Implementing HTTP Load Balancer Using HAProxy on AWS

Overview

HAProxy (High Availability Proxy) is an open source, fast, and reliable solution that provides load balancer and reverse proxy features for TCP- and HTTP-based applications. HAProxy load balancer handles heavy load traffic and reroutes requests seamlessly across multiple servers.

HAProxy also supports the following features:

• Layer 4 (TCP) and Layer 7 (HTTP) load balancing.
• URL rewriting.
• Health checks.
• Proxying protocols.
• HTTP message logging.
• Rate limiting.
• SSL/TLS termination.
• Gzip compression.

Similarly, AWS ELB (Elastic Load Balancer) is well suited for the load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers.

But there may be times when you don't want to use a load balancer provided by AWS. For instance:

• You prefer an open source solution.
• You want more control over load balancer management and security.
• There are pricing constraints.

So, in this tutorial, we will learn how to implement a Layer 7 HTTP load balancer using HAProxy.

High Level Design 

HAProxy aims to optimize resource usage, maximize throughput, minimize response time, and avoid overloading any single resource. It is available to install on many Linux distributions like CentOS 8, Debian 8, and Ubuntu 16. 

For this tutorial, we will use AWS EC2 (t2 micro) Linux instances.

Instructions

Step 1: As depicted in the high-level design above, create two EC2 instances for Server 1 and Server 2 and configure Apache httpd web servers, respectively, that answer all incoming requests automatically.

Note: Make sure to create two or more instances.

Step 2: Install an httpd web server on Server 1.

Verify that it installed successfully.

Step 3: Configure and run httpd on Server 1 using the commands below:

1. Use the  systemctl tool to start the Apache service: systemctl start httpd 
2. Enable the service to start automatically when booted up: systemctl enable httpd.service  
3. Update index.html: echo "Hello from Server 1" > /var/www/html/index.html
4. Run a curl command to test the response: curl localhost:80

Your output should be: Hello from Server 1

Step 4: Repeat Steps 2-3 for Server 2. Make sure to update Server 2's index.html file with a different message. e.g. "Hello from Server 2," so that when you run a curl command the different message will be displayed.

Example:

#Update index.html 

echo "Hello from Server 2" > /var/www/html/index.html

#Run curl command to test response

curl localhost:80

Your output should be: Hello from Server 2

Step 5: Create an AWS EC2 Linux Instance to install HAProxy and run it as a load balancer. Since this is a dedicated load balancer server, I prefer to use a t2.macro instance.

Verify the version:

Step 6: Install HAProxy.

xxxxxxxxxx

#yum install haproxy

Step 7: Configure the front-end value in the configuration file. 

xxxxxxxxxx

file location : /etc/haproxy/haproxy.cfg

add below line in backedn server

default_backend be_app 

Step 8: Create a backend application pointing to Server 1 and Server 2 . 

xxxxxxxxxx

server ser1 ec2-3-138-190-247.us-east-2.compute.amazonaws.com:80 check 

server ser2 ec2-3-21-230-90.us-east-2.compute.amazonaws.com:80 check

Note: In the real world, I'd use an elastic IP so that the IP address value would not change.

Step 9: Start an haproxy server using the following command:

#systemctl start haprpxy

Now run the following curl command: 

 #curl localhost

Check the log using the command tail -f /var/log/messages

We get a 503 service unavailable message. This means that the load balancer is not able to connect to the backend servers. So now we need to open a firewall to accept requests routed from the load balancer's server.

Step 10: Allow inbound traffic on Server 1 and Server 2.

Update the inbound security rule in your EC2 instance. Allow requests on port 80. Make sure to add only load balancer security groups in source. 

You can also create your own subnet to manage and customize end-to-end traffic. I suggest you refer to HAProxy on AWS Best practice. For this tutorial, we will use the AWS default security group.

Step 11: Stop the firewall service on both Server 1 and Server 2.

#systemctl stop firewalld.service 

Step 12: Now run the curl command on the load balancer server. 

#curl localhost 

Now the response is returned from Server 1 and Server 2, respectively. By default, the round-robin method is used. See the log below:

Conclusion

This tutorial is intended to introduce you to an important open source load balancer solution (HAProxy) and also help you understand key configurations. I hope you find this helpful!