HA Proxy Configuration

Panchayatseva

This document explains the load balancer configuration for the Panchayatseva project, detailing ACLs, backend settings, health checks, sticky sessions, timeouts, and monitoring.

ACL and Backend Selection

The following configuration defines Access Control Lists (ACLs) to route incoming requests to the appropriate backend servers based on the Host header:

  acl ACL_pssb_webservers hdr(host) -i sb.panchayatseva.com
  acl ACL_pssb_webservers hdr(host) -i app.sb.panchayatseva.com
  acl ACL_pssb_webservers hdr(host) -i api.sb.panchayatseva.com
  acl ACL_pssb_webservers hdr(host) -i apd.sb.panchayatseva.com
  use_backend pssb_webservers if ACL_pssb_webservers

ACL Definitions

  • ACL_pssb_webservers: Matches requests with the following hostnames:
    • sb.panchayatseva.com
    • app.sb.panchayatseva.com
    • api.sb.panchayatseva.com
    • apd.sb.panchayatseva.com

All domains here using the same Access Control List(ACL) means it does have single backend webserver.

Backend Routing

  • use_backend pssb_webservers if ACL_pssb_webservers: Routes requests matching ACL_pssb_webservers to the backend pssb_webservers.

This setup ensures that traffic is directed to the correct backend based on the requested domain, improving scalability and ensuring proper handling of traffic for different subdomains.

Backend Configuration

The load balancer manages the pool of web servers under the pssb_webservers backend. Below is a line-by-line explanation of the configuration:

backend pssb_webservers
  timeout queue 25s
  balance leastconn

  option httpchk
  http-check send meth GET uri /apm/mon/health
  http-check expect status 200
  timeout check 15s

  cookie pssblb insert indirect nocache
  stick-table type ip  size 1m expire 12h
  stick on cookie(pssbhz)
  option redispatch

  server pssb1avm001 172.21.0.61:8182 maxconn 5000 check inter 55s fall 3 rise 3 cookie pssb1avm001 observe layer4  error-limit 9  on-error mark-down
  server pssb1avm002 172.21.0.62:8182 maxconn 5000 check inter 55s fall 3 rise 3 cookie pssb1avm002 observe layer4  error-limit 9  on-error mark-down
  server pssb1abm003 172.21.0.63:8182 maxconn 5000 check inter 55s fall 3 rise 3 cookie pssb1abm003 observe layer4  error-limit 9  on-error mark-down
  server pssb1avm004 172.21.0.64:8182 maxconn 5000 check inter 55s fall 3 rise 3 cookie pssb1avm004 observe layer4  error-limit 9  on-error mark-down
  server pssb1avm005 172.21.0.65:8182 maxconn 5000 check inter 55s fall 3 rise 3 cookie pssb1avm005 observe layer4  error-limit 9  on-error mark-down

General Configuration

  • timeout queue 25s: Sets a maximum queue wait time of 25 seconds for client requests when all servers are busy.
  • balance leastconn: Routes traffic to the server with the least active connections, ensuring even distribution.

Health Check

  • Purpose: Monitors server health to ensure only operational servers handle traffic.
  • Key Directives:
    • option httpchk: Enables HTTP-based health checks.
    • http-check send meth GET uri /apm/mon/health: Sends a GET request to /apm/mon/health for health verification.
    • http-check expect status 200: Expects an HTTP 200 OK response from the health check API.
    • timeout check 15s: Configures a timeout of 15 seconds for receiving a health check response.

Sticky Sessions

  • Purpose: Maintains session persistence by ensuring that a client is routed to the same server across requests.
  • Key Directives:
    • cookie pssblb insert indirect nocache: Inserts a session cookie named pssblb in responses, ensuring stickiness, while preventing it from being cached.
    • stick-table type ip size 1m expire 12h: Tracks client-server mapping for up to 1 million IP addresses, expiring entries after 12 hours.
    • stick on cookie(pssbhz): Bases sticky session behavior on the pssbhz cookie.

Timeout Settings

  • Purpose: Avoids resource exhaustion by limiting operation durations.
  • Key Directives:
    • timeout queue 25s: Sets the maximum time a request waits in the queue.
    • timeout check 15s: Limits the time to receive a health check response.

Backend Servers

Each server in the backend is configured with the following parameters:

  • Example server configuration: 
    server pssb1avm001 172.21.0.61:8182 maxconn 5000 check inter 55s fall 3 rise 3 cookie pssb1avm001 observe layer4 error-limit 9 on-error mark-down
    • Server Name: pssb1avm001.
    • IP and Port: 172.21.0.61:8182.
    • maxconn 5000: Limits the maximum concurrent connections to 5000.
    • check inter 55s: Performs health checks at 55-second intervals.
    • fall 3 rise 3: Marks a server down after 3 consecutive failures and up after 3 consecutive successes.
    • cookie pssb1avm001: Assigns a unique cookie for sticky sessions.
    • observe layer4: Monitors TCP-level errors.
    • error-limit 9 and on-error mark-down: Marks the server as down if it exceeds 9 TCP errors.

Health Monitor API

The /apm/mon/health endpoint provides status codes to identify issues with the underlying stack components. These codes are returned during health checks:

  • MySQL: 520, 521, 522.
  • Cassandra: 526, 527, 528.
  • Hazelcast Cache: 531, 532, 533.
  • Redpanda: 536, 537, 538.
  • Gluster: 541, 542, 543.

These codes allow targeted diagnosis of the stack component causing issues.

Monitoring HAProxy Statistics

HAProxy statistics can be viewed at the following URL:

This dashboard provides real-time insights into load balancer performance and server health.

Summary

This load balancer configuration ensures:

  1. Efficient load distribution using the least connections algorithm.
  2. Reliable server health monitoring with HTTP checks.
  3. Session persistence using sticky sessions.
  4. Robust error handling and failover mechanisms.
  5. Detailed monitoring through the HAProxy stats dashboard.

This setup optimizes the availability and performance of the Panchayatseva application.

References