search string side menu

ELMA365 On-Premises > Prepare infrastructure > Load balancer / High availability HAProxy

High availability HAProxy

HAProxy is a high availability and load balancing tool. In the ELMA365 system architecture, HAProxy is utilized to construct a fault-tolerant design when organizing a high-availability ELMA365 cluster. Depending on the architecture being set up, the necessary HAProxy configuration is chosen. This article outlines the installation of HAProxy and keepalived for Ubuntu Linux 20.04 and 22.04.

Installation consists of six steps:

  1. Prepare nodes (servers).
  2. Install HAProxy.
  3. Install keepalived.
  4. Configure keepalived.
  5. Basic HAProxy configuration.
  6. Add configurations for ELMA365 components balancing.

Step 1: Prepare nodes (servers)

  1. Create two nodes (servers) with sequentially numbered host name:
  • haproxy-server1.your_domain, 192.168.1.1;
  • haproxy-server2.your_domain, 192.168.1.2.
  1. Create mappings for host names in the DNS server and add the corresponding A/AAAA record for the virtual IP haproxy-server.your_domain <-> 192.168.1.13.

If not possible, add the necessary records in /etc/hosts.

  1. Enable net.ipv4.ip_nonlocal_bind, net.ipv4.ip_forward kernel parameters by executing the following commands:

sudo echo net.ipv4.ip_nonlocal_bind=1 >> /etc/sysctl.conf
sudo echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
sudo sysctl -p

Step 2: Install HAProxy

  1. Install HAProxy on all nodes with the command:

sudo apt install haproxy -y

  1. Start the HAProxy service on all nodes and add it to autostart:

sudo systemctl enable --now haproxy

Step 3: Install keepalived

Install keepalived on all nodes:

sudo apt update
sudo apt install keepalived

Step 4: Configure keepalived

  1. Create the keepalived directory:

sudo mkdir -p /usr/libexec/keepalived

  1. Create the haproxy_check.sh script file for monitoring the HAProxy health:

sudo nano /usr/libexec/keepalived/haproxy_check.sh

  1. Add the health check script to the haproxy_check.sh file:

#!/bin/bash
/bin/kill -0 $(cat /var/run/haproxy.pid)

  1. Create the keepalived configuration file on each node:

sudo nano /etc/keepalived/keepalived.conf

  1. Add an example keepalived configuration for the haproxy-server1.your_domain node to the keepalived.conf file keepalived.conf:

global_defs {
  router_id haproxy-server1
  enable_script_security
  script_user root
}
 
vrrp_script haproxy_check {
  script "/usr/libexec/keepalived/haproxy_check.sh"
  interval 2
  weight 2
}
 
vrrp_instance VI_1 {
  interface eth0
  virtual_router_id 101
  priority 100
  advert_int 2
  state MASTER
  virtual_ipaddress {
    192.168.1.13
  }
  track_script {
    haproxy_check
  }
  authentication {
    auth_type PASS
    auth_pass SecretPassword
  }
}

  1. Add an example keepalived configuration for the haproxy-server2.your_domain node to the keepalived.conf file keepalived.conf:

global_defs {
  router_id haproxy-server2
  enable_script_security
  script_user root
}
 
vrrp_script haproxy_check {
  script "/usr/libexec/keepalived/haproxy_check.sh"
  interval 2
  weight 2
}
 
vrrp_instance VI_1 {
  interface eth0
  virtual_router_id 101
  priority 90
  advert_int 2
  state BACKUP
  virtual_ipaddress {
    192.168.1.13
  }
  track_script {
    haproxy_check
  }
  authentication {
    auth_type PASS
    auth_pass SecretPassword
  }
}

Where:

  • router_id is the router ID, a unique value on each node;
  • script_user is the user running VRRP scripts;
  • interface is the interface name to which keepalived will be attached;
  • virtual_router_id is the virtual router ID, a shared value on all nodes;
  • priority is the priority of nodes within the virtual route;
  • state is the node role type in the virtual router;
  • virtual_ipaddress is the virtual IP;
  • auth_type is the authentication type in the virtual router;
  • auth_pass is the password.
  1. Restart keepalived on all nodes:

sudo systemctl restart keepalived

Step 5: Basic HAProxy configuration

  1. Move the default configuration file:

sudo mv /etc/haproxy/haproxy.cfg{,.original}

  1. Create and open a new configuration file for editing:

sudo nano /etc/haproxy/haproxy.cfg

Example of basic HAProxy configuration for the haproxy.cfg file

Basic configuration section describes the parameters of the HAProxy server operation: operating mode, timeouts, connection count, enabling the web interface, etc.

The example provides the necessary configuration for the HAProxy server operation. For more details on the used parameters, refer to the official HAProxy Documentation.

global
    maxconn 100000
    log /dev/log local0
    log /dev/log local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
    stats timeout 30s
    user haproxy
    group haproxy
    daemon
 
 
 
defaults
    mode tcp
    log global
    retries 2
    timeout queue 5s
    timeout connect 5s
    timeout client 60m
    timeout server 60m
    timeout check 15s
 
 
 
listen stats
    mode http
    bind haproxy-server.your_domain:7000
    stats enable
    stats uri /
 
 
 
### Web ELMA365 ###
 
### Web ELMA365 ###
 
 
 
### PostgreSQL ###
 
### PostgreSQL ###
 
 
 
### RabbitMQ ###
 
### RabbitMQ ###
 
 
 
### S3 MinIO ###
 
### S3 MinIO ###
 
 
 
### Docs Server ###
 
### Docs Server ###
  1. Restart HAProxy:

sudo systemctl restart haproxy

Step 6: Add configurations for ELMA365 components balancing

ELMA365 component configurations are added to the haproxy.cfg file as needed.

Depending on the architecture being set up, add configurations:

haproxy-load-balance.html haproxy-postgresql.html

Found a typo? Highlight the text, press ctrl + enter and notify us