Loadbalancing made easy with haproxy

13.01.2021 | Tim Schmeling in howto

One very common scenario in a company: you need to provide a critical application. There are many such applications – we will focus on the intranet, provided by a wiki application.

To build a loadbalancer with haproxy[1] you need a server (a VM for example), which can handle the requests for the webservers behind. I will use SUSE Linux Enterprise Server 15 SP2, which is one of the most used distributions. If you need a subscription, please reach out to our sales unit [2].

Let’s start with the two webservers, running on SLES 15 SP2: web-1 and web-2. Before you start, make sure that both are prepared:

  1. Install apache2
zypper in -y apache2
  1. Create an index.html page in the default DocumentRoot (/srv/www/html/index.html)
cat << EOF >> /srv/www/html/index.html
<html>
<head>
<title>you are on webserver: web-1</title>
</head>
<body>
<h1>you are on webserver: web-1</h1>
</body>
</html>
EOF
  1. Enable webserver process to automatically start after reboot
# systemctl enable apache2
  1. Start webserver process
# systemctl start apache2
  1. Check if webserver process successfully started
# systemctl status apache2

Repeat those steps on both webservers and ensure that your index.html represents the correct hostname (web-1 on webserver web-1, web-2 on webserver web-2).

Now, it’s time for a first test. Start a webbrowser and type in the IP/name of one of your webservers. You should see a simple webpage with the particular hostname. Check this again on the other webserver and verify if the hostname is correct.

The next step is to install and configure the loadbalancer. We are using haproxy for this, because it is easy to use, has a lot of options and features and is included and supported in the SLES HA Extension.

The loadbalancer VM is also running on SLES 15 SP2 and in my case the box was set up with DNS: lb-1.intranet and IP: 192.168.177.20 Log in to the lb VM and perform the following steps:

  1. Install apache2
zypper in -y haproxy
  1. Add configuration for both webservers into loadbalancer configuration
cat << EOF >> /etc/haproxy/haproxy.cfg
frontend company.intranet
  bind 192.168.177.20:80
  default_backend company_webserver

backend company_webserver
  balance roundrobin
  cookie WEB-SRV insert indirect nocache
  option httpchk HEAD /
  default-server check maxconn 20
  server web-1 192.168.177.31:80 cookie web-1
  server web-2 192.168.177.32:80 cookie web-2
EOF
  1. Enable haproxy process to automatically start after reboot
# systemctl enable haproxy
  1. Start haproxy process
# systemctl start haproxy
  1. Check if haproxy process successfully started
# systemctl status haproxy

In the config file /etc/haproxy/haproxy.cfg you added two blocks. The one beginning with “frontend” tells haproxy that it is listening on the configured ip and port (bind 192.168.177.20:80), the second line configures the default backend called “company_webserver”.

The second block, beginning with “backend”, tells haproxy the backend configuration, which in this case are our webservers. After the keyword “backend”, you have to define a name which identifies the backend: “company_webserver”. All the following options are related to the backend “company_webserver”. As you can see, there are our webservers, configured with the particular ip and port. An important option is “balance roundrobin”, which tells haproxy that requests should be routed to the configured webservers in alignment with roundrobin mode.

To check if the haproxy configuration is working well, you can use a browser of your choice. Please make sure that your browsercache is disabled for that test. I prefer a commandline-client like httpie [3]. I’ve installed it on my workstation and can check the haproxy configuration like this:

tim@plutonium:~$ http lb-1.intranet
HTTP/1.1 200 OK
accept-ranges: bytes
cache-control: private
content-length: 125
content-type: text/html
date: Tue, 08 Dec 2020 13:19:24 GMT
etag: "7d-5b3e90866c394"
last-modified: Thu, 12 Nov 2020 13:38:53 GMT
server: Apache
set-cookie: WEB-SRV=web-1; path=/

<html>
<head>
<title>you are on webserver: web-1</title>
</head>
<body>
<h1>you are on webserver: web-1</h1>
</body>
</html>

Now, check again, the second webserver web-2 should react:

tim@plutonium:~$ http lb-1.intranet
HTTP/1.1 200 OK
accept-ranges: bytes
cache-control: private
content-length: 125
content-type: text/html
date: Tue, 08 Dec 2020 13:20:20 GMT
etag: "7d-5b3e910a71dc6"
last-modified: Thu, 12 Nov 2020 13:41:11 GMT
server: Apache
set-cookie: WEB-SRV=web-2; path=/

<html>
<head>
<title>you are on webserver: web-2</title>
</head>
<body>
<h1>you are on webserver: web-2</h1>
</body>
</html>

Please repeat these steps multiple times. The requests should show that your requests are answered by both webservers in roundrobin mode.

This is a very simple example, but sufficient to understand how the loadbalancer actually works. There are a lot of options and features available – please check the documentation about haproxy [4].

In the second part of this series, which will be published very soon, we will focus on the cluster.

Tim Schmeling
Tim Schmeling
Tim ist seit 2017 bei B1 und betreibt mit seinem Team eine große Cloud für ein internationales Unternehmen. Wenn er mal nicht in den Wolken oder beim Kunden unterwegs ist, dann beschäftigt er sich mit Hochverfügbarkeit, Clustering und SAP HANA. Nebenher gibt er als Trainer sein Wissen an andere weiter.

 


Haben Sie Anmerkungen oder Nachfragen? Melden Sie sich unter blog%b1-systems.de
Col 2