This example will guide you through a simple IP based load balancing solution that handles ssl traffic.
The Configuration =
- Load Balancer: <192.168.0.2> // will be our haproxy server
- Web Server 1: <192.168.0.10> // web application server 1
- Web Server 2: <192.168.0.20> // web application server 2
- Admin Panel Port 8080: <192.168.0.2> // Statistics Panel on port 8080
Web Server 1
Load Balancer <
Web Server 2
Step 1: Get and Install haproxy
We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/
- wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.17.tar.gz
- cd haproxy-1.3.17
- make TARGET=linux26
- cp /path/to/haproxy-1.3.17/examples/haproxy.init /etc/init.d/haproxy
- chmod +x /etc/init.d/haproxy
We’re going to add a haproxy user and run it in a chroot jail. Be sure to read up on other security measures for your server.
- useradd haproxy
- mkdir /var/chroot/haproxy
- chown haproxy:haproxy /var/chroot/haproxy
- chmod 700 /var/chroot/haproxy
This will be a simple load balancing. The HAProxy server will listen to 1 IP and distribute to 2 servers.
- global
- maxconn 10000 # Total Max Connections.
- log 127.0.0.1 local0
- log 127.0.0.1 local1 notice
- daemon
- nbproc 1 # Number of processes
- user haproxy
- group haproxy
- chroot /var/chroot/haproxy
- defaults
- log global
- option httplog
- mode tcp
- clitimeout 60000
- srvtimeout 30000
- contimeout 4000
- retries 3
- redispatch
- option httpclose
- listen load_balanced 192.168.0.2:80,192.168.0.2:443
- balance source
- option ssl-hello-chk
- option forwardfor
- server webserver1 192.168.0.10 weight 1 maxconn 5000 check
- server webserver2 192.168.0.20 weight 1 maxconn 5000 check
- listen admin_stats 192.168.0.2:8080
- mode http
- stats uri /my_stats
- stats realm Global\ statistics
- stats auth username:password
Step 4: Configuring logging
Edit /etc/sysconfig/syslog
- SYSLOGD_OPTIONS=”-m 0 -r”