Month: August 2009

HAProxy Load Balancer

HAProxy Load Balancer

IT infra going day to day very critical and costly, So for that we need simple IP based load balancing solution that handles ssl traffic. Basically it’s very easy and secure way to manage your server load balancing.
This example will shows you how we use this with easy steps

The Configuration =
* Load Balancer:  <10.0.0.77>  // will be our haproxy server # This will listen on many ports that we will bind as per requirement
* Web Server 1: <10.0.1.209>  // web application server 1    #This will listen on tcp mode
* Web Server 2: <10.0.1.210>  // web application server 2   #This will listen on tcp mode
* Web Server 3: <10.0.1.227>  // web application server 3   #This will listen on http mode
* Admin Panel Port 8088: <10.0.0.77>  // Statistics Panel on port 8080  #This will listen on http mode

Get and Install haproxy
We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/

wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.19.tar.gz

tar xvzf haproxy-1.3.19.tar.gz

cd haproxy-1.3.19

make TARGET=linux26 ARCH=x86_64

make install

Now add user haproxy or what ever need to run config

[root@ravi.com ~]# useradd haproxy

cp /path/to/haproxy-1.3.19/examples/haproxy.init /etc/init.d/haproxy

chmod +x /etc/init.d/haproxy

create the /etc/haproxy folder and create haproxy.cfg config file in it.

mkdir /etc/haproxy

Now Please add your config file haproxy.cfg in /etc/haproxy

Configure /etc/haproxy/haproxy.cfg

#[root@app71 haproxy]# more haproxy.cfg
global
log 127.0.0.1   local0
log 127.0.0.1   local1 notice
#log loghost    local0 info
maxconn 25000    # count about 1 GB per 25000 connections
#debug
#quiet
user ravi
group ravi

defaults
log         global
mode        tcp
option      dontlognull
retries 3
option         redispatch
maxconn     20000
contimeout      5000
clitimeout      50000
srvtimeout      50000

#Configuration for www.ravi.com
listen VIP:www.ravi.com:10.0.0.77:80
bind            10.0.0.77:80    # or any other IP:port combination we listen to.
bind            10.0.0.77:443    # or any other IP:port combination we listen to.
mode            tcp
option          ssl-hello-chk
option          forwardfor    # set the client’s IP in X-Forwarded-For.
balance         roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server          app139:10.0.1.209:80 10.0.1.209 weight 1 maxconn 5000 check
server          app140:10.0.1.210:80 10.0.1.210 weight 1 maxconn 5000 check

listen VIP:www.ravi.com:10.0.0.77:8080
bind            10.0.0.77:8080    # or any other IP:port combination we listen to.
mode            http
option          forwardfor    # set the client’s IP in X-Forwarded-For.
balance         roundrobin
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
# you have to set server health check it it’s down it showing you on stat
# Set server weights normally it should be 1 for all
server          app127:10.0.1.227:8080 10.0.1.227 weight 1 maxconn 5000 check

# Enable the stats page on a dedicated port (8088). Monitoring request errors
# on the frontend will tell us how many potential attacks were blocked.
listen  ha_stats 10.0.0.77:8088
mode            http
stats enable
stats auth user:password ##Auth user pass

edit the /etc/sysctl.conf and add the end of file then run sysctl -p to load the setting

net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65023
net.ipv4.tcp_max_syn_backlog = 10240
net.ipv4.tcp_max_tw_buckets = 400000
net.core.somaxconn = 10000

start haproxy using (/etc/init.d/haproxy start or /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid)

Configuring logging

Edit /etc/sysconfig/syslog

1.SYSLOGD_OPTIONS=”-m 0 -r”

Edit /etc/syslog.conf. Add the following:

1.local0.* /var/log/haproxy/haproxy.log
2.local1.* /var/log/haproxy/haproxy-1.log

Restart Syslog

service syslog restart

Now check with

ps auxwww | grep haproxy

Thanks

Ravi

How to disable core(s) of CPU

How to disable core(s) of CPU

Introduction ~

The question is why we  need to disable few core of CPU? Sometime it is necessary to run certain applications, which are not compatible with multi core processing.  Disabling core will not affect physically your hardware. Linux OS will simply ignore the core(s) you selected to disable.

Steps 1] How to do it?

Debian/Ubuntu ~

root@laptop:/home/arunsb# cat /boot/grub/menu.lst

title        Ubuntu 9.04, kernel 2.6.28-11-generic
kernel        /vmlinuz-2.6.28-11-generic root=UUID=55d33e45-75c7-54sc-b204-97b44e1d6a39 ro quiet splash maxcpus=1
initrd        /initrd.img-2.6.28-11-generic

Redhat/Fedora based system ~

root@laptop:/home/arunsb# cat /boot/grub/grub.conf

title Red Hat Enterprise Linux ES (2.6.9-78.ELsmp)
root (hd0,4)
kernel /boot/vmlinuz-2.6.9-78.ELsmp ro root=LABEL=/    maxcpus=1
initrd /boot/initrd-2.6.9-78.ELsmp.img

Note ~ after changing grub config file please reboot the system to apply changes!

As shown above “maxcpus=1” indicates that Linux will use only one CPU core. you can change this value as per your requirement and hardware available.

You can  also change this value during  starting of system from GRUB menu but it is temporary setting. To make it permanent you need to modify the  grub.conf (Redhat/Fedora) or menu.lst (debian/Ubuntu) GRUB config file.

Step 2] How to verify ~

I have dual core CPU as shown below and I have disable 1 core so After reboot I should get only one CPU core active

** Before above setting!

root@laptop:/home/arunsb# cat /proc/cpuinfo   | grep processor
processor    : 0
processor    : 1
root@laptop:/home/arunsb#

* Verify after above setting ~

root@laptop:/home/arunsb# cat /proc/cpuinfo   | grep processor
processor       : 0

root@laptop:/home/arunsb#

* How to Disable CPU without Reboot?
root@arunb:~# echo 0 > /sys/devices/system/cpu/cpu1/online

* Confirm ?
root@arunb:~# cat /proc/cpuinfo | grep -i ‘Processor’
processor : 0
root@arunb:~#

Thank you,
Arun Bagul