Apache HTTP Server, usually called as Apache, is the most popular web server over the Internet. Apache is free and open-source. Apache is developed and maintained by open-source community at Apache Software Foundation. Apache is loaded with so many features, and additionals features can be added to Apache using the Apache modules.
Besides web server, Apache can also be configured as a Reverse Proxy to create a load balancing cluster of two or more web servers. This functionality can be added to Apache via mod_proxy module. Apache HTTP Server can be used to configure load balancers, hot-spares, hot-standby and failover nodes.
In this article, we will configure Apache as a reverse proxy and an HTTP load balancer on CentOS 7 server.
Table of Contents:
- System Specification
- Install Apache HTTP Server
- Configure Reverse Proxy and HTTP Load Balancer
- Configure Balancer Manager
- Securing Balancer-Manager
System Specification:
In this article, we are using three virtual machines. Two VMs to deploy and run two websites and One VM to configure as the reverse proxy and HTTP load balancer.
Hostname | web-01.example.com | web-02.example.com | proxy-01.example.com |
IP Address | 192.168.116.51/24 | 192.168.116.52/24 | 192.168.116.53/24 |
Operating System | CentOS 7.6 | CentOS 7.6 | CentOS 7.6 |
We have already configured web-01.example.com and web-02.example.com as the web servers and hosted a simple and distinct webpage on both servers.
Now, we will configure the proxy-01.example.com as the load balancer using mod_proxy and Apache HTTP server.
Install Apache HTTP Server:
Connect to proxy-01.example.com as root user.
Install Apache HTTP Server using yum command.
# yum install -y httpd
Start and enable httpd.service.
# systemctl start httpd.service # systemctl enable httpd.service Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Allow HTTP service in Linux firewall.
# firewall-cmd --permanent --add-service=http success # firewall-cmd --reload success
Browse URL http://proxy-01.example.com in a client browser.
Our Apache HTTP Server is running and displaying a default test page.
Configure Reverse Proxy and HTTP Load Balancer:
Apache HTTP Server requires mod_proxy module to configure and function as the Load Balancer. The mod_proxy module is contained in httpd package, therefore it is automatically installed alongwith Apache HTTP Server on CentOS 7 platforms.
Use the following command to verify the availability of mod_proxy.
# httpd -M | grep proxy
proxy_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
Add a configuration file in /etc/httpd/conf.d/.
# vi /etc/httpd/conf.d/proxy.conf
Add following reverse proxy configurations therein.
<proxy balancer://appset>
BalancerMember http://web-01.example.com
BalancerMember http://web-02.example.com
ProxySet lbmethod=bytraffic
</proxy>
ProxyPass "/app" "balancer://appset/"
ProxyPassReverse "/app" "balancer://appset/"
Restart httpd.service.
# systemctl restart httpd.service
Browse URL http://proxy-01.example.com/app in a client browser.
Our reverse proxy configuration has been working and the Page Request has been forwarded to web-01.example.com.
Refresh the Web Page.
This time our Page Request has been served by web-02.example.com.
We have configured a simple reverse proxy in Apache HTTP server, that is load balancing between two web servers.
mod_proxy has many configuration options and we can create relatively advanced configurations such as hot-spare, hot-standby and failover sets. Complete documentations is available at Apache Website. You can experiment on your own by reading documentation and enhancing the same configurations that we have created above.
Configure Balancer Manager:
Apache HTTP Server also provide a built-in Balancer-Manager application for easy management and monitoring of load balancers.
Add following configuration file in /etc/httpd/conf.d.
# vi /etc/httpd/conf.d/lbmanager.conf
Add following directives to enable Balancer-Manager.
<location "/balancer-manager">
SetHandler balancer-manager
allow from all
</location>
Restart httpd.service.
# systemctl restart httpd.service
Browse URL http://proxy-01.example.com/balancer-manager from a client browser.
Balancer-Manager is configured and ready to use.
Securing Balancer-Manager:
Balancer-Manager is a simple application for monitoring and management of Apache HTTP Load Balancer. Therefore, it also lacks any implicit user authentication. However, we can configure Basic HTTP Authentication to restrict unauthorized access.
Create a password file and add a user in it.
# htpasswd -c /etc/httpd/htpasswd ahmer
New password:
Re-type new password:
Adding password for user ahmer
Modify /etc/httpd/conf.d/lbmanager.conf to implement basic HTTP authentication.
# vi /etc/httpd/conf.d/lbmanager.conf
The updated configurations should be as follows:
<location "/balancer-manager">
SetHandler balancer-manager
AuthType "basic"
AuthName "balancer-manager"
AuthUserFile /etc/httpd/htpasswd
Require valid-user
</location>
Restart httpd.service.
# systemctl restart httpd.service
Browse URL http://proxy-01.example.com/balancer-manager from a client browser.
Now, it is asking for a valid user to login.
We have successfully configured a HTTP Load Balancer with Apache HTTP Server on CentOS 7.
If you like this article, then you should read my article “HAProxy: Configure HTTP Load Balancer in CentOS 7”.
.
how can I contact you some advice on configuration
ReplyDeleteHi, you can contact me via Facebook or Linkedin.
DeleteHi, when I try to connect the URL http://proxy-01.example.com/app, I got error for "DNS lookup failure for: web-02.example.com, do you have any idea? Thanks
ReplyDeletePlease ensure that the hostnames web01 and web02 are resolvable at server and client sides. You can configure Local DNS Resolver for this purpose.
DeleteHello, I get a "503 Service Unavailable" when I hit my load balancer. When I pull up /balancer-manager it shows my worker URLs as status:Init Err. What could I have done wrong?
ReplyDeleteHave a look into /var/log/httpd/error_log.
Delete