Nginx – Haproxy balance source hash-type consistent only routing to single backend

haproxyload balancingnginx

Folks,

I have a vm setup with nginx and haproxy to act as a load balancer for a webapp that needs to maintain session stickyness to a single backend once a client has made a connection.

The nginx config is pretty standard, but posted below.

upstream haproxy {
    server 127.0.0.1:5000;
    }

server {
    listen 192.168.1.10:443 ssl;
server_name foo.bar.com;

## Compression
gzip              on;
gzip_buffers      16 8k;
gzip_comp_level   4;
gzip_http_version 1.0;
gzip_min_length   1280;
gzip_types        text/plain text/css application/x-javascript text/xml application/xml application/xml+rss application/javascript text/javascript image/x-icon image/bmp;
gzip_vary         on;

tcp_nodelay on;
tcp_nopush on;
sendfile off;

access_log  /var/log/nginx/foo.bar.com_access.log  main;
error_log  /var/log/nginx/foo.bar.com_error.log  warn;

location / {
       #proxy_read_timeout 30; #to allow for large reports
       proxy_connect_timeout   10;
       proxy_send_timeout      75;
       proxy_read_timeout      180;
       proxy_buffering off;
       #proxy_buffer_size   128k;
       #proxy_buffers   4 256k;
       #proxy_busy_buffers_size   256k;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_pass http://haproxy;
 }


    error_page 502 502 = /maintenance.html;
    location = /maintenance.html {
    root /www/;
 }
}

Here is the haproxy config

backend webapp
    balance source
        hash-type consistent 
        mode http
        server arwen.bar.com 192.168.1.50:8080 check port 8080
    server beren.bar.com 192.168.1.53:8080 check port 8080
    server boromir.bar.com 192.168.1.55:8080 check port 8080
    server isildur.bar.com 192.168.1.62:8080 check port 8080

Yet when I look at the stats, I only see a single backend server is handling all of the incoming connection, which is counter to the purpose of load balancing. I thought I had haproxy setup properly from the docs, but what am I missing?

Best Answer

First of all, if that's your entire Nginx config file, why are you bothering to proxy twice? Why not just give HAProxy the "public" IP and have it do all the work?

In any event, since you're proxying to HAProxy from NGginx, all the connections are coming from the same place (Nginx).

If you want to proxy based on the client's IP, then you've got to tell HAProxy to balance based on either the X-Real-IP or X-Forwarded-For headers that you're setting in Nginx.

Your new HAProxy config would look like this if you used X-Real-IP:

backend webapp
  balance hdr(X-Real-IP)
  hash-type consistent 
  mode http

  server arwen.bar.com 192.168.1.50:8080 check port 8080
  server beren.bar.com 192.168.1.53:8080 check port 8080
  server boromir.bar.com 192.168.1.55:8080 check port 8080
  server isildur.bar.com 192.168.1.62:8080 check port 8080

Related Solutions

Nginx – Help needed setting up nginx to serve static files

I looked at the nginx error logs and found that it was trying to serve the media from /var/django/myproject/site_media/site_media instead of /var/django/myproject/site_media --weird.

I changed root /var/django/myproject/site_media; to root /var/django/myproject; and it works now.

Nginx – Configure php5-fpm for many concurrent users

I suspect your varnish cache is not caching anywhere near enough of the hits

here's what I would do in your situation:

Lower php max children to 100 or even 50 (if varnish does its job properly you don't need them) also remove the max requests line to allow the php processes not to respawn too quickly and thus prevent APC from being cleared too quickly which is also bad

also IF is not good according to nginx - http://wiki.nginx.org/IfIsEvil

I would change this line:

            if (!-e $request_filename) {
                    rewrite ^(.+)$ /index.php?q=$1 last;
            }

to:

try_files $uri $uri/ /index.php?$args;

If your version of nginx supports it (pretty certain if your nginx version is > 0.7.51 then it supports it)

you should also look at inserting the w3tc nginx rules direct into your vhost file to enabled proper disk enhanced caching of pages (which is faster than APC caching with nginx)

Take a look at the following varnish vcl which I use for sites - you will need to read through and edit a few things for your website - it also assumes that its only WP sites on the server and only 1 site on the server, it can easily be modified for more sites (take a look at the cookie section)

generic vcl: https://gist.github.com/b7332971a848bcb7ecef

With this config I would argue to remove fastcgi_cache to prevent any possible issues with a cache-chain occurring whereby trying locate any stray stale cache entries is more difficult

also tell w3tc that varnish is at 127.0.0.1 and it will purge it for you ;)

I deployed this to a server on Wednesday evening (with a few domain specific modifications) that was handling 2500 active site visitors it reduced load to less than 1 and the approx number of running php children was around 10-20 (this number does depend on number of logged in users and other factors like cookies) this server did have much more ram but the principle is the same, you should be able to easily handle the number of visitors you get at peaks

Best Answer

Related Solutions

Nginx – Help needed setting up nginx to serve static files

Nginx – Configure php5-fpm for many concurrent users

Related Topic