This topic describes how to implement high availability for primary and secondary
Elastic Compute Service (ECS) instances through high-availability virtual IP addresses
(HAVIPs) and keepalived.
Background information
The following scenario is used as an example in this topic. A company has created
two ECS instances and NGINX is deployed on both ECS instances. High availability is
required for the development of the company business.
The ECS instances can function as a primary and secondary ECS instance with HAVIPs
and keepalived. By default, the primary ECS instance (ECS 1) is accessed by the clients.
If ECS 1 is faulty, the secondary ECS instance (ECS 2) takes over the services and
virtual IP addresses of ECS 1. This implements high availability for your workloads.
Procedure
Step 1: Create an HAVIP
HAVIPs are private IP resources that can be independently created and released. After
you associate an HAVIP with an Elastic Compute Service (ECS) instance, the ECS instance
can advertise this HAVIP by sending Address Resolution Protocol (ARP) messages.
To create an HAVIP, perform the following steps:
- Log on to the VPC console.
- In the left-side navigation pane, click HaVip Addresses.
- In the top navigation bar, select the region where you want to create the HAVIP.
- On the HaVip Addresses page, click the Create HaVip Address tab.
- In the Create HaVip Address dialog box, set the following parameters and click OK.
- Region: displays the region where the HAVIP is created.
- VPC: specifies the VPC to which the HAVIP belongs.
- VSwitch: specifies the VSwitch to which the HAVIP belongs.
- VSwitch CIDR Block: displays the CIDR block of the VSwitch.
- Private IP Address: specifies the private IP address of the HAVIP.
Note You must specify an idle private IP address that falls within the CIDR block of the
VSwitch.
After you create the HAVIP, you can view the HAVIP on the
HaVip Addresses page.

Step 2: Install keepalived on the primary and secondary ECS instances
Keepalived can check the status of an ECS instance. If ECS 1 is faulty, ECS 2 takes
over the services and virtual IP addresses of ECS 1. This implements high availability
for your workloads.
The following procedure describes how to install keepalived on a CentOS-based ECS
instance.
- Log on to ECS 1.
- Run the following command to install keepalived:
yum install keepalived
- Modify the configuration file of keepalived.
- Run the following command to modify the keepalived.conf file:
vim /etc/keepalived/keepalived.conf
- Run the following command to enter the input mode:
i
- Modify the configuration file based on the following information:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
#vrrp_script checkhaproxy
#{
# script "/etc/keepalived/do_sth.sh"
# interval 5
#}
vrrp_instance VI_1 {
state MASTER #Specify the ECS as the primary ECS instance.
interface eth0 #Specify the name for the network interface controller (NIC). eth0 is used in this example.
virtual_router_id 51
nopreempt
# preempt_delay 10
priority 100 #Specify the priority for the secondary ECS instance. A larger number indicates a higher priority. 100 is used in this example.
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.0.209 #Specify the private IP address for the ECS instance. 192.168.0.209 is used in this example.
unicast_peer {
192.168.0.210 #Specify the private IP address for the peer ECS instance. 192.168.0.210 is used in this example.
}
virtual_ipaddress {
192.168.0.88 #Specify the IP address for the HAVIP. 192.168.0.88 is used in this example.
}
notify_master "/etc/keepalived/notify_action.sh MASTER"
notify_backup "/etc/keepalived/notify_action.sh BACKUP"
notify_fault "/etc/keepalived/notify_action.sh FAULT"
notify_stop "/etc/keepalived/notify_action.sh STOP"
garp_master_delay 1
garp_master_refresh 5
track_interface {
eth0 #Specify a name for the NIC of the ECS instance. eth0 is used in this example.
}
# track_script {
# checkhaproxy
# }
}
- Run the following command to save the modification and quit:
:wq
- Run the following command to start keepalived on ECS 1:
systemctl start keepalived
- Log on to ECS 2.
- Run the following command to install keepalived:
yum install keepalived
- Modify the configuration file of keepalived.
- Run the following command to modify keepalived.conf:
vim /etc/keepalived/keepalived.conf
- Run the following command to enter the input mode:
i
- Modify the configuration file based on the following information:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
#vrrp_script checkhaproxy
#{
# script "/etc/keepalived/do_sth.sh"
# interval 5
#}
vrrp_instance VI_1 {
state BACKUP #Specify the ECS instance as the secondary ECS instance.
interface eth0 #Specify the name for the NIC. eth0 is used in this example.
virtual_router_id 51
nopreempt
# preempt_delay 10
priority 10 #Specify the priority for the secondary ECS instance. A larger number indicates a higher priority. 10 is used in this example.
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.0.210 #Specify the private IP address for the ECS instance. 192.168.0.210 is used in this example.
unicast_peer {
192.168.0.209 #Specify the private IP address for the peer ECS instance. 192.168.0.209 is used in this example.
}
virtual_ipaddress {
192.168.0.88 #Specify an IP address for the HAVIP. 192.168.0.88 is used in this example.
}
notify_master "/etc/keepalived/notify_action.sh MASTER"
notify_backup "/etc/keepalived/notify_action.sh BACKUP"
notify_fault "/etc/keepalived/notify_action.sh FAULT"
notify_stop "/etc/keepalived/notify_action.sh STOP"
garp_master_delay 1
garp_master_refresh 5
track_interface {
eth0 #Specify a name for the NIC of the ECS instance. eth0 is used in this example.
}
# track_script {
# checkhaproxy
# }
}
- Run the following command to save the modification and quit:
:wq
- Run the following command to start keepalived on ECS 2:
systemctl start keepalived
Step 3: Associate the HAVIP with both ECS instances
You can associate the HAVIP with both the primary and secondary ECS instances. After
the association, the ECS instances can advertise this HAVIP by sending ARP messages.
Note An HAVIP must be associated with ECS instances that belong to the same VSwitch. Each
HAVIP can be associated with at most two ECS instances.
Perform the following steps to associate the HAVIP with both the primary and secondary
ECS instances.
- Log on to the VPC console.
- In the left-side navigation pane, click HaVip Addresses.
- In the top navigation bar, select the region of the HAVIP.
- Find the HAVIP that you created in Step 1 and click Manage in the Actions column.
- In the Resources section, click
.
- In the dialog box that appears, select ECS 1 and click OK.
- Repeat the preceding step to associate the HAVIP with ECS 2.
- On the HaVip Details page, you can click Refresh to view the ECS instances that are associated with the HAVIP.
Step 4: Associate the HAVIP with an EIP
You can associate the HAVIP with an EIP. After the association, the HAVIP can provide
services over the Internet.
Perform the following steps to associate the HAVIP with an EIP:
- In the Resources section, click
.
- In the dialog box that appears, select the EIP and click OK.
After the association, you can view the EIPs that are associated with the HAVIP.

Step 5: Test high availability
Perform the following steps to test high availability:
- Open a browser on the computer.
- Enter the IP address of the EIP to access NGINX deployed on the ECS instances.
Test results:
- When ECS 1 works as expected, ECS 1 is accessed by the clients.

- When ECS 1 is faulty, ECS 2 takes over the virtual IP address and services of ECS
1. This implements high availability for you workloads.
