https://serversforhackers.

com/load-balancing-with-haproxy
http://www.serverlab.ca/tutorials/linux/network-services/deploying-an-haproxy-load-balancer-on-centos-6/
Increase EIP

Ci v cu hnh haproxy t source

1. Ci haproxy t source
cd /opt
sudo tar xvzf haproxy-1.6.3.tar.gz
cd haproxy-1.6.3
sudo yum install gcc
sudo make TARGET=linux2628 ARCH=native
sudo make install
sudo cp /usr/local/sbin/haproxy /usr/sbin
sudo cp /opt/haproxy-1.6.3/examples/haproxy.init /etc/init.d/haproxy
sudo chmod 755 /etc/init.d/haproxy
sudo useradd --system haproxy
sudo mkdir /etc/haproxy
sudo mkdir /var/lib/haproxy
sudo vi /etc/haproxy/haproxy.cfg
sudo service haproxy start
2. Add Elastic IP vo node phative
Increase EIP
3. Cu hnh front-end v backend
http://cbonte.github.io/haproxy-dconv/configuration-1.7.html#7

global
log

127.0.0.1 local0

chroot
/var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user
haproxy
group
haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode
http
log
global
option
httplog
option
dontlognull
option http-server-close
option forwardfor
except 127.0.0.0/8
option
redispatch
retries
3
timeout http-request 10s
timeout queue
1m
timeout connect
10s
timeout client
1m
timeout server
1m
timeout http-keep-alive 10s
timeout check
10s
maxconn
3000
frontend http-in
bind *:80
mode http
acl url_pmrs hdr_dom(host) -m beg pmrsha.wellcare.vn
acl url_onemr hdr_dom(host) -m beg onemrha.wellcare.vn
#acl url_sms hdr_dom(host) -m beg smsha.wellcare.vn
use_backend pmrs_cluster if url_pmrs
use_backend onemr_cluster if url_onemr
#use_backend sms_cluster if url_sms
#default_backend log_cluster
backend pmrs_cluster
balance roundrobin
server node 172.11.20.6:8080 check
backend onemr_cluster
balance roundrobin
server node 172.11.20.9:8080 check
4. Cu hnh log cho haproxy:
http://sharadchhetri.com/2013/10/16/how-to-enable-logging-of-haproxy-in-rsyslog/

vi /etc/haproxy/haproxy.cfg
global
log 127.0.0.1

local0

vi /etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerRun 514
$template Haproxy,"%msg%\n"
local0.=info -/var/log/haproxy.log;Haproxy
local0.notice -/var/log/haproxy-status.log;Haproxy
### keep logs in localhost ##
local0.* ~

Restart rsyslog v haproxy nh phn 4 thy c 2 file /var/log/haproxy.log v

/var/log/haproxy-status.log. 2 file ny c ngha nh sau:

local0.=info -/var/log/haproxy.log defines the http log will be saved in

haproxy.log
local0.notice -/var/log/haproxy-status.log defines the Server status like
start,stop,restart,down,up etc. will be saved in haproxy-status.log
UDPServerRun 514 means opening UDP port no. 514 to listen haproxy
messages
5. Rotate log

/var/log/haproxy.log {
missingok
notifempty
sharedscripts
rotate 120
daily
compress
postrotate
reload rsyslog >/dev/null 2>&1 || true
endscript
}
6. Decode log

7. Troubleshoot:

sudo systemctl stop rsyslog

sudo systemctl start haproxy
sudo systemctl -l status haproxy
sudo service haproxy start
Ci hatop check statistics
wget http://hatop.googlecode.com/files/hatop-0.7.7.tar.gz
tar xvf hatop-0.7.7.tar.gz
cd hatop-0.7.7
install -m 755 bin/hatop /usr/local/bin
install -m 644 man/hatop.1 /usr/local/share/man/man1
gzip /usr/local/share/man/man1/hatop.1
Cu hnh s dng hatop:
vi /etc/haproxy/haproxy.cfg
stats socket /var/lib/haproxy/stats
Run hatop
sudo /usr/local/bin/hatop -s /var/lib/haproxy/stats
8. Cu hnh dns

pmrsha.wellcare.vn => 54.179.190.233

onemrha.wellcare.vn => 54.179.190.233
9. Ci haproxy high availability
haproxy and keepalived setup

report about keepalived

a. To thm 1 EC2 node: Nh chn launch more like this

b. Install keepalived

yum install gcc openssl-devel

tar xf keepalived-1.2.19.tar.gz
cd keepalived-1.2.19/
./configure
make && make install
cp keepalived/etc/init.d/keepalived.init /etc/init.d/keepalived
mkdir /etc/keepalived
c.

