In this article, we’ll build a pair of HAProxy load balancers running on Ubuntu 14.04 LTS, and use keepalived to provide failover of our virtual IP address(es). This article is part of our series on building a highly available OpenStack controller stack, but it can also be used on its own. We’ll install the services and setup a base configuration that we’ll return to as we build the various OpenStack services.
For this configuration, I’ve created two Ubuntu 14.04 servers (mine are virtual servers with two virtual cpus and 1 GB of RAM). You’d probably want to make these bigger in a production environment, depending on the number of concurrent connections you expect. I’ve given them hostnames and IP addresses:
- haproxy1 (192.168.1.30)
- haproxy2 (192.168.1.31)
We’ll also need to allocate a third IP address to use as the virtual IP address (VIP). We’ll use 192.168.1.32. This will ultimately be the endpoint used to access the OpenStack services that we’ll build later.
The first thing we need to do is to let the kernel know that we intend to bind additional IP addresses that won’t be defined in the interfaces file. To do that we edit /etc/sysctl.conf and add the following line:
Then we run the following command to make this take effect without rebooting:
Next we can install the software we need (HAProxy and keepalived):
Next, we define the keepalived configuration by creating the following file:
Notice there’s a few specific items that we need to set for this. I’ve set the router_id to be the hostname, and I’ve specified the VIP as 192.168.1.32. When you create this file on the second node, make sure to use the hostname of the second node.
Next, we will define the HAProxy configuration:
Notice that I’ve used the local IP address in the file in two locations, in the global section for the log location, and in the stats listener. When you setup the second node, make sure to use its IP address. Also notice the username and password in the status auth line. Set this to whatever you want. Then, you will be able to access the stats page via your browser.
Now we need to enable HAProxy. To do this, edit the file /etc/default/haproxy and change ENABLED from 0 to 1:
Now we can restart the services:
Once you’ve completed all of these steps on both nodes, you should now have a highly available load balancer pair. At this point, our VIP should be active on one node (assuming that you built node 1 first, it should be active on that node). To confirm, we can use the ip command:
Notice that both the local IP and the VIP are shown. If we now reboot node 1, node 2 will quickly pick up the VIP.
That’s it! We have our high availability load balancer complex. We’re not load balancing anything yet, but as we build the services of our OpenStack controller stack, we’ll return to the haproxy.cfg and add things as we go. In the next article, we’ll create a Highly Available MySQL service for our OpenStack deployment, and place it behind these load balancers.