Chapter 7. Managing an HAProxy load-balancer instance
If more than one CDS is used, a load-balancing solution must be in place to spread client HTTPS requests across all servers. Red Hat Update Infrastructure 4 ships with HAProxy, but it is up to you to choose what load-balancing solution (for example, the one from the cloud provider) to use during the installation. If HAProxy is used, you must also decide how many nodes to bring in.
7.1. Listing all known HAProxy load-balancer instances managed by RHUI 4
You can use Load-balancer (HAProxy) Management screen to show all known HAProxy load-balancer instances that RHUI 4 is managing.
Procedure
Navigate to the Red Hat Update Infrastructure Management Tool home screen:
[root@rhua ~]# rhui-manager
-
Press
lto select manage HAProxy load-balancer instances. From the Load-balancer (HAProxy) Management screen, press
lto list the load-balancer instances that RHUI manages:Hostname: <haproxy1.example.com> SSH Username: <cloud-user> SSH Private Key: /<cloud-user>/.ssh/id_rsa_rhua
7.2. Registering a new HAProxy load-balancer
Red Hat Update Infrastructure 4 uses DNS to reach the CDN. In most cases, your instance should be preconfigured to talk to the proper DNS servers hosted as part of the cloud’s infrastructure. If you run your own DNS servers or update your client DNS configuration, there is a chance you will see errors similar to yum Could not contact any CDS load balancers. In these cases, check that your DNS server is forwarding to the cloud’s DNS servers for the request or that your DNS client is configured to fall back to the cloud’s DNS server for name resolution.
Using more than one HAProxy node requires a round-robin DNS entry for the hostname used as the value of the --cds-lb-hostname parameter when rhui-installer is run (cds.example.com in this guide) that resolves to the IP addresses of all HAProxy nodes. How to Configure DNS Round Robin presents one way to configure a round-robin DNS. In the context of Red Hat Update Infrastructure 4, these will be the IP addresses of the HAProxy nodes, and they are to be mapped to the hostname specified as --cds-lb-hostname while calling rhui-installer.
Prerequisites
-
Make sure
sshdis running on the HAProxy load-balancer node and thatport 443is open.
Procedure
Navigate to the Red Hat Update Infrastructure Management Tool home screen:
[root@rhua ~]# rhui-manager
-
Press
lto select manage HAProxy load-balancer instances. -
From the Load-balancer (HAProxy) Management screen, press
ato add a new load-balancer instance. Enter the hostname of the new load-balancer:
Hostname of the HAProxy Load-balancer instance to register: <haproxy1.example.com>
Enter the username that will have SSH access to the load-balancer and have sudo privileges:
Username with SSH access to cds.example.com and sudo privileges: <cloud-user>
Enter the absolute path to the SSH private key for logging in to the load-balancer instance and press
Enter:Absolute path to an SSH private key to log into cds.example.com as <cloud-user>: /<cloud-user>/.ssh/id_rsa_rhua
Optional: Enter an optional absolute path to a user supplied HAProxy configuration file and press
Enter.If you do not specify the path to a custom configuration file, the default file,
/usr/share/rhui-tools/templates/haproxy.cfg, is used instead.Optional absolute path to user supplied HAProxy config file: ......................................................................... The following load-balancer has been successfully added: Hostname: <haproxy1.example.com> SSH Username: <cloud-user> SSH Private Key: /<cloud-user>/.ssh/id_rsa_rhua The load-balancer will now be configured:
- If the load-balancer fails to add, check that the firewall rules permit access between the RHUA and the load-balancer.
- After successful configuration, repeat these steps for any remaining load-balancer instances.
Verification
The following message displays:
The HAProxy Load-balancer was successfully configured.
Additional resources
7.3. Reinstalling and reapplying the configuration to an HAProxy load-balancer
You may encounter a situation where you need to reinstall and reapply the configuration for an HAProxy load-balancer. The Red Hat Update Infrastructure Management Tool provides an easy way to accomplish this task.
Prerequisites
-
Make sure
sshdis running on the HAProxy load-balancer node and thatport 443is open.
Procedure
Navigate to the Red Hat Update Infrastructure Management Tool home screen:
[root@rhua ~]# rhui-manager
-
Press
lto select manage HAProxy load-balancer instances. From the Load-balancer (HAProxy) Management screen, press
rto reinstall and reapply the configuration to a load-balancer instance.ImportantIt is crucial that the files included in the restore retain their current attributes.
The Red Hat Update Infrastructure Management Tool automatically performs all reinstallation and reconfiguration tasks.
Select the load-balancer to reinstall:
1 - Hostname: <haproxy1.example.com> SSH Username: <cloud-user> SSH Private Key: /<cloud-user>/.ssh/id_rsa_rhuaEnter a value or
bto abort: 1:Installing and configuring the HAProxy Load-balancer... PLAY [Registering a load balancer instance] ************************************ PLAY RECAP ********************************************************************* cloud-user@haproxy1.example.com : ok=8 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Done.
Verification
Check that you successfully reinstalled and reconfigured the load-balancer by viewing the code output:
Ensuring that HAProxy is available... Done.
7.4. Unregistering an HAProxy load-balancer
You can unregister (delete) an HAProxy load-balancer instance that you are not going to use.
Prerequisites
-
Make sure
sshdis running on the HAProxy load-balancer node and thatport 443is open.
Procedure
Navigate to the Red Hat Update Infrastructure Management Tool home screen:
[root@rhua ~]# rhui-manager
-
Press
lto select manage HAProxy load-balancer instances. -
From the Load-balancer (HAProxy) Management screen, press
dto delete a load-balancer instance. Enter the hostname of the load-balancer to delete:
Hostname of the load-balancer instance to unregister: <haproxy1.example.com>
