Differences
This shows you the differences between two versions of the page.
linux_wiki:load_balancing_haproxy_and_keepalived [2017/07/07 22:54] billdozor [Network Addressing Setup] |
linux_wiki:load_balancing_haproxy_and_keepalived [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Load Balancing with HAProxy And Keepalived ====== | ||
- | |||
- | **General Information** | ||
- | |||
- | Creating a highly available pair of load balancers with HAProxy and Keepalived. | ||
- | |||
- | **Checklist** | ||
- | * Number of systems | ||
- | * 2 servers to be load balancers | ||
- | * 2 servers for web servers (in the example) | ||
- | * Distro(s): Enterprise Linux 7 | ||
- | |||
- | ---- | ||
- | |||
- | ====== Network Addressing Setup ====== | ||
- | |||
- | Network configuration used in the examples below. | ||
- | |||
- | Load Balancers | ||
- | * Server " | ||
- | * Server " | ||
- | * " | ||
- | |||
- | Web Servers (used in haproxy example config) | ||
- | * web01 -> 10.1.2.50 | ||
- | * web02 -> 10.1.2.51 | ||
- | |||
- | ---- | ||
- | |||
- | ====== Install ====== | ||
- | |||
- | Install the required packages on the load balancer servers | ||
- | * KeepAliveD (high availability)< | ||
- | * HA-Proxy (load balancing)< | ||
- | |||
- | ---- | ||
- | |||
- | ====== Configure ====== | ||
- | |||
- | Configuring keepalived and haproxy. | ||
- | |||
- | ===== Keepalived ===== | ||
- | |||
- | Keepalived utlizes a Linux kernel implementation of VRRP. (Virtual Router Redundancy Protocol) | ||
- | |||
- | Official Site: http:// | ||
- | |||
- | * Configure all nodes with these keepalive settings (/ | ||
- | |||
- | vrrp_script check_haproxy { | ||
- | script " | ||
- | timeout 1 | ||
- | interval 2 # every 2 seconds | ||
- | weight 2 # add 2 points if OK | ||
- | } | ||
- | |||
- | vrrp_instance VI_1 { | ||
- | state BACKUP | ||
- | interface eth0 | ||
- | virtual_router_id 51 | ||
- | priority 100 # All instances same priority to prevent VIP flapping | ||
- | advert_int 1 | ||
- | |||
- | authentication { | ||
- | auth_type PASS | ||
- | auth_pass PASSWORDHERE | ||
- | } | ||
- | |||
- | virtual_ipaddress { | ||
- | 10.1.2.3 | ||
- | } | ||
- | |||
- | track_script { | ||
- | check_haproxy | ||
- | } | ||
- | }</ | ||
- | |||
- | ===== HA-Proxy ===== | ||
- | |||
- | HAProxy is a TCP/HTTP load balancer. | ||
- | |||
- | Official Site: http:// | ||
- | |||
- | * Configure HA-Proxy (/ | ||
- | * Remove all example frontend and backend config sections (leave default section) | ||
- | * Add New frontend/ | ||
- | # http-in frontend which proxys to the backends | ||
- | # | ||
- | frontend | ||
- | # Log format | ||
- | option httplog | ||
- | |||
- | #-- ACLs - Match HTTP Requests --# | ||
- | acl url_web | ||
- | |||
- | #-- Backend Selection based on ACLs --# | ||
- | use_backend web_pool1 | ||
- | |||
- | # | ||
- | # Backend Configuration | ||
- | # | ||
- | backend web_pool1 | ||
- | balance | ||
- | server | ||
- | server | ||
- | |||
- | ===== Logging ===== | ||
- | |||
- | Setup logging for HAProxy. | ||
- | |||
- | * Create a Rsyslog drop in file for HA-Proxy (/ | ||
- | |||
- | # Load UDP Modules | ||
- | $ModLoad imudp | ||
- | |||
- | # Run UDP server | ||
- | $UDPServerRun 514 | ||
- | |||
- | # Allow only localhost | ||
- | $AllowedSender UDP, 127.0.0.1 | ||
- | |||
- | # Send local2 haproxy logs to / | ||
- | local2.none | ||
- | local2.* | ||
- | * Restart rsyslog< | ||
- | |||
- | ---- | ||
- | |||
- | ====== Operate ====== | ||
- | |||
- | Operating the load balancers. | ||
- | |||
- | ---- | ||
- | |||
- | ===== Services ===== | ||
- | |||
- | Start and enable the services on each node. | ||
- | |||
- | * HA-Proxy< | ||
- | systemctl enable haproxy</ | ||
- | * Keepalived< | ||
- | systemctl enable keepalived</ | ||
- | |||
- | ---- | ||
- | |||
- | ===== Reboots ===== | ||
- | |||
- | Reboot procedure and dependencies. | ||
- | |||
- | * Load Balancers (lb01, lb02) can be rebooted 1 at a time to avoid service interruption. | ||
- | * Determine the inactive system (the system that does NOT have the virtual IP as a secondary address< | ||
- | * Reboot the inactive system< | ||
- | * Once the inactive system is up, verify keepalived and haproxy are running< | ||
- | * Stop keepalived on the active system in order to force a fail over< | ||
- | * Reboot the system with keepalived stopped< | ||
- | |||
- | ---- | ||