Nginx is a high performance web server, which can also act as a great reverse proxy. Reverse proxy’s are placed in front of the web server handling the processing, to speed the site up, by either caching data, and/or load balancing across multiple back-end web servers.
This howto will outline the steps required to set up Nginx as a load balancing reverse proxy.
Continue Reading…
HAProxy provides a number of methods for maintaining a record of which backend server should handle a specific connection. This is known as creating a ‘sticky’ connection (other terms for this are ‘connection persistence’ and ‘connection affinity’). HAProxy can use the source ip address, url hash, cookies, sessions (checks cookies and url parameter), headers, and more, to determine which backend server to pass the connection to.
Add one of the following lines to the HAProxy config file, in the section containing your backend servers.
Load balancing PHP sessions:
appsession PHPSESSID len 64 timeout 3h request-learn prefix
Load balancing ASP.Net sessions:
appsession ASP.NET_SessionId len 64 timeout 3h request-learn prefix
Load balancing ASP sessions:
appsession ASPSESSIONID len 64 timeout 3h request-learn prefix
Load balancing Java Server Pages sessions:
appsession JSESSIONID len 52 timeout 3h request-learn prefix
Note: You may need to modify slightly to suit your environment. I haven’t tested all of these.
For more info on sticky sessions with HAProxy, check out the HAProxy help page for the ‘appsession’ keyword:
http://code.google.com/p/haproxy-docs/wiki/appsession
See http://en.wikipedia.org/wiki/Session_ID for more details on session ID’s
This guide will step you through the process of installing HAProxy on CentOS 6.
To install HAProxy on CentOS 6 you first need to set up your installation to use the epel software repository. HAProxy is not available in the default CentOS repositories.
(Note: All commands below require root privileges.)
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm
You can now install haproxy.
yum -y install haproxy
Now that HAProxy is installed, you can configure the haproxy.cfg file.
vi /etc/haproxy/haproxy.cfg
Once you have configured HAProxy, its time to start the service.
service haproxy start
By default HAProxy wont be set to run at system startup. To enable HAProxy to always start when the PC boots up, run the following:
chkconfig haproxy on
For more information on configuring HAProxy, please check my other howto articles.
HAProxy is a very capable load balance, but unless you set up the statistics site, you wont easily be able to view the statistics, and in later versions, take down, and bring up back end servers. This is a great feature that allows you to take one of your back end servers offline without shutting down the back end server, or changing any config files. Simply turning off the back end server would do the trick, but sometimes you may want to keep it on, to perform updates, testing, etc, while no one is accessing that particular server.
This guide will step you through the process of setting up access to the statistics web page on the HAProxy server.
Open the haproxy.conf file in your favorite editor.
$ sudo nano /etc/haproxy/haproxy.conf
go to the bottom of the file, and add in the following:
listen stats 0.0.0.0:9000 #Listen on all IP's on port 9000
mode http
balance
timeout client 5000
timeout connect 4000
timeout server 30000
#This is the virtual URL to access the stats page
stats uri /haproxy_stats
#Authentication realm. This can be set to anything. Escape space characters with a backslash.
stats realm HAProxy\ Statistics
#The user/pass you want to use. Change this password!
stats auth admin:passwordhere
#This allows you to take down and bring up back end servers.
#This will produce an error on older versions of HAProxy.
stats admin if TRUE
Save your config and exit the editor.
Restart haproxy, or reload the config.
Restart HAProxy:
$ sudo /etc/init.d/haproxy restart
or reload the config (see the Reload HAProxy Config with Minimal Downtime page for more details):
$ sudo haproxy -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)
(Note: If you receive an error at this stage, you may have a older version of HAProxy, in which case you will need to comment out the last line that you added above. Eg: the “stats admin if TRUE” line.)
Now you should be able to load a browser on another PC and connect to the IP of the HAProxy server (in my example below, 192.168.0.5), on port 9000, with the stats URL added to the end:
Eg: http://192.168.0.5:9000/haproxy_stats
You should be presented with a username/password prompt. Enter in the details saved in the haproxy.conf file, that you set before.
You should be presented with the statistics page similar to the image below.
