This topic describes how to implement high availability by using high-availability
virtual IP addresses (HAVIPs) and keepalived.
Background information
The following scenario is used as an example in this topic. A company has created
two ECS instances and NGINX is deployed on both ECS instances. High availability is
required due to business growth.
The ECS instances can function as a primary and secondary ECS instance with HAVIPs
and keepalived. By default, the primary ECS instance (ECS 1) is accessed by the clients.
If ECS 1 is not working as expected, the secondary ECS instance (ECS 2) takes over
the services and virtual IP addresses of ECS 1. This implements high availability.
Procedure
Step 1: Create an HAVIP
HAVIPs are private IP address that can be created and released as independent resources.
After you associate an HAVIP with an ECS instance, the ECS instance can advertise
the HAVIP by sending Address Resolution Protocol (ARP) messages.
- Log on to the VPC console.
- In the left-side navigation pane, click HaVip.
- In the top navigation bar, select the region where you want to create the HAVIP.
- On the HaVip page, click Create HaVip.
- In the Create HaVip dialog box, set the following parameters and click OK:
- Region: displays the region where you want to create the HAVIP.
- VPC: specifies the VPC to which the HAVIP belongs.
- vSwitch: specifies the vSwitch to which the HAVIP belongs.
- vSwitch CIDR Block: displays the CIDR block of the vSwitch.
- Whether to automatically assign private IP addresses: specifies whether to automatically allocate private IP addresses.
- Yes: The system automatically allocates an idle private IP address from the vSwitch CIDR
block.
- No: You must manually enter an idle private IP address from the vSwitch CIDR block.
After you create the HAVIP, you can view the HAVIP on the
HaVip page.

Step 2: Install keepalived on the primary and secondary ECS instances
You can use keepalived to check the status of ECS instances. If ECS 1 is down, ECS
2 takes over the workloads and virtual IP address of ECS 1. This ensures high availability.
The following procedure describes how to install keepalived on an ECS instance that
runs CentOS.
- Log on to ECS 1. For more information, see Connection methods.
- Run the following command to install keepalived:
yum install keepalived
- Modify the configuration file of keepalived.
- Run the following command to modify keepalived.conf:
vim /etc/keepalived/keepalived.conf
- Run the following command to enter the input mode:
i
- Modify the configuration file based on the following information:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
#vrrp_script checkhaproxy
#{
# script "/etc/keepalived/do_sth.sh"
# interval 5
#}
vrrp_instance VI_1 {
state MASTER #Specify ECS 1 as the active ECS instance.
interface eth0 #Specify the name of the elastic network interface (ENI). eth0 is used in this example.
virtual_router_id 51
nopreempt
# preempt_delay 10
priority 100 #Specify the priority of the ECS instance. A larger value indicates a higher priority. 100 is used in this example.
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.0.209 #Specify the private IP address of the ECS instance. 192.168.0.209 is used in this example.
unicast_peer {
192.168.0.210 #Specify the private IP address of the peer ECS instance. 192.168.0.210 is used in this example.
}
virtual_ipaddress {
192.168.0.88 #Specify the IP address of the HAVIP. 192.168.0.88 is used in this example.
}
notify_master "/etc/keepalived/notify_action.sh MASTER"
notify_backup "/etc/keepalived/notify_action.sh BACKUP"
notify_fault "/etc/keepalived/notify_action.sh FAULT"
notify_stop "/etc/keepalived/notify_action.sh STOP"
garp_master_delay 1
garp_master_refresh 5
track_interface {
eth0 #Specify the name of the ENI of the ECS instance. eth0 is used in this example.
}
# track_script {
# checkhaproxy
# }
}
- Press the Esc key to exit the edit mode. Enter
:wq
and press the Enter key to save and close the configuration file.
- Run the following command to start keepalived on ECS 1:
systemctl start keepalived
- Log on to ECS 2.
- Run the following command to install keepalived:
yum install keepalived
- Modify the configuration file of keepalived.
- Run the following command to modify keepalived.conf:
vim /etc/keepalived/keepalived.conf
- Run the following command to enter the input mode:
i
- Modify the configuration file based on the following information:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
#vrrp_script checkhaproxy
#{
# script "/etc/keepalived/do_sth.sh"
# interval 5
#}
vrrp_instance VI_1 {
state BACKUP #Specify ECS 2 as the secondary ECS instance.
interface eth0 #Specify the name of the ENI. eth0 is used in this example.
virtual_router_id 51
nopreempt
# preempt_delay 10
priority 10 #Specify the priority of the secondary ECS instance. A larger value indicates a higher priority. 10 is used in this example.
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.0.210 #Specify the private IP address of the ECS instance. 192.168.0.210 is used in this example.
unicast_peer {
192.168.0.209 #Specify the private IP address of the peer ECS instance. 192.168.0.209 is used in this example.
}
virtual_ipaddress {
192.168.0.88 #Specify the IP address of the HAVIP. 192.168.0.88 is used in this example.
}
notify_master "/etc/keepalived/notify_action.sh MASTER"
notify_backup "/etc/keepalived/notify_action.sh BACKUP"
notify_fault "/etc/keepalived/notify_action.sh FAULT"
notify_stop "/etc/keepalived/notify_action.sh STOP"
garp_master_delay 1
garp_master_refresh 5
track_interface {
eth0 #Specify the name of the ENI of the ECS instance. eth0 is used in this example.
}
# track_script {
# checkhaproxy
# }
}
- Press the Esc key to exit the edit mode. Enter
:wq
and press the Enter key to save and close the configuration file.
- Run the following command to start keepalived on ECS 2:
systemctl start keepalived
Step 3: Associate the HAVIP with both ECS instances
You can associate the HAVIP with both the primary and secondary ECS instances. Then,
the ECS instances can advertise the HAVIP by sending ARP messages.
Note An HAVIP must be associated with ECS instances that belong to the same vSwitch. Each
HAVIP can be associated with at most two ECS instances.
Perform the following steps to associate the HAVIP with both the primary and secondary
ECS instances:
- Log on to the VPC console.
- In the left-side navigation pane, click HaVip.
- In the top navigation bar, select the region where the HAVIP is created.
- Find the HAVIP created in Step 1: Create an HAVIP and click the ID of the HAVIP.
- In the Resources section, find ECS Instances and click Bind.
- In the dialog box that appears, select ECS 1 and click OK.
- Repeat the preceding steps to associate the HAVIP with ECS 2.
After you associate the HAVIP with ECS instances, you can view the associated ECS
instances in the
Resources section.

Step 4: Associate the HAVIP with an EIP
You can associate the HAVIP with an EIP. Then, the HAVIP can use the EIP to provide
services over the Internet.
- Log on to the VPC console.
- In the left-side navigation pane, click HaVip.
- In the top navigation bar, select the region where the HAVIP is created.
- Find the HAVIP created in Step 1: Create an HAVIP and click the ID of the HAVIP.
- In the Resources section, click Bind next to EIP.
- In the dialog box that appears, select the EIP and click OK.
Then, you can view the EIP that is associated with the HAVIP.

Step 5: Test high availability
Perform the following steps to test high availability:
- Open the browser on an on-premises computer.
- Enter the IP address of the EIP to access NGINX deployed on the ECS instance.
Test results:
- When ECS 1 works as expected, ECS 1 is accessed.

- When ECS 1 is down, ECS 2 takes over the virtual IP address and workloads of ECS 1.
This ensures high availability.
