Author Photo

Ahmer's SysAdmin Recipes is a blog for Linux System Administrators. This blog provides recipes for Installation & Configuration of Linux, Ubuntu, Oracle Database, MySQL, Apache, Nginx, Oracle Cloud Control, FreeIPA, Kerberos & OpenLDAP, Subversion, PXE, DevOps, etc. over Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu and Windows.

Please give me your feedback and help me improve this blog. Please let me know If you want me to write on a specific topic.

Tuesday, 15 January 2019

Configure Apache as HTTP Load Balancer on CentOS 7

Configure-Apache-as-HTTP-Load-Balancer-on-CentOS-7Apache HTTP Server, usually called as Apache, is the most popular web server over the Internet. Apache is free and open-source. Apache is developed and maintained by open-source community at Apache Software Foundation. Apache is loaded with so many features, and additionals features can be added to Apache using the Apache modules.

Besides web server, Apache can also be configured as a Reverse Proxy to create a load balancing cluster of two or more web servers. This functionality can be added to Apache via mod_proxy module. Apache HTTP Server can be used to configure load balancers, hot-spares, hot-standby and failover nodes.

In this article, we will configure Apache as a reverse proxy and an HTTP load balancer on CentOS 7 server.

 

System Specification:

In this article, we are using three virtual machines. Two VMs to deploy and run two websites and One VM to configure as the reverse proxy and HTTP load balancer.

Hostname web-01.example.com web-02.example.com proxy-01.example.com
IP Address 192.168.116.51/24 192.168.116.52/24 192.168.116.53/24
Operating System CentOS 7.6 CentOS 7.6 CentOS 7.6

We have already configured web-01.example.com and web-02.example.com as the web servers and hosted a simple and distinct webpage on both servers.

Web-01-Home-PageWeb-02-Home-Page

Now, we will configure the proxy-01.example.com as the load balancer using mod_proxy and Apache HTTP server.

 

Install Apache HTTP Server:

Connect to proxy-01.example.com as root user.

Install Apache HTTP Server using yum command.

[root@proxy-01 ~]# yum install -y httpd Loaded plugins: fastestmirror Determining fastest mirrors * base: mirrors.ges.net.pk * extras: mirrors.ges.net.pk * updates: mirrors.ges.net.pk base | 3.6 kB 00:00 extras | 3.4 kB 00:00 updates | 3.4 kB 00:00 updates/7/x86_64/primary_db | 1.3 MB 00:03 Resolving Dependencies --> Running transaction check ---> Package httpd.x86_64 0:2.4.6-88.el7.centos will be installed --> Processing Dependency: httpd-tools = 2.4.6-88.el7.centos for package: httpd-2.4.6-88.el7.centos.x86_64 --> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-88.el7.centos.x86_64 --> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-88.el7.centos.x86_64 --> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-88.el7.centos.x86_64 --> Running transaction check ---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed ---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed ---> Package httpd-tools.x86_64 0:2.4.6-88.el7.centos will be installed ---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: httpd x86_64 2.4.6-88.el7.centos base 2.7 M Installing for dependencies: apr x86_64 1.4.8-3.el7_4.1 base 103 k apr-util x86_64 1.5.2-6.el7 base 92 k httpd-tools x86_64 2.4.6-88.el7.centos base 90 k mailcap noarch 2.1.41-2.el7 base 31 k Transaction Summary ================================================================================ Install 1 Package (+4 Dependent packages) Total download size: 3.0 M Installed size: 10 M Downloading packages: (1/5): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:01 (2/5): apr-1.4.8-3.el7_4.1.x86_64.rpm | 103 kB 00:02 (3/5): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:02 (4/5): httpd-tools-2.4.6-88.el7.centos.x86_64.rpm | 90 kB 00:03 (5/5): httpd-2.4.6-88.el7.centos.x86_64.rpm | 2.7 MB 00:08 -------------------------------------------------------------------------------- Total 378 kB/s | 3.0 MB 00:08 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 Installing : apr-util-1.5.2-6.el7.x86_64 2/5 Installing : httpd-tools-2.4.6-88.el7.centos.x86_64 3/5 Installing : mailcap-2.1.41-2.el7.noarch 4/5 Installing : httpd-2.4.6-88.el7.centos.x86_64 5/5 Verifying : httpd-tools-2.4.6-88.el7.centos.x86_64 1/5 Verifying : apr-1.4.8-3.el7_4.1.x86_64 2/5 Verifying : mailcap-2.1.41-2.el7.noarch 3/5 Verifying : httpd-2.4.6-88.el7.centos.x86_64 4/5 Verifying : apr-util-1.5.2-6.el7.x86_64 5/5 Installed: httpd.x86_64 0:2.4.6-88.el7.centos Dependency Installed: apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 httpd-tools.x86_64 0:2.4.6-88.el7.centos mailcap.noarch 0:2.1.41-2.el7 Complete!

