255.192
broadcast 100.100.100.63
ucarp-vid 9
ucarp-vip 100.100.100.36
ucarp-password password
ucarp-advskew 14
ucarp-advbase 1
ucarp-facility local1
ucarp-master no
ucarp-upscript /etc/network/local/vip-up-mywebsite2.com
ucarp-downscript /etc/network/local/vip-down-mywebsite2.com
iface eth0:2:ucarp inet static
address 100.100.100.36
netmask 255.255.255.192
auto eth0:3
iface eth0:3 inet static
address 100.100.100.44
netmask 255.255.255.192
broadcast 100.100.100.63
ucarp-vid 12
ucarp-vip 100.100.100.31
ucarp-password password
ucarp-advskew 100
ucarp-advbase 1
ucarp-facility local1
ucarp-master no
ucarp-upscript /etc/network/local/vip-up-mywebsite3.com
ucarp-downscript /etc/network/local/vip-down-mywebsite3.com
iface eth0:3:ucarp inet static
address 100.100.100.31
netmask 255.255.255.192
This needs to be stored for each VIP in the listed interfaces above
/etc/network/local/vip-up-mywebsite1.com
#!/bin/sh /sbin/ifup $1:ucarp start-stop-daemon -S -p /var/run/haproxy.mywebsite1.com.pid -x /usr/sbin/haproxy -- -f /etc/haproxy/haproxy.mywebsite1.com.cfg -D -p /var/run/haproxy.mywebsite1.com.pid
/etc/network/local/vip-down-mywebsite1.com
#!/bin/bash start-stop-daemon -K -p /var/run/haproxy.mywebsite1.com.pid -x /usr/sbin/haproxy -- -f /etc/haproxy/haproxy.mywebsite1.com.cfg -D -p /var/run/haproxy.mywebsite1.com.pid /sbin/ifdown $1:ucarp
/etc/haproxy/haproxy.mywebsite1.com.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log /dev/log local1
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy
user haproxy
group haproxy
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
# option httpclose
maxconn 2000
contimeout 50000
clitimeout 50000
srvtimeout 120000
# option httpclose
option forwardfor
listen myweb1 100.100.100.31:80
mode http
balance roundrobin
stats enable
stats realm HaProxy Statistics
stats auth stats:password
stats scope .
stats uri /haproxy?stats
server web1 100.100.100.44:80 check inter 2000 fall 3
server web2 100.100.100.45:80 check inter 2000 fall 3
server web3 100.100.100.46:80 check inter 2000 fall 3
Disable the startup of haproxy and ifup the interfaces.
sed -i 's/ENABLED=1/ENABLED=0/g' /etc/init.d/haproxy stop
I have been a developer for roughly 10 years and have worked with an extensive range of technologies. Whilst working for relatively small companies, I have worked with all aspects of the development life cycle, which has given me a broad and in-depth experience.