Introductory talk about HAProxy, given on September 17th 2015 at ZgPHP Meetup in net.culture club MaMa.
HAProxy Goran Jurić ZgPHP Meetup 17th September, 2015
View Slide
• The Reliable, High Performance TCP/HTTP Load Balancer • V1.5 current stable release
It allows you to • Distribute the load across severalservers • Failover to a backup server (HA) • Take the server offline for maintenance • Multiple load balancing algorithms • Protect backend servers
TCP • Layer 4 proxy • Load balance any TCP/IP traffic
HTTP proxy • Layer 7 proxy • Redirect to a specific server based ondifferent parameters (ACLs) • Sticky sessions
Configuration • global • default • frontends • backends
Example frontend www!bind *:80!bind *:443 ssl crt /etc/ssl/private/your-cert.pem!redirect scheme https if !{ ssl_fc }!mode http!default_backend app-servers!!backend app-servers!!mode http!!option forwardfor!!option httpchk GET /test-url!!cookie PHPSESSID prefix nocache!!server app1 :80 check inter 12000 rise 3 fall 3 cookie app1!!server app2 :80 check inter 12000 rise 3 fall 3 cookie app2!
ACLs • acl network_allowed src 20.30.40.50 20.30.40.40 !• acl restricted_page path_beg /admin !• acl restricted_page path_beg /helpdesk !• block if restricted_page !network_allowed!• acl is_blog url_beg /blog • use_backend some-other-backend if is_blog
Important • App servers sees haproxy IP – nginx:
SSL config Mozilla SSL ConfiguraFon Generator hHps://mozilla.github.io/server-‐side-‐tls/ssl-‐config-‐generator/
HA in HAProxy • What if the server running HAProxyfails? • Floating IP address • keepalived/heartbeat/pacemaker
HA in HAProxy
HA in your application • Session storage – Use a clustered session storage – Do not use sessions • Clustered database • Rolling deployments
GUI
HATop
Why not nginx • General TCP load balancer • Out of band health checks • Admin interface to manage servers • Powerful ACLs