Start and enable httpd.service.

[root@proxy-01 ~]# systemctl start httpd.service [root@proxy-01 ~]# systemctl enable httpd.service Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

Allow HTTP service in Linux firewall.

[root@proxy-01 ~]# firewall-cmd --permanent --add-service=http success [root@proxy-01 ~]# firewall-cmd --reload success

Browse URL http://proxy-01.example.com in a client browser.

Apache-HTTP-Server-Test-Page-powered-by-CentOS

Our Apache HTTP Server is running and displaying a default test page.

 

Configure Reverse Proxy and HTTP Load Balancer:

Apache HTTP Server requires mod_proxy module to configure and function as the Load Balancer. The mod_proxy module is contained in httpd package, therefore it is automatically installed alongwith Apache HTTP Server on CentOS 7 platforms.

Use the following command to verify the availability of mod_proxy.

[root@proxy-01 ~]# httpd -M | grep proxy proxy_module (shared) proxy_ajp_module (shared) proxy_balancer_module (shared) proxy_connect_module (shared) proxy_express_module (shared) proxy_fcgi_module (shared) proxy_fdpass_module (shared) proxy_ftp_module (shared) proxy_http_module (shared) proxy_scgi_module (shared) proxy_wstunnel_module (shared)

Add a configuration file in /etc/httpd/conf.d/.

[root@proxy-01 ~]# vi /etc/httpd/conf.d/proxy.conf

Add following reverse proxy configurations therein.

<proxy balancer://appset> BalancerMember http://web-01.example.com BalancerMember http://web-02.example.com ProxySet lbmethod=bytraffic </proxy> ProxyPass "/app" "balancer://appset/" ProxyPassReverse "/app" "balancer://appset/"

Restart httpd.service.

[root@proxy-01 ~]# systemctl restart httpd.service

Browse URL http://proxy-01.example.com/app in a client browser.

Web-01-Home-Page

Our reverse proxy configuration has been working and the Page Request has been forwarded to web-01.example.com.

Refresh the Web Page.

Web-02-Home-Page

This time our Page Request has been served by web-02.example.com.

We have configured a simple reverse proxy in Apache HTTP server, that is load balancing between two web servers.

mod_proxy has many configuration options and we can create relatively advanced configurations such as hot-spare, hot-standby and failover sets. Complete documentations is available at Apache Website. You can experiment on your own by reading documentation and enhancing the same configurations that we have created above.

 

Configure Balancer Manager:

Apache HTTP Server also provide a built-in Balancer-Manager application for easy management and monitoring of load balancers.

Add following configuration file in /etc/httpd/conf.d.

[root@proxy-01 ~]# vi /etc/httpd/conf.d/lbmanager.conf

Add following directives to enable Balancer-Manager.

<location "/balancer-manager"> SetHandler balancer-manager allow from all </location>

Restart httpd.service.

[root@proxy-01 ~]# systemctl restart httpd.service

Browse URL http://proxy-01.example.com/balancer-manager from a client browser.

Balancer-Manager-01

Balancer-Manager is configured and ready to use.

 

Securing Balancer-Manager:

Balancer-Manager is a simple application for monitoring and management of Apache HTTP Load Balancer. Therefore, it also lacks any implicit user authentication. However, we can configure Basic HTTP Authentication to restrict unauthorized access.

Create a password file and add a user in it.

[root@proxy-01 ~]# htpasswd -c /etc/httpd/htpasswd ahmer New password: Re-type new password: Adding password for user ahmer

Modify /etc/httpd/conf.d/lbmanager.conf to implement basic HTTP authentication.

[root@proxy-01 ~]# vi /etc/httpd/conf.d/lbmanager.conf

The updated configurations should be as follows:

<location "/balancer-manager"> SetHandler balancer-manager AuthType "basic" AuthName "balancer-manager" AuthUserFile /etc/httpd/htpasswd Require valid-user </location>

Restart httpd.service.

[root@proxy-01 ~]# systemctl restart httpd.service

Browse URL http://proxy-01.example.com/balancer-manager from a client browser.

basic-http-authentication-01

Now, it is asking for a valid user to login.

We have successfully configured a HTTP Load Balancer with Apache HTTP Server on CentOS 7.

If you like this article, then you should read my article “HAProxy: Configure HTTP Load Balancer in CentOS 7”.

.

Configure Apache as HTTP Load Balancer on CentOS 7


YOU MIGHT ALSO LIKE:

2 comments:

  1. how can I contact you some advice on configuration

    ReplyDelete
    Replies
    1. Hi, you can contact me via Facebook or Linkedin.

      Delete