Re: HAProxy in Amazon EC2 in peer mode
Hi, This kind of scenario is really dependent from your configuration. Basically, you want to configure HAProxy to load-balance SSL services hosted by your application servers. Persistence based on SSLID into HAProxy, sharing the stick-table between both haproxy. This may work, but be carefull with the peers section, since your LB will change their IP addresses each time they'll reboot... cheers On Tue, Feb 7, 2012 at 1:56 AM, Mir Islam mis...@mirislam.com wrote: Hi, I am thinking of the following scenario to implement in AWS. Two HAProxies with SSL stickiness, TCP pass through and in peer mode. Using Amazon ELB to do round robin load balance between the two server. Basically the idea is to create automatic failover for HA proxy servers. Theoretically it should work since both of the servers have the same session information. Am I wrong on this assumption? Thanks Mir
Re: HAProxy in Amazon EC2 in peer mode
You can also write a script that gather instances' data (using the EC2 APIs) in order to get the IPs. That way you can update the HAProxy configuration files when a change in your setup occurs. Cheers, Michele On Feb 8, 2012, at 5:33 PM, Mir Islam wrote: Right, the internal IP changes since it is on DHCP. But I was thinking of assigning static IP (EIP in Amazon term) to the HAProxies. And then refer to each other via those EIP. Here is a quick and dirty diagram of howI am thinking of implementing. Ofcourse the main cost is the static IP addresses that I have to get from Amazon.
Re: HAProxy in Amazon EC2 in peer mode
Just in case anyone was following in my effort to get HAProxy running in EC2. The peers mode will not work in EC2 because the IP address identified in the peer section must be an ip which is bound to the interface. I could not find a way to bypass it. Since the static IP assigned in EC2 are not really bound to the interfaces on the vm itself, it appears for the time being it is not possible to run in peer mode with static IP. It is possible to use the internal 10.x.x.x IP assigned by Amazon but that may change after a reboot. Oh, well I guess it is what it is. On Feb 8, 2012, at 7:33 AM, Mir Islam wrote: On Feb 8, 2012, at 2:49 AM, Baptiste wrote: Hi, This kind of scenario is really dependent from your configuration. Basically, you want to configure HAProxy to load-balance SSL services hosted by your application servers. That is correct. Persistence based on SSLID into HAProxy, sharing the stick-table between both haproxy. Right, that way any one of the pair of HAProxy server would know where to send the request from client. This may work, but be carefull with the peers section, since your LB will change their IP addresses each time they'll reboot... Right, the internal IP changes since it is on DHCP. But I was thinking of assigning static IP (EIP in Amazon term) to the HAProxies. And then refer to each other via those EIP. Here is a quick and dirty diagram of howI am thinking of implementing. Ofcourse the main cost is the static IP addresses that I have to get from Amazon. Thanks Baptiste. PastedGraphic-1.pdf cheers On Tue, Feb 7, 2012 at 1:56 AM, Mir Islam mis...@mirislam.com wrote: Hi, I am thinking of the following scenario to implement in AWS. Two HAProxies with SSL stickiness, TCP pass through and in peer mode. Using Amazon ELB to do round robin load balance between the two server. Basically the idea is to create automatic failover for HA proxy servers. Theoretically it should work since both of the servers have the same session information. Am I wrong on this assumption? Thanks Mir
Re: HAProxy in Amazon EC2 in peer mode
welcome to the cloud :) On Thu, Feb 9, 2012 at 2:26 AM, Mir Islam mis...@mirislam.com wrote: Just in case anyone was following in my effort to get HAProxy running in EC2. The peers mode will not work in EC2 because the IP address identified in the peer section must be an ip which is bound to the interface. I could not find a way to bypass it. Since the static IP assigned in EC2 are not really bound to the interfaces on the vm itself, it appears for the time being it is not possible to run in peer mode with static IP. It is possible to use the internal 10.x.x.x IP assigned by Amazon but that may change after a reboot. Oh, well I guess it is what it is. On Feb 8, 2012, at 7:33 AM, Mir Islam wrote: On Feb 8, 2012, at 2:49 AM, Baptiste wrote: Hi, This kind of scenario is really dependent from your configuration. Basically, you want to configure HAProxy to load-balance SSL services hosted by your application servers. That is correct. Persistence based on SSLID into HAProxy, sharing the stick-table between both haproxy. Right, that way any one of the pair of HAProxy server would know where to send the request from client. This may work, but be carefull with the peers section, since your LB will change their IP addresses each time they'll reboot... Right, the internal IP changes since it is on DHCP. But I was thinking of assigning static IP (EIP in Amazon term) to the HAProxies. And then refer to each other via those EIP. Here is a quick and dirty diagram of howI am thinking of implementing. Ofcourse the main cost is the static IP addresses that I have to get from Amazon. Thanks Baptiste. PastedGraphic-1.pdf cheers On Tue, Feb 7, 2012 at 1:56 AM, Mir Islam mis...@mirislam.com wrote: Hi, I am thinking of the following scenario to implement in AWS. Two HAProxies with SSL stickiness, TCP pass through and in peer mode. Using Amazon ELB to do round robin load balance between the two server. Basically the idea is to create automatic failover for HA proxy servers. Theoretically it should work since both of the servers have the same session information. Am I wrong on this assumption? Thanks Mir
