One very common scenario in a company: you need to provide a critical application. There are many such applications – we will focus on the intranet, provided by a wiki application.
To build a loadbalancer with haproxy you need a server (a VM for example), which can handle the requests for the webservers behind. I will use SUSE Linux Enterprise Server 15 SP2, which is one of the most used distributions. If you need a subscription, please reach out to our sales unit .
Let’s start with the two webservers, running on SLES 15 SP2: web-1 and web-2. Before you start, make sure that both are prepared:
- Install apache2
zypper in -y apache2
- Create an index.html page in the default DocumentRoot (
cat << EOF >> /srv/www/html/index.html <html> <head> <title>you are on webserver: web-1</title> </head> <body> <h1>you are on webserver: web-1</h1> </body> </html> EOF
- Enable webserver process to automatically start after reboot
# systemctl enable apache2
- Start webserver process
# systemctl start apache2
- Check if webserver process successfully started
# systemctl status apache2
Repeat those steps on both webservers and ensure that your
index.html represents the correct hostname (web-1 on webserver web-1, web-2 on webserver web-2).
Now, it’s time for a first test. Start a webbrowser and type in the IP/name of one of your webservers. You should see a simple webpage with the particular hostname. Check this again on the other webserver and verify if the hostname is correct.
The next step is to install and configure the loadbalancer. We are using haproxy for this, because it is easy to use, has a lot of options and features and is included and supported in the SLES HA Extension.
The loadbalancer VM is also running on SLES 15 SP2 and in my case the box was set up with DNS:
lb-1.intranet and IP: 192.168.177.20 Log in to the lb VM and perform the following steps:
- Install apache2
zypper in -y haproxy
- Add configuration for both webservers into loadbalancer configuration
cat << EOF >> /etc/haproxy/haproxy.cfg frontend company.intranet bind 192.168.177.20:80 default_backend company_webserver backend company_webserver balance roundrobin cookie WEB-SRV insert indirect nocache option httpchk HEAD / default-server check maxconn 20 server web-1 192.168.177.31:80 cookie web-1 server web-2 192.168.177.32:80 cookie web-2 EOF
- Enable haproxy process to automatically start after reboot
# systemctl enable haproxy
- Start haproxy process
# systemctl start haproxy
- Check if haproxy process successfully started
# systemctl status haproxy
In the config file
/etc/haproxy/haproxy.cfg you added two blocks. The one beginning with “frontend” tells haproxy that it is listening on the configured ip and port (bind 192.168.177.20:80), the second line configures the default backend called “company_webserver”.
The second block, beginning with “backend”, tells haproxy the backend configuration, which in this case are our webservers. After the keyword “backend”, you have to define a name which identifies the backend: “company_webserver”. All the following options are related to the backend “company_webserver”. As you can see, there are our webservers, configured with the particular ip and port. An important option is “balance roundrobin”, which tells haproxy that requests should be routed to the configured webservers in alignment with roundrobin mode.
To check if the haproxy configuration is working well, you can use a browser of your choice. Please make sure that your browsercache is disabled for that test. I prefer a commandline-client like httpie . I’ve installed it on my workstation and can check the haproxy configuration like this:
tim@plutonium:~$ http lb-1.intranet HTTP/1.1 200 OK accept-ranges: bytes cache-control: private content-length: 125 content-type: text/html date: Tue, 08 Dec 2020 13:19:24 GMT etag: "7d-5b3e90866c394" last-modified: Thu, 12 Nov 2020 13:38:53 GMT server: Apache set-cookie: WEB-SRV=web-1; path=/ <html> <head> <title>you are on webserver: web-1</title> </head> <body> <h1>you are on webserver: web-1</h1> </body> </html>
Now, check again, the second webserver web-2 should react:
tim@plutonium:~$ http lb-1.intranet HTTP/1.1 200 OK accept-ranges: bytes cache-control: private content-length: 125 content-type: text/html date: Tue, 08 Dec 2020 13:20:20 GMT etag: "7d-5b3e910a71dc6" last-modified: Thu, 12 Nov 2020 13:41:11 GMT server: Apache set-cookie: WEB-SRV=web-2; path=/ <html> <head> <title>you are on webserver: web-2</title> </head> <body> <h1>you are on webserver: web-2</h1> </body> </html>
Please repeat these steps multiple times. The requests should show that your requests are answered by both webservers in roundrobin mode.
This is a very simple example, but sufficient to understand how the loadbalancer actually works. There are a lot of options and features available – please check the documentation about haproxy .
In the second part of this series, which will be published very soon, we will focus on the cluster.