High Availability on FreeBSD: The service IP address, part 1

NOTE: This entry is an adaptation of the Linux version.

In a previous post, we saw what is high availability and what we address when a consumer tries to access a service: The closest possible availability time to 100%.

This entry describes what is the service IP address -entry point to them- and how to setup it using two servers.

To implement the things described under these lines is necessary to have two physical or virtual servers and FreeBSD installed on them.

In order to avoid excessively long entries, I splitted this one into two parts. This first part is an introduction and preparation of systems, while the second shows how to setup the proper service IP address.

The service IP address

When we access a service, the connection is made to an IP address, in a direct way (192.0.2.100) or through a hostname (www.example.com).

Suppose we want to access to a web page (http://www.example.com) and that its associated IP address is “192.0.2.100”. This IP address, through which the page is accessible, is called the “service IP address”.

The objective is to have this IP address always available. For consumers the perception should be like the following image:

To achieve it, having a minimum of two servers, one will have the service IP address assigned and the other will be waiting just in case the first one fails to take it.

If server “server-1” weren’t functional, then server “server-2” would use the service IP address. The service will be degraded -one component in a fail state- but operative and accesible for the consumer.

If no server is available, the service cannot be given as the service IP address cannot be assigned to any of them.

The consumer can’t access the service. It perception will vary:

The method which allows a server to use a service IP address previously assigned to another one when it becomes unavailable is called “IP failover“.

Multiple standard protocols which implement IP failover methods exist. For this post, we will be using CARP.

Required setup

Before we start we must have the necessary material prepared.

We will use two servers called “server-1” and “server-2”. I have used FreeBSD 11.2.

Both servers are connected through “em0” network interface to a switch and belong to 192.0.2.0/24 subnet. The switch is connected to a router whose IP address is 192.0.2.1 and acts as a gateway.

The following diagram shows the equipment interconnection:

We will note both servers information for further reference:

System preparation

In FreeBSD all you have to do is load the kernel module.

We will instruct the system to load it each time it boots adding an entry to /boot/loader.conf file.

And then we load the module to use it without a reboot:

At this point we will verify the following:

– The “carp” module is loaded:

Once everything has been checked, we can start configuring the service IP address, but this will be on the next entry on this serie.

High Availability on Linux: The service IP address, part 1

In the previous post we saw what is high availability and what we address when a consumer tries to access a service: The closest possible availability time to 100%.

This entry describes what is the service IP address -entry point to them- and how to setup it using two servers.

To implement the things described under these lines is necessary to have two physical or virtual servers and a Linux distribution installed on them.

In order to avoid excessively long entries, I splitted this one into two parts. This first part is an introduction and preparation of systems, while the second shows how to setup the proper service IP address.

The service IP address

When we access to a service the connection is made to an IP address, in a direct way (192.0.2.100) or through a host name (www.example.com).

Suppose we want to access to a web page (http://www.example.com) and that its associated IP address is “192.0.2.100”. This IP address, through which the page is accessible, is called the “service IP address”.

The objective is to have this IP address always available. For consumers the perception should be like the following image:

To achieve it, having a minimum of two servers, one will have the service IP address assigned and the other will be waiting just in case the first one fails to take it.

If server “server-1” wasn’t functional, then server “server-2” would use the service IP address. The service will be degraded -one component in fail state- but operative and accesible for the consumer.

If no server is available the service cannot be given as the service IP address cannot be assigned to none of them.

The consumer can’t access the service. It perception will vary:

The method which allows a server to use a service IP address previously assigned to other one when it becomes unavailable is called “IP failover”.

Multiple standard protocols which implements IP failover methods exists, being VRRP the most famous of them and the one we will be using.

Required setup

Before we start we must have the necessary material prepared.

We will use two servers called “server-1” and “server-2”. I have used Debian 8, but this configuration is practically identical on other distributions like CentOS except where network configuration file path and software installation command varies.

Both servers are connected through “eth0” network interface to a switch and belongs to 192.0.2.0/24 subnet. The switch is connected to a router whose IP address is 192.0.2.1 and acts as a gateway.

The following diagram shows the equipment interconnection:

We will note both servers information for further reference:

System preparation

In Linux multiple VRRP protocol implementations exists. On these articles we are going to use “keepalived” for its extra functionality, but another valid option would be “vrrpd“.

The following steps must be done in both servers.

Depending on the choosen distribution  we may install “keepalived” with “apt” or “yum”:

We also need to load and configure the “dummy” kernel module on the server. It provides a virtual network interface where the service IP address will be assigned.

