search string side menu

BRIX On-Premises > Prepare infrastructure > Load balancer / Configure HAProxy for BRIX web 

HAProxy configuration for BRIX web

The architecture of a highly available BRIX cluster involves the interaction of BRIX application microservices within a resilient cluster. To evenly balance traffic between Kubernetes cluster servers, install a HAProxy configuration. This will ensure stable system operation in case of a failure.

Example HAProxy configuration for BRIX web

This article presents a HAProxy configuration that balances client connections coming to elma365.your_domain between Kubernetes cluster servers.

In order to create a HAProxy configuration for BRIX web, perform the following actions:

  1. Open the haproxy.cfg configuration file for editing using the following command:

sudo nano /etc/haproxy/haproxy.cfg

  1. Edit the haproxy.cfg configuration file:

Configuration example:

### Web ELMA365 ###
listen elma365_web
    bind haproxy-server.your_domain:80
    mode http
    balance leastconn
    no option http-use-htx
    # http-use-htx is deprecated and ignored since Haproxy 2.1
    option forwardfor
    option httpclose
    server elma365-1 elma365-1.your_domain:80 check
    server elma365-2 elma365-2.your_domain:80 check
    server elma365-3 elma365-3.your_domain:80 check
### Web ELMA365 ###

Example of a HAProxy configuration using SSL

SSL can be enabled if OpenSSL support is embedded. In the crt parameter, specify the path to the PEM file containing the required certificates and associated private keys (fullchain certificate). If the file does not contain a private key, HAProxy will attempt to load the key from the same path with a .key suffix.

 
If a directory name is used instead of a PEM file, all files found in that directory will be loaded in alphabetical order, except for files ending in .issuer, .ocsp, or .sctl (reserved solutions).

 
In the ca-file parameter, specify the path to the PEM file containing the root certificate. Read more in the Configuration Manual for the HAProxy version used. Example for HAProxy 2.5:

### Web ELMA365 ###
listen elma365_web
    bind elma365.your_domain:443 ssl crt /etc/haproxy/ssl/elma365-server.your_domain.pem
    mode http
    balance leastconn
    no option http-use-htx
    # http-use-htx is deprecated and ignored since Haproxy 2.1
    option forwardfor
    option httpclose
    server elma365-1 elma365-1.your_domain:443 check inter 2s ssl crt /etc/haproxy/ssl/elma365-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
    server elma365-2 elma365-2.your_domain:443 check inter 2s ssl crt /etc/haproxy/ssl/elma365-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
    server elma365-3 elma365-3.your_domain:443 check inter 2s ssl crt /etc/haproxy/ssl/elma365-server.your_domain.pem ca-file /etc/haproxy/ssl/rootCA_your_domain.pem
### Web ELMA365 ###
  1. Restart HAProxy to apply changes:

sudo systemctl restart haproxy

haproxy-s3-minio.html haproxy-docs-server.html