github.com/openshift/installer@v1.4.17/docs/dev/libvirt/load_balancer.md (about) 1 # Load Balancer Setup 2 3 The libvirt deployment does not deploy a load balancer for development purposes. 4 5 This doc goes over an example configuration of HAProxy for doing local development. 6 7 ### Installing HAProxy 8 These instructions are for Fedora 34+. 9 10 Install the RPM for `HAProxy`. 11 ```sh 12 sudo dnf install haproxy 13 ``` 14 15 Configure `haproxy.cfg`. A default configuration follows, replace with the appropriate IP addresses for your environment: 16 17 ```sh 18 #--------------------------------------------------------------------- 19 # Global settings 20 #--------------------------------------------------------------------- 21 global 22 log 127.0.0.1 local2 23 24 chroot /var/lib/haproxy 25 pidfile /var/run/haproxy.pid 26 maxconn 4000 27 user haproxy 28 group haproxy 29 daemon 30 31 # turn on stats unix socket 32 stats socket /var/lib/haproxy/stats 33 34 # utilize system-wide crypto-policies 35 # ssl-default-bind-ciphers PROFILE=SYSTEM 36 # ssl-default-server-ciphers PROFILE=SYSTEM 37 38 #--------------------------------------------------------------------- 39 # common defaults that all the 'listen' and 'backend' sections will 40 # use if not designated in their block 41 #--------------------------------------------------------------------- 42 defaults 43 mode tcp 44 log global 45 option httplog 46 option dontlognull 47 option http-server-close 48 option forwardfor except 127.0.0.0/8 49 option redispatch 50 retries 3 51 timeout http-request 10s 52 timeout queue 1m 53 timeout connect 10s 54 timeout client 1m 55 timeout server 1m 56 timeout http-keep-alive 10s 57 timeout check 10s 58 maxconn 3000 59 60 #--------------------------------------------------------------------- 61 # main frontend which proxys to the backends 62 #--------------------------------------------------------------------- 63 64 frontend api 65 bind <HAProxy Host IP>:6443 66 default_backend controlplaneapi 67 68 frontend internalapi 69 bind <HAProxy Host IP>:22623 70 default_backend controlplaneapiinternal 71 72 frontend secure 73 bind <HAProxy Host IP>:443 74 default_backend secure 75 76 frontend insecure 77 bind <HAProxy Host IP>:80 78 default_backend insecure 79 80 #--------------------------------------------------------------------- 81 # static backend 82 #--------------------------------------------------------------------- 83 84 backend controlplaneapi 85 balance source 86 server bootstrap <BOOTSTRAP IP>:6443 check 87 server master0 <MASTER 0 IP>:6443 check 88 server master1 <MASTER 1 IP>:6443 check 89 server master2 <MASTER 2 IP>:6443 check 90 91 backend controlplaneapiinternal 92 balance source 93 server bootstrap <BOOTSTRAP IP>:22623 check 94 server master0 <MASTER 0 IP>:22623 check 95 server master1 <MASTER 1 IP>:22623 check 96 server master2 <MASTER 2 IP>:22623 check 97 98 backend secure 99 balance source 100 server compute0 <WORKER 0 IP>:443 check 101 server compute1 <WORKER 1 IP>:443 check 102 server compute2 <WORKER 2 IP>:443 check 103 104 backend insecure 105 balance source 106 server worker0 <WORKER 0 IP>:80 check 107 server worker1 <WORKER 1 IP>:80 check 108 server worker2 <WORKER 2 IP>:80 check 109 ``` 110 111 Start and (optionally, enable) the systemd daemon. 112 113 ```sh 114 # If you want it enabled 115 sudo systemctl enable --now haproxy.service 116 # If you want to start it manually every time 117 sudo systemctl start haproxy.service 118 ``` 119 120 Ensure it's running by checking the systemd journal: 121 122 ```sh 123 # Hit Ctrl+C when done following the logs. 124 sudo journalctl -f -u haproxy.service 125 ```