0

I am trying to come up with an architecture for achieving HA on one of our services (in-house service, single tcp connection for all requests). Just started reading on linux-ha and pacemaker, and i'd like to know if the following approach makes any sense:

  1. We have two nodes serving a single service, exactly the same, say A and B.

  2. I would like to give each node its own virtual ip address, so say VA->A, VB->B (to mean virtual address A points to A, etc).

  3. This way, our servers (Cn) which are using the service on A or B would each be configured explicitly to either VA or VB, and would never change.

  4. Now, in case that A fails, i'd like VA to point to B, now having VA->B and VB->B.

  5. Once our failed node (A) comes back up, it should get restored back to VA->A and VB->B.

As a note, we have a load balancer between all servers (Cn), and we dont want to "load-balance" requests also from Ci to A or B (in any case each Ci will have a single tcp connection to its VIP, as long as its alive).

Does this configuration makes sense? Is it something that we could configure linux-ha and pacemaker to do?

I'd appreciate any constructive feedback, Thanks

Shlomi
  • 103
  • 2
  • 1
    It sounds solid, the only thing I'd advise is to make sure that either A and B can handle the entire load, as high loads can cause monitoring scripts to timeout, and that can cause much bigger problems. – NickW Apr 11 '13 at 09:22
  • that a good point, ill make sure to address that, thanks – Shlomi Apr 11 '13 at 09:41

1 Answers1

0

The setup makes sense to me. You can easily configure such a setup with pacemaker. Use the OCF Resource Agent IPaddr2 for the virtual IP addresses.

tlo
  • 548
  • 2
  • 8
  • 24
  • IPaddr2 makes sure the node is responsive. If i'd like the vip to switch when a certain service fails (say i have an OCF script that implements monitor), how would I combine the two? (i went through a bunch of docs, but they are all so huge, its hard to find.. any pointers would help) – Shlomi May 14 '13 at 09:00
  • Usually you colocate your services (see "constraints" in the documentation) that depend on other services on the same host. If the resource can be started on both nodes, it would be easy to let the vip migrate with this resource. But in your case it's a bit different, as your resource is not controlled by the agent (just monitored). Another idea: implement stonith (always a good idea) to shut down a host if your service-monitoring fails. Then set up 2 virtual IPs, one that prefers host A and one that prefers host B (location constraints). These will be migrated if one of the hosts is down. – tlo May 14 '13 at 14:08
  • ok, managed to colocate the two resources, and have them both migrated in case of an error. I must no be getting what you suggest to do with stonith.. looking for a way to have the vip migrate back to its original node once the resource is up again. the thing is that once it migrated, the original node stops monitoring that resource, unless the other node fails, which causes it to get back to the original node. – Shlomi May 21 '13 at 12:42