search string side menu

BRIX On-Premises > Prepare infrastructure > Load balancer / Configure HAProxy for S3 MinIO

Configure HAProxy for S3 MinIO

In an BRIX high availability cluster, microservices of the BRIX application interact with a MinIO cluster. To evenly balance traffic between S3 MinIO cluster servers, install a HAProxy configuration. This will ensure stable system operation in case of a failure.

Example of a configuration of HAProxy for MinIO

This article describes configuration of load balancing for a MinIO cluster deployed according to the instructions in the MinIO cluster article. HAProxy is used for this. It balances client connections coming to minio.your_domain:9000 between the cluster servers.

In order to create a HAProxy configuration for S3 MinIO, perform the following actions:

  1. Open the haproxy.cfg file for editing using the following command:

sudo nano /etc/haproxy/haproxy.cfg

  1. Edit the haproxy.cfg configuration file:

Configuration example:

### S3 MinIO ###
listen s3minio
   bind minio.your_domain:9000
   mode http
   balance leastconn
   server minio1 minio-server1.your_domain:9000 check inter 2s
   server minio2 minio-server2.your_domain:9000 check inter 2s
   server minio3 minio-server3.your_domain:9000 check inter 2s
   server minio4 minio-server4.your_domain:9000 check inter 2s
### S3 MinIO ###

Example of a HAProxy configuration using SSL

Enabling SSL is possible if OpenSSL support is built in. In the crt parameter, specify the path to the PEM file containing the required certificates and associated private keys (fullchain certificate). If the file does not contain a private key, HAProxy will attempt to load the key from the same path with a .key suffix.

 
If a directory name is used instead of a PEM file, all files found in that directory will be loaded in alphabetical order, excluding files ending in .issuer, .ocsp, and .sctl (reserved solutions).

 
In the ca-file parameter, specify the path to the PEM file containing the root certificate. For more details, refer to the Configuration Manual for the used version of HAProxy. For example, for HAProxy 2.5:

 

### S3 MinIO ###
listen s3minio
    bind minio.your_domain:9000 ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem
    mode http
    balance leastconn
    server minio1 minio-server1.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
    server minio2 minio-server2.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
    server minio3 minio-server3.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
    server minio4 minio-server4.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
### S3 MinIO ###
  1. Restart HAProxy to apply changes:

sudo systemctl restart haproxy

haproxy-redis.html haproxy-web-elma365.html