Virtual IP addresses with ucarp, for high-availability

Posted by Steve on Tue 18 Dec 2012 at 09:53

If you're interested in high-availability you typically want to use some kind of load-balancer, to divide traffic between a pool of machines. A simpler approach can be to have a pair of hosts each of which is prepared to take over a single virtual IP address - this is what ucarp allows you to do.

The idea behind ucarp is that a small number of hosts will have their own IP address, but each of them is potentially able to grab a "floating" or "virtual" IP address. This address is the one that is then highly-available.

For example you might wish to host a website, and so you'd configure apache upon two hosts, each of which would have identical contents. Using ucarp you'd then configure an IP address which would be live on only one host at the same time. This shared IP address is then the address that Apache would listen upon.

Now having two hosts, and moving one address between them like this, will allow you to survive the outage of a single host, but you must bear in mind that this will only allow you to be more available and not more scalable. (Because obviously the host which isn't the owner of the floating IP will not receive any traffic and will be sat idle.)

As an example we have two hosts here da-db1 and da-db2, we'll configure the floating IP address 1.2.3.4 to be shared between these hosts. The first step is installing the software on both hosts:

~# apt-get install ucarp
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  libpcap0.8
The following NEW packages will be installed:
  libpcap0.8 ucarp
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 165 kB of archives.
After this operation, 504 kB of additional disk space will be used.

Installing the package will allow you to update the /etc/network/interfaces file on both hosts. I've added identical contents to both files. Some guides will tell you that you should set one to be explicitly the master, and one to be the fall-back, but for the use of ucarp to be slightly useful the servers must have identical content. On that basis I'd rather let them fight it out between themselves!

# /etc/network/interfaces
# ..

# The primary network interface
auto eth0
iface eth0 inet static
address  ..
netmask  ..
gateway  ..
  #######################
  # ucarp configuration
  #######################
  ucarp-vid      1
  ucarp-vip      1.2.3.4
  ucarp-password mypass32
  ucarp-advskew  1
  ucarp-advbase  1
  ucarp-master   no

# The carp network interface, on top of eth0
iface eth0:ucarp inet static
        address 1.2.3.4
        netmask 255.255.255.255

There are several variables used here, and in brief they have the following meaning:

ucarp-vid

The identifier for this virtual interface. Increment for each additional ucarp shared IP you have.

ucarp-vip

The shared IP address we're maintaining.

ucarp-password

The password with which the two hosts will communicate (not in plain-text) to determine which is the master.

ucarp-advskew

All things being equal the host with the lowest value here will become the master.

ucarp-advbase

How often, in seconds, the hosts should try to communicate with each other.

Once these settings are in place you can run "/etc/init.d/networking restart" and you should find that one host will receive the new IP address, as an alias.

Bringing the IP address up/down is the result of executing a simple shell script which is located beneath the directory /usr/share/ucarp. You can specify an alternative script like so:

  ..
  ucarp-advbase 1
  ucarp-master no
  ucarp-downscript  /usr/local/bin/vip-down
  ucarp-upscript    /usr/local/bin/vip-up
  ..

The script will be called with the IP to bring up, or down, as the first argument. You can then stop/start daemons as appropriate.


This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):

This article is copyright 2012 Steve - please ask for permission to republish or translate.