Legacy HA for Avi Service Engines
Overview
Legacy active/standby high availability (HA) is available for Avi Service Engine (SE) redundancy. Legacy active/standby is useful for migrating from hardware appliance-based solutions.
Avi Vantage also provides elastic HA, including active/active and N+M modes.
In legacy HA mode, exactly two Avi SEs are configured. By default, active virtual services are compacted onto one SE, as illustrated in Figure 1. In this mode, one SE carries all the traffic for a virtual service placed on it, and is thus the active SE for that VS. The other SE in the pair is the standby for that VS, carrying no traffic for it while the other SE is healthy. Upon failure of an SE, the surviving SE takes over traffic for all virtual services previously active on the failed SE, while continuing to handle traffic for virtual services already assigned to it. As part of the takeover process, the survivor also takes ownership of all floating addresses, such as VIPs, SNAT-IP, and so on. Two options, compacted and distributed (figure 1), determine whether all active virtual service placements are concentrated onto one SE in a healthy pair or not.
Avi Vantage supports rolling upgrades by the Avi Controller of SEs in a legacy HA configuration. Virtual services running on a legacy HA SE group are not disrupted during a rolling upgrade.
Health Monitoring
By default, health checks are sent by both Avi SEs to back-end servers. You can also disable health monitoring by an SE for virtual services for which it is standing by.
You can enable health checks for each Avi SE’s next-hop gateways.
Floating IP Address
You can assign one or more floating IP addresses to an SE group configured for legacy HA. The floating IP address is applicable when the SE interfaces are not in the same subnet as the VIP or source NAT (SNAT) IP addresses that will use the SE group. One floating interface IP is required per each attached subnet per SE group when configured in Legacy HA mode.
Starting with Avi Vantage version 18.2.5, the network service is used to configure floating IP. For more details on this, refer to Network Service Configuration guide.
Disabling a Legacy-Mode SE
A combination of factors cause the disabling of a legacy-mode SE to be different from SEs running in either active/active or N+M mode. For details, refer to this section of the Disable SE article.
Configuring Legacy HA
To configure a pair of SEs for legacy HA:
- Create an SE group for the pair of SEs. Legacy HA requires each pair of active/standby SEs to be in its own SE group.
- Within each SE group:
- Add 2 SEs.
- Change the SE group's HA mode to legacy HA.
- If applicable, add a floating IP interface.
Detailed steps are provided below.
Using the Web Interface
Create an SE Group for each Active/Standby Pair of SEs
- Navigate to Infrastructure > Clouds.
- Select the cloud.
- Select Service Engine Group (figure 2).
- Click on Create Service Engine Group.
- Specify a name for the group.
- Select Legacy HA Active/Standby, as shown in figure 3. Post Avi Vantage version 18.2.5, some fields will disappear, while others, such as Floating IP Address, will appear.
- If applicable, enter the (optional) floating IP address. Configuration of floating IP address is not supported via UI in current release. You need to configure it using CLI via Network Service of the corresponding SE-Group. Refer to Network Service configuration page for more details.
- By default, Avi Vantage compacts all virtual services into one SE within the active/standby pair. To distribute active virtual services across the pair, within the Virtual Service Placement Policy section of the SE group editor, select Distribute Load option (Figure 4). Note that a second floating IP address may be specified. Assign virtual services on an individual basis to one or the other SE in the legacy pair by navigating to the Advanced tab in the virtual service editor. Starting with Avi Vantage version 18.2.5, a second floating IP address may be configured using CLI via Network Service of the corresponding SE-Group. Refer to
floating_intf_ip_se_2
in Network Service configuration page for more details.
- By default, virtual services that fail over are not migrated back to the SE that replaces the failed SE. Rather, load will remain compacted on the failover SE. Choose Auto-redistribute Load option (Figure 4) to make failback automatic.
- The Virtual Services per Service Engine field (Figure 3) sets a maximum number of virtual services that may be placed. The legacy is non-elastic such that for any given virtual service, exactly one placement (onto the virtual service's active SE) will be performed.
- Finally, uncheck Health Monitoring on Standby SE(s) option (Figure 3) to be performed only by active SEs.
- Click on Save.
Add a Pair of SEs to the SE Group
- Navigate to Infrastructure > Clouds.
- Select the cloud.
- Select Service Engine.
- Click on edit icon next to one of the SEs.
- Select the SE group from the drop-down list.
Note: If Avi Vantage was deployed in full access mode, the other SE is automatically added to the same group. If Avi Vantage was installed in no access mode, select the second SE to also add it to the group.
Placing a Virtual Service on the SE Group
After configuring the SE group for legacy HA, virtual services can be placed on the group. To place a virtual service on the SE group:
- Navigate to Applications > Virtual Services.
- If creating a new virtual service, select Create > Advanced. Enter a name and the VIP address, then click Advanced.
- If editing an existing virtual service, click the edit icon in the row for the virtual service. Then click Advanced.
- In the Other Settings section, select the SE group from the pull-down list.
- Click Save.
Using the CLI
This example configures a pair of SEs (10.10.22.80 and 10.10.22.123) for legacy HA.
The following commands create a new SE group for the pair of SEs:
: > configure serviceenginegroup NewGroup3
: serviceenginegroup> ha_mode ha_mode_legacy_active_standby
: serviceenginegroup> floating_intf_ip 10.10.1.100
: serviceenginegroup>
: serviceenginegroup> save
Starting with Avi Vantage version 18.2.5, the following commands create a new SE group for the pair of SEs:
: > configure serviceenginegroup NewGroup2
: serviceenginegroup> ha_mode ha_mode_legacy_active_standby
: serviceenginegroup> save
The following commands add the SEs to the new SE group:
: > configure serviceengine
10.10.22.123 10.10.22.80
: > configure serviceengine 10.10.22.123
: serviceengine> se_group_ref NewGroup2
: serviceengine> save
Note: If Avi Vantage was deployed in full access mode, these commands add both SEs to the group. If Avi Vantage was installed in no access mode, additional commands are needed to add the second SE to the group:
: > configure serviceengine
10.10.22.123 10.10.22.80
: > configure serviceengine 10.10.22.80
: serviceengine> se_group_ref NewGroup2
: serviceengine> save
The following commands configure a virtual service vs1 with VIP 10.10.1.99 on the SE group:
: > configure virtualservice vs1
: virtualservice> address 10.10.1.99
: virtualservice> se_group_ref NewGroup2
: virtualservice> save
Suggested Additional Reading
- Default Gateway (IP Routing on Avi SE)
- Enable a Virtual Service VIP on All Interfaces
- MAC Masquerade
- Network Service
Document Revision History
Date | Change Summary |
---|---|
January 11, 2021 | Added reference to Configuring Network Service user guide under Floating IP section . |