Load-balancing Notes

These are notes I'm making on load-balancing, probably using Apache, as I set up a solution. I do this using Nginx later on this page.

Useful links

Here are some links I collected:

Use nginx to load-balance Tomcat—easy
Easy HTTP load balancing with Apache, with nice pictures.
Simple Load Balancing with Apache, complete set-up using one host to run the Apache load balancer and two others to serve as the servers being load-balanced.
Load Balancing an SSL Site with Apache, continuation of article above, but using SSL.
How to Set Up a Load-balanced High-availability Apache Cluster, my least favorite of these links.
Guide - How to configure an Apache load balancer, with nice illustrations. It also seems a bit more modern and has Tomcat-relevant notes.
Load balancing with Apache: a tutorial on mod_proxy_balancer installation and configuration. Less sexy, not as well organized, but has information the others don't.
Load Balancing Apache Server, YouTube video! Plus, it covers targeting two targets that diverge greatly in terms of power. However, it doesn't use Apache, but Pound, a German freeware solution.
Load-balancing might be simpler using NGINX (pronounced "engine X"), see here: Load Balancing Apache Tomcat with NGINX. This article doesn't hand-hold too much and does everything on the same box (so, in a real environment, there are some instructions you do not want to follow; you have to figure out which those are).

My own topology is this:

Apache modules

The following modules must be obtained and configured.

mod_proxy
mod_proxy_http
mod_proxy_balancer

Configuration

The following modules must be obtained and configured.

The commands (in httpd.conf or the equivalent you're using) are. This stuff goes into a proper VirtualHost container. See sample at end of this section.

    LoadModule proxy_module mod_proxy.so
    LoadModule proxy_http_module mod_proxy_http.so
    LoadModule proxy_balancer_module mod_proxy_balancer.so

Next, disable the proxy server as it constitutes an open security hazard.

    ProxyRequests Off
    <Proxy \*>
        Order deny,allow
        Deny from all
    </Proxy>

Ensure all the back-end targets are in agreement, i.e.: make sure they're going to serve up the same content. Otherwise, you're going to confuse your user a great deal—the universe will no longer appear deterministic to him.

Here are the load-balancer configuration statements. Some refer to the BalanceMember servers as "web heads".

    <Proxy balancer://cloudservices>¹
        BalancerMember http://192.168.0.29²
        BalancerMember http://192.168.0.33²
        Order allow,deny
        Allow from all

        ProxySet lbmethod=byrequests³
    </Proxy>
    ProxyPass /balancer-manager !⁴
    ProxyPass / balancer://cloudservices/¹

¹ cloudservices—this is arbitrary; you can call it anything you want as long as the "protocol" part (balancer://) is there.
² 192.168.0.29—these are DNS names, IP addresses, etc.
³ I'm using a "by request" (similar to "round robin") balancing algorithm.
⁴ Means "don't proxy the balancer itself.

What's left? This was simple, but there is much more to do:

SSL
Priority, load balancing, etc.

The grand httpd.conf example

Sample httpd.conf:

<VirtualHost *:80>
    ProxyRequests off

    ServerName aintnoclouds.com
    ServerAlias aintnoclouds.com *.aintnoclouds.com

    <Proxy balancer://cloudservices>
        # -----
        # app-1
        # -----
        BalancerMember http://192.168.0.29:8080 loadfactor=3¹

        # -----
        # app-2
        # -----
        BalancerMember http://192.168.0.33:8080 loadfactor=7¹

        # --------
        # Security
        # --------
        # Not technically blocking anyone but this would be the
        # place to make those changes.
        Order Deny,Allow
        Deny from none
        Allow from all

        # ----------------------
        # Load Balancer Settings
        # ----------------------
        # This configures a simple round robin-style load-balancer.
        # This means that all webheads take an equal share of of
        # the load.
        ProxySet lbmethod=byrequests
    </Proxy>

    # ----------------
    # balancer-manager
    # ----------------
    # This tool is built into the mod_proxy_balancer module and allows
    # for simple modifications to the balanced group via a GUI (web)
    # interface.
    <Location /balancer-manager>
        SetHandler balancer-manager

        # Lock this one down to your your office, eh?!
        Order deny,allow
        Allow from all
    </Location>

    # ----------------
    # Point of Balance
    # ----------------
    # This setting allows explicitly naming the location in the site
    # that is to be balanced. In this example, it's / (root), in
    # other words, everything.
    ProxyPass /balancer-manager !
    ProxyPass / balancer://cloudservices/

    # -------
    # mod_ssl
    # -------
    # Here is how traffic is decrypted/encrypted between the Internet
    # and the web heads behind the load balancer.
    SSLEngine on
    SSLCertificateFile    /etc/apache2/conf.d/ssl.crt/domain.com.crt²
    SSLCertificateKeyFile /etc/apache2/conf.d/ssl.key/domain.com.key²
</VirtualHost>

Notes on the file above

¹ The loadfactor setting is grey because, in my case, it's pointless: both of my application servers are identical VM configurations in ESXi and identical hardware.
² Obviously, these paths will have to be changed to point at an actual cert and key you get from somewhere.

Here's some stuff left out of some articles, but included by another one. I keep it for now because I've got some additional woes suggested by it to solve.

    DocumentRoot /Library/WebServer/Documents

    <Directory "/Library/WebServer/Documents">
        AllowOverride AuthConfig
    </Directory>

Nginx example

Install Nginx.
```
    apt-get install nginx
```

Links

...more or less in order of usefulness which I weighted on a) completeness, b) unassuming nature of article and c) dedication to use of Apache 2 web server. Some goodish articles assumed Nginx web servers being balanced.