To load and make it permanent across server reboots we need to run:

To configure it and make it permanent across server reboots we need to run:

Once loaded we will verify that “dummy0″ interface is available:

We’ll leave the interface ready to use:

We need a last change on the operating system: We should allow processes (programs running in the background) to listen network requests on an IP address that doesn’t belong to them.

As the service IP address will be assigned to an unique server, the other one doesn’t have it, so it won’t allow programs to use it to listen for data. That implies,  once the service IP address changes from server, accessing to the server which has the address in such moment and run the necessary programs that, now successfully, can use such IP address.

This will limit us so much and we don’t met the “high availability” premise -The service IP address changes from one server to another, but programs won’t run without manual (human) intervention- so we will configure the system to allow processes to listen on any IP address, even if doesn’t belong to it.

At this point we will verify the following:

– Keepalived software is installed:

– The “dummy” module is loaded and configured:

– The “dummy0” interface exists and is ready to listen:

– The system has the net.ipv4.ip_nonlocal_bind variable set to 1:

Once everything has been checked, we can start configuring the service IP address, but this will be on the next entry on this serie.

High availability: Introduction

This entry is the first one of multiples I will write about high availability systems, being this one an introduction to necessary basic concepts to understand what is and why is it for. The articles will be focused on software high availability.

The entry will serve both newcomers or people managing computer services which aren’t technical and those introduced into the subject who wants to refresh their concepts or correct me on that he/she believes appropiate.

As we move forward on entries, they’ll become more technical and will require a deeper knowledge. Terminal usage on a Linux distribution, software installation and file editing will become essential requisites.

Along them some services will be configured on high availability, like web servers o database servers, in a way the concepts can be captured into something tangible and that can be implemented with a theoretical component.

After this introduction, lets start.

A computer services world

Today’s computing cannot be conceived without that so called “services”. Services are a mix of software and hardware running 100% of the time, permanently connected to a computer network and whose mission is information transformation and transmission.

If any of the software or hardware aren’t working, then the service cannot be used and we cannot get or transform the information we want.

A service will be very simple such as an unique program on an unique server (or domestic PC) or very complex to be formed with multiple computer programs and hardware. Very popular sites like Google or Facebook runs many programs on thousands of servers and other gear to serve their search, maps, photograpy, social network, etc. services.

When we talk about services we refer to all necessary things (software, hardware, etc.) that composes it to be used for.

Some software used to serve servicios will be “Apache HTTPD Server” which allows to serve web pages with an unique program, or “Postfix” which serves email and uses multiple programs for it. They both can be run on an unique server or domestic PC.

What is availability?

Before we can answer what is high availability, we must know what is availability.

This term, on compute world, refers than an existing service is accesible. A typical service will be a web server, where there are pages stored and accessed from web browsers like this blog.

When an user through his/her web browser tries to visit an existing web site -we correctly wrote it- and it doesn’t load, we say it’s “unavailable” and we cannot view it.

Therefore, “availability” is what allows an existing service being accessed and used without inconvenience.

Availability time

Availability can be measured with a yearly percentage, in minutes. From 0% (0 minutes) to 100% (525600 minutes, approximately). An 1% corresponds to 5260 minutes or 87.6 hours or 3.65 days.

This percentage is called “availability time” or “(service) uptime”. And the time the service hasn’t been available is called “downtime”.

In some services it’s calculated from the first day of the year and on others it’s calculated in annual periods since its activation day.

What is high availability?

We can define the high availability as the used technique to provide uninterrupted service, allowing one or more elements (software, servers, network gear, etc.) of such service to be on failure state without impact on the operation or it is not noticeable to the end user.

High availability is achieved through redundancy of the elements of the service: network gear (switches, routers), servers and server components (two or more hard disks, two or more ECC type RAM memory, two or more processors, two or more power supplies) connected to two or more electrical sockets on two or more power strips -each one from an independent electrical supplier-, etc. And most importantly, the programs that provide the service are ready in all that redundant infrastructure to operate.

There is also an article dedicated to high availability in Wikipedia.

Why is it high availability for?

From an user point of view, thanks to high availability we can access a service at any time and put it to use.

For a professional or business, the high availability translates to a better professional image. What will happen if our users cannot access to our website? They cannot see it. And, what will happen if, well, we are hosting providers and let many users with their websites unavailable? Many users that have placed their trust in our business will see how over a time interval their websites aren’t accesibles with the harm that will cause them; and to the business if it must compensate economically for such unavailability.

It can be worse: Lets imagine a bank service responsible of moving money between entities stops working; or the service which gives employee payroll; or the service information exchange between medical consultations.

High availability allows services to be always available. To a user lets enjoy them, and a professional or business ensure their services can be always enjoyed the maximum possible time, trying to be very close to 100%.