Load Balancing per wikipedia, improves the distribution of workloads across multiple computing resources, such as computers, a computer cluster, network links, central processing units, or disk drives. Load balancing aims to optimize resource use, maximize throughput, minimize response time, and avoid overload of any single resource. Using multiple components with load balancing instead of a single component may increase reliability and availability through redundancy. Load balancing usually involves dedicated software or hardware, such as a multilayer switch or a Domain Name System server process.
HAProxy isn’t available in the default repositories for CentOS or Red Hat. In order for us to be able to install it, we need to add the EPEL repository to our server and install it using Yum.
1. Download the EPEL repository RPM.
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
2. Install the EPEL repository RPM to add its Yum configuration file to your server.
# rpm -ivh epel-release-6.8.noarch.rpm
3. Install HAProxy
# yum install haproxy
Edit existing HaProxy configuration /etc/haproxy/haproxy.cfg as below:
global log 127.0.0.1 local2 chroot /var/lib/haproxy maxconn 600 user haproxy group haproxy daemon stats socket /var/lib/haproxy/stats tune.ssl.default-dh-param 2048 defaults mode http log global option httplog option dontlognull option forwardfor except 127.0.0.0/8 option http-server-close option abortonclose option redispatch retries 3 timeout http-request 60s timeout queue 60m timeout connect 300s timeout client 60m timeout server 60m timeout http-keep-alive 5s timeout check 10s frontend HTTP bind 192.168.1.50:80 reqadd X-Forwarded-Proto:\ http default_backend HTTP_Backend frontend HTTPS bind 192.168.1.50:443 ssl crt /etc/ssl/cnx.pem force-tlsv12 reqadd X-Forwarded-Proto:\ https default_backend HTTP_Backend backend HTTP_Backend balance roundrobin stick-table type ip size 1m expire 1h stick on src option abortonclose option forwardfor except 127.0.0.0/8 option http-server-close option httpchk HEAD /check.html HTTP/1.0 server WEB_01 192.168.1.61:80 weight 20 minconn 80 maxconn 180 inter 5s check server WEB_02 192.168.1.62:80 weight 20 minconn 80 maxconn 180 inter 5s check server WEB_03 192.168.1.63:80 weight 20 minconn 80 maxconn 160 inter 5s check listen stats 192.168.1.50:8443 mode http log global maxconn 10 timeout client 100s timeout server 100s timeout connect 100s timeout queue 100s stats enable stats hide-version stats refresh 10s stats show-node stats scope HTTP_Backend stats auth yongitz:password stats uri /stats stats admin if TRUE
Points to remember:
1. The setup above is designed to load balance http requests.
2. The balancing alrogithm used for this setup is roundrobin. This means that each server will be used in turns in relation to their weights. With the above setup, once server is setup with a lower weight which means it has less priority than with the other two.
3. Check interval is set to 5 seconds, default is 2 when not specified.
4. Accepts both HTTP and HTTPS connection. When request is HTTPS, it enforces the use of TLS protocol version 1.2
5. HaProxy Stats is enabled and can be accessed via http://192.168.1.50:8443/stats using basic auth. Username and password has been set to yongitz and password respectively.
6. With this setup, you can enable/disable backend servers on the fly.
For the detailed definition of each parameters above, you may check the official documentation here.
Below is the sample stats of HaProxy in action: