In an BRIX high availability cluster, microservices of the BRIX application interact with a S3 cluster. To evenly balance traffic between S3 cluster servers, install a HAProxy configuration. This will ensure stable system operation in case of a failure.
This article will cover how to configure HAProxy for SeaweedFS and MinIO.
Example of a configuration of HAProxy
This article describes configuration of load balancing for a cluster deployed according to the instructions in the following articles:
HAProxy is used for this. It balances client connections between the cluster servers. Such connections come to:
- seaweedfs.your_domain:8333 if you use SeaweedFS.
- minio.your_domain:9000 if you use MinIO.
In order to create a HAProxy configuration for S3, perform the following actions:
- Open the
haproxy.cfg file for editing using the following command:
sudo nano /etc/haproxy/haproxy.cfg
- Edit the
haproxy.cfg configuration file:
Configuration example for load balancing to a SeaweedFS cluster
### S3 SeaweedFS ###
listen s3seaweedfs
bind seaweedfs.your_domain:8333
mode http
balance leastconn
server seaweedfs1 seaweedfs-server1.your_domain:8333 check inter 2s
server seaweedfs2 seaweedfs-server2.your_domain:8333 check inter 2s
server seaweedfs3 seaweedfs-server3.your_domain:8333 check inter 2s
### S3 SeaweedFS ###
|
Example of a HAProxy configuration using SSL for SeaweedFS
Enabling SSL is possible if OpenSSL support is built in. In the crt parameter, specify the path to the PEM file containing the required certificates and associated private keys (fullchain certificate). If the file does not contain a private key, HAProxy will attempt to load the key from the same path with the .key suffix.
If a directory name is used instead of a PEM file, all files found in that directory will be loaded in alphabetical order, except for files ending in .issuer, .ocsp, or .sctl (reserved extensions).
In the ca-file parameter, specify the path to the PEM file containing the root certificate. For more information, see the Configuration Manual for your HAproxy version. Example for HAProxy 2.5:
### S3 SeaweedFS ###
listen s3seaweedfs
bind seaweedfs.your_domain:8334 ssl crt /etc/haproxy/ssl/seaweedfs-server.your_domain.pem
mode http
balance leastconn
server seaweedfs1 seaweedfs-server1.your_domain:8334 check inter 2s ssl crt /etc/haproxy/ssl/seaweedfs-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
server seaweedfs2 seaweedfs-server2.your_domain:8334 check inter 2s ssl crt /etc/haproxy/ssl/seaweedfs-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
server seaweedfs3 seaweedfs-server3.your_domain:8334 check inter 2s ssl crt /etc/haproxy/ssl/seaweedfs-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
### S3 SeaweedFS ###
|
Configuration example for load balancing to MinIO cluster
### S3 MinIO ###
listen s3minio
bind minio.your_domain:9000
mode http
balance leastconn
server minio1 minio-server1.your_domain:9000 check inter 2s
server minio2 minio-server2.your_domain:9000 check inter 2s
server minio3 minio-server3.your_domain:9000 check inter 2s
server minio4 minio-server4.your_domain:9000 check inter 2s
### S3 MinIO ###
|
Example of a HAProxy configuration using SSL for MinIO
Enabling SSL is possible if OpenSSL support is built in. In the crt parameter, specify the path to the PEM file containing the required certificates and associated private keys (fullchain certificate). If the file does not contain a private key, HAProxy will attempt to load the key from the same path with a .key suffix.
If a directory name is used instead of a PEM file, all files found in that directory will be loaded in alphabetical order, excluding files ending in .issuer, .ocsp, and .sctl (reserved solutions).
In the ca-file parameter, specify the path to the PEM file containing the root certificate. For more details, refer to the Configuration Manual for the used version of HAProxy. For example, for HAProxy 2.5:
### S3 MinIO ###
listen s3minio
bind minio.your_domain:9000 ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem
mode http
balance leastconn
server minio1 minio-server1.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
server minio2 minio-server2.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
server minio3 minio-server3.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
server minio4 minio-server4.your_domain:9000 check inter 2s ssl crt /etc/haproxy/ssl/minio-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
### S3 MinIO ###
|
- Restart HAProxy to apply changes:
sudo systemctl restart haproxy
Found a typo? Select it and press Ctrl+Enter to send us feedback
