Haproxy basic setup on centos7

pawaan.v Uncategorized No Comments

I am using vagrant with libvirt provider to setup a round robin setup of haproxy,
A haproxy centos7 vm and to webservers running centos7

clone my git from https://github.com/pawaanv/cipher-setup/

$git clone https://github.com/pawaanv/cipher-setup/
Cloning into 'cipher-setup'...
remote: Counting objects: 89, done.
remote: Compressing objects: 100% (69/69), done.
remote: Total 89 (delta 36), reused 65 (delta 15), pack-reused 0
Unpacking objects: 100% (89/89), done.
Checking connectivity... done.

make a directory called haproxy and copy files bootstrap.sh Vagrantfile haproxy.sh to it.

$cat Vagrantfile 
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
#run always the ifup eth1 to activate the second private interface.
config.vm.provision "shell", inline: "ifup eth1", run: "always"  
#config.vm.provision :shell, path: "bootstrap.sh" 
config.vm.define :ha do |ha|
ha.vm.box = "centos/7"
ha.vm.box_check_update = false
ha.vm.network  "forwarded_port", guest: 80, host: 8080
ha.vm.network  "private_network", ip: "192.168.121.200"
ha.vm.hostname = "ha.vagrant.box"
ha.vm.provision :shell, path: "haproxy.sh"
  # config.vm.network "public_network"
  # config.vm.synced_folder "../data", "/vagrant_data"
config.vm.provider :libvirt do |libvirt|
	  libvirt.uri = "qemu:///system"
          libvirt.connect_via_ssh = false     # also needed
          libvirt.username = "root"
          libvirt.storage_pool_name = "default"
          libvirt.memory = "420"
          libvirt.driver = "kvm"
end 
end


     config.vm.define :one do |one|
     one.vm.box = "centos/7"
     one.vm.box_check_update = false
     one.vm.network   "forwarded_port", guest: 80, host: 8081
     one.vm.network  "private_network", ip: "192.168.121.201"
     one.vm.hostname = "one.vagrant.box"
   one.vm.provision :shell, path: "bootstrap.sh"
   config.vm.provider :libvirt do |libvirt|
	  libvirt.uri = "qemu:///system"
          libvirt.connect_via_ssh = false     # also needed
          libvirt.username = "root"
          libvirt.storage_pool_name = "default"
          libvirt.memory = "420"
          libvirt.driver = "kvm"
end 
end 
     config.vm.define :two do |two|
     two.vm.box = "centos/7"
     two.vm.box_check_update = false
     two.vm.network   "forwarded_port", guest: 80, host: 8082
     two.vm.network  "private_network", ip: "192.168.121.202"
     two.vm.hostname = "two.vagrant.box"
   two.vm.provision :shell, path: "bootstrap.sh"
   config.vm.provider :libvirt do |libvirt|
	  libvirt.uri = "qemu:///system"
          libvirt.connect_via_ssh = false     # also needed
          libvirt.username = "root"
          libvirt.storage_pool_name = "default"
          libvirt.memory = "420"
          libvirt.driver = "kvm"
end 
end
end

#post install script for installing httpd 

$ cat bootstrap.sh
#!/bin/bash 
echo "setting apache server on vm's"
sleep 3
yum install httpd -y 
systemctl start httpd 
systemctl enable httpd 
firewall-cmd --add-service=http --permanent 
firewall-cmd --reload 
echo "$HOSTNAME" >> /var/www/html/index.html

#postinstall script to install and enable haproxy 

$cat haproxy.sh
#!/bin/bash 


if [ ! -e  /etc/haproxy/haproxy.cfg ]
then 
echo "installing ha proxy "
sleep 5 
yum -y install haproxy
systemctl start haproxy
systemctl enable haproxy
cp /etc/haproxy/haproxy.cfg{,-bkp}
cat > /etc/haproxy/haproxy.cfg <<EOD
global
        log 127.0.0.1   local0
        log 127.0.0.1   local1 debug
        maxconn   45000 # Total Max Connections.
        daemon
        nbproc      1 # Number of processing cores.
defaults
        timeout server 86400000
        timeout connect 86400000
        timeout client 86400000
        timeout queue   1000s
frontend http-in
    bind *:80
        default_backend    backend_servers
	    option             forwardfor

backend backend_servers
    balance            roundrobin
    server             www01 192.168.121.201:80 check
    server             www02 192.168.121.202:80 check

EOD
systemctl restart haproxy
else
ehco "haproxy is already installed"
fi 


$vagrant ssh ha 
[vagrant@ha ~]$ hostname
ha.vagrant.box
[vagrant@ha ~]$ exit
logout
Connection to 192.168.121.250 closed.

$vagrant ssh one
[vagrant@one ~]$ hostname
one.vagrant.box
[vagrant@one ~]$ exit
logout
Connection to 192.168.121.35 closed.


$vagrant ssh two
[vagrant@two ~]$ hostname
two.vagrant.box
[vagrant@two ~]$ exit
logout
Connection to 192.168.121.42 closed.

Testing the haproxy setup

192.168.121.202 two.vagrant.box //webserver two
192.168.121.200 ha.vagrant.box //ha proxy machine
192.168.121.201 one.vagrant.box //webserver one 

$vagrant ssh ha 
Last login: Tue Mar 27 11:37:07 2018 from 192.168.121.1


[vagrant@ha ~]$ sudo systemctl status haproxy 
● haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2018-03-27 11:25:41 UTC; 11min ago
 Main PID: 3361 (haproxy-systemd)
   CGroup: /system.slice/haproxy.service
           ├─3361 /usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
           ├─3362 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds
           └─3363 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds

Mar 27 11:25:41 ha.vagrant.box systemd[1]: Started HAProxy Load Balancer.
Mar 27 11:25:41 ha.vagrant.box systemd[1]: Starting HAProxy Load Balancer...
Mar 27 11:25:41 ha.vagrant.box haproxy-systemd-wrapper[3361]: haproxy-systemd-wrapper: executing /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds
Mar 27 11:25:41 ha.vagrant.box haproxy-systemd-wrapper[3361]: [WARNING] 085/112541 (3362) : config : 'option forwardfor' ignored for frontend 'http-in' as it requires HTTP mode.

$vagrant ssh one
Last login: Tue Mar 27 11:29:41 2018 from 192.168.121.1

$ vagrant ssh two 
Last login: Tue Mar 27 11:29:53 2018 from 192.168.121.1
[vagrant@two ~]$ sudo systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2018-03-27 11:25:46 UTC; 13min ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 3350 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           ├─3350 /usr/sbin/httpd -DFOREGROUND
           ├─3351 /usr/sbin/httpd -DFOREGROUND
           ├─3352 /usr/sbin/httpd -DFOREGROUND
           ├─3354 /usr/sbin/httpd -DFOREGROUND
           ├─3355 /usr/sbin/httpd -DFOREGROUND
           └─3356 /usr/sbin/httpd -DFOREGROUND

Mar 27 11:25:45 two.vagrant.box systemd[1]: Starting The Apache HTTP Server...
Mar 27 11:25:46 two.vagrant.box systemd[1]: Started The Apache HTTP Server.
[vagrant@two ~]$

lets check the if the load balancing from curl 

$curl ha.vagrant.box
two.vagrant.box 

$curl ha.vagrant.box
one.vagrant.box

#since the setup is running in round round robin this output is correct.

When i access server ip directly they load respective content 

$curl two.vagrant.box
two.vagrant.box

$curl one.vagrant.box
one.vagrant.box