Reference
vm1 eth1 --- eth1 vm2
10.0.0.10 10.0.0.20
virtual IP : 10.0.0.30 ( vm1 is the master, vm2 is standy )
These VMs are running within KVM.
install ucarp on both machines
# apt-cache search ucarp
ucarp - user-space replacement to VRRP -- automatic IP fail-over
# apt-get install ucarp -y
|
configuration files are..
root@ubuntu1404-vm1:~# dpkg -L ucarp
/.
/usr
/usr/sbin
/usr/sbin/ucarp
/usr/share
/usr/share/ucarp
/usr/share/ucarp/vip-up
/usr/share/ucarp/vip-down
/usr/share/man
/usr/share/man/man8
/usr/share/man/man8/ucarp.8.gz
/usr/share/doc
/usr/share/doc/ucarp
/usr/share/doc/ucarp/NEWS.gz
/usr/share/doc/ucarp/examples
/usr/share/doc/ucarp/examples/vip-down.sh
/usr/share/doc/ucarp/examples/vip-up.sh
/usr/share/doc/ucarp/README.gz
/usr/share/doc/ucarp/NEWS.Debian.gz
/usr/share/doc/ucarp/AUTHORS
/usr/share/doc/ucarp/copyright
/usr/share/doc/ucarp/changelog.Debian.gz
/usr/share/doc/ucarp/README.Debian
/usr/share/locale
/usr/share/locale/en@quot
/usr/share/locale/en@quot/LC_MESSAGES
/usr/share/locale/en@quot/LC_MESSAGES/ucarp.mo
/usr/share/locale/en@boldquot
/usr/share/locale/en@boldquot/LC_MESSAGES
/usr/share/locale/en@boldquot/LC_MESSAGES/ucarp.mo
/etc
/etc/network
/etc/network/if-up.d
/etc/network/if-up.d/ucarp
|
- vm1
copy vip-up.sh and vip-down.sh to /etc
root@ubuntu1404-vm1:~# cp /usr/share/doc/ucarp/examples/vip-*.sh /etc/
|
vip-up.sh and vip-down.sh
This script add or delete virtual IP with “ip addr” command.
root@ubuntu1404-vm1:~# cat /etc/vip-up.sh
#! /bin/sh
exec 2> /dev/null
/sbin/ip addr add "$2"/24 dev "$1"
# or alternatively:
# /sbin/ifconfig "$1":254 "$2" netmask 255.255.255.0
root@ubuntu1404-vm1:~# cat /etc/vip-down.sh
#! /bin/sh
exec 2> /dev/null
/sbin/ip addr del "$2"/24 dev "$1"
# or alternatively:
# /sbin/ifconfig "$1":254 down
|
root@ubuntu1404-vm1:~# ucarp -i eth1 -s 10.0.0.10 -p secret -a 10.0.0.30 --upscript=/etc/vip-up.sh --downscript=/etc/vip-down.sh -P -v 10
[INFO] Local advertised ethernet address is [52:54:00:83:81:7a]
[WARNING] Switching to state: BACKUP
[WARNING] Spawning [/etc/vip-down.sh eth1 10.0.0.30]
[WARNING] Switching to state: MASTER
[WARNING] Spawning [/etc/vip-up.sh eth1 10.0.0.30]
|
- vm2
root@ubuntu1404-vm2:~# cp /usr/share/doc/ucarp/examples/vip-*.sh /etc/
|
root@ubuntu1404-vm2:~# ucarp -i eth1 -s 10.0.0.20 -v 10 -p secret -a 10.0.0.30 --upscript=/etc/vip-up.sh --downscript=/etc/vip-down.sh
[INFO] Local advertised ethernet address is [52:54:00:6c:f6:f9]
[WARNING] Switching to state: BACKUP
[WARNING] Spawning [/etc/vip-down.sh eth1 10.0.0.30]
|
on the vm1
the vm1 has the virtual IP 10.0.0.30
root@ubuntu1404-vm1:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:d6:2c:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.11.8/24 brd 192.168.11.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:83:81:7a brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/8 brd 10.255.255.255 scope global eth1
valid_lft forever preferred_lft forever
inet 10.0.0.30/24 scope global eth1
valid_lft forever preferred_lft forever
|
on the vm2.
root@ubuntu1404-vm2:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:33:63:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.11.9/24 brd 192.168.11.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:6c:f6:f9 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.20/8 brd 10.255.255.255 scope global eth1
valid_lft forever preferred_lft forever
|
Here are capture data between vm1 and vm2.
vm1 is sending VRRP advertisement packets every second, because the vm1 is master.
root@ubuntu1404-vm1:~# tshark -n -r a.pcap | grep -i vrrp
Running as user "root" and group "root". This could be dangerous.
