HAProxy Enterprise Documentation 2.3r1

Network Load Balancer

To create an active-active cluster of HAProxy Enterprise load balancers in AWS, you can place a Network Load Balancer in front. This load balancer operates at Layer 4, the Network layer, and load balances the HAProxy Enterprise load balancers. Because AWS Network Load Balancer can check the health of the lower-tier of load balancers, it can remove unhealthy instances as needed.

[Layer 4 load balancing in AWS]

We will:

  1. Create a virtual network dedicated to your AWS account (VPC).

  2. Deploy several HAProxy Enterprise AMIs.

  3. Create an AWS target group.

  4. Create an AWS Network Load Balancer in a single Availability Zone.

  5. Test the setup.

See also

What is a Network Load Balancer?

Create a VPC

You can launch HAProxy Enterprise instances in a Virtual Private Cloud (VPC), which is a virtual network similar to a traditional network.

  1. Open the Amazon VPC console, then click Launch VPC Wizard.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/launch-vpc-wizard-47960037812fd287d21164111ccc8cb6de0fc347cf675508f4744a10412602ed.png
  2. Create a VPC with a single, public subnet with the following characteristics.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/vpc-with-a-single-public-subnet-75207bccbcfb6cc52a983f067d6c0c59cd0c35acecceaeef1790b9454ff95dc4.png

    Field

    Value

    Public subnet's Availability Zone

    The availability zone of your choice, for example, eu-west-3a.

    In other fields, keep the default values or select other values that better suit your needs.

  3. In the Virtual Private Cloud section on the left, select Your VPCs, then write down the ID of the new VPC.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-menu-your-vpcs-4f7aa762cfb3365ddb8968a2841b2e1f8ff75881da720a94761fe3051045c5a8.png

    For example, vpc-0deecc96935b9ef73.

See also

What is Amazon VPC?

Deploy HAProxy Enterprise AMIs

You can launch HAProxy Enterprise instances directly from the AWS Marketplace.

  1. Create two or more HAProxy Enterprise instances on AWS, with the following characteristics.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-ami-ubuntu-9747cae3539013583fdba215fd4e0077b7a005ac79b308cfb021e0412ff6c99a.png https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-ami-rhel-62e5667826df789f01ecd761e2afd2ea85f584bfcd1b575edf88c3bc59cd041f.png

    Field

    Value

    Software version

    Tip

    For testing purposes, select different HAProxy Enterprise versions for the different instances.

    Region

    Region to which your Availability Zone belongs.

    VPC Settings

    ID of the VPC you previously created. For example, vpc-0deecc96935b9ef73.

    Subnet Settings

    Public subnet that belongs to the VPC.

    Security Group Settings

    Create a new security group based on seller settings for the first HAProxy Enterprise instance, then select the same security group for other instances.

    Key Pair Settings

    Create a new EC2 key pair, or select an existing one. Select the same key pair for all HAProxy Enterprise instances.

    In other fields, keep the default values or select other values that better suit your needs.

See also

Create an AWS target group

A target group routes requests to one or more registered targets, such as HAProxy Enterprise instances, using the TCP protocol and the port number that you specify.

  1. Open the Amazon EC2 console.

  2. In the Load Balancing section on the left, select Target Groups.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-menu-tg-7a324b87c364a1ff47aad54fb560f0eaf075904a2a39452b0eee39ad142012b4.png
  3. Create a target group with the following characteristics, then click Next.

    Field

    Value

    Target type

    Instances

    Protocol

    TCP

    VPC

    The virtual private cloud (VPC) you created previously. For example, vpc-0deecc96935b9ef73.

    In the other fields, keep the default values or select other values that better suit your needs.

  4. In the Register targets page, select the HAProxy Enterprise instances you created previously, then click Include as pending below.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-available-instances-2d46bc465949160239571ab38350e098957ca3457feb900c4d37d5981fe6157d.png
  5. Click Create target group.

Create an AWS Network Load Balancer

The AWS Network Load Balancer selects a target HAProxy Enterprise instance using a flow hash algorithm based on the source and destination IP addresses and ports, the protocol, and the TCP sequence number.

  1. In the Load Balancing section on the left, select Load Balancers.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-menu-lb-c833710bcb4392e01cd44472b3f0b0b7348f1a478bd2b2020254fb1c803f4c27.png
  2. Create a Network Load Balancer with the following characteristics.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/nlb-create-f549c1e7671b764a4341651cc8e8935e6b6910a6ecb10c9dbb4728e109365c9f.png

    Field

    Value

    Scheme

    Internet-facing

    VPC

    The virtual private cloud (VPC) you created previously. For example, vpc-0deecc96935b9ef73.

    Mappings

    Select your Availability Zone and the corresponding subnet.

    Listeners

    Default (a listener that accepts TCP traffic on port 80).

    Default action

    Select the target group you created previously.

    In the other fields, keep the default values or select other values that better suit your needs.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-listeners-e41eb1335836681893c176c93a1598e6090e0e75cd5f22a2664bfdc97a7fadbc.png
  3. Click Create load balancer.

See also

Create a Network Load Balancer

Test your setup

Once you have created a Network Load Balancer, wait a few minutes and check that the HAProxy Enterprise instances in your target group have passed the initial health check.

You can then test that the layer 4 AWS Network Load Balancer sends traffic to your layer 7 HAProxy Enterprise load balancers.

  1. In the Load Balancing section on the left, select Target Groups.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-menu-tg-7a324b87c364a1ff47aad54fb560f0eaf075904a2a39452b0eee39ad142012b4.png
  2. Select the newly created target group, and check that your HAProxy Enterprise instances are ready.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-healthy-d89fdb4f47938669f0af5f00084508345231c9501f352237e47406734d178565.png
  3. In the Load Balancing section on the left, select Load Balancers.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/aws-menu-lb-c833710bcb4392e01cd44472b3f0b0b7348f1a478bd2b2020254fb1c803f4c27.png
  4. Select the newly created load balancer.

  5. Copy the DNS name of the load balancer and paste it into the address field of a web browser.

    For example, strawberry-f9f565c7eb5b3cd3.elb.eu-west-3.amazonaws.com.

    The browser displays the statistics page of your HAProxy Enterprise instance.

    https://cdn.haproxy.com/documentation/hapee/latest/assets/hapee-aws-page-729a12eb8f4aedb4044c7c2cf87bd7a1f60054b5dd6f685aab4a6fa5d2b8a702.png

Tip

If you launched instances with different versions of HAProxy Enterprise, paste the DNS name of the Network Load Balancer into the address field of another web browser or in a private browser window.

The browser should display the statistics page of one of your other HAProxy Enterprise instances, which runs another version of HAProxy Enterprise. Since each TCP connection is routed to a single target as long as the connection is active, you may have to try connecting several times.

You can now:

  • configure your backend server pool,

  • edit the frontend section of your HAProxy configuration file (each AWS Network Load Balancer in the Availability Zone has a static IP),

  • edit the backend section of your HAProxy configuration file,

  • copy the configuration file to all HAProxy Enterprises instances in the AWS target group.