Simple IP Failover with Heartbeat
This article illustrates a method of implementing VERY simple active/passive IP failover using heartbeat. You are reccomended to familiarize yourself with the concepts of High Availability Clustering in Linux before proceeding to implement these instructions in a live/production environment.(SEE: Linux-HA)
For the purposes of this article we will not be configuring pacemaker, we will be using the older style haresources file/method to define our Highly Available Services with heartbeat.
We will NOT be using a load balancer, or any external resource agents with heartbeat; because of this, this setup will only allow for a 2 node ACTIVE/PASSIVE cluster, and we will be using two PHYSICAL machines. You may however try this on two virtual machines/hosts to test first, I see no reason why this setup wouldn't work in a virtual machine/environment.
We will have two machines, and at-least 3 IP addresses, for my setup I have 3 publically accessible/WAN IP Adresses, but this may also be done using two internal/LAN IP's & a single(1) Public/WAN IP address.
The IP/Hostnames/DNS we will be using are as follows:
- ha1.example.com: 18.104.22.168 (WAN)(Virtual IP, not a physical node)
- node1.example.com 22.214.171.124 (WAN OR LAN)(Physical Node/Machine 1)
- node2.example.com 126.96.36.199 (WAN OR LAN)(Physical Node/Machine 2)
*188.8.131.52 & 184.108.40.206 (the IP's our two heartbeat nodes will be using to communicate with eachother over our Local Area Network, these may be public(WAN) or private(LAN) addresses. Each of these two nodes should preferably be on the same subnet but all that is needed is that each node is able to communicate with the other/vice versa.)
*220.127.116.11 (our VIRTUAL IP Address that the two node's will "share" & monitor/bring alive if one node should stop communicating)-- This IP Address may be on ANY subnet. This IP Address should be reachable from the public internet(WAN) IF(IF) you plan for your Highly Available services to be reachable from outside of your private Local Area Network (we will be using this ip address to connect to our Highly Available Services on the 'currently' active node...Alternatively this COULD be a private LAN IP address, where your router has your PUBLIC/WAN IP address assigned to it, and you could forward the ports your Highly Available services will use to the 'lan' IP you choose for this, in your router.
*It is NOT neccesary to have a genuine registered domain name (FQDN) or a DNS server for the purposes of these instructions, heartbeat will use our /etc/hosts file for all heartbeat related hostname/domain name lookups locally(Irregardless of what /etc/host.conf tells it to use.); but, if you would like to reach your highly available services via a domain name from outside your Local Area Network, you will have to register a domain and fix it up with the proper zone/ns/mx/A record/CNAME definitions, and, optionally install/run ICS Bind with the proper/relevant zone definitions & replicate those definitions in /etc/hosts.
Available in AUR:
$ yaourt -S ha-glue ha-heartbeat ha-pacemaker ha-resourceagent inetutils net-tools
Edit the main configuration file for heartbeat /etc/ha.d/ha.cf and make it look like this
deadtime 5 warntime 10 initdead 15 bcast eth0 auto_failback on node node1 node node2 use_logd yes
03. Edit/create the file /etc/ha.d/haresources as follows:
node1 IPaddr::18.104.22.168/22.214.171.124 named httpd mysqld
04. at the end of the line 'node1 IPaddr::126.96.36.199/188.8.131.52' our /etc/ha.d/haresources file append(on the same line) the name of the startup scripts/resource agents for whatever service you would like heartbeat to make highly available. In the example above in step 03. We have told heartbeat to manage named(BIND) httpd(APACHE) mysqld(MYSQL Server), see here:
IPaddr::184.108.40.206/220.127.116.11 IPaddr::18.104.22.168/22.214.171.124 named httpd mysqld
05. Edit /etc/rc.conf and place heartbeat at the END of your daemons array...
That's it! Fire up both nodes, pull the plug on your primary node/node1, and check node two to see that it has taken over your H.A Services & Virtual IP Address. E.G. 'ip addr show','ps aux'...