Setting up a highly available load balancing cluster requires two primary components: HAProxy for traffic distribution and Keepalived for failover management. This setup uses two virtual machines running CentOS 7.
Environment Preparation
Install the EPEL repository and required packages on both nodes:
yum install -y epel-release
yum install -y haproxy keepalived nginx psmisc net-tools vimHAProxy Configuration
Create the HAProxy configuration file at /etc/haproxy/haproxy.cfg:
global
maxconn 200000
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
nbproc 2
pidfile /var/run/haproxy.pid
log 127.0.0.1 local0 info
defaults
option http-keep-alive
maxconn 200000
mode http
timeout connect 3000ms
timeout client 30000ms
timeout server 30000ms
listen stats_page
mode http
bind *:9090
stats enable
stats uri /haproxy-stats
stats auth admin:securepass
frontend web_frontend
bind 192.168.10.100:80
mode http
option httplog
log global
default_backend web_servers
backend web_servers
option forwardfor header X-CLIENT-IP
option httpchk HEAD / HTTP/1.0
balance roundrobin
server app01 192.168.10.101:8080 check inter 2000 rise 30 fall 15
server app02 192.168.10.102:8080 check inter 2000 rise 30 fall 15The balance roundrobin directive ensures requests are distributed evenly across backend servers. Alternative algorithms include source for IP-based persistence or leastconn for connection-based distribution.
Backend Web Server Configuration
On the first backend node, create the web content directory and Nginx configuration:
mkdir -p /var/www/html
echo "Server 01" > /var/www/html/index.htmlNginx server block configuration at /etc/nginx/conf.d/default.conf:
server {
listen 8080;
server_name localhost;
location / {
root /var/www/html;
index index.html index.htm;
}
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log warn;
}On the second backend node, repeat the process with different content:
mkdir -p /var/www/html
echo "Server 02" > /var/www/html/index.htmlStart the services:
systemctl restart nginx
systemctl restart haproxyKeepalived Configuration for Master Node
Configure Keepalived on the primary load balancer:
global_defs {
notification_email {
admin@example.org
}
notification_email_from keepalived@example.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb_master
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass MyPass123
}
virtual_ipaddress {
192.168.10.200
}
}Enable binding to non-local IP addresses:
echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bindUpdate HAProxy to bind to the virtual IP:
frontend web_frontend
bind 192.168.10.200:80Start Keepalived:
systemctl start keepalived
systemctl reload haproxyKeepalived Configuration for Backup Node
On the secondary load balancer, configure Keepalived with a lower priority:
global_defs {
notification_email {
admin@example.org
}
notification_email_from keepalived@example.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb_backup
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass MyPass123
}
virtual_ipaddress {
192.168.10.200
}
}Apply the same kernel parameter and HAProxy binding configuration:
echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind
systemctl restart haproxy
systemctl restart keepalivedFailover Verification
Access the virtual IP (192.168.10.200) from a browser. When stopping Keepalived on the master node, the virtual IP automatically migrates to the backup node. For automated health checks, implement monitoring scripts that trigger failover based on HAProxy or backend service availability.
Disaster Recovery Considerations
Enterprise disaster recovery planning should follow a structured approach:
- Classify systems into core and non-core business applications
- Categorize data by importance and recovery priority
- Build recovery procedures from the infrastructure layer upward
- Conduct regular disaster recovery drills
- Evaluate requirements for cold standby, warm standby, or active-active configurations