no42

... search for answer?

UCARP and High Availability

2020-02-07 2 min read Technology Open-Source Ronny Trommer

If you have ever played with BSD you probably ran into CARP. It allows you to build a high available service which is provided by two physical servers behind a virtual shared IP address. The CARP nodes define a master and a backup system. A master serves the content and if the master crashes, the backup system takes over automatically the virtual IP (VIP) and the client won’t notice.

Disclaimer: You should be aware this setup will not share load and increase your network throughput. It just used to increase availabilty and room to do maintenance without bringing your service down.

The same feature is available on Linux named UCARP which is running in user space. This here is a short note on my futureself how this can be done quickly and maybe interesting to others. This here is a short tutorial how to setup two Linux servers running Ubuntu 19.10 with systemd and setting up a VIP with ucarp. The lab setup looks something like in the following image.

ucarp-network

I’ll pick 192.168.178.201/24 as the virtual IP address and 192.168.178.210/24 and 192.168.178.211/24 are assigned to the physical nodes. Install ucarp on both of your servers.

apt update
apt -y install ucarp

To work with systemd modify the vip-up and vip-down scripts on both of your servers:

File: /usr/share/ucarp/vip-up

#!/bin/sh
exec 2>/dev/null
/sbin/ip address add "$2"/32 dev "$1"

File: /usr/share/ucarp/vip-down

#!/bin/sh
exec 2>/dev/null
/sbin/ip address del "$2"/32 dev "$1"

Now you have to create a systemd unit file with the following content on both of your servers:

File. /etc/systemd/system/ucarp.service

[Unit]
Description=UCARP as systemd unit
After=syslog.target
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/sbin/ucarp --interface=ens33 --pass=bYaTxPw2 --srcip=192.168.178.210 --vhid=1 --addr=192.168.178.201 --shutdown --preempt --upscript=/usr/share/ucarp/vip-up --downscript=/usr/share/ucarp/vip-down -B
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

Make sure you adjust the following ucarp arguments:

  • --interface=ens33: interface name of the physical server
  • --pass=bYaTxPw2: set your own shared secret as a password on both servers
  • --srcip=192.168.178.210: the real IP address assigned to your server
  • --vhid=1: the virtual server identifier

You can now enable and start the service with systemctl enable ucarp and systemctl start ucarp. The IP address 192.168.178.201 should now be available. If you want to figure out which is the master and which is the backup, you have to check the log output from ucarp using journalctl -f -u ucarp.

If you want to test the behavior, you can shutdown your master and the backup should immediately take over and you should see the switch in the log output.

So long and thanks for all the fish