Main Menu

Search

KUBERNETES: How To Install and Configure HAProxy As Load Balancer Kubernetes HA Cluster?

Following are steps to Install and Configure HAProxy As Load Balancer Kubernetes HA Cluster?

1) Install haproxy package using below command.
# dnf -y install haproxy

2) Validate if firewalld is running on the node.
# systemctl status firewalld.service 

If firewalld is running, add the port on which HAproxy will be listening to the firewalld to allow communication.
For e.g. if HAproxy is going to listen on 6443 port, add 6443 tcp port to the firewalld.

For this run below command.
# firewall-cmd --permanent --add-port=6443/tcp

Reload the firewalld after the change.

# firewall-cmd --reload

3)Backup the /etc/haproxy/haproxy.cfg original configuration file.
# cp -rp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.ORIG

4) Make sure SELinux is set to permissive.

For checking if SELinux is set to permissive run below command.
# sestatus

If you want to SELinux to be enforcing and strict, set SELinux rules to allow communication to HAProxy service and port.

5) Remove the existing content of /etc/haproxy/haproxy.cfg file and update with below content.

In below HAproxy configuration make following changes:

Bind port in this example is 6443, change it to the port you want HAproxy to be listening on to which backend Kubernetes nodes can connect.

Change the IP and Port for server node1, server node2 to the backend Kubernetes nodes IP and port. In this case we have backend set of 2 Kubernetes nodes. If you have more backend nodes, add entries as server node4, server node4, .... and update the entries with the backend kubernetes nodes IP and port.
#--------------------------------------------------------------------
# Kubernetes Cluster Control Plane Nodes Load Balancing
#--------------------------------------------------------------------
defaults
    maxconn 20000
    mode    tcp
    option  dontlognull
    timeout http-request 10s
    timeout queue        1m
    timeout connect      10s
    timeout client       86400s
    timeout server       86400s
    timeout tunnel       86400s
frontend k8s-api
    bind :::6443 v4v6
    mode tcp
    default_backend k8s-api
backend k8s-api
    option  httpchk GET /readyz HTTP/1.0
    option  log-health-checks
    http-check expect status 200
    mode tcp
    balance roundrobin
    default-server verify none check-ssl inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 5000 maxqueue 5000 weight 100
    server node1 10.10.10.1:6443 check
    server node2 10.10.10.2:6443 check

6) Restart and enable HAproxy service.
# systemctl start haproxy.service
# systemctl enable --now haproxy 

Key Words:

Ha proxy,  installing, configuring, high availability, balancing, loadbalancer
Tags: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)