So bit of a weird one this. I'm trying to get Seesaw Load balancer working on VMware workstation as a test before I look to utilise it at work. Everything is being built in Ubuntu 18.04.4 So far I've built two web with apache2 as a backend to balance between and I've built one VM to load Seesaw on. I've done the initial install and build from various sources online but I'm really struggling to get my head around the config side. I'm afraid I have very little Linux experience and even less network knowledge Roughly in my head I believe it should look a but like this: I'm expecting to have some form of Virtual IP which clients connect to, this could then be setup as an A record in DNS for me to hit as my website FQDN. In the background LB1 & LB2 would be a HA pair so say LB1 is the active node, it would load balance request between WEB1 and WEB2. If the HA is failed over to LB2, it takes over the active role and load balances between WEB1 and WEB2. Now presuming I have that scenario right, I've just no idea how to config it within Seesaw and what little documentation is available I'm struggling to understand.
Cheers, I'll take a look at that one and see if its suitable. We've been recommended Seesaw by the 3rd party as they've used it before and said good things but I'll admit as an admin I'm more Windows and powershell than Linux and network There does seem to be a lot more guides out there for haproxy with keepalived. Do you know if it will handle multiple floating IP's / multiple load destinations with only the 2 nodes? I'm looking at it for a specific reason right now but we might look to expand other systems onto it as an alternative to DNS based load balancing.
Keepalived handles virtual IPs, has a few application layer features but not many. However, paired with haproxy, haproxy is silly powerful, load balancing, active / passive, based in session, load, connections, etc. Let me know specifically what you need and I can help you, got a lot of haproxy and keepalived baggage. I'd also consider nginx instead of apache.
100% this, from a load balancing perspective I have yet to find something haproxy cannot do. Likewise if you need help do ask
Cheers guys, I might just take you up on that. the use of web servers in this instance is just to allow a simple proof of concept on my personal machine as spinning up a couple Ubuntu web severs with Apache takes only a minutes. The actual real world use for this is to load balance Smoothwall web filtering nodes (I think there is 3 - I don’t really have much to do with them and I’ve ended up involved as the guy looking at it has even less Linux experience then me). i figures I could get away with learning the concepts with 2 LB servers and 2 web servers then apply that to whatever they chuck at me at work next week. mid the theory behind configuration the same regardless of what service is being load balanced in the backend or would the approach for web servers be different to say the Smoothwall filters?
Thanks guys, quick update on this so I've had a quick go with haproxy & keepalived, with 4 VM's (two LB and two Web) all working well it would seem. I can take down a LB note and confirm traffic still round robin's between the two web server. I can take down a web server and the webpage still loads from a single web node without any not found errors so I'd say so far, so good. It would seem to HAproxy status page allows me to drain/maintain each backend server (web in this case) but I can't seem to find anything which give me status of the actual HA LB itself. From the status page it shows the host name of the HA node I'm connected to so it theory I'd guess if I'm on node HAProxy2, then HAProxy1 is down and its failed over to HAProxy2 as the master. Is there a web gui or anything which give the status for the HA cluster? I've set the weights so that if HAProxy1 comes back then it takes back the master status but a view would be very hand as the team don't really have much Linux experience between them. I think the next thing will be speaking to Smoothwall to see if this setup is compatible with the web filter servers (I'm not sure but I think we have 2 maybe 3).
frontend stats bind *:8404 stats enable stats uri /stats stats refresh 10s stats admin if LOCALHOST stats Auth userassword
Cheers for those yuusou, I've already got the same sort of stuff as a listen section in my config which give me access to info about my backend config, which servers are 'checking' ok, option to drain/maintain etc. I was hoping I might get something similar for my LB servers so something like which is the current master, option to failover - things of that nature. Otherwise everything seems to be working nicely so far. I've setup 2 website served on different ports and setup ACL rules for which backend group each is presented. I think later in the week I might have a go at doing some things with SSL if I can get a LetsEncrypt cert at home to play with.
Personally I would take a look at some kind of configuration management to deal with this as well once you know what you want
Deathtaker, can you share a few more details on what your thinking? I’m not sure sure what you mean by configuration management.
Summary is something like this article, https://www.chef.io/configuration-management/ Normal tools would be Chef (Which I use), Ansible, Puppet or Salt Stack. It turns your configuration file into code so it can be deployed to different environments different usages and is known to work (no manual changes etc)
Hi, Any advise on using haproxy with Smoothwall web proxy? I believe I need to tweak things so that the Smoothwall boxes see the client IP address (I think lol, not 100% that’s the issue but I need to right source IP for auditing)
