Scribd
Upload
233 views

Implement Ha Proxy

The document provides instructions for installing and configuring HAProxy load balancer on CentOS. It describes how to install HAProxy from source, configure the frontend and backend, add Elastic IP, configure logging, and setup HAProxy high availability using Keepalived. Key steps include installing Keepalived on two servers, configuring one as master and the other as backup, and using scripts and priorities to migrate the Elastic IP during failovers.

Uploaded by

nguyenhapy92
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
233 views

Implement Ha Proxy

The document provides instructions for installing and configuring HAProxy load balancer on CentOS. It describes how to install HAProxy from source, configure the frontend and backend, add Elastic IP, configure logging, and setup HAProxy high availability using Keepalived. Key steps include installing Keepalived on two servers, configuring one as master and the other as backup, and using scripts and priorities to migrate the Elastic IP during failovers.

Uploaded by

nguyenhapy92
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

https://serversforhackers.

com/load-balancing-with-haproxy
http://www.serverlab.ca/tutorials/linux/network-services/deploying-an-haproxy-load-balancer-on-centos-6/
Increase EIP

Ci v cu hnh haproxy t source


1. Ci haproxy t source
cd /opt
sudo tar xvzf haproxy-1.6.3.tar.gz
cd haproxy-1.6.3
sudo yum install gcc
sudo make TARGET=linux2628 ARCH=native
sudo make install
sudo cp /usr/local/sbin/haproxy /usr/sbin
sudo cp /opt/haproxy-1.6.3/examples/haproxy.init /etc/init.d/haproxy
sudo chmod 755 /etc/init.d/haproxy
sudo useradd --system haproxy
sudo mkdir /etc/haproxy
sudo mkdir /var/lib/haproxy
sudo vi /etc/haproxy/haproxy.cfg
sudo service haproxy start
2. Add Elastic IP vo node phative
Increase EIP
3. Cu hnh front-end v backend
http://cbonte.github.io/haproxy-dconv/configuration-1.7.html#7

global
log

127.0.0.1 local0

chroot
/var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user
haproxy
group
haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode
http
log
global
option
httplog
option
dontlognull
option http-server-close
option forwardfor
except 127.0.0.0/8
option
redispatch
retries
3
timeout http-request 10s
timeout queue
1m
timeout connect
10s
timeout client
1m
timeout server
1m
timeout http-keep-alive 10s
timeout check
10s
maxconn
3000
frontend http-in
bind *:80
mode http
acl url_pmrs hdr_dom(host) -m beg pmrsha.wellcare.vn
acl url_onemr hdr_dom(host) -m beg onemrha.wellcare.vn
#acl url_sms hdr_dom(host) -m beg smsha.wellcare.vn
use_backend pmrs_cluster if url_pmrs
use_backend onemr_cluster if url_onemr
#use_backend sms_cluster if url_sms
#default_backend log_cluster
backend pmrs_cluster
balance roundrobin
server node 172.11.20.6:8080 check
backend onemr_cluster
balance roundrobin
server node 172.11.20.9:8080 check
4. Cu hnh log cho haproxy:
http://sharadchhetri.com/2013/10/16/how-to-enable-logging-of-haproxy-in-rsyslog/

vi /etc/haproxy/haproxy.cfg
global
log 127.0.0.1

local0

vi /etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerRun 514
$template Haproxy,"%msg%\n"
local0.=info -/var/log/haproxy.log;Haproxy
local0.notice -/var/log/haproxy-status.log;Haproxy
### keep logs in localhost ##
local0.* ~

Restart rsyslog v haproxy nh phn 4 thy c 2 file /var/log/haproxy.log v


/var/log/haproxy-status.log. 2 file ny c ngha nh sau:

local0.=info -/var/log/haproxy.log defines the http log will be saved in


haproxy.log
local0.notice -/var/log/haproxy-status.log defines the Server status like
start,stop,restart,down,up etc. will be saved in haproxy-status.log
UDPServerRun 514 means opening UDP port no. 514 to listen haproxy
messages
5. Rotate log

/var/log/haproxy.log {
missingok
notifempty
sharedscripts
rotate 120
daily
compress
postrotate
reload rsyslog >/dev/null 2>&1 || true
endscript
}
6. Decode log

7. Troubleshoot:

sudo systemctl stop rsyslog


sudo systemctl start haproxy
sudo systemctl -l status haproxy
sudo service haproxy start
Ci hatop check statistics
wget http://hatop.googlecode.com/files/hatop-0.7.7.tar.gz
tar xvf hatop-0.7.7.tar.gz
cd hatop-0.7.7
install -m 755 bin/hatop /usr/local/bin
install -m 644 man/hatop.1 /usr/local/share/man/man1
gzip /usr/local/share/man/man1/hatop.1
Cu hnh s dng hatop:
vi /etc/haproxy/haproxy.cfg
stats socket /var/lib/haproxy/stats
Run hatop
sudo /usr/local/bin/hatop -s /var/lib/haproxy/stats
8. Cu hnh dns

pmrsha.wellcare.vn => 54.179.190.233


onemrha.wellcare.vn => 54.179.190.233
9. Ci haproxy high availability
haproxy and keepalived setup

report about keepalived

a. To thm 1 EC2 node: Nh chn launch more like this

b. Install keepalived

yum install gcc openssl-devel


tar xf keepalived-1.2.19.tar.gz
cd keepalived-1.2.19/
./configure
make && make install
cp keepalived/etc/init.d/keepalived.init /etc/init.d/keepalived
mkdir /etc/keepalived
c.

