Route Health Injection (RHI) is an optimized version of a third party software that allows for the control of routing protocol announcement based on the health of the network and the HAProxy Enterprise service for active/active clustering.

How RHI works

RHI comprises two layers:

  • hapee-1.7-route daemons (one for IPv4 and one for IPv6) to interact with the infrastructure core routing system

  • hapee-1.7-rhi daemon that analyzes HAProxy proxie's status (front ends or back ends) and updates route daemons following the rules described in its configuration

    The diagram below shows these interactions:

    HAProxy Enterprise Route Health Injection

  • hapee-1.7-rhi checks HAProxy's proxies every second.

  • A proxy is considered as failing after 3 consecutive DOWN statuses.

  • When hapee-1.7-lb (HAProxy) is reloaded after a proxy is removed (but still checked), then hapee-1.7-rhi carries on using the last status reported for the missing proxy.

Manage the RHI process

service hapee-1.7-route {start,stop,restart}
service hapee-1.7-route6 {start,stop,restart}

Configure route

HAProxy Enterprise's bird version embeds a new protocol named volatile, which you declare in the configuration file /etc/hapee-1.7/hapee-route.cfg, as follows:

protocol volatile <protoname> {
  [GATEWAY <ip>]
}

where:

<protoname>

The name of the volatile protocol section. It is a label that the RHI daemon uses to inject routes. The default value is vol1.

GATEWAY <ip> (optional)

You can force a network gateway. By default, it uses the gateway configured on the interface to announce the routes.

Manage the RHI daemon process

service hapee-1.7-rhi {start,stop,restart,reload}

Configure the RHI daemon

To configure the RHI daemon, you edit the file /etc/hapee-1.7-rhi.conf.

This file contains a list of routes to annoulnce based on rules. A rule is an aggregation of HAProxy's proxies status check (frontend or backend).

Define a rule

<network>[,<network>,[...]] = <agg>(<frt-or-bck>[,<frt-or-bck>,[...]])

<network>

an IPv4 or IPv6 CIDR subnet. If none is provided, hapee-1.7-rhi applies a /32 {<ipv4>,<ipv6>}[/<mask>][%<protoname>]

  • At least one network is required, but several can be announced. The separator is the comma ,

  • For advanced configuration, you can supply the name of a volatile protocol in the %<protoname> section (default is vol1)

Character =

splits the network list from the rule

To announce the listed networks, the rule must be valid.

The rule is an aggregation of conditions. A rule starts by a keyword either all, always or never followed by a list of HAProxy's proxies.

  • all: all proxies listed must be active in order to announce the routes

  • any: at least one of the proxies listed must be active in order to announce the routes

  • never: never announce the routes, whatever the status of the proxies listed. Used for debugging purposes

  • always: always announce the routes, whatever the status of the proxies listed. Used for debugging purposes

Description of proxies {b,f}:<name>

  • a letter to indicate the proxy type: f stands for frontend and b stands for backend

  • a separator, the colon :

  • <name>: a string representing the name of the proxy in HAProxy's configuration

Set up the HAProxy socket path

Change the HAPEE_LB_SOCKET variable so that it points to the stats socket where HAProxy listens on:

  • CentOS/RHEL: /etc/sysconfig/hapee-1.7-rhi

  • Debian/Ubuntu: /etc/defaults/hapee-1.7-rhi

HAPEE_LB_SOCKET="/var/run/1.7/hapee-lb.sock"

Example RHI configuration

To announce the IP address 10.200.200.200/32 when the backends be_static and be_app are available, add the following line into hapee-1.7-rhi configuration file:

10.200.200.200/32 = all(b:be_static,b:be_app)