heartshare/Docker Swarm Keepalived.md

## Docker Swarm Keepalived.md

      
    Raw
  

              Docker Swarm Keepalived.md
            
          
    Docker Swarm Keepalived Configuration


Part of collection: Hyper-converged Homelab with Proxmox

Keepalived is a Loadbalancer to add ‘high availability` to Linux systemen. See the Keepalived documentatie for more background information.
This setup build on High Available Pi-hole failover cluster using Keepalived and Orbital Sync.
Setup Keepalived

This setup is using a virtual ip address: 192.168.1.4, which is the only that is needed to access Application on the Docker Swarm. http://192.168.1.4:<port-number>
All nodes

sudo apt-get install keepalived -y
Docker Manager Nodes

Add the Script and the Master Node configuration to the Docker Manager servers:
# node_active_ready_check.sh
sudo curl https://gist.github.com/Drallas/4b965da52d259f0125f18bca39ffc8a3/raw/1774c4fad8783c02d0803b58ad1e6f250a432533/script-node_active_ready_check.sh -o /etc/scripts/node_active_ready_check.sh
sudo chmod +x /etc/scripts/node_active_ready_check.sh

# keepalived.conf
sudo curl https://gist.github.com/Drallas/4b965da52d259f0125f18bca39ffc8a3/raw/9368ec523fda134b68e66ce857b607c93b3678e7/script-keepalived-master.conf -o /etc/keepalived/keepalived.conf
Docker Worker Nodes

Add the Keepalived configuration to the server:
# keepalived.conf
sudo curl https://gist.github.com/Drallas/4b965da52d259f0125f18bca39ffc8a3/raw/9368ec523fda134b68e66ce857b607c93b3678e7/script-keepalived-slave.conf -o /etc/keepalived/keepalived.conf

On change node's there can't be a script that check docker node ls, hence it only monitors the status of the docker service.
Each slave has it's unique priority value and unicast_src_ip & unicast_peer configuration.
Edit nano /etc/keepalived/keepalived.conf on each slave node, and change the priority and unicast blocks:
Docker Manger 1

priority 165
Docker Manger 2

priority 155
Docker Manger 3

priority 155
Docker Worker

priority 145
If the Node with ip 192.168.1.111 fails 192.168.1.112 becomes Master, if that one fails too 192.168.1.113, etc.
Start keepalived

sudo systemctl enable --now keepalived && sudo systemctl status keepalived
DNS

set the dns
<appname>.<domain>.<countrycode> A 192.168.1.4
Testing

Stop the Docker Service on the Master Node sudo systemctl stop docker.socket && sudo systemctl status docker.service
See on the High Available Pi-hole failover cluster using Keepalived and Orbital Sync test section more details how to test this.
When done start Docker again sudo systemctl start docker.service and monitor sudo systemctl status keepalived to see the Node assuming the MASTER status again.

  
## script-keepalived-master.conf
! Configuration File for keepalived

global_defs {
    vrrp_startup_delay 5
    enable_script_security
    max_auto_priority
    script_user root
}

vrrp_track_process track_docker {
    process dockerd
    weight 10
}

vrrp_script node_active_ready_check {
    script "/etc/scripts/node_active_ready_check.sh"
    interval 5
}

vrrp_instance docker_swarm {
    state MASTER
    interface eth0
    virtual_router_id 10
    priority 160
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 8kgEDPp3
    }

    virtual_ipaddress {
        192.168.1.4/24
    }

    track_process {
        track_docker
    }

    track_script {
        node_active_ready_check
    }
}

## script-keepalived-slave.conf
! Configuration File for keepalived

global_defs {
    vrrp_startup_delay 5
    enable_script_security
    max_auto_priority
    script_user root
}

vrrp_track_process track_docker {
    process dockerd
    weight 10
}

vrrp_instance docker_swarm {
    state BACKUP
    interface eth0
    virtual_router_id 10
    priority 145
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 8kgEDPp3
    }

    virtual_ipaddress {
        192.168.1.4/24
    }

    track_process {
        track_docker
    }
}

## script-node_active_ready_check.sh
#!/bin/bash

status=$(docker node ls --format "{{.Status}} {{.Availability}}")

if [[ "$status" == *"Ready"* && "$status" == *"Active"* ]]; then
  echo "Node is active and ready."
  exit 0
else
  echo "Node is not active or not ready."
  # Log the reason to a file
  exit 1
fi
	! Configuration File for keepalived

	global_defs {
	vrrp_startup_delay 5
	enable_script_security
	max_auto_priority
	script_user root
	}

	vrrp_track_process track_docker {
	process dockerd
	weight 10
	}

	vrrp_script node_active_ready_check {
	script "/etc/scripts/node_active_ready_check.sh"
	interval 5
	}

	vrrp_instance docker_swarm {
	state MASTER
	interface eth0
	virtual_router_id 10
	priority 160
	advert_int 1
	authentication {
	auth_type PASS
	auth_pass 8kgEDPp3
	}

	virtual_ipaddress {
	192.168.1.4/24
	}

	track_process {
	track_docker
	}

	track_script {
	node_active_ready_check
	}
	}
	#!/bin/bash

	status=$(docker node ls --format "{{.Status}} {{.Availability}}")

	if [[ "$status" == "Ready" && "$status" == "Active" ]]; then
	echo "Node is active and ready."
	exit 0
	else
	echo "Node is not active or not ready."
	# Log the reason to a file
	exit 1
	fi