Friday, 16 January 2015

HTTP Load Balancing - Getting started with HAProxy

In order to boost my familiarity with the use of HTTP load balancers, in preparation for an upcoming project where we'll be using Big IP F5 to balance load across multiple IBM BPM servers, I thought I'd invest some time on a free-to-use solution, HAProxy, which describes itself as "The Reliable, High Performance TCP/HTTP Load Balancer".

I'm running my servers on Red Hat Enterprise Linux 6.6, and thus haproxy is available as an RPM, installable thusly: -

yum install -y haproxy

which makes life easier.

There's not much to it, apart from the binary: -

ls -al `which haproxy`

-rwxr-xr-x 1 root root 394200 Jul 10  2013 /usr/sbin/haproxy

and a sample default configuration file: -


However, for now, I'm using a customised configuration file: -


# Simple configuration for an HTTP proxy listening on port 80 on all
    # interfaces and forwarding requests to a single backend "servers" with a
    # single server "server1" listening on
        maxconn 256

        mode http
        timeout connect 5000ms
        timeout client 50000ms
        timeout server 50000ms

    frontend http-in
        bind *:8100
        default_backend servers

    backend servers
balance roundrobin
        server server1 maxconn 32
server server2 maxconn 32

With this in place, I can start haproxy as follows: -

haproxy -f configuration.conf

and .... nothing obvious happens :-)

However, I do have a pair of IBM HTTP Server instances running, each with its own unique set of configuration files, logs and documents, separated thus: -



with an index.html file suitably edited to contain: -

Hello from IHS1


and: -

Hello from IHS2



When I hit the load balancer URL ( aka the service name/port ): -

I get: -

when I reload the page, I get: -

proving that haproxy is balancing load, via the round-robin mechanism.

Next step is to get haproxy to use a self-signed SSL certificate, terminating SSL there, before establishing a new SSL tunnel to IHS using a different self-signed certificate

But that's a job for later .....

Meantime, I have some light reading: -

This might also be useful when I get around to doing this with my own domain: -


No comments: