How to Configure Load Balancer with HAProxy in CentOS
To Configure Load Balancer with HAProxy in CentOS
HAProxy is a tool used to configure load balance for webserver to handle high network traffic. It has two or more webservers to configure the load balancer with same content. This article helps you to learn about the configuration of Load Balancer with HAProxy in CentOS.
Testing environment
Load Balancer:
IP address &ndash 192.168.5.157
Host name &ndash ha.example.com
Webserver 1:
IP address &ndash 192.168.5.158
Host name &ndash ws1.example.com
Webserver 2:
IP address &ndash 192.168.5.159
Host name &ndash ws2.example.com
Configuration of Load Balancer with HAProxy
First configure the machine with FQDN and make an entry path in /etc/hosts file for hostname resolve.
Installation of HAProxy
Install the following required packages to install HAProxy.
[root@ha ~]# yum install wget gcc pcre-static pcre-devel -y
Loaded plugins: fastestmirror, langpacks
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/2): extras/7/x86_64/primary_db | 166 kB 00:00:02
(2/2): updates/7/x86_64/primary_db | 9.1 MB 00:00:39
Determining fastest mirrors
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
.
.
.
fying : pcre-devel-8.32-15.el7_2.1.x86_64 1/2
Verifying : pcre-static-8.32-15.el7_2.1.x86_64 2/2
Installed:
pcre-devel.x86_64 0:8.32-15.el7_2.1 pcre-static.x86_64 0:8.32-15.el7_2.1
Complete!
Next download the source package for HAProxy.
[root@ha ~]# wget http://www.haproxy.org/download/1.6/src/haproxy-1.6.3.tar.gz -O ~/haproxy.tar.gz
--2016-11-04 00:40:20-- http://www.haproxy.org/download/1.6/src/haproxy-1.6.3.tar.gz
Resolving www.haproxy.org (www.haproxy.org)... 195.154.117.161, 2001:7a8:363c:2::2
Connecting to www.haproxy.org (www.haproxy.org)|195.154.117.161|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1555861 (1.5M) [application/x-gzip]
Saving to: ‘ /root/haproxy.tar.gz’
100%[===================================================================================================================================================> ] 1,555,861 106KB/s in 18s
2016-11-04 00:40:38 (83.8 KB/s) - ‘ /root/haproxy.tar.gz’ saved [1555861/1555861]
Immediately extract the downloaded packages into the home directory as shown below,
[root@ha ~]# tar xzvf ~/haproxy.tar.gz -C ~/
haproxy-1.6.3/
haproxy-1.6.3/.gitignore
haproxy-1.6.3/CHANGELOG
haproxy-1.6.3/CONTRIBUTING
haproxy-1.6.3/LICENSE
haproxy-1.6.3/MAINTAINERS
haproxy-1.6.3/Makefile
haproxy-1.6.3/README
haproxy-1.6.3/ROADMAP
haproxy-1.6.3/SUBVERS
haproxy-1.6.3/VERDATE
haproxy-1.6.3/VERSION
.
.
.
haproxy-1.6.3/tests/test-time.cfg
haproxy-1.6.3/tests/test-timeout.cfg
haproxy-1.6.3/tests/test-url-hash.cfg
haproxy-1.6.3/tests/test-valid-names.cfg
haproxy-1.6.3/tests/test.c
haproxy-1.6.3/tests/test_hashes.c
haproxy-1.6.3/tests/test_pools.c
haproxy-1.6.3/tests/testinet.c
haproxy-1.6.3/tests/uri_hash.c
Now its time to compile and install the HAProxy by using the following commands.
[root@ha ~]# cd haproxy-1.6.3 [root@ha haproxy-1.6.3]# make TARGET=linux2628 gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY -DCONFIG_HAP_CRYPT -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DCONFIG_HAPROXY_VERSION=" 1.6.3" -DCONFIG_HAPROXY_DATE=" 2015/12/25" -DBUILD_TARGET=' " linux2628" ' -DBUILD_ARCH=' " " ' -DBUILD_CPU=' " generic" ' -DBUILD_CC=' " gcc" ' -DBUILD_CFLAGS=' " -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement" ' -DBUILD_OPTIONS=' " " ' -c -o src/haproxy.o src/haproxy.c gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY -DCONFIG_HAP_CRYPT -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DCONFIG_HAPROXY_VERSION=" 1.6.3" -DCONFIG_HAPROXY_DATE=" 2015/12/25" -c -o src/base64.o src/base64.c . . . DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DCONFIG_HAPROXY_VERSION=" 1.6.3" -DCONFIG_HAPROXY_DATE=" 2015/12/25" -DSBINDIR=' " /usr/local/sbin" ' -c -o src/haproxy-systemd-wrapper.o src/haproxy-systemd-wrapper.c gcc -g -o haproxy-systemd-wrapper src/haproxy-systemd-wrapper.o -lcrypt &ndash ldl [root@ha haproxy-1.6.3]# make install install -d " /usr/local/sbin" install haproxy " /usr/local/sbin" install -d " /usr/local/share/man" /man1 install -m 644 doc/haproxy.1 " /usr/local/share/man" /man1 install -d " /usr/local/doc/haproxy" for x in configuration management architecture cookie-options lua proxy-protocol linux-syn-cookies network-namespaces close-options intro do install -m 644 doc/$x.txt " /usr/local/doc/haproxy" done
Copy some files to accomplish the installation process.
