Installing haproxy load balancing for http and https

This example will guide you through a simple IP based load balancing solution that handles ssl traffic.

The Configuration =
Load Balancer: <192.168.0.2> // will be our haproxy server
Web Server 1: <192.168.0.10> // web application server 1
Web Server 2: <192.168.0.20> // web application server 2
Admin Panel Port 8080: <192.168.0.2> // Statistics Panel on port 8080

Web Server 1
Load Balancer < Web Server 2

Step 1: Get and Install haproxy

We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/

wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.17.tar.gz  
cd haproxy-1.3.17
make TARGET=linux26
cp /path/to/haproxy-1.3.17/examples/haproxy.init /etc/init.d/haproxy
chmod +x /etc/init.d/haproxy


Step 2: Create some users for security

We’re going to add a haproxy user and run it in a chroot jail. Be sure to read up on other security measures for your server.

useradd haproxy     
mkdir /var/chroot/haproxy     
chown haproxy:haproxy /var/chroot/haproxy     
chmod 700 /var/chroot/haproxy 

Step 3: Configure /etc/haproxy.cfg
This will be a simple load balancing. The HAProxy server will listen to 1 IP and distribute to 2 servers.

global  
    maxconn     10000 # Total Max Connections.  
    log     127.0.0.1   local0  
    log     127.0.0.1   local1 notice  
    daemon  
    nbproc      1 # Number of processes  
    user        haproxy  
        group       haproxy  
        chroot      /var/chroot/haproxy  
 
defaults  
    log     global  
    option      httplog  
    mode        tcp  
    clitimeout  60000  
    srvtimeout  30000  
    contimeout  4000  
    retries     3  
    redispatch  
    option      httpclose   
 
listen  load_balanced   192.168.0.2:80,192.168.0.2:443  
    balance     source  
    option      ssl-hello-chk  
    option      forwardfor  
 
    server webserver1 192.168.0.10 weight 1 maxconn 5000 check  
    server webserver2 192.168.0.20 weight 1 maxconn 5000 check  
 
listen  admin_stats 192.168.0.2:8080  
    mode        http  
    stats uri   /my_stats  
    stats realm     Global\ statistics  
    stats auth  username:password 

Step 4: Configuring logging

Edit /etc/sysconfig/syslog
SYSLOGD_OPTIONS=”-m 0 -r”

Edit /etc/syslog.conf. Add the following:
local0.* /var/log/haproxy.log
local1.* /var/log/haproxy-1.log

Restart Syslog
service syslog restart

发表评论