Config master (/etc/keepalived/keepalived.conf)

vrrp_script chk_haproxy {
script "pidof haproxy"
interval 2
}
vrrp_instance VI_1 {
debug 2
interface eth0
# interface to monitor
state MASTER
virtual_router_id 51
# Assign one ID for this route
priority 101
# 101 on master, 100 on backup
unicast_src_ip 172.11.1.13
# My IP
unicast_peer {
172.11.1.166
# peer IP
}

track_script {
chk_haproxy
}
notify_master /etc/keepalived/master.sh
}
d. Config slave (/etc/keepalived/keepalived.conf)

vrrp_script chk_haproxy {
script "pidof haproxy"
interval 2
}
vrrp_instance VI_1 {
debug 2
interface eth0
# interface to monitor
state BACKUP
virtual_router_id 51
# Assign one ID for this route
priority 100
# 101 on master, 100 on backup
unicast_src_ip 172.11.1.166
# My IP
unicast_peer {
172.11.1.13
# Peer IP
}
track_script {
chk_haproxy
}
notify_master /etc/keepalived/master.sh
}
e. script notify_master on MASTER node (/etc/keepalived/master.sh)

#!/bin/bash
EIP=52.74.1.170
INSTANCE_ID=i-2d3748a3
/usr/local/bin/aws ec2 disassociate-address --public-ip $EIP
/usr/local/bin/aws ec2 associate-address --public-ip $EIP --instance-id
$INSTANCE_ID
f.

script notify_master on SLAVE node (/etc/keepalived/master.sh)

#!/bin/bash
EIP=52.74.1.170x
INSTANCE_ID=i-5d6bf3d3
/usr/local/bin/aws ec2 disassociate-address --public-ip $EIP
/usr/local/bin/aws ec2 associate-address --public-ip $EIP --instance-id
$INSTANCE_ID

g. Make keepalived start

sudo cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/


sudo ln -s /usr/local/sbin/keepalived /usr/sbin/keepalived
h. V keepalived.conf dng trng priority nn ch thng MASTER

v c priority cao hn mi c advertise sang thng BACKUP


172.11.1.13 > 172.11.1.166: vrrp 172.11.1.13 > 172.11.1.166: VRRPv2,
Advertisement, vrid 51, prio 101, authtype none, intvl 1s, length 16, addrs:
16:49:32.978595 IP (tos 0xc0, ttl 255, id 2100, offset 0, flags [none], proto
VRRP (112), length 36)
172.11.1.13 > 172.11.1.166: vrrp 172.11.1.13 > 172.11.1.166: VRRPv2,
Advertisement, vrid 51, prio 101, authtype none, intvl 1s, length 16, addrs:
16:49:33.979740 IP (tos 0xc0, ttl 255, id 2101, offset 0, flags [none], proto
VRRP (112), length 36)

Cu hnh chun
10. Add Elastic IP vo node phative
11. Cu hnh front-end v backend
http://cbonte.github.io/haproxy-dconv/configuration-1.7.html#7

frontend http-in
bind *:80
mode http
acl url_pmrs hdr_dom(host) -m beg pmrs.wellcare.vn
acl url_onemr hdr_dom(host) -m beg onemr.vn
acl url_sms hdr_dom(host) -m beg sms.wellcare.vn
use_backend pmrs_cluster if url_pmrs
use_backend onemr_cluster if url_onemr
use_backend sms_cluster if url_sms
default_backend log_cluster
backend pmrs_cluster
balance roundrobin
server node 172.11.20.6:8080 cookie A check
backend onemr_cluster
balance roundrobin
server node 172.11.20.9:8080 cookie A check
12. Haproxy with backend path
frontend http
#match url ending with /xxxxx/do-that
acl do-that path_end -i /app-2/do-that
use_backend server1 if do-that

backend server1
reqirep ^([^\ :]*)\ /app-2/(.*)
server server 168.192.X.X

\1\ /app-2-another-path/\2

frontend ft_def
bind :80
mode http
acl has_special_uri path_beg /my-foo
use_backend def if has_special_uri
default_backend def
backend def
mode http
option forwardfor
reqirep ^([^\ ]*\ )/my-foo(.*) \1/other-bar\2
server myserver othersite.com:8081
13. Restart haproxy:

/etc/init.d/haproxy restart
14. Front end

frontend webapp1
bind 172.30.0.30:80
mode http
acl url_forum
path_beg /forum
use_backend webapp1_forum if url_forum
default_backend webapp1-main
15.
16. Config elastic ip for haproxy:
17. Install haproxy
yum install haproxy
18. Config haproxy:
vi /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0
log 127.0.0.1 local1 debug
maxconn 45000 # Total Max Connections.
daemon
nbproc

1 # Number of processing cores.

defaults
timeout server 86400000

timeout connect 86400000


timeout client 86400000
timeout queue 1000s
# [HTTP Site Configuration]
listen http_web 192.168.10.10:80
mode http
balance roundrobin # Load Balancing algorithm
option httpchk
option forwardfor
server server1 192.168.10.100:80 weight 1 maxconn 512 check
server server2 192.168.10.101:80 weight 1 maxconn 512 check
# [HTTPS Site Configuration]
listen https_web 192.168.10.10:443
mode tcp
balance source# Load Balancing algorithm
reqadd X-Forwarded-Proto:\ http
server server1 192.168.10.100:443 weight 1 maxconn 512 check
server server2 192.168.10.101:443 weight 1 maxconn 512 check

19.

You might also like