HAProxy

Transcript

1. HAProxy   Goran Jurić ZgPHP Meetup 17th September, 2015  

2. •  The  Reliable,  High  Performance  TCP/HTTP   Load  Balancer • 

   V1.5  current  stable  release  

3. It allows you to   •  Distribute the load across

   several servers •  Failover to a backup server (HA) •  Take the server offline for maintenance •  Multiple load balancing algorithms •  Protect backend servers

4. TCP   •  Layer 4 proxy •  Load balance any

   TCP/IP traffic

5. HTTP proxy   •  Layer 7 proxy •  Redirect to

   a specific server based on different parameters (ACLs) •  Sticky sessions

6. Configuration   •  global •  default •  frontends •  backends

    

7. Example   frontend www! bind *:80! bind *:443 ssl crt

   /etc/ssl/private/your-cert.pem! redirect scheme https if !{ ssl_fc }! mode http! default_backend app-servers! ! backend app-servers! !mode http! !option forwardfor! !option httpchk GET /test-url! !cookie PHPSESSID prefix nocache! !server app1 <app1-server-ip>:80 check inter 12000 rise 3 fall 3 cookie app1! !server app2 <app2-server-ip>:80 check inter 12000 rise 3 fall 3 cookie app2!

8. ACLs   •  acl network_allowed src 20.30.40.50 20.30.40.40 ! • 

   acl restricted_page path_beg /admin ! •  acl restricted_page path_beg /helpdesk ! •  block if restricted_page !network_allowed! •  acl  is_blog  url_beg  /blog •  use_backend  some-other-backend  if  is_blog

9. Important   •  App servers sees haproxy IP – nginx:

10. SSL config   Mozilla  SSL  ConfiguraFon  Generator hHps://mozilla.github.io/server-­‐side-­‐tls/ssl-­‐config-­‐generator/

11. HA in HAProxy   •  What if the server running

    HAProxy fails? •  Floating IP address •  keepalived/heartbeat/pacemaker  

12. HA in HAProxy  

13. HA in your application   •  Session storage – Use a

    clustered session storage – Do not use sessions •  Clustered database •  Rolling deployments  

14. GUI  

15. HATop  

16. Why not nginx   •  General TCP load balancer • 

    Out of band health checks •  Admin interface to manage servers •  Powerful ACLs