[root@ha haproxy-1.6.3]# cp /usr/local/sbin/haproxy /usr/sbin/
[root@ha haproxy-1.6.3]# cp ~/haproxy-1.6.3/examples/haproxy.init /etc/init.d/haproxy
[root@ha haproxy-1.6.3]# chmod 755 /etc/init.d/haproxy
Here you need to create the directories and statistics for HAProxy.
[root@ha haproxy-1.6.3]# mkdir -p /etc/haproxy
[root@ha haproxy-1.6.3]# mkdir -p /run/haproxy
[root@ha haproxy-1.6.3]# mkdir -p /var/lib/haproxy
[root@ha haproxy-1.6.3]# touch /var/lib/haproxy/stats
Run the following command to create user.
[root@ha haproxy-1.6.3]# useradd -r haproxy
To configure Load Balancer
First modify the HAProxy configuration file as shown below,
[root@ha haproxy-1.6.3]# vim /etc/haproxy/haproxy.cfg
Entry:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend http_front
bind *:80
stats uri /haproxy?stats
default_backend http_back
backend http_back
balance roundrobin
server ws1 192.168.5.158:80 check
server ws2 192.168.5.159:80 check
Then start and enable the service with the following command.
[root@ha haproxy-1.6.3]# systemctl start haproxy [root@ha haproxy-1.6.3]# systemctl enable haproxy Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service. [root@ha haproxy-1.6.3]# systemctl status haproxy haproxy.service - HAProxy Load Balancer Loaded: loaded (/usr/lib/systemd/system/haproxy.service enabled vendor preset: disabled) Active: active (running) since Fri 2016-11-04 00:53:20 IST 14s ago Main PID: 45459 (haproxy-systemd) CGroup: /system.slice/haproxy.service ??45459 /usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid ??45461 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds ??45464 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds Nov 04 00:53:20 ha.example.com systemd[1]: Started HAProxy Load Balancer. Nov 04 00:53:20 ha.example.com systemd[1]: Starting HAProxy Load Balancer... Nov 04 00:53:20 ha.example.com haproxy-systemd-wrapper[45459]: haproxy-systemd-wrapper: executing /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds Nov 04 00:53:20 ha.example.com haproxy[45461]: Proxy http_front started. Nov 04 00:53:20 ha.example.com haproxy[45461]: Proxy http_front started. Nov 04 00:53:20 ha.example.com haproxy[45461]: Proxy http_back started. Nov 04 00:53:20 ha.example.com haproxy[45461]: Proxy http_back started.
Add the firewall rule to open up the ports for HTTP and HAProxy.
[root@ha haproxy-1.6.3]# firewall-cmd --permanent --zone=public --add-service=http success [root@ha haproxy-1.6.3]# firewall-cmd --permanent --zone=public --add-port=8181/tcp success [root@ha haproxy-1.6.3]# firewall-cmd --reload Success
Once the load balancer is configured successfully, use http://< load-balancer-ip> /haproxy?stats to see the statistics in web browser.
Here you can access the webserver with ip address of Load Balancer and view content of the backend webservers by each and every request.
Q
What if the Load Balancer itself becomes unavailable (power outage, connection outage, etc), isn’t all of the backend servers will also become unavailable as well?
A
You should have fallout server, so like there’s Active and passive Loadbalancer with the same configuration. just install the apache heartbeat so once the Active is down the passive will take over.
Q
What is layer 4 load-balancing HAProxy?
A
A layer 4 load-balancer takes routing decision based on IPs and TCP or UDP ports.
It has a packet view of the traffic exchanged between the client and a server which means it takes decisions packet by packet.
The layer 4 connection is established between the client and the server.
It is really fast but can’t perform any action on the protocol above layer 4.
The fastest layer4 load-balancers uses an ASIC to make routing decision.
It has a packet view of the traffic exchanged between the client and a server which means it takes decisions packet by packet.
The layer 4 connection is established between the client and the server.
It is really fast but can’t perform any action on the protocol above layer 4.
The fastest layer4 load-balancers uses an ASIC to make routing decision.
Q
What are the possible architectures with layer7 load balancers?
A
Actually, only one: Proxy mode, but two main flavors of it are available:
Proxy mode
Transparent proxy mode
Proxy mode
Transparent proxy mode
Q
What are the possible architectures with layer4 load balancers in HAProxy?
A
Mainly three architectures are doable, depending on your needs:
NAT or routed
Direct Server Return or Gateway mode
IP Tunnel mode.
NAT or routed
Direct Server Return or Gateway mode
IP Tunnel mode.
Q
What does layer 4 mean in HAProxy?
A
Layer 4 is related to fourth layer of the OSI model: transport level.
For example: TCP and UDP protocols are transport level.
For example: TCP and UDP protocols are transport level.