Sébastien Han

Stacker! Cepher! What's next?

| Comments | Tag: pacemaker

Pacemaker load-balancing with Clone

Introducing the load-balancing feature with Pacemaker.

Pacemaker allows you to perform load-balancing mecanism thanks to the IPaddr2 resource agent. The point here is to set a virtual IP and make it available in an active/active mode with the help of pacemaker clone.

$ sudo crm configure primitive p_vip ocf:heartbeat:IPaddr2 \
    params ip="172.17.1.100" cidr_netmask="24" nic="eth0" clusterip_hash="sourceip-sourceport" \
    op start interval="0s" timeout="60s" \
    op monitor interval="5s" timeout="20s" \
    op stop interval="0s" timeout="60s" \

What about this clusterip_hash parameter? Specify the hashing algorithm used for the Cluster IP functionality. This parameter is optional by default and the default value is sourceip-sourceport. The CLUSTERIP target is used to create simple clusters of nodes answering to the same IP and MAC address in a round robin fashion.

Possible values:

  • sourceip
  • sourceip-sourceport
  • sourceip-sourceport-destport

This will create the following IPTABLES rule:

Chain INPUT (policy ACCEPT 27879 packets, 6604K bytes)
pkts bytes target     prot opt in     out     source               destination         
    0     0 CLUSTERIP  all  --  eth0   any     anywhere             172.17.1.100         CLUSTERIP hashmode=sourceip clustermac=61:0E:45:64:50:A7 total_nodes=2 local_node=2 hash_init=0

The clustermac is automatically generated by the RA. If you want to learn more about the CLUSTERIP target read that link.

Set up your clone:

$ sudo crm configure clone clo_vip p_vip \
    meta master-max="2" master-node-max="2" clone-max="2" clone-node-max="1" notify="true" interleave="true"

If you want to learn more about the interleave parameter look at the Hastexo article.

Test it, for this purpose you will need to ping the VIP from several client sources and each pacemaker node where the clone runs, execute the following command:

$ sudo tcpdump -i eth0 'icmp[icmptype] = icmp-echoreply'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
02:25:23.612684 IP 172.17.1.100 > 172.17.1.7: ICMP echo reply, id 1569, seq 1, length 64
02:25:24.611475 IP 172.17.1.100 > 172.17.1.7: ICMP echo reply, id 1569, seq 2, length 64
02:25:25.610417 IP 172.17.1.100 > 172.17.1.7: ICMP echo reply, id 1569, seq 3, length 64


Sometime this solution could be useful but at the end it doesn’t replace a ‘real’ load-balancer like LVS.

Comments