Load_balancing
Chapter 19: Load Balancing
Section titled “Chapter 19: Load Balancing”19.1 Introduction to Load Balancing
Section titled “19.1 Introduction to Load Balancing”Load balancing distributes traffic across multiple servers.
Load Balancing Overview+------------------------------------------------------------------+
Why Use Load Balancing?+------------------------------------------------------------------+| - Distribute load across multiple servers || - Improve availability (failover) || - Increase capacity || - Zero downtime maintenance || - SSL termination |+------------------------------------------------------------------+
Load Balancer Placement:+------------------------------------------------------------------+
Internet | v +-------------+ | Load Balancer| +-------------+ / | \ v v v+---+ +---+ +---+|S1 | |S2 | |S3 |+---+ +---+ +---+
Types:+------------------------------------------------------------------+| Type | Layer | Description ||--------------------|-------------|------------------------------|| Hardware | L4-L7 | Physical appliance || Software | L4-L7 | Run on servers || Cloud | L4-L7 | Managed service || DNS Round Robin | L3 | Simple, no health checks |+------------------------------------------------------------------+
+------------------------------------------------------------------+19.2 Load Balancing Algorithms
Section titled “19.2 Load Balancing Algorithms” LB Algorithms+------------------------------------------------------------------+
1. Round Robin+------------------------------------------------------------------+| - Requests distributed in sequence || - Server1 -> Server2 -> Server3 -> Server1 || - Good for equal servers |+------------------------------------------------------------------+
2. Least Connections+------------------------------------------------------------------+| - Send to server with fewest active connections || - Better for varying request times |+------------------------------------------------------------------+
3. Least Response Time+------------------------------------------------------------------+| - Consider server response time || - Send to fastest responding server |+------------------------------------------------------------------+
4. IP Hash+------------------------------------------------------------------+| - Hash source IP to determine server || - Same client always goes to same server |+------------------------------------------------------------------+
5. Weighted+------------------------------------------------------------------+| - Assign weights to servers || - More powerful servers get more traffic |+------------------------------------------------------------------+
6. Random+------------------------------------------------------------------+| - Randomly assign servers || - Good for testing |+------------------------------------------------------------------+
Algorithm Selection:+------------------------------------------------------------------+| Application Type | Recommended Algorithm ||---------------------|----------------------------------------|| Simple web app | Round Robin || Long-running requests| Least Connections || Real-time apps | Least Response Time || Stateful apps | IP Hash || Mixed capacity | Weighted Least Connections |+------------------------------------------------------------------+
+------------------------------------------------------------------+19.3 HAProxy
Section titled “19.3 HAProxy”HAProxy is a popular open-source load balancer.
# Installsudo pacman -S haproxy
# Basic configuration /etc/haproxy/haproxy.cfgglobal log /dev/log local0 log /dev/log local1 notice maxconn 4000 user haproxy group haproxy daemon
defaults log global mode http option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http
frontend http_front bind *:80 bind *:443 ssl crt /etc/ssl/certs/server.pem mode http
default_backend web_servers
backend web_servers mode http balance roundrobin option httpchk GET /health server web1 192.168.1.10:80 check inter 2000 rise 2 fall 3 server web2 192.168.1.11:80 check inter 2000 rise 2 fall 3 server web3 192.168.1.12:80 check inter 2000 rise 2 fall 3
# Stats pagelisten stats bind *:8404 stats enable stats uri /stats stats refresh 30s stats auth admin:password19.4 Nginx Load Balancing
Section titled “19.4 Nginx Load Balancing”http { upstream backend { least_conn;
server 192.168.1.10:80; server 192.168.1.11:80; server 192.168.1.12:80;
# Keepalive connections keepalive 32; }
# With weights upstream weighted_backend { server 192.168.1.10:80 weight=3; server 192.168.1.11:80 weight=2; server 192.168.1.12:80 weight=1; }
# With backup upstream with_backup { server 192.168.1.10:80; server 192.168.1.11:80; server 192.168.1.12:80 backup; }
server { listen 80; server_name example.com;
location / { proxy_pass http://backend; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
