Skip to main content

How to install HAProxy Load Balancer


https://www.linkedin.com/pulse/how-setup-high-availability-load-balancer-haproxy-web-ali-bin-akhtar

https://docs.rockylinux.org/guides/proxies/haproxy_apache_lxd/

https://www.redswitches.com/blog/haproxy-configuration/



 https://www.digitalocean.com/community/tutorials/how-to-use-haproxy-to-set-up-http-load-balancing-on-an-ubuntu-vps

https://docs.severalnines.com/docs/clustercontrol/user-guide-gui/


###################################################################

Only Haproxy install no need apache and other services.


apt update -y

apt upgrade -t

apt upgrade -y

hostnamectl

hostnamectl set-hostname loadbalancer.server.com

hostnamectl

apt show haproxy

apt install software-properties-common

add-apt-repository ppa:vbernat/haproxy-2.8

apt install gnupg gnupg-agent -y

add-apt-repository ppa:vbernat/haproxy-2.8

apt update -y

apt install haproxy

haproxy -v

cp -a /etc/haproxy/haproxy.cfg{,.orig}

nano /etc/haproxy/haproxy.cfg


#######START######

global

log /dev/log local0

log /dev/log local1 notice

chroot /var/lib/haproxy

stats socket /run/haproxy/admin.sock mode 660 level admin

stats timeout 30s

user haproxy

group haproxy

daemon


# Default SSL material locations

ca-base /etc/ssl/certs

crt-base /etc/ssl/private


# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate

        ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

        ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256

        ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets


defaults

log global

mode http

option httplog

option dontlognull

        timeout connect 5000

        timeout client  50000

        timeout server  50000

errorfile 400 /etc/haproxy/errors/400.http

errorfile 403 /etc/haproxy/errors/403.http

errorfile 408 /etc/haproxy/errors/408.http

errorfile 500 /etc/haproxy/errors/500.http

errorfile 502 /etc/haproxy/errors/502.http

errorfile 503 /etc/haproxy/errors/503.http

errorfile 504 /etc/haproxy/errors/504.http


frontend haproxy-main

    bind *:80

    option forwardfor  

    default_backend apache_webservers    


backend apache_webservers

    balance roundrobin

    server websvr1 192.168.1.10:80 check

    server websvr2 192.168.1.11:80 check

    server websvr3    192.168.1.12:80 check

    server websvr4    192.168.1.13:80 check

    server websvr5    192.168.1.14:80 check

    server websvr6    192.168.1.15:80 check

    server websvr7    192.168.1.16:80 check

    server websvr8    192.168.1.17:80 check

    server websvr9    192.168.1.18:80 check

###WEB SERVER IPs#####

listen stats

    bind :8800

    stats enable

    stats uri /

    stats hide-version

    stats auth admin:admin  #username:password for haproxy webui

    default_backend apache_webservers


###########END##################


systemctl restart haproxy

systemctl enable haproxy

systemctl status haproxy


Comments

Post a Comment

Popular posts from this blog

Vicidial Scratch installation Alma -9

Step 1 – Download the dependencies   hostnamectl set-hostname xxxxxx.xxxxx.xxx ### Use YOUR SubDomain vi /etc/hosts ##Change domain name for actual server ip (xxx.xxx.xxx.xxx   complete domain name    subdomain only) timedatectl set-timezone Asia/Kolkata yum check-update yum update -y yum -y install epel-release yum update -y yum install git -y yum install -y kernel* sudo dnf install kernel-devel-$(uname -r) -y #Disable SELINUX sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config     reboot Step 2 – Run the Script cd /usr/src/ git clone https://github.com/manish23k/vicidial-install-scripts cd vicidial-install-scripts ####For PHP 7.4 use this script. chmod +x alma-rocky9-ast16.sh ./alma-rocky9-ast16.sh Or the Asterisk 18 version: chmod +x alma-rocky9-ast18.sh ./alma-rocky9-ast18.sh ####For PHP 8 use this script. chmod +x main-installer-php8.sh ./main-installer-php8.sh
Post a Comment
Read more

How to delete old call logs and other logs in vicidial or goautodial.

Step 1 : SSH to the server using the Putty Step 2:   login to mysql by typing   mysql -p                    (if you dont know password try below command )               mysql -ucron -p1234 Step 3 : select the asterisk database by typing               use asterisk step 4: Run the below command to check total disk occupied by asterisk database                SELECT table_schema AS "asterisk", ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS "Size (MB)" FROM information_schema.TABLES GROUP BY table_schema; Step 5 : Run the below command to check disk space consumed by each table in asterisk database SELECT table_name AS "Table", ROUND(((data_length + index_length) / 1024 / 1024), 2) AS "Size (MB)" FROM information_schema.TABLES WHERE table_schema = "asterisk" ORDER BY (data_length + inde...
Post a Comment
Read more

Alma 9 Vicidial Selfsign Webrtc

I am going to provide step by step guide to integrate, enable and configure the viciphone(a webrtc phone) in vicidial (also applicable to any vicidial based system) using the Self Signed SSL Certificate ,ie without a public-ip and FQDN or accessing the vicidial with internal LAN IP. 1️⃣ Install OpenSSL (if not installed) sudo dnf install -y openssl 2️⃣ Generate a Private Key openssl genpkey -algorithm RSA -out selfsigned.key -pkeyopt rsa_keygen_bits:2048 3️⃣ Create a Certificate Signing Request (CSR) openssl req -new -key selfsigned.key -out selfsigned.csr It will prompt you for details like: Country Name (e.g., IN ) State or Province (e.g., Gujarat ) Locality (City) Organization Name Common Name (Domain, e.g., example.com or your server IP) Email Address You can use localhost or an IP address if needed. 4️⃣ Generate a Self-Signed Certificate openssl x509 -req -days 365 -in selfsigned.csr -signkey selfsigned.key -out selfsigned.crt -days 365 → Valid for 1 year (Adjust as needed) ...
Post a Comment
Read more