2 0.066233000 10.0.0.10 -> 224.0.0.18 VRRP 70 Announcement (v2)
7 1.066473000 10.0.0.10 -> 224.0.0.18 VRRP 70 Announcement (v2)
13 2.066714000 10.0.0.10 -> 224.0.0.18 VRRP 70 Announcement (v2)
18 3.066874000 10.0.0.10 -> 224.0.0.18 VRRP 70 Announcement (v2)
|
root@ubuntu1404-vm1:~# tshark -n -r a.pcap -Y '(frame.number==2)' -V
Frame 2: 70 bytes on wire (560 bits), 70 bytes captured (560 bits) on interface 0
Interface id: 0
Encapsulation type: Ethernet (1)
Arrival Time: Sep 3, 2014 01:38:05.525315000 JST
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1409675885.525315000 seconds
[Time delta from previous captured frame: 0.066233000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.066233000 seconds]
Frame Number: 2
Frame Length: 70 bytes (560 bits)
Capture Length: 70 bytes (560 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ip:vrrp]
Ethernet II, Src: 00:00:5e:00:00:0a (00:00:5e:00:00:0a), Dst: 01:00:5e:00:00:12 (01:00:5e:00:00:12)
Destination: 01:00:5e:00:00:12 (01:00:5e:00:00:12)
Address: 01:00:5e:00:00:12 (01:00:5e:00:00:12)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
Source: 00:00:5e:00:00:0a (00:00:5e:00:00:0a)
Address: 00:00:5e:00:00:0a (00:00:5e:00:00:0a)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IP (0x0800)
Internet Protocol Version 4, Src: 10.0.0.10 (10.0.0.10), Dst: 224.0.0.18 (224.0.0.18)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 56
Identification: 0xa5bf (42431)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 255
Protocol: VRRP (112)
Header checksum: 0xeb69 [validation disabled]
[Good: False]
[Bad: False]
Source: 10.0.0.10 (10.0.0.10)
Destination: 224.0.0.18 (224.0.0.18)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Virtual Router Redundancy Protocol
Version 2, Packet type 1 (Advertisement)
0010 .... = VRRP protocol version: 2
.... 0001 = VRRP packet type: Advertisement (1)
Virtual Rtr ID: 10
Priority: 0 (Current Master has stopped participating in VRRP)
Addr Count: 7
Auth Type: No Authentication (0)
Adver Int: 1
Checksum: 0xbe51 [correct]
IP Address: 118.254.242.18 (118.254.242.18)
IP Address: 16.243.147.236 (16.243.147.236)
IP Address: 129.117.234.104 (129.117.234.104)
IP Address: 218.22.250.106 (218.22.250.106)
IP Address: 144.81.21.163 (144.81.21.163)
IP Address: 37.200.37.85 (37.200.37.85)
IP Address: 73.224.151.88 (73.224.151.88)
|
reboot the vm1
root@ubuntu1404-vm1:~# reboot
root@ubuntu1404-vm1:~#
|
on the vm2
vm2 took over the virtual IP 10.0.0.30.
root@ubuntu1404-vm2:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:33:63:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.11.9/24 brd 192.168.11.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:6c:f6:f9 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.20/8 brd 10.255.255.255 scope global eth1
valid_lft forever preferred_lft forever
inet 10.0.0.30/24 scope global eth1
valid_lft forever preferred_lft forever
|
vm2 is sending VRRP advertisement every second, because vm2 is master.
root@ubuntu1404-vm2:~# tshark -n -r a.pcap | grep -i vrrp
Running as user "root" and group "root". This could be dangerous.
1 0.000000000 10.0.0.20 -> 224.0.0.18 VRRP 70 Announcement (v2)
4 1.000224000 10.0.0.20 -> 224.0.0.18 VRRP 70 Announcement (v2)
10 2.000407000 10.0.0.20 -> 224.0.0.18 VRRP 70 Announcement (v2)
15 3.000530000 10.0.0.20 -> 224.0.0.18 VRRP 70 Announcement (v2)
|
start ucarp on the vm1 again.
root@ubuntu1404-vm1:~# ucarp -i eth1 -s 10.0.0.10 -p secret -a 10.0.0.30 --upscript=/etc/vip-up.sh --downscript=/etc/vip-down.sh -P -v 10
[INFO] Local advertised ethernet address is [52:54:00:83:81:7a]
[WARNING] Switching to state: BACKUP
[WARNING] Spawning [/etc/vip-down.sh eth1 10.0.0.30]
|
vm1 does not take over the VIP, because I start ucarp with preempt option.
-P --preempt
Turn on preemptive failover. This causes an instance of ucarp to assume master status right immediately. |
reboot the vm2
root@ubuntu1404-vm2:~# reboot
root@ubuntu1404-vm2:~#
|
root@ubuntu1404-vm1:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:d6:2c:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.11.8/24 brd 192.168.11.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:83:81:7a brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/8 brd 10.255.255.255 scope global eth1
valid_lft forever preferred_lft forever
inet 10.0.0.30/24 scope global eth1
valid_lft forever preferred_lft forever
|
you can start ucarp as daemon with -B option.
-B --daemonize
Causes ucarp to detach from the terminal and run in the background as a daemon. |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.