HAProxy and Keepalived reference - Oliver-Mustoe/Oliver-Mustoe-Tech-Journal GitHub Wiki

Assumed network archetecture for this setup (you have 2 servers ha1,ha2 that act as load balancers and are setup with VRRP for redundancy pointing 2 web servers web01 and web02. IPs can be seen in the diagram and must be adjusted in ones HAProxy and Keepalived configurations to work for your network!)

HAProxy setup

HA1 HAProxy setup

On ha1 I installed haproxy:

sudo apt install haproxy -y

Then on ha1 I created a copy of the original HAProxy config:

sudo cp /etc/haproxy/haproxy.cfg ./habroxy.cfg.backup

Then I added the following to /etc/haproxy/haproxy.cfg WITH sudo vi:

frontend ha
    bind *:80
    default_backend webpool
backend webpool
    balance roundrobin
    server web01 10.0.5.100:80 check
    server web02 10.0.5.101:80 check

And then I restarted and checked HAProxy's status:

sudo systemctl restart haproxy
sudo systemctl status haproxy

Testing HAProxy with curl 10.0.6.11 from xubuntulan:

I would save my haproxy.cfg for ha1 in Github.

HA2 HAProxy setup

I would repeat the HA1 HAProxy setup for ha2 (installing haproxy > creating backup > creating configuration exactly the same as ha1 > restart and check status > check with curl):

(NOTE: Used scp to copy the config file from ha1 into the olivermustoe home directory on ha2, then used sudo cp to copy it to HAProxy directory.)

I would save my haproxy.cfg for ha2 in Github.

Keepalived setup

HA1 Keepalived setup

First I installed keepalived on ha1:

sudo apt update
sudo apt install keepalived -y

Then I setup its configuration (in /etc/keepalived/keepalived.conf, should be owned by root):

vrrp_instance ha {
    state MASTER
    interface ens160
    virtual_router_id 30
    priority 200
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass oliver
    }
    virtual_ipaddress {
      10.0.6.10/24
    }
}

Then I restarted and checked keepalived's status:

sudo systemctl restart keepalived
sudo systemctl status keepalived

With ip a I could check and see the 10.0.6.10 address is now on the ens160 interface:

Used curl 10.0.6.10 to test:

I would save my keepalived.conf under keepalived.conf.ha1 (file must be renamed to "keepalived.conf"/moved to /etc/keepalived if it was to work on a system.)

HA2 Keepalived setup

I would repeat the HA1 Keepalived setup on ha2 with the following differences:

  1. Used the following keepalived configuration:
vrrp_instance ha {
    state BACKUP
    interface ens160
    virtual_router_id 30
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass oliver
    }
    virtual_ipaddress {
      10.0.6.10/24
    }
}

I would save my keepalived.conf under keepalived.conf.ha2 (file must be renamed to "keepalived.conf"/moved to /etc/keepalived if it was to work on a system.)

Last thing I did was I made sure that HAProxy and Keepalived were enabled on ha1 and ha2 with the following commands run on system each!:

sudo systemctl enable haproxy
sudo systemctl enable keepalived