# SSL/TLS server { listen 443 ssl http2; server_name example.com;
ssl_certificate /etc/ssl/certs/server.crt; ssl_certificate_key /etc/ssl/certs/server.key;
location / { proxy_pass http://backend; } }}19.5 Health Checks
Section titled “19.5 Health Checks” Health Checks+------------------------------------------------------------------+
Types:+------------------------------------------------------------------+| Type | Description ||----------------|--------------------------------------------------|| TCP Connect | Can connect to port || HTTP/HTTPS | GET specific URL, check response || HTTPS | Verify SSL certificate || Ping | ICMP ping || Custom | Run script, check result |+------------------------------------------------------------------+
Health Check Configuration (HAProxy):+------------------------------------------------------------------+
backend web_servers option httpchk GET /healthcheck http-check expect status 200 server web1 192.168.1.10:80 check inter 2000 rise 2 fall 3 server web2 192.168.1.11:80 check inter 2000 rise 2 fall 3
Intervals:+------------------------------------------------------------------+| - check inter 2000 : Check every 2 seconds || - rise 2 : Mark UP after 2 successful checks || - fall 3 : Mark DOWN after 3 failed checks |+------------------------------------------------------------------+
Health Check Best Practices:+------------------------------------------------------------------+| - Check application health, not just port || - Use separate health endpoint (/health, /status) || - Don't overload server with checks || - Have enough rise/fall to avoid flapping |+------------------------------------------------------------------+
+------------------------------------------------------------------+19.6 Session Persistence
Section titled “19.6 Session Persistence” Session Persistence+------------------------------------------------------------------+
Why?+------------------------------------------------------------------+| - User session data on specific server || - Shopping cart, login state |+------------------------------------------------------------------+
Methods:+------------------------------------------------------------------+
1. Source IP Affinity+------------------------------------------------------------------+| - Same IP always goes to same server || - Simple but unreliable (mobile, NAT) |+------------------------------------------------------------------+
2. Cookies+------------------------------------------------------------------+| - LB sets cookie with server ID || - Most common method || - Examples: JSESSIONID, SERVERID |+------------------------------------------------------------------+
3. Session IDs+------------------------------------------------------------------+| - Use application session ID || - Must extract from request |+------------------------------------------------------------------+
HAProxy Cookie Configuration:+------------------------------------------------------------------+
backend web_servers cookie SERVERID insert indirect nocache server web1 192.168.1.10:80 check cookie web1 server web2 192.168.1.11:80 check cookie web2 server web3 192.168.1.12:80 check cookie web3
Nginx Sticky Cookie:+------------------------------------------------------------------+
upstream backend { server 192.168.1.10; server 192.168.1.11; sticky cookie srv_id expires=1h path=/;}
+------------------------------------------------------------------+
+------------------------------------------------------------------+19.7 High Availability
Section titled “19.7 High Availability” HA Load Balancing+------------------------------------------------------------------+
Cluster Setup:+------------------------------------------------------------------+
+-------------+ | Virtual IP | +-------------+ / \ +-------+ +-------+ | LB1 | | LB2 | +-------+ +-------+ | | +-------+-------+ | +----------+----------+ | Shared VIP | +------------------+
Keepalived Configuration:+------------------------------------------------------------------+
# /etc/keepalived/keepalived.confglobal_defs { router_id lb1}
vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1
virtual_ipaddress { 192.168.1.100/24 dev eth0 }
track_script { chk_haproxy }}
vrrp_script chk_haproxy { script "pidof haproxy" interval 2 weight 2}
# On backup:# state BACKUP# priority 99
+------------------------------------------------------------------+
+------------------------------------------------------------------+Summary
Section titled “Summary”In this chapter, you learned:
- ✅ What is load balancing
- ✅ LB algorithms (Round Robin, Least Connections, etc.)
- ✅ HAProxy configuration
- ✅ Nginx as load balancer
- ✅ Health checks
- ✅ Session persistence
- ✅ High availability with Keepalived
Next Chapter
Section titled “Next Chapter”Chapter 20: VLANs and Virtual Networks
Last Updated: February 2026