This guide demonstrates the minimum requirements and configuration for the HAProxy load balancer, to distribute the ProcessRobot clients connections load among the ProcessRobot Servers of a Multiserver environment.


Please note that this article demonstrates the minimum required configuration for the HAProxy Load Balancer. Please consult your IT Department before setting it up on a Production environment.


After installing HAProxy on the desired Linux distribution, please edit the haproxy.cfg file located by default at /etc/haproxy/ directory.


The minimum configuration should look like this:

global
  log /dev/log  local0
  log /dev/log  local1 notice
  chroot /var/lib/haproxy
  stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
  stats timeout 30s
  user haproxy
  group haproxy
  daemon

  # Default SSL material locations
  ca-base /etc/ssl/certs
  crt-base /etc/ssl/private

  # Default ciphers to use on SSL-enabled listening sockets.
  # For more information, see ciphers(1SSL). This list is from:
  #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
  # An alternative list with additional directives can be obtained from
  #  https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
  ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  ssl-default-bind-options no-sslv3

defaults
  log  global
  mode  tcp
  option  tcplog
  option  dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
  errorfile 400 /etc/haproxy/errors/400.http
  errorfile 403 /etc/haproxy/errors/403.http
  errorfile 408 /etc/haproxy/errors/408.http
  errorfile 500 /etc/haproxy/errors/500.http
  errorfile 502 /etc/haproxy/errors/502.http
  errorfile 503 /etc/haproxy/errors/503.http
  errorfile 504 /etc/haproxy/errors/504.http

frontend haproxynode
    bind *:6090
    mode tcp
    default_backend backendnodes

frontend stats
    bind *:80
    mode http
    stats enable
    stats uri /stats
    stats refresh 10s

backend backendnodes
    balance source
    option tcplog
    server node1 172.16.0.10:6090 check
    server node2 172.16.0.13:6090 check

On the frontend haproxynode, the bind port is set to 6090, same as the ProcessRobot Servers listening port picked. It is user configurable, but it is easier to refer to the same port as the ProcessRobot Servers one. 


On the backend backendnodes, the load is distributed using the source algorithm on the two available nodes, where the ProcessRobot Servers are installed. On the source algorithm, the source IP address is hashed and divided by the total weight of the running servers to designate which server will receive the request. This ensures that the same client IP address will always reach the same server as long as no server goes down or up (session stickiness).


Upon the configuration is ready, please restart the haproxy service.


After performing the above steps, in order to connect the ProcessRobot clients to the ProcessRobot Servers through the load balancer, please provide the IP and port of the Linux machine that hosts the HAProxy to the 'ProcessRobot Server Address' configuration field.



Sources: http://www.haproxy.org/ , http://www.haproxy.org/download/1.8/doc/configuration.txt, https://www.linode.com/docs/uptime/loadbalancing/how-to-use-haproxy-for-load-balancing/