Configuring Apache with mod_proxy_balancer
Configuring Apache with mod_proxy_balancer
This section explains how to set up the Apache server with the mod_proxy_balancer module for load balancing. For more information on the mod_proxy_balancer, see http://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html.
- In the APACHE_HOME\conf\httpd.conf file, enable the mod_proxy, mod_proxy_balancer, and mod_proxy_ajp modules by removing the following comment tags:
#LoadModule proxy_module modules/mod_proxy.so #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
- Enter the following. For this sample cluster, the load balancer (on the localhost or Storefront Server 1) has an IP address of 10.10.90.54. The other three storefront servers have IP addresses 10.10.90.51, 10.10.90.52, and 10.10.90.53.
<VirtualHost 10.10.90.54:80> ServerName 10.10.90.54 # ProxyPreserveHost On RequestHeader set Host mars.elasticpath.net <Proxy balancer://tomcatservers> BalancerMember ajp://localhost:9009 route=node1 loadfactor=90 BalancerMember ajp://10.10.90.51:9009 route=node2 loadfactor=100 BalancerMember ajp://10.10.90.52:9009 route=node3 loadfactor=100 BalancerMember ajp://10.10.90.53:9009 route=node4 loadfactor=100 </Proxy> ProxyPass /storefront balancer://tomcatservers/storefront stickysession=JSESSIONID nofailover=Off ProxyPass /server-status ! </VirtualHost> <VirtualHost 10.10.90.54:443> ServerName 10.10.90.54 LogLevel warn #CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" LogFormat "%h %l %u %t \"%r\" %>s %b" common CustomLog logs/ssl_access_log common ErrorLog logs/ssl_error_log # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile "/commerce-legacy/usr/local/apache2/conf/server.crt" SSLCertificateKeyFile "/commerce-legacy/usr/local/apache2/conf/server.key" #DocumentRoot "/commerce-legacy/var/www/html/one" # ProxyPreserveHost On RequestHeader set HOST mars.elasticpath.net SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 <Proxy balancer://tomcatservers-ssl> BalancerMember ajp://localhost:9010 route=node1 loadfactor=90 BalancerMember ajp://10.10.90.51:9010 route=node2 loadfactor=100 BalancerMember ajp://10.10.90.52:9010 route=node3 loadfactor=100 BalancerMember ajp://10.10.90.53:9010 route=node4 loadfactor=100 </Proxy> ProxyPass /storefront balancer://tomcatservers-ssl/storefront stickysession=JSESSIONID nofailover=off </VirtualHost>
- Note the following characteristics of the Proxy balancer element for the non-secure port 80 connector (code snippet below):
... <Proxy balancer://tomcatservers> BalancerMember ajp://localhost:9009 route=node1 loadfactor=90 BalancerMember ajp://10.10.90.51:9009 route=node2 loadfactor=100 BalancerMember ajp://10.10.90.52:9009 route=node3 loadfactor=100 BalancerMember ajp://10.10.90.53:9009 route=node4 loadfactor=100 </Proxy> ProxyPass /storefront balancer://tomcatservers/storefront stickysession=JSESSIONID nofailover=Off ProxyPass /server-status ! ...
- The load balancer has four storefronts, including one on the localhost. Each machine has AJP port 9009 open and an even load factor except the localhost, which has a slightly lower load factor to accommodate the Apache workload.
- The directive ProxyPass /storefront balancer://tomcatservers/storefront instructs ProxyPass to allow /storefront requests to pass to the balancer's /storefront. The stickysession parameter specifies the cookie to attach to each storefront node, so that requests will all return to the same node.
- The route parameter is the name for a node's jvmRoute within the server.xml file. This allows Apache and the application server to identify which requests go to which node. Without this parameter (or the stickysession parameter), the user's session may bounce between storefront nodes and result in unexpected behavior.
- To set the jvmRoute in the server.xml file, look for the following comment:
<!-- You should set jvmRoute to support load-balancing via AJP ie : <Engine name="Catalina" defaultHost="localhost" jvmRoute="node1"> -->
Remove the comment tags and make the jvmRoute and route parameters equal. - Repeat step 3 for the secure connectors on AJP port 9010.
- Restart the Apache server. It will load balance to a specific node in the cluster and stay on that node for subsequent requests.
Additional Notes
- Monitor Apache and the application server access logs with the tail command. This command ensures that requests are using sticky sessions correctly. Increasing the access log level to output cookie names and values is useful for debugging any sticky session configuration issues.
- There are some known issues around keepalive and older versions of Apache HTTP and Tomcat where the AJP connections between the two will not get released, causing the connection pool to fill and not allow new requests.
- Consider using Apache's htcacheclean, which runs as a daemon or a one-time job to control the size of the Apache cache on the disk. For websites with a small, finite number of cacheable HTML objects, this is normally not an issue. However, websites with many gigabytes (GBs) of assets and a small cache (for example, 500 MB) should use htcacheclean. For more information, see http://httpd.apache.org/docs/2.2/programs/htcacheclean.html.