Save Public IP addresses use HA Proxy for multiple hosted web apps

Sometimes you need to publish a bunch of web servers, but don't have enough public ip addresses to publish them with. Usually virtual hosts come to the rescue, but what if you have multiple instances of Apache, or just multiple web servers?

There is a way to redirect these requests by using only 1 public IP, and best yet, its completely free! (IN money, not time!)

DiagramHAPROXY.jpg

DiagramHAPROXY.jpg

What you will need: A distro of linux (I like CentOS) An available machine / be able to create a virtual machine

After installing your Base OS, your going to need to do some "wget" to get the source files to install.

First create a folder:

mkdir /installer cd /installer

Now its time to get the latest source package of HAProxy:

wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.15.tar.gz

Lets extract it by:

tar -xf haproxy-1.4.15.tar.gz

Now issue a:

make install

Lets copy haproxy to the sbin folder:

cp haproxy /usr/sbin/haproxy

Now lets go to the etc folder:

cd /etc

and make a new file called "haproxy.cfg" and enter this in the file:

nano haproxy.cfg

global maxconn 4096 # Total Max Connections. This is dependent on ulimit
daemon  
nbproc 4 # Number of processing cores. Dual Dual-core Opteron is 4 cores for example.
defaults
 mode http
 clitimeout 60000 
 srvtimeout 30000
 contimeout 4000
 option  httpclose # Disable Keepalive

frontend http-in
 bind *:80
 acl is_server1 hdr_end(host) -i server1.com
 acl is_server2 hdr_end(host) -i server2.com

use_backend server1 if is_server1
 use_backend server2 if is_server2

backend server1
   balance roundrobin
   cookie SERVERID insert nocache indirect
   option httpchk HEAD /check.txt HTTP/1.0
   option httpclose option forwardfor
   server Local 192.168.1.x:80 cookie Local

backend server2
   balance roundrobin
   cookie SERVERID insert nocache indirect
   option httpchk HEAD /check.txt HTTP/1.0
   option httpclose
   option forwardfor
   server Local 192.168.1.x:8080 cookie Local

A little bit about this config a little later.

Lets finish the install, lets get the launcher:

wget http://layer1.rack911.com/haproxy/haproxy.init -O /etc/init.d/haproxy Now finish the startup setup: chmod +x /etc/init.d/haproxy chkconfig --add haproxy chkconfig haproxy on

Now you can start and stop the service by running:

service haproxy stop service haproxy start So what about the config file? lets focus on a few section of importance:

The first section is the ACL section:

frontend http-in
bind *:80
 acl is_server1 hdr_end(host) -i server1.com
 acl is_server2 hdr_end(host) -i server2.com

use_backend server1 if is_server1
 use_backend server2 if is_server2

this is saying "Im creating this rule called 'is_server1' and in this rule, i want you to check the header information (hdr_end(host)) and see if it matches with server1.com" This same mentality is applied to server2.com

The second part is stating "redirect to backend server 'server1' if the rule 'is_server1' is true"

So far, so good, now lets take a look at the "backend" section of "server1":

backend server1
   balance roundrobin
   cookie SERVERID insert nocache indirect
   option httpchk HEAD /check.txt HTTP/1.0
   option httpclose option forwardfor
   server Local 192.168.1.x:80 cookie Local

In brief, what this is stating is "this is the configuration for server1, if you are accessing this section, please redirect to server 192.168.1.x:80"

So to add or remove servers in your configuration, all you need to do is add to these two sections the new configuration, and your all set.