With the high demand of customers requesting HA setups along with load balancing we have been implementing HAProxy as a software load balancer on cloud servers. Please keep in mind when choosing the size of the load balancer that you take into consideration the bandwidth constraints of cloud servers as listed below:
|Server Size||Public Limit||ServiceNet Limit|
|256MB||10 Mbps||20 Mbps|
|512MB||20 Mbps||40 Mbps|
|1024MB||30 Mbps||60 Mbps|
|2048MB||60 Mbps||120 Mbps|
|4096MB||100 Mbps||200 Mbps|
|8192MB||150 Mbps||300 Mbps|
|15872MB||200 Mbps||400 Mbps|
At minimum I would suggest a 4GB slice to be used for your HAProxy node, however this is very dependant on how much bandwidth, and hits the server may end up handling. For the purpose of this "how to" we are using RHEL based operating systems and as such the guide is pretty short and will be installed via the epel repo.
For most distributions you can install haproxy using your distribution's package manager. For example, to install on Debian or Ubuntu, run:
sudo aptitude install haproxy
We will need to set up access to the EPEL software repository to download haproxy on CentOS 5. Run the commands:
[root@LB01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm [root@LB01 ~]# yum -y install haproxy
We will need to set up access to the EPEL software repository to download haproxy on CentOS 6, but the address for the RPM is different from CentOS 5. Run the commands:
[root@LB01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm [root@LB01 ~]# yum -y install haproxy
Once installed backup the HAProxy config file and download the managed cloud config:
[root@LB01 ~]# cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak [root@LB01 ~]# wget http://c818095.r95.cf2.rackcdn.com/haproxy.cfg -O /etc/haproxy/haproxy.cfg chkconfig haproxy on
Configuring HAProxy can only come after you have your web heads configured as you will need to utilize their 10.x service net IP address's. The reason we use the service net is because the customer will not be charged for bandwidth overage, and the service net is also faster in terms of throughput as shown in the chart at the top.
Editing /etc/haproxy/haproxy.cfg - There are a number of items that need to be changed in order to get HAProxy functional. These will be outlined below. Keep in mind you need to edit these values to reflect the server's IP's.
First and foremost change
listen webfarm 0.0.0.0:80
listen webfarm 127.0.0.1:80
Edit 127.0.0.1 to reflect your server's eth0 or public IP.
Now you can add your web servers. In the following you will want to replace the 10.0.0.X IP address with that of the eth1 or private IP address of web servers"
server WWW1 10.0.0.1:80 check # Active in rotation server WWW2 10.0.0.2:80 check # Active in rotation server WWW3 10.0.0.3:80 check # Active in rotation server WWW4 10.0.0.4:80 check backup # Not active "sorry server" - this one comes live if all web heads are down
Above is an example of what a four server config would look like. Once you have completed this portion you can then start HAProxy and start serving pages(assuming your web servers are ready).
service haproxy start
Below is the default configuration template for haproxy.cfg:
#global options global #logging is designed to work with syslog facility's due to chrooted environment #log loghost local0 info - By default this is commented out #chroot directory chroot /usr/share/haproxy #user/group id uid 99 gid 99 #running mode daemon defaults #HTTP Log format mode http #number of connection retries for the session retries 3 #try another webhead if retry fails option redispatch #session settings - max connections, and session timeout values maxconn 10000 contimeout 10000 clitimeout 50000 srvtimeout 50000 #Define your farm #listen webfarm 0.0.0.0:80 - Pass only HTTP traffic and bind to port 80 listen webfarm 0.0.0.0:80 #HTTP Log format mode http #stats uri /haproxy - results in http://<load balancer ip>/haproxy (shows load balancer stats) stats uri /haproxy #balance roundrobin - Typical Round Robin #balance leastconn - Least Connections #balance static-rr - Static Round Robin - Same as round robin, but weights have no effect balance roundrobin #cookie <COOKIENAME> prefix - Used for cookie-based persistence cookie webpool insert #option httpclose - http connection closing option httpclose #option forwardfor - best stated as "Enable insertion of the X-Forwarded-For header to requests sent to the web heads" aka send EU IP option forwardfor #Web Heads (Examples) #server WEB1 10.0.0.1:80 check - passes http traffic to this server and checks if its alive #server WEB1 10.0.0.1:80 check port 81 - same as above but checks port 81 to see if its alive (helps to remove servers from rotation) #server WEB1 10.0.0.1:80 check port 81 weight 100 - same as the above with weight specification (weights 1-256 / higher number higher weight) #server WEB1 10.0.0.1:80 check backup - defines this server as a backup for the other web heads #Working Example: *USE THIS HOSTNAME FORMAT* server WWW1 10.0.0.1:80 cookie webpool_WWW1 check port 81 # Active in rotation server WWW2 10.0.0.2:80 cookie webpool_WWW2 check port 81 # Active in rotation server WWW3 10.0.0.3:80 check # Active in rotation server WWW4 10.0.0.4:80 check backup # Not active "sorry server" - this one comes live if all web heads are down #SSL farm example #listen https 0.0.0.0:443 # mode tcp # server WEB1 10.0.0.1:443 check
If the you wish to also balance SSL traffic, you will need to set the balance mode to "source" This setting takes a hash of the client's IP address and the number of servers in rotation, sending traffic from one IP address to the same web server consistently. The persistence will be reset if the number of servers is changed.:
listen https 0.0.0.0:443 mode tcp balance source server WEB1 10.0.0.1:443 check
© 2011-2013 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License