• Sales: 1-800-961-2888
  • Support: 1-800-961-4454

Feedback

Let us know what you think of our Knowledge Center!

Open Cloud Community

Learn about Rackspace products, ask questions, and share your knowledge in our Open Cloud Community.

Setting up HAProxy

  • Article ID: 436
  • Last updated on June 28, 2012
  • Authored by: Rackspace Support
  • (5 Comments)

With the high demand of customers requesting HA setups along with load balancing we have been implementing HAProxy as a software load balancer on cloud servers. Please keep in mind when choosing the size of the load balancer that you take into consideration the bandwidth constraints of cloud servers as listed below:

Server Size Public Limit ServiceNet Limit
256MB 10 Mbps 20 Mbps
512MB 20 Mbps 40 Mbps
1024MB 30 Mbps 60 Mbps
2048MB 60 Mbps 120 Mbps
4096MB 100 Mbps 200 Mbps
8192MB 150 Mbps 300 Mbps
15872MB 200 Mbps 400 Mbps

At minimum I would suggest a 4GB slice to be used for your HAProxy node, however this is very dependant on how much bandwidth, and hits the server may end up handling. For the purpose of this "how to" we are using RHEL based operating systems and as such the guide is pretty short and will be installed via the epel repo.

Installing HAProxy

For most distributions you can install haproxy using your distribution's package manager.  For example, to install on Debian or Ubuntu, run:

sudo aptitude install haproxy

CentOS 5

We will need to set up access to the EPEL software repository to download haproxy on CentOS 5.  Run the commands:

[root@LB01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm 
[root@LB01 ~]# yum -y install haproxy

CentOS 6

We will need to set up access to the EPEL software repository to download haproxy on CentOS 6, but the address for the RPM is different from CentOS 5.  Run the commands:

[root@LB01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm 
[root@LB01 ~]# yum -y install haproxy

Install a base config

Once installed backup the HAProxy config file and download the managed cloud config:

[root@LB01 ~]# cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak
[root@LB01 ~]# wget http://c818095.r95.cf2.rackcdn.com/haproxy.cfg -O /etc/haproxy/haproxy.cfg
chkconfig haproxy on

Configuring HAProxy

Configuring HAProxy can only come after you have your web heads configured as you will need to utilize their 10.x service net IP address's. The reason we use the service net is because the customer will not be charged for bandwidth overage, and the service net is also faster in terms of throughput as shown in the chart at the top.

Editing /etc/haproxy/haproxy.cfg - There are a number of items that need to be changed in order to get HAProxy functional. These will be outlined below. Keep in mind you need to edit these values to reflect the server's IP's.

First and foremost change

listen webfarm 0.0.0.0:80

to

listen webfarm 127.0.0.1:80

Edit 127.0.0.1 to reflect your server's eth0 or public IP.

Now you can add your web servers. In the following you will want to replace the 10.0.0.X IP address with that of the eth1 or private IP address of web servers"

server WWW1 10.0.0.1:80 check # Active in rotation
   server WWW2 10.0.0.2:80 check # Active in rotation
   server WWW3 10.0.0.3:80 check # Active in rotation
   server WWW4 10.0.0.4:80 check backup # Not active "sorry server" - this one comes live if all web heads are down

Above is an example of what a four server config would look like. Once you have completed this portion you can then start HAProxy and start serving pages(assuming your web servers are ready).

service haproxy start

Below is the default configuration template for haproxy.cfg:

   #global options
   global
      
       #logging is designed to work with syslog facility's due to chrooted environment
       #log loghost    local0 info - By default this is commented out
      
       #chroot directory
       chroot /usr/share/haproxy
      
       #user/group id
       uid 99
       gid 99
      
       #running mode
       daemon
   defaults
      
       #HTTP Log format
       mode http
       #number of connection retries for the session
       retries 3
      
       #try another webhead if retry fails
       option redispatch
       #session settings - max connections, and session timeout values
       maxconn 10000
       contimeout 10000
       clitimeout 50000
       srvtimeout 50000
   #Define your farm
   #listen webfarm 0.0.0.0:80 - Pass only HTTP traffic and bind to port 80
   listen webfarm 0.0.0.0:80
      
       #HTTP Log format
       mode http
       #stats uri /haproxy - results in http://<load balancer ip>/haproxy (shows load balancer stats)
       stats uri /haproxy
       #balance roundrobin - Typical Round Robin
       #balance leastconn - Least Connections
       #balance static-rr - Static Round Robin - Same as round robin, but weights have no effect
       balance roundrobin
       #cookie <COOKIENAME> prefix - Used for cookie-based persistence
       cookie webpool insert
       #option httpclose - http connection closing
       option  httpclose
       #option forwardfor - best stated as "Enable insertion of the X-Forwarded-For header to requests sent to the web heads" aka send EU IP
       option forwardfor
          
       #Web Heads (Examples)
       #server WEB1 10.0.0.1:80 check - passes http traffic to this server and checks if its alive
       #server WEB1 10.0.0.1:80 check port 81 - same as above but checks port 81 to see if its alive (helps to remove servers from rotation)
       #server WEB1 10.0.0.1:80 check port 81 weight 100 - same as the above with weight specification (weights 1-256 / higher number higher weight)
       #server WEB1 10.0.0.1:80 check backup - defines this server as a backup for the other web heads
       #Working Example: *USE THIS HOSTNAME FORMAT*
       server WWW1 10.0.0.1:80 cookie webpool_WWW1 check port 81 # Active in rotation   
       server WWW2 10.0.0.2:80 cookie webpool_WWW2 check port 81 # Active in rotation
       server WWW3 10.0.0.3:80 check # Active in rotation
       server WWW4 10.0.0.4:80 check backup # Not active "sorry server" - this one comes live if all web heads are down
   #SSL farm example
   #listen https 0.0.0.0:443
   #    mode tcp
   #    server WEB1 10.0.0.1:443 check

Session Persistence with SSL

If the you wish to also balance SSL traffic, you will need to set the balance mode to "source" This setting takes a hash of the client's IP address and the number of servers in rotation, sending traffic from one IP address to the same web server consistently. The persistence will be reset if the number of servers is changed.:

listen https 0.0.0.0:443
mode tcp
balance source
server WEB1 10.0.0.1:443 check


© 2011-2013 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License


See license specifics and DISCLAIMER

5 Comments

Based on the Cloud Servers FAQ, I don't think those throughput numbers at the top of the article are accurate.
By Clint Davis on Jul. 30, 2012

Looks like you're right - the article wasn't updated when the throughput at some service levels was changed. I'll get that fixed. Thanks for pointing it out!
By jered.heeschen on Jul. 30, 2012

The links in this article, to haproxy and haproxy.cfg, seem to have fallen out of date. Would there be any chance of a quick refresh? Many thanks.
By Chris Wallis on Jul. 30, 2012

Fixed the epel link (the one for the haproxy download) and the link to the haproxy config. Sorry about that!
By jered.heeschen on Jul. 30, 2012

SSL Persistence is much better handled by SSL offloading on the balancer using stunnel/nginx/pound. Nginx in particularly good in this setup. It handles SSL session cache and is very fast. Cookies from HA Proxy persist across nodes as well.
By George McKeown on Jul. 30, 2012

Add new comment