Rancher Series
- Part 1: RancherOS
- Part 2: Rancher–First Application
- Part 3: Rancher Infrastructure Services
- Part 4: Floating IP and Containers
Floating IP or Virtual IP address can be moved from one host to another in the same network / datacenter; this technique can be used to implement high availability infrastructure. If one host goes down; the floating ip address is given to a redundant host!
Image Credit: Digital Ocean
On the Linux, we can use UCARP; a Linux port of BSD’s CARP (Common Address Redundancy Protocol); on Debian / Ubuntu; you can get it using apt-get ucarp; https://debian-administration.org/article/678/Virtual_IP_addresses_with_ucarp_for_high-availability is an excellent write up on this topic!
For implementing UCARP in Container; we need an administrative access to “host” network interfaces. In Docker this can be done passing –cap-add=NET_ADMIN and --net=host parameters to docker run command. With these two flags we are basically telling Docker to use Host’s network interface as the container’s network interface and giving administrative access to the Container for Network Administration. With these two flags set; a container can add / change / remove additional IPs to the host without any issue. Rancher web interface is sweet and here’s the related settings
- I was lazy and enabled full access to Host; you can set individual Capabilities from the Rancher's interface
Note that we enabled the Rancher DNS service discovery as well; doing this Rancher will define Environment’s DNS server; using which we can discover the Infrastructure Services and any service we have deployed. This is required to discover and monitor the state of the Load Balancer of our Rancher–First Application in the environment as discussed in the Rancher Infrastructure Services. If we attach to this container; we can see that eth0 is not the virtual one; its same as Host and we are able to resolve Rancher Metadata service end point as well.
Notice that our Standalone Container is not listing any “managed IP” because it doesn't has any. I have uploaded the UCARP container image at Docker Hub; its available as khurramaziz/ucarp The source code of Container is also uploaded on GitHub and its available at https://github.com/khurram-aziz/HelloDocker For our application; we can setup the floating IP high availability by running UCARP containers on both hosts. Given our web and database containers are running on both hosts and the load balancer is using all the web application containers; our implementation becomes high available as well as scalable (using all available hosts); similar to the Digital Ocean picture above.
As an exercise; enhance khurramaziz/ucarp using the Rancher Infrastructure Services; so that your enhanced container monitors the health of the Load Balancer as shown in the previous post and in case it goes down remove its UCARP ip; # kill -USR2 PidOfUcarp will demote the UCARP master (if its master)