Because more customers are requesting high availability (HA) setups with load balancing, Rackspace has implemented HAProxy as a software load balancer on cloud servers. When you choose the size of the load balancer, be sure to consider the bandwidth constraints of cloud servers. We recommend that you use, at minimum, a 4 GB instance for your HAProxy node, but this depends on the bandwidth usage and the number of requests received by the server.
The following instructions use an operating system based on Red Hat Enterprise Linux. As a result, the guide is short, and HAProxy is installed via the EPEL repository
For most distributions, you can install HAProxy using your distribution’s package manager. For example, to install on Debian or Ubuntu, run the following command:
sudo aptitude install haproxy
On CentOS 5, run:
To download HAProxy on CentOS 5, you must set up access to the EPEL software repository. Run the following commands:
[root@LB01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm [root@LB01 ~]# yum -y install haproxy
On CentOS 6, run:
To download HAProxy on CentOS 6, you must set up access to the EPEL software repository, but the address for the RPM file is different than for CentOS 5. Run the following commands:
[root@LB01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm [root@LB01 ~]# yum -y install haproxy
Install a Base Configuration
After HAProxy is installed, back up the HAProxy configuration file and download the managed cloud configuration file:
[root@LB01 ~]# cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak [root@LB01 ~]# wget http://c818095.r95.cf2.rackcdn.com/haproxy.cfg -O /etc/haproxy/haproxy.cfg chkconfig haproxy on
You can configure HAProxy only after you have configured your web servers because you need to use their 10.x ServiceNet IP addresses. ServiceNet is used because you are not be charged for bandwidth overage, and it has faster throughput.
To make HAProxy functional, you need to change a number of items in /etc/haproxy/haproxy.cfg. These changes are described in this section. Remember that you must edit the values shown in this section to reflect your server’s IP addresses.
First, change the value of listen webfarm to reflect your server’s eth0 or public IP address. Following is an example value:
listen webfarm 127.0.0.1:80
Then, add your web servers.
In the following example, which shows a four-server configuration, replace the 10.0.0.x IP address with the eth1 or private IP address of your web servers.
server WWW1 10.0.0.1:80 check # Active in rotation server WWW2 10.0.0.2:80 check # Active in rotation server WWW3 10.0.0.3:80 check # Active in rotation server WWW4 10.0.0.4:80 check backup # Not active "sorry server" - this one comes live if all web heads are down
After you have added the web servers, you can start HAProxy and begin serving web pages (if the servers are ready).
service haproxy start
Following is the default configuration template for haproxy.cfg:
#global options global #logging is designed to work with syslog facility's due to chrooted environment #log loghost local0 info - By default this is commented out #chroot directory chroot /usr/share/haproxy #user/group id uid 99 gid 99 #running mode daemon defaults #HTTP Log format mode http #number of connection retries for the session retries 3 #try another webhead if retry fails option redispatch #session settings - max connections, and session timeout values maxconn 10000 contimeout 10000 clitimeout 50000 srvtimeout 50000 #Define your farm #listen webfarm 0.0.0.0:80 - Pass only HTTP traffic and bind to port 80 listen webfarm 0.0.0.0:80 #HTTP Log format mode http #stats uri /haproxy - results in http://<load balancer ip>/haproxy (shows load balancer stats) stats uri /haproxy #balance roundrobin - Typical Round Robin #balance leastconn - Least Connections #balance static-rr - Static Round Robin - Same as round robin, but weights have no effect balance roundrobin #cookie <COOKIENAME> prefix - Used for cookie-based persistence cookie webpool insert #option httpclose - http connection closing option httpclose #option forwardfor - best stated as "Enable insertion of the X-Forwarded-For header to requests sent to the web heads" aka send EU IP option forwardfor #Web Heads (Examples) #server WEB1 10.0.0.1:80 check - passes http traffic to this server and checks if its alive #server WEB1 10.0.0.1:80 check port 81 - same as above but checks port 81 to see if its alive (helps to remove servers from rotation) #server WEB1 10.0.0.1:80 check port 81 weight 100 - same as the above with weight specification (weights 1-256 / higher number higher weight) #server WEB1 10.0.0.1:80 check backup - defines this server as a backup for the other web heads #Working Example: *USE THIS HOSTNAME FORMAT* server WWW1 10.0.0.1:80 cookie webpool_WWW1 check port 81 # Active in rotation server WWW2 10.0.0.2:80 cookie webpool_WWW2 check port 81 # Active in rotation server WWW3 10.0.0.3:80 check # Active in rotation server WWW4 10.0.0.4:80 check backup # Not active "sorry server" - this one comes live if all web heads are down #SSL farm example #listen https 0.0.0.0:443 # mode tcp # server WEB1 10.0.0.1:443 check
Session Persistence with SSL
If you want to also balance SSL traffic, you must set the balance mode to source, as shown in the following example. This setting takes a hash of the client’s IP address and the number of servers in rotation, and traffic is sent from one IP address to the same web server consistently. The persistence is reset if the number of servers is changed:
listen https 0.0.0.0:443 mode tcp balance source server WEB1 10.0.0.1:443 check