You can now enable/disable any back end servers on the fly, and view stats regarding the various front ends and back ends.
Restarting HAProxy using the default init scripts will kill any existing connections, and prevent any new connections while it restarts. With the init script restart method (eg ‘/etc/init.d/haproxy restart’), if there are any configuration errors, the service wont start up again. This might be fine for low volume sites, but if you are dealing with heavy traffic, you would want to reload the configuration with the smallest amount of downtime possible.
Thankfully HAProxy provides the ability to do this. The ‘-st’ and ‘-sf’ parameter options are used for hot configuration changes.
Both parameter options allow for hot configuration changes, with the difference being that the ‘-st’ option forces the existing HAProxy instance to kill all existing connections, where as the ‘-sf’ option tells the existing HAProxy instance to finish doing any work, and then softly close.
If there are any configuration errors in the config file, HAProxy will not complete the configuration reload, and will remain running with the existing config.
Example of a configuration reload using -sf (wait for HAProxy to finish any ‘work’):
$ sudo haproxy -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)
HAProxy is a free, reliable, high performance load balancing solution capable of proxying TCP and HTTP applications.
This article will outline how to set up a simple HAProxy server to allow you to load balance web site requests to one or more back-end web servers. While this example may not be suitable for a production set up on the internet, its a good start if you just want to set up a simple load balanced web site.
The following example is using Ubuntu, however the configuration will be the same regardless of the distribution. The steps to install HAProxy will vary depending on the distribution. It also assumes that the back end web servers are on different physical machines to the one running HAProxy.
Installing HAProxy:
$ sudo apt-get install haproxy
On Ubuntu, by default the HAProxy service is disabled. To enable it you need to modify the /etc/default/haproxy file.
$ sudo nano /etc/default/haproxy
Modify the ‘ENABLED=0’ line to ‘ENABLED=1’ as shown below.
Change this:
# Set ENABLED to 1 if you want the init script to start haproxy. ENABLED=0 # Add extra flags here. #EXTRAOPTS="-de -m 16"
To this:
# Set ENABLED to 1 if you want the init script to start haproxy. ENABLED=1 # Add extra flags here. #EXTRAOPTS="-de -m 16"
Save and exit the editor.
The next step is to modify the HAProxy configuration file.
$ sudo nano /etc/haproxy/haproxy.cfg
In the default configuration file, there will likely be a number of ‘listen’ sections. These can be removed or commented out, as they wont be needed. You just want to keep the ‘global’ and ‘defaults’ sections for now.
Add in the following ‘frontend’ and ‘backend’ sections:
frontend http_in
bind *:80
default_backend webservers
backend webservers
balance roundrobin
server webserver1 192.168.50.11:80
server webserver2 192.168.50.12:80
What this does is sets up a proxy frontend called ‘http_in’, listening on port 80, on all IP addresses on the machine. This proxy frontend will pass all traffic through to the ‘backend’ which has been configured with the name ‘webservers’. This is set with the ‘default_backend’ setting pointing to ‘webservers’.
THe ‘backend’ section is where we configure what servers will be avaliable to load balance between, and what type of load balancing model to use. This example uses the round robin model, which basically just rotates evenly between the servers listed. In this example, we have named the server running on 192.168.50.11 as ‘webserver1’ and the server running on 192.168.50.12 as ‘webserver2’. These names dont have to resolve to anything as they are just used for identifiers within HAProxy.
The configuration file should now look similar to this:
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy
user haproxy
group haproxy
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
frontend http_in
bind *:80
default_backend webservers
backend webservers
balance roundrobin
server webserver1 192.168.50.11:80
server webserver2 192.168.50.12:80
Save the configuration, and exit the editor.
Restart/Start HAProxy for the changes to take effect.
$ sudo /etc/init.d/haproxy restart
You should now be able to go to the url of the HAProxy machine, and have the requests redirected to the back end web servers that were set up in the ‘backend’ section.
There are a large number of configuration options avaliable to do things like weighted balancing, server status checking, URL redirection, stats pages, and more. Read the documentation on the HAProxy website (http://haproxy.1wt.eu/) for more information on the various configuration options available.