HA Proxy / Load Balancer Step By Step Installation Guide
HA Proxy / Load Balancer Step By Step Installation Guide
HA Proxy is High availability solution for load balancing and reliable flow of web application requests. It supports HTTP Web based application and TCP.
Now a days for large scale applications it’s very difficult to response multiple requests at a time for single server. Also there can be failure in single server so there is a need to have high availability environment of resources that can manage the client request and respond without failure.
Following article will provide detail about the installation of HA Proxy as a load balancing environment on virtual environment Ubuntu.
We will install HA proxy and make clusters on two servers that will share the traffic sent through HTTP requests.
Network Details
We will have applications running on webserver that will accept requests from load balancers HA proxy.
Here is network detail for application servers, Load balancing servers and virtual machine
Web Servers:
Web servers are as below:
Server 1 Webserver01-207 10.20.123.207
Server 2 Webserver02-208 10.20.123.208
Server 3 Webserver03-209 10.20.123.209
Load Balancers:
Node 1 : lb01-124 10.20:123:124
Node 2 : lb01-125 10.20:123:125
HA Proxy Installation Guide:
Here are steps for HA Proxy installation on Ubuntu server machine
Step1 : Update Ubuntu
Update the Ubuntu system through apt command using root user
Access your HAProxy server through SSH
Sudo apt-get update
sudo apt-get install haproxy
There is just one configuration file for HA Proxy configuration.
Open the file through following command
Vim /etc/haproxy/haproxy.cfg
Step2: Edit Configuration
Here is default configuration in the haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-ticketsdefaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
Step3: Adding HA Proxy Listener
We can add HA proxy listener forcefully as I have commented the line bind : 10.20.124.124 as listener and put *:80 as default listener.
In the below customized configuration there are two parts. One is frontend and backend. Frontend path is default set and bind to its own IP. Like if we have HA server 10.20.123.124 that means that frontend will be access through this IP and same for second HA server.
frontend http_front_end
bind *:80 # default HA proxy listener
#bind : 10.20.123.124 // this HA Proxy listener
stats uri /haproxy?stats
acl url_blog path_beg /application
use_backend blog_back if application_url
default_backend http_back
Step4: Adding HA Proxy Backend/forwarding webservers
backend http_back
balance roundrobin
server Webserver207 10.20.123.207:80 check
server Webserver208 10.20.123.208:80 check
server Webserver209 10:20:124.209:80 check
Second section is backend configuration where we put web server’s details as server name and its IP address.
Once load balancer gets request then it forwards the request on any of mentioned webserver. Here 80 is the default port for HTTP Request. If we want to forward request on HTTPS then port will be used as 443.
Enable Stats on HA Proxy for front end
This is an optional configuration that we can set in HA Proxy
listen stats *:1936 // default port for stats is 1936
stats enable
stats hide-version
stats refresh 30s
stats show-node
stats auth username:password // default username is hastat and same password
stats uri /stats
Step5: Restart HA Proxy
Now after these configurations we have to restart HA Proxy with following command
systemctl restart haproxy
Now check the start of haproxy by following command
Step6: Status HA Proxy
systemctl status haproxy
If ha proxy configuration is correct and no error found then status will be shown as active. Here is active status ha proxy screenshot
Step7: Check stats of HA proxy on frontend
Open your HA Proxy server in browser with following URL
http://10.10.110.94/haproxy?stats
Here is screenshot of front end stats
Floating IP and the Corosync/Pacemaker cluster Installation
We use Corosync and pacemaker to float the traffic between these two load balancers.
We are going to use a virtual IP that will behave like accepting requests and will float the traffic between two load balancers where HA proxy is installed and configured.
Step 1: Corosync Installation
Here are few commands for installation of Corosync and Pacemaker
Run the following command and configuration on both HA proxy servers
apt-get install pacemaker
apt-get install corosync
after this command few more disk space and memory will be used so there will be yes no option duration installation, We have to select yes
Step 2: Corosync Configuration
Add following code to corosync configuration file on following path. Put this configuration on HA Proxy both servers.
/etc/corosync/corosync.conf
totem {
version: 2
cluster_name: ha
transport: knet
crypto_cipher: aes256
crypto_hash: sha256
}
nodelist {
node {
ring0_addr: lb07-93
name: lb07-93
nodeid: 1
}
node {
ring0_addr: lb1-124
name: lb2-125
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
logging {
to_logfile: yes
logfile: /var/log/corosync/corosync.log
to_syslog: yes
timestamp: on
}
Step3: Restart and enable corosync and Pacemaker
Following commands to restart two services corosync and pacemaker
# Enable and restart Corosync Service
sudo systemctl restart corosync.service
sudo systemctl enable corosync.service
# Enable and restart Pacemaker Service
sudo systemctl restart pacemaker.service
sudo systemctl enable pacemaker.service
To check both services up and communicating then run following command
Pcs status
You will face such type of screen with pcs status command
Now add password to the hacluser node management area through following command
passwd hacluster
Now you can add new password for hacluster node management area.
From above screen resources list will be shown as there is no resource in the list.
Resources can be added from front end of pacemaker and corosync server where we can add clusters to the nodes.
Step4: Add cluster to HA Proxy nodes
Access the front end web interface for HA Proxy nodes through which we can add cluster, resources and Virtual IP
Open the following url in browser
https://10.20.123.125:2224 and https://10.20.123.125:2224/ and you will redirect to HA proxy nodes management area. Here default username and password is hacluser
Create Cluster over here and provide the nodes names that are proxy server’s names lb01-123 and lb02-124
Step5: Add Resources to HA Proxy Nodes
Now you will have to Resources to the the nodes by clicking on resources menu. You will add two resources, As I have following resources in a group
⦁ VIrtualIP where we select ofc:heartbeat with IPAddr2 and also provide Virtual IP Address
⦁ Second resource we select systemd and haproxy from the options
Note: During this option you can face an issue that I have solved through following command on these HAProxy nodes
pcs property set stonith-enabled=false
If you have set all and you can see above screenshot configuration in browser then you are almost done.
Now you have virtual IP 10.10.110.95 as virtual ip where you can receive traffic, This virtual ip will forward the traffic on load blancer 10.20.123.124 and 10.20.123.125. These load balancer will forward the traffic on webserver where actual application is deployed.
Load balancer will manage the traffic as per capacity and you can view the traffic on stats manager through following url
Step6: View Stats on haproxy stats manager
Hit the virtual IP in browser and this will floats its traffic on HA proxy servers. You can check traffic here.
http://10.20.123.124/haproxy?stats
http://10.20.123.125/haproxy?stats
Here is final screenshot where all traffic and be viewed.