CentOS Stream 9
Sponsored Link

HAProxy : HTTP Load Balancing
2022/03/22
 
Install HAProxy to configure Load Balancing Server.
This example is based on the environment like follows.
-----------+---------------------------+--------------------------+------------
           |                           |                          |
           |10.0.0.30                  |10.0.0.51                 |10.0.0.52
+----------+-----------+   +-----------+----------+   +-----------+----------+
|   [ dlp.srv.world ]  |   | [ node01.srv.world ] |   | [ node02.srv.world ] |
|        HAProxy       |   |      Web Server#1    |   |      Web Server#2    |
+----------------------+   +----------------------+   +----------------------+

 
Configure Servers that HTTP connection to HAProxy Server is forwarded to backend Web Servers.
[1] Install HAProxy.
[root@dlp ~]#
dnf -y install haproxy
[2] Configure HAProxy.
[root@dlp ~]#
vi /etc/haproxy/haproxy.cfg
# comment out all for existing [frontend ***] [backend ***] sections
# and add follows to the end
# define frontend ( any name is OK for [http-in] )
frontend http-in
    # listen 80 port
    bind *:80
    # set default backend
    default_backend    backend_servers
    # send X-Forwarded-For header
    option             forwardfor

# define backend
backend backend_servers
    # balance with roundrobin
    balance            roundrobin
    # define backend servers
    server             node01 10.0.0.51:80 check
    server             node02 10.0.0.52:80 check

[root@dlp ~]#
systemctl enable --now haproxy

[3] If Firewalld is running, allow ports HAProxy listens.
[root@dlp ~]#
firewall-cmd --add-service=http

success
[root@dlp ~]#
firewall-cmd --runtime-to-permanent

success
[4] By default setting of HAproxy, logs are sent to [local2] facility, so Configure Rsyslog to record it to a file.
[root@dlp ~]#
vi /etc/rsyslog.conf
# line 30, 31 : uncomment and add a line

module(load="imudp") # needs to be done just once
input(type="imudp" port="514")
$AllowedSender UDP, 127.0.0.1
# line 46 : change like follows

*.info;mail.none;authpriv.none;cron.none;local2.none    /var/log/messages
local2.*                                                /var/log/haproxy.log

[root@dlp ~]#
systemctl restart rsyslog

[5] Change settings on Backend Web servers (Apache httpd on this example) to logging X-Forwarded-For header.
[root@node01 ~]#
vi /etc/httpd/conf/httpd.conf
# line 201 : change like follows

LogFormat "
\"%{X-Forwarded-For}i\"
%l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
[root@node01 ~]#
systemctl restart httpd

[6] Verify working normally to access to frontend HAproxy Server.
Matched Content