Fwd: HAProxy in Amazon EC2 in peer mode
Any taker? Begin forwarded message: From: Mir Islam mis...@mirislam.com Date: February 6, 2012 4:56:15 PM PST To: haproxy@formilux.org Subject: HAProxy in Amazon EC2 in peer mode Hi, I am thinking of the following scenario to implement in AWS. Two HAProxies with SSL stickiness, TCP pass through and in peer mode. Using Amazon ELB to do round robin load balance between the two server. Basically the idea is to create automatic failover for HA proxy servers. Theoretically it should work since both of the servers have the same session information. Am I wrong on this assumption? Thanks Mir
HAProxy in Amazon EC2 in peer mode
Hi, I am thinking of the following scenario to implement in AWS. Two HAProxies with SSL stickiness, TCP pass through and in peer mode. Using Amazon ELB to do round robin load balance between the two server. Basically the idea is to create automatic failover for HA proxy servers. Theoretically it should work since both of the servers have the same session information. Am I wrong on this assumption? Thanks Mir
Re: HA for HAProxy in Amazon Cloud
On 11/17/2011 10:55 PM, Mir Islam wrote: Hi Guys, I am wondering how people are solving the problem of HAProxy becoming SPOF. I am using HAproxy in Amazon cloud for SSL stick session and load balancing, but best solution I could come up with for making HAProxy HA is by having another exact instance as hot standby. Then monitor the active one periodically and if it goes down, move the elastic IP associated with HAP1 to HAP2. Is there some other way folks are solving this issue? Remember, on Amazon cloud instances they do not have any public IP associated with the actual interface. So can't create virtual interface/ip and move it around like in traditional heart beat type of systems. Thanks Mir Hi, I'm doing exactly the same. I set up an heartbeat 2 node cluster (active/passive), defined 2 custom ocf resources (the elastic ip and the haproxy daemon) and grouped them to act together. The most tricky part for me was the heartbeat monitoring function because AWS API calls are really slow and tend to time out. Anyway, haproxy is running nicely, so far we are getting ~300 r/s
Re: HA for HAProxy in Amazon Cloud
So on avg how long it took for the AWS api call to transfer the IP to standby HA Proxy? I am wondering if it makes to go with just auto scale and define minimum 1 server. Thanks Mir On Nov 18, 2011, at 4:26 AM, Mariano Guezuraga wrote: On 11/17/2011 10:55 PM, Mir Islam wrote: Hi Guys, I am wondering how people are solving the problem of HAProxy becoming SPOF. I am using HAproxy in Amazon cloud for SSL stick session and load balancing, but best solution I could come up with for making HAProxy HA is by having another exact instance as hot standby. Then monitor the active one periodically and if it goes down, move the elastic IP associated with HAP1 to HAP2. Is there some other way folks are solving this issue? Remember, on Amazon cloud instances they do not have any public IP associated with the actual interface. So can't create virtual interface/ip and move it around like in traditional heart beat type of systems. Thanks Mir Hi, I'm doing exactly the same. I set up an heartbeat 2 node cluster (active/passive), defined 2 custom ocf resources (the elastic ip and the haproxy daemon) and grouped them to act together. The most tricky part for me was the heartbeat monitoring function because AWS API calls are really slow and tend to time out. Anyway, haproxy is running nicely, so far we are getting ~300 r/s
Re: HA for HAProxy in Amazon Cloud
Firts, sorry HAproxy list for the OT. I would say it takes an average of 5 seconds. Also please note that Amazon _seems_ to throttle your API requests if you exceed certain number of requests, sometimes the API failed with unable to connect to ... (I've noticed that while performing the monitoring function of the OCF resource) On 11/18/2011 03:34 PM, Mir Islam wrote: So on avg how long it took for the AWS api call to transfer the IP to standby HA Proxy? I am wondering if it makes to go with just auto scale and define minimum 1 server. Thanks Mir On Nov 18, 2011, at 4:26 AM, Mariano Guezuraga wrote: On 11/17/2011 10:55 PM, Mir Islam wrote: Hi Guys, I am wondering how people are solving the problem of HAProxy becoming SPOF. I am using HAproxy in Amazon cloud for SSL stick session and load balancing, but best solution I could come up with for making HAProxy HA is by having another exact instance as hot standby. Then monitor the active one periodically and if it goes down, move the elastic IP associated with HAP1 to HAP2. Is there some other way folks are solving this issue? Remember, on Amazon cloud instances they do not have any public IP associated with the actual interface. So can't create virtual interface/ip and move it around like in traditional heart beat type of systems. Thanks Mir Hi, I'm doing exactly the same. I set up an heartbeat 2 node cluster (active/passive), defined 2 custom ocf resources (the elastic ip and the haproxy daemon) and grouped them to act together. The most tricky part for me was the heartbeat monitoring function because AWS API calls are really slow and tend to time out. Anyway, haproxy is running nicely, so far we are getting ~300 r/s
HA for HAProxy in Amazon Cloud
