alConfidenti

APPLICATION LOAD BALANCING CLUSTER USING OPEN SOURCE

Suvra Roy , RHCA VCP CEHSystem Administrator, BRAC.

Md. Salahuddin Rony , RHCE MTCNASr. System Administrator, BRAC.

BDSYSADMIN (BDSAF)

Copyright BDSysadmin

WHY LOAD BALANCE?

Optimizing server utilization

- Queuing and throttling

Maximize availability

- No SPOF

Maximize throughput

- Distribute workload across a set of servers

Scalability

- Site traffic grows

- Add DB, Web servers to provide more

throughput

…

Copyright BDSysadmin

REQUIRED COMPONENTS

HAProxy

K e e p a l i v e d

N g i n x / A p a c h e

P H P - F P M

M Y S Q L / M A R I A D B

G a l e r a C l u s t e r

G l u s t e r F S / S h a r e d S t o r a g e

Copyright BDSysadmin

DEPLOYMENT SCENARIOS APACHE/NGINX

Copyright BDSysadmin

HAPROXY GLOBAL CONFIGURATION

Configuration file

- Sections; global, defaults, frontend, backend, listen

- /etc/haproxy/haproxy.cfg

Global (process wide)

globallog 127.0.0.1 local2chroot /var/lib/haproxypidfile /var/run/haproxy.pidmaxconn 40000user haproxygroup haproxydaemonstats socket /var/lib/haproxy/stats.sock mode 600 level adminstats timeout 2m

Copyright BDSysadmin

HAPROXY DEFAULT CONFIGURATION

Defaults Configuration :

defaults

mode tcp

log global

option dontlognull

option redispatch

retries 3

timeout queue 45s

timeout connect 5s

timeout client 1m

timeout server 1m

timeout check 10s

maxconn 400000

Copyright BDSysadmin

HAPROXY FRONTEND & BACKEND CONFIGURATION

l is ten (frontend + backend)

frontend haproxy2

bind 0.0.0.0:3306

sql_backend galera-cluster

backend galera-cluster

mode tcp

balance leastconn

option tcplog

option httpchk

option mysql-check user haproxy

server db01 192.168.0.5:33306 check

server db02 192.168.0.6:33306 check

server db03 192.168.0.7:33306 check

listen http_web 0.0.0.0:80

mode http

balance roundrobin

option httpchk

option forwardfor

cookie SERVERID insert indirect nocache

server server1 192.168.0.2:8080 check cookie server1

server server2 192.168.0.3:8080 check cookie server2

Copyright BDSysadmin

HAPROXY MONITORING & LISTEN CONFIGURATION

l is ten (stats ui)

listen haproxy-monitoring *:80

mode http

stats enable

stats show-legends

stats refresh 5s

stats uri /

stats realm Haproxy\ Statistics

stats auth monitoring:example

stats admin if TRUE

Copyright BDSysadmin

Session rate

- number of new connections per second

10

Sessions

- current number of sessions/connections

LastChk

- health check

Wght

- server weight

Copyright BDSysadmin

FAULT TOLERANCE FOR HAPROXY (CONT.)

keepalived configuration file

#/etc/keepalived/keepalived.conf

vrrp_script chk_haproxy {

-0 haproxy"script "killall

interval 2

weight 2

# verify the pid existence

# check every 2seconds

# adjust priority by this weight

}

vrrp_instance VI_1 {

interface eth0

state MASTER

virtual_router_id

priority 101

51 # ID for

# 101 on

# 100 on

this route

master

backup

# the virtual IP

virtual_ipaddress {

192.168.0.10

}

track_script {

chk_haproxy

}

}

Copyright BDSysadmin

HAPROXY PERFORMANCE TUNING

# reuse TIME-WAIT sockets

65023 # increase max num of ports

#Increase

# Maximal

the number of outstanding syn requests

number of timewait sockets

Flood Protection

Flood Protection

T C P tuning

#/etc/sysctl.conf

net.ipv4.ip_nonlocal_bind=1

net.ipv4.tcp_tw_reuse=1

net.ipv4.ip_local_port_range=1024

net.ipv4.tcp_max_syn_backlog=40000

net.ipv4.tcp_max_tw_buckets=400000

net.ipv4.tcp_max_orphans=60000

net.ipv4.tcp_max_syn_backlog=40000

net.ipv4.tcp_synack_retries=3

net.core.somaxconn=40000

net.ipv4.tcp_fin_timeout=5

# TCP SYN

# TCP SYN

#

#

burst connection rate

how long to keep sockets in FIN-WAIT-2

Copyright BDSysadmin

DEPLOYMENT SCENARIOS PHP-FPM

Copyright BDSysadmin

DEPLOYMENT SCENARIOS MYSQL /MARIADB

Copyright BDSysadmin

SUMMARY OF DEPLOYMENT

Copyright BDSysadmin

THANK YOU!

For more Information contact us

Email : suvraroy.eee@gmail.com

Email : rhcerony@gmail.com