Friday, May 14, 2010

Setting Up A High-Availability Load Balancer(With Failover and Session Support) With HAProxy/Keepalived

As you know,We any solution for load load blancer in Linux as:

Pfsense: support layer 4(can't deploy with system need Login)

Pen is a very simple load balancer for TCP protocols. It supports source IP-based persistence for up to 2048 clients. Supports IP-based ACLs. Uses select() and supports higher loads than Pound but will not scale very well to thousands of simultaneous connections.

Pound can be seen as a complement to HAProxy. It supports SSL, and can direct traffic according to the requested URL. Its code is very small and will stay small for easy auditing. Its configuration file is very small too. However, it does not support persistence, and the performance associated to its multi-threaded model limits its usage to medium sites only.

Beside We can use Linux Virtual Servers (LVS),Pure Load Balancer (PLB)But with load balance support layer 7 But with me HAproxy best choice.HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer 7 processing. Supporting tens of thousands of connections is clearly realistic with todays hardware. Its mode of operation makes its integration into existing architectures very easy and riskless, while still offering the possibility not to expose fragile web servers to the Net.


For this howto I set up four Centos systems (minimal installation without gui etc.) with the following configuration:

Load Balancer 1

IP: and Shared IP:

Load Balancer 2

IP: Shared IP:

Web Server 1


Web Server 2


1/Intall Haproxy and keepalived

You can install from source but for easier you need install rpm packet(if you need lastest rpm packet of HAPROXY(version 1.4.5) and Keepalived(version 1.1.20) .Please contact me with will give it to you

2/Edit /etc/haproxy/haproxy.cfg in both load balancer server as following:

log local2
chroot /var/lib/haproxy
pidfile /var/run/
maxconn 4000
user haproxy
group haproxy

mode http
log global
option dontlognull
option httpclose
option httplog
option forwardfor
option redispatch
timeout connect 10000 # default 10 second time out if a backend is not found
timeout client 300000
timeout server 300000
maxconn 60000
retries 3

listen webfarm
mode http
stats enable
stats auth test:123
#balance roundrobin
balance source
cookie JSESSIONID prefix
#balance source
#cookie SERVERID insert indirect
option httpclose
option forwardfor
option httpchk HEAD /check.txt HTTP/1.0
server web1 cookie A check
server web2 cookie B check

3/Configure Keepalived

As this Document I use keepalived for HA(beside you can use heartbeat and VRRP for cluster)

edit /etc/keepalived/keepalived.conf in both load balance(only change priority 101 on master, 100 on backup)

vrrp_script chk_haproxy { # Requires keepalived-1.1.13
script "killall -0 haproxy" # cheaper than pidof
interval 2 # check every 2 seconds
weight 2 # add 2 points of prio if OK

vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 51
priority 101 # 101 on master, 100 on backup
virtual_ipaddress {
track_script {

4/Edit /etc/sysctl.conf in both load balance

# Allow HAProxy shared IP
net.ipv4.ip_nonlocal_bind = 1


I setup 2 webmail roundcube for test this haproxy

a/Login webmail and check log

b/Stop LB1 and check log in Load balance 2

c/Check status HAPROXY with URL:


No comments:

Post a Comment