HAPROXY Lab (CentOS VM)

·

4 min read

PROXY: A server that intermediates requests and responses between a client and a server.

Types of PROXY
  • Forward Proxy: Located between the client and the internet.

  • Reverse Proxy: Located between the internet and the server.

Key Features
  • Security and Encryption: Protects communication between client and server.

  • Caching: Caches responses from the server to the client to improve performance.

  • Load Balancing: Distributes traffic across multiple servers to reduce load.

Load Balancing
  • L4 Load Balancing: Distributes traffic at the network layer.

  • L7 Load Balancing: Distributes traffic at the application layer.

Load Balancing Algorithms
  • Round Robin: Distributes requests sequentially across servers.

  • Weighted Round Robin: Distributes requests based on server weights.

  • IP Hashing: Distributes requests based on client IP hash.

  • Least Connections: Distributes requests to the server with the fewest active connections.

  • Least Response Time: Distributes requests to the server with the fastest response time.

PRACTICE

1. Server Setup

  • Run four virtual machines: VM1, VM2, VM3, VM4

  • VM1: HAProxy server

  • VM2, VM3, VM4: Apache server

2. Verify and Install Required Files

  • Start Virtual Machines

    • Start VM1, VM2, VM3, VM4
  • VM2, VM3, VM4: Verify and install Apache server

      systemctl status httpd
      yum -y install httpd
    
  • VM1: Verify and install HAProxy server

      yum -y install haproxy
      systemctl status haproxy
    
  • VM1, VM2, VM3, VM4: Configure Firewall

      firewall-cmd --list-all
      systemctl start firewalld
      firewall-cmd --add-service=http
      firewall-cmd --add-port=80/tcp --zone=public
      firewall-cmd --add-port=5000/tcp --zone=public
      firewall-cmd --reload
    

3. Start and Configure Apache Web Server

  • VM2, VM3, VM4: Start Apache web server

      systemctl start httpd
    
  • Write Server Identification Script

    • VM2

        vi /var/www/html/index.html
      
        <h1> Apache Server 01 </h1>
        <link href="style.css" rel="stylesheet" type="text/css" media="screen" />
      
    • VM3

        bash코드 복사vi /var/www/html/index.html
      
        <h1> Apache Server 02 </h1>
        <link href="style.css" rel="stylesheet" type="text/css" media="screen" />
      
    • VM4

        vi /var/www/html/style.css
      
        h1 { color: #471d4f; font-size: 300%; }
      
  • Restart Apache Servers

      bash코드 복사systemctl restart httpd
    

5. Configure HAProxy on Server 1

  • Edit HAProxy Configuration File

    • Configuration file location: /etc/haproxy/haproxy.cfg
    vi /etc/haproxy/haproxy.cfg
  • Default Section

      defaults
          log     global
          mode    http
          option  httplog
          option  dontlognull
          timeout connect 5000
          timeout client  50000
          timeout server  50000
          errorfile 400 /etc/haproxy/errors/400.http
          errorfile 403 /etc/haproxy/errors/403.http
          errorfile 408 /etc/haproxy/errors/408.http
          errorfile 500 /etc/haproxy/errors/500.http
          errorfile 502 /etc/haproxy/errors/502.http
          errorfile 503 /etc/haproxy/errors/503.http
          errorfile 504 /etc/haproxy/errors/504.http
    
  • Frontend Section

      frontend http_front
          bind *:5000
          default_backend http_back
    
  • Backend Section

      backend http_back
          balance roundrobin
          server server1 192.168.56.101:80 check
          server server2 192.168.56.102:80 check
          server server3 192.168.56.103:80 check
    
  • Restart HAProxy

      systemctl restart haproxy
    

6. Load Balancing Configuration (haproxy.cfg)

  • Frontend and Backend Configuration

      frontend main
          bind *:5000
          acl url_static path_beg /static /images /javascript /stylesheets
          acl url_static path_end .jpg .gif .png .css .js
          use_backend static if url_static
          default_backend app
    
      backend static
          balance roundrobin
          server static 192.168.56.103:80 check
    
      backend app
          balance roundrobin
          server server1 192.168.56.101:80 check
          server server2 192.168.56.102:80 check
    
  • Frontend Section:

    • *bind :5000: Accept connections on port 5000.

    • acl url_static path_beg /static /images /javascript /stylesheets: Match URL paths beginning with /static, /images, /javascript, /stylesheets.

    • acl url_static path_end .jpg .gif .png .css .js: Match URL paths ending with .jpg, .gif, .png, .css, .js.

    • use_backend static if url_static: Use the static backend if the url_static ACL matches.

    • default_backend app: Use the app backend by default.

  • Backend Section:

    • backend static:

      • balance roundrobin: Use round robin algorithm to distribute traffic.

      • server static 192.168.56.103:80 check: Use server at 192.168.56.103 with health checks.

    • backend app:

      • balance roundrobin: Use round robin algorithm to distribute traffic.

      • server server1 192.168.56.101:80 check: Use server at 192.168.56.101 with health checks.

      • server server2 192.168.56.102:80 check: Use server at 192.168.56.102 with health checks.

  • Restart HAProxy

      systemctl restart haproxy
    
  • Verify in Browser

    • Access http://192.168.0.119:5000

    • Observe round robin distribution by refreshing the page

7. Viewing HAProxy Logs

  • Open Port 9000

      firewall-cmd --add-port=9000/tcp --zone=public
      systemctl restart firewalld
    
  • Add Monitoring Configuration

      listen stats
          bind *:9000
          stats enable
          stats uri /
          stats auth admin:admin
    
  • Restart HAProxy

      systemctl restart haproxy
    
  • Check Logs

    • Access http://192.168.0.119:9000

8. Changing Load Balancing Algorithm

  • Change to leastconn Algorithm

      backend app
          balance leastconn
          server server1 192.168.56.101:80 check
          server server2 192.168.56.102:80 check
    
  • Restart HAProxy

      systemctl restart haproxy
    

9. Implementing L4 Load Balancing

  • Add Configuration

      frontend tcp_front
          bind *:80
          mode tcp
          default_backend tcp_back
    
      backend tcp_back
          balance roundrobin
          server server1 192.168.56.101:80 check
          server server2 192.168.56.102:80 check
    
  • Restart HAProxy

      systemctl restart haproxy
    
  • Result

    • Accessing http://192.168.0.119:80 will connect through the HAProxy server, even if the Apache server is not running on VM1.