This is an old revision of the document!
Load Balancing with HAProxy And Keepalived
General Information
Creating a highly available pair of load balancers with HAProxy and Keepalived.
Checklist
- Number of systems
- 2 servers to be load balancers
- 2 servers for web servers (in the example)
- Distro(s): Enterprise Linux 7
Network Addressing Setup
Network configuration used in the examples below.
Load Balancers
- Server “lb01” → 10.1.2.1 (eth0)
- Server “lb02” → 10.1.2.2 (eth0)
- “lbvip” → 10.1.2.3 (load balancer virtual IP - floats between servers)
Web Servers (used in haproxy example config)
- web01 → 10.1.2.50
- web02 → 10.1.2.51
Install
Install the required packages on the load balancer servers
- KeepAliveD (high availability)
yum install keepalived
- HA-Proxy (load balancing)
yum install haproxy
Configure
Configuring keepalived and haproxy.
Keepalived
Keepalived utlizes a Linux kernel implementation of VRRP. (Virtual Router Redundancy Protocol)
Official Site: http://www.keepalived.org/
- Configure all nodes with these keepalive settings (/etc/keepalived/keepalived.conf). Example:
! Configuration File for keepalived vrrp_script check_haproxy { script "killall -0 haproxy" # check the haproxy process timeout 1 interval 2 # every 2 seconds weight 2 # add 2 points if OK } vrrp_instance VI_1 { state BACKUP # All instances 'BACKUP' to prevent VIP flapping interface eth0 virtual_router_id 51 priority 100 # All instances same priority to prevent VIP flapping advert_int 1 authentication { auth_type PASS auth_pass PASSWORDHERE } virtual_ipaddress { 10.1.2.3 } track_script { check_haproxy } }
HA-Proxy
HAProxy is a TCP/HTTP load balancer.
Official Site: http://www.haproxy.org/
- Configure HA-Proxy (/etc/haproxy/haproxy.cfg)
- Remove all example frontend and backend config sections (leave default section)
- Add New frontend/backend sections Example:
#--------------------------------------------------------------------- # http-in frontend which proxys to the backends #--------------------------------------------------------------------- frontend http-in *:80 # Log format option httplog #-- ACLs - Match HTTP Requests --# acl url_web path_beg -i /mywebsite #-- Backend Selection based on ACLs --# use_backend web_pool1 if url_web #--------------------------------------------------------------------- # Backend Configuration #--------------------------------------------------------------------- backend web_pool1 balance roundrobin server web01 10.1.2.50:80 check server web02 10.1.2.51:80 check
Logging
Setup logging for HAProxy.
- Create a Rsyslog drop in file for HA-Proxy (/etc/rsyslog.d/haproxy.conf)
## HA-Proxy Rsyslog Config ## # Load UDP Modules $ModLoad imudp # Run UDP server $UDPServerRun 514 # Allow only localhost $AllowedSender UDP, 127.0.0.1 # Send local2 haproxy logs to /var/log/haproxy.log local2.none /var/log/messages local2.* /var/log/haproxy.log
- Restart rsyslog
systemctl restart rsyslog
Operate
Operating the load balancers.
Services
Start and enable the services on each node.
- HA-Proxy
systemctl start haproxy systemctl enable haproxy
- Keepalived
systemctl start keepalived systemctl enable keepalived
Reboots
Reboot procedure and dependencies.
- Load Balancers (lb01, lb02) can be rebooted 1 at a time to avoid service interruption.
- Determine the inactive system (the system that does NOT have the virtual IP as a secondary address
ip addr sh
- Reboot the inactive system
reboot
- Once the inactive system is up, verify keepalived and haproxy are running
systemctl status keepalived haproxy
- Stop keepalived on the active system in order to force a fail over
systemctl stop keepalived
- Reboot the system with keepalived stopped
reboot