Running Commands to Start HA

Prerequisites

• Procedure in Compiling the Keepalived Binary File has been completed. The open-source binary file of the Keepalived has been compiled and uploaded to the specified directory in the operating environment.
• Procedure in Deploying HA on an Edge Device has been completed, and the configuration file has been modified.

Procedure

1. Run the following command as the root user to set permissions:

   umask 0077
   chmod 755 "/opt/middleware/keepalived"
   chmod -R 500 "/opt/middleware/keepalived/src"
   chmod -R 500 "/opt/middleware/keepalived/bin"
   chmod -R 700 "/opt/middleware/keepalived/conf"
   chmod 600 "/opt/middleware/keepalived/conf/env.json" "/opt/middleware/keepalived/conf/keepalived-start.service"
   cp "/opt/middleware/keepalived/conf/keepalived-start.service" "/usr/lib/systemd/system/keepalived-start.service"
   chmod 600 "/usr/lib/systemd/system/keepalived-start.service"
   chown -Rh "MindXEdge":"MindXEdge" "/opt/middleware/keepalived/src"
   chown -Rh "MindXEdge":"MindXEdge" "/opt/middleware/keepalived/bin"
   chown -Rh "MindXEdge":"MindXEdge" "/opt/middleware/keepalived/conf"

   Table 1 Command description

   Command	Description
   umask 0077	Set the permission mask of created files.
   chmod 755 /opt/middleware/keepalived	Set permissions for the keepalived directory.
   chmod -R 500 "/opt/middleware/keepalived/src"	Set permissions for the src directory and its content.
   chmod -R 500 "/opt/middleware/keepalived/bin"	Set permissions for the bin directory and its content.
   chmod -R 700 "/opt/middleware/keepalived/conf"	Set permissions for the conf directory and its content.
   chmod 600 "/opt/middleware/keepalived/conf/env.json" "/opt/middleware/keepalived/conf/keepalived-start.service"	Set permissions for env.json and keepalived-start.service.
   cp "/opt/middleware/keepalived/conf/keepalived-start.service" "/usr/lib/systemd/system/keepalived-start.service"	Copy the service file to the /usr/lib/systemd/system/ directory.
   chmod 600 "/usr/lib/systemd/system/keepalived-start.service"	Set permissions for keepalived-start.service.
   chown -Rh "MindXEdge":"MindXEdge" "/opt/middleware/keepalived/src"	Set the owner and owner group of the src directory and its content.
   chown -Rh "MindXEdge":"MindXEdge" "/opt/middleware/keepalived/bin"	Set the owner and owner group of the bin directory and its content.
   chown -Rh "MindXEdge":"MindXEdge" "/opt/middleware/keepalived/conf"	Set the owner and owner group of the conf directory and its content.

2. Run the setcap 'cap_net_admin+ep cap_net_raw+ep' /opt/middleware/keepalived/bin/keepalived command to set the permission required for running the Keepalived.
   

   • If common users cannot run the ping command on the deployed Atlas 500 AI edge station (model: 3000), run the setcap 'cap_net_raw+ep' /bin/ping command to configure the related capability set. If common users cannot run the arping command, run the setcap 'cap_net_raw+ep' /usr/bin/arping command to configure the related capability set.
   • The HA service requires VIP modification and split-brain check. Common users need to run the ping and arping commands. Therefore, the preceding commands require privilege capabilities and have low security risks. If the HA service is unnecessary for the edge device, you need to remove the privilege capabilities configured for related files (such as keepalived, ping, and arping) to reduce security risks.
3. Run the chattr +i -R "/opt/middleware/keepalived" and chattr -i -R "/opt/middleware/keepalived/conf" commands in sequence as the root user to set the file lock for HA-related files and folders.
4. Run the systemctl start keepalived-start.service command to start HA.
   

   1. Currently, HA management depends on service. The related file is /usr/lib/systemd/system/keepalived-start.service.
   2. After the keepalived-start.service file is modified, run the systemctl daemon-reload command to update the configuration.
   3. After the Atlas 500 AI edge station (model: 3000) is restarted, the service configuration in /etc/systemd/system/ is loaded by default rather than /usr/lib/systemd/system/keepalived-start.service. To take keepalived-start.service into effect after the Atlas 500 AI edge station (model: 3000) is restarted, run the ln -sf /usr/lib/systemd/system/keepalived-start.service /etc/systemd/system/multi-user.target.wants/keepalived-start.service command as the root user to create a soft link.
5. Check the HA startup.

   If "/opt/middleware/keepalived/src/start.py" is displayed after running the ps -ef | grep /opt/middleware/keepalived/src/start.py command, the process exists. If "Start keepalived success." is displayed after running the tail -f /var/alog/keepalived/keepalived.log command, HA is started successfully.