Config master (/etc/keepalived/keepalived.conf)

vrrp_script chk_haproxy {
script "pidof haproxy"
interval 2
}
vrrp_instance VI_1 {
debug 2
interface eth0
# interface to monitor
state MASTER
virtual_router_id 51
# Assign one ID for this route
priority 101
# 101 on master, 100 on backup
unicast_src_ip 172.11.1.13
# My IP
unicast_peer {
172.11.1.166
# peer IP
}

track_script {
chk_haproxy
}
notify_master /etc/keepalived/master.sh
}
d. Config slave (/etc/keepalived/keepalived.conf)

vrrp_script chk_haproxy {
script "pidof haproxy"
interval 2
}
vrrp_instance VI_1 {
debug 2
interface eth0
# interface to monitor
state BACKUP
virtual_router_id 51
# Assign one ID for this route
priority 100
# 101 on master, 100 on backup
unicast_src_ip 172.11.1.166
# My IP
unicast_peer {
172.11.1.13
# Peer IP
}
track_script {
chk_haproxy
}
notify_master /etc/keepalived/master.sh
}
e. script notify_master on MASTER node (/etc/keepalived/master.sh)

#!/bin/bash
EIP=52.74.1.170
INSTANCE_ID=i-2d3748a3
/usr/local/bin/aws ec2 disassociate-address --public-ip $EIP
/usr/local/bin/aws ec2 associate-address --public-ip $EIP --instance-id
$INSTANCE_ID
f.

script notify_master on SLAVE node (/etc/keepalived/master.sh)

#!/bin/bash
EIP=52.74.1.170x
INSTANCE_ID=i-5d6bf3d3
/usr/local/bin/aws ec2 disassociate-address --public-ip $EIP
/usr/local/bin/aws ec2 associate-address --public-ip $EIP --instance-id
$INSTANCE_ID

g. Make keepalived start

sudo cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

sudo ln -s /usr/local/sbin/keepalived /usr/sbin/keepalived
h. V keepalived.conf dng trng priority nn ch thng MASTER

v c priority cao hn mi c advertise sang thng BACKUP

172.11.1.13 > 172.11.1.166: vrrp 172.11.1.13 > 172.11.1.166: VRRPv2,
Advertisement, vrid 51, prio 101, authtype none, intvl 1s, length 16, addrs:
16:49:32.978595 IP (tos 0xc0, ttl 255, id 2100, offset 0, flags [none], proto
VRRP (112), length 36)
172.11.1.13 > 172.11.1.166: vrrp 172.11.1.13 > 172.11.1.166: VRRPv2,
Advertisement, vrid 51, prio 101, authtype none, intvl 1s, length 16, addrs:
16:49:33.979740 IP (tos 0xc0, ttl 255, id 2101, offset 0, flags [none], proto
VRRP (112), length 36)

Cu hnh chun
10. Add Elastic IP vo node phative
11. Cu hnh front-end v backend
http://cbonte.github.io/haproxy-dconv/configuration-1.7.html#7

frontend http-in
bind *:80
mode http
acl url_pmrs hdr_dom(host) -m beg pmrs.wellcare.vn
acl url_onemr hdr_dom(host) -m beg onemr.vn
acl url_sms hdr_dom(host) -m beg sms.wellcare.vn
use_backend pmrs_cluster if url_pmrs
use_backend onemr_cluster if url_onemr
use_backend sms_cluster if url_sms
default_backend log_cluster
backend pmrs_cluster
balance roundrobin
server node 172.11.20.6:8080 cookie A check
backend onemr_cluster
balance roundrobin
server node 172.11.20.9:8080 cookie A check
12. Haproxy with backend path
frontend http
#match url ending with /xxxxx/do-that
acl do-that path_end -i /app-2/do-that
use_backend server1 if do-that

backend server1
reqirep ^([^\ :]*)\ /app-2/(.*)
server server 168.192.X.X

\1\ /app-2-another-path/\2

frontend ft_def
bind :80
mode http
acl has_special_uri path_beg /my-foo
use_backend def if has_special_uri
default_backend def
backend def
mode http
option forwardfor
reqirep ^([^\ ]*\ )/my-foo(.*) \1/other-bar\2
server myserver othersite.com:8081
13. Restart haproxy:

/etc/init.d/haproxy restart
14. Front end

frontend webapp1
bind 172.30.0.30:80
mode http
acl url_forum
path_beg /forum
use_backend webapp1_forum if url_forum
default_backend webapp1-main
15.
16. Config elastic ip for haproxy:
17. Install haproxy
yum install haproxy
18. Config haproxy:
vi /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0
log 127.0.0.1 local1 debug
maxconn 45000 # Total Max Connections.
daemon
nbproc

1 # Number of processing cores.

defaults
timeout server 86400000

timeout connect 86400000

timeout client 86400000
timeout queue 1000s
# [HTTP Site Configuration]
listen http_web 192.168.10.10:80
mode http
balance roundrobin # Load Balancing algorithm
option httpchk
option forwardfor
server server1 192.168.10.100:80 weight 1 maxconn 512 check
server server2 192.168.10.101:80 weight 1 maxconn 512 check
# [HTTPS Site Configuration]
listen https_web 192.168.10.10:443
mode tcp
balance source# Load Balancing algorithm
reqadd X-Forwarded-Proto:\ http
server server1 192.168.10.100:443 weight 1 maxconn 512 check
server server2 192.168.10.101:443 weight 1 maxconn 512 check

19.