Hi Guys, I am wondering how people are solving the problem of HAProxy becoming SPOF. I am using HAproxy in Amazon cloud for SSL stick session and load balancing, but best solution I could come up with for making HAProxy HA is by having another exact instance as hot standby. Then monitor the active one periodically and if it goes down, move the elastic IP associated with HAP1 to HAP2. Is there some other way folks are solving this issue? Remember, on Amazon cloud instances they do not have any public IP associated with the actual interface. So can't create virtual interface/ip and move it around like in traditional heart beat type of systems. Thanks Mir
Re: haproxy at amazon
On Tuesday 20 of September 2011 02:02:27 Dean Hiller wrote: We are running haproxy at amazon and running some load tests and seem to be hitting some bottleneck between haproxy and webservers or haproxy itself. How can you tell when haproxy is maxed out? Will cpu hit 100% or is it some other characteristic? our cpu is 4% and I only have 10 webservers and 10 clients, and my 10 clients generate about 1000 requests/second each on a socket and each one is stateless independent of the other, no session is saved at all. If you configure it correctly (haproxy bound to some specific core, network interrupts to some other core sharing L2 cache with haproxy core), you should see 100% on haproxy core (70% system, 30% user if running in L7 with few acls and rewrites) and around 25% on core servicing network interrupts. In full http tunneling mode you should see both cores saturated ad 100%. You should check traffic on your haproxy host both ways using tcpdump. Regards, Brane
haproxy at amazon
We are running haproxy at amazon and running some load tests and seem to be hitting some bottleneck between haproxy and webservers or haproxy itself. How can you tell when haproxy is maxed out? Will cpu hit 100% or is it some other characteristic? our cpu is 4% and I only have 10 webservers and 10 clients, and my 10 clients generate about 1000 requests/second each on a socket and each one is stateless independent of the other, no session is saved at all. I have a support ticket open with amazon but wanted to make sure I had more information on haproxy when going into the meeting I have with amazon engineering. thanks, Dean
Re: haproxy and amazon
Hi Julien, On Fri, Jun 24, 2011 at 07:57:00AM -0400, Julien Vehent wrote: On Thu, 23 Jun 2011 16:16:59 +0200, Baptiste wrote: Hi gents, I'm looking for people who use haproxy on an amazon server. I'm more interested by the number of hit/s you could get. Compared to our multi-tomcat-jboss-ultra-threaded-and-locked application (that doesn't seem to like EC2 too much), Haproxy is running like a charm up there. As of hit/s, well, I've never managed to saturate haproxy before saturating everything else in the chain, so I can't tell you. My (limited) experience of EC2 showed me that the bottleneck are essentially a limited number of CPU (although quite beefy and not applicable to haproxy), the EBS storage (also not applicable) and, if you're not in a VPC, the network. If you have issues with the latest, try running in a VPC, it seems that we are reaching between 1 and 1.5 gbps between instances in that env. From what I observed a few years ago, the limiting factor was not much the data rate but the packet rate. At that time it was hard, maybe impossible, to get more than 4-6k connections per second. It is possible that things have improved a bit since though. Still that's very low compared to real hardware, as a 7-Watt Atom CPU performs equally. Cheers, Willy
Re: haproxy and amazon
On Thu, 23 Jun 2011 16:16:59 +0200, Baptiste wrote: Hi gents, I'm looking for people who use haproxy on an amazon server. I'm more interested by the number of hit/s you could get. Compared to our multi-tomcat-jboss-ultra-threaded-and-locked application (that doesn't seem to like EC2 too much), Haproxy is running like a charm up there. As of hit/s, well, I've never managed to saturate haproxy before saturating everything else in the chain, so I can't tell you. My (limited) experience of EC2 showed me that the bottleneck are essentially a limited number of CPU (although quite beefy and not applicable to haproxy), the EBS storage (also not applicable) and, if you're not in a VPC, the network. If you have issues with the latest, try running in a VPC, it seems that we are reaching between 1 and 1.5 gbps between instances in that env. Julien
Re: haproxy and amazon
On Thu, 23 Jun 2011 16:16:59 +0200, Baptiste wrote: Hi gents, I'm looking for people who use haproxy on an amazon server. I'm more interested by the number of hit/s you could get. Compared to our multi-tomcat-jboss-ultra-threaded-and-locked application (that doesn't seem to like EC2 too much), Haproxy is running like a charm up there. As of hit/s, well, I've never managed to saturate haproxy before saturating everything else in the chain, so I can't tell you. My (limited) experience of EC2 showed me that the bottleneck are essentially a limited number of CPU (although quite beefy and not applicable to haproxy), the EBS storage (also not applicable) and, if you're not in a VPC, the network. If you have issues with the latest, try running in a VPC, it seems that we are reaching between 1 and 1.5 gbps between instances in that env. Julien
Re: haproxy and amazon
Hi Malcolm and Julien Thanks a lot for your answers. Very appreciated :) cheers
haproxy and amazon
Hi gents, I'm looking for people who use haproxy on an amazon server. I'm more interested by the number of hit/s you could get. Thanks for anybody who could help :) Regards