Oracle Cloud Infrastructure Documentation

Setting Up Load Balancer

This task sets up the load balancer on un0 using Apache HTTP Server. Replace un0 with any other node if this setup must be done on another node

  1. Sign in to un0, and then navigate to /etc/httpd/conf.
  2. Backup httpd.conf.
  3. On un0, edit httpd.conf.
  4. Add the following content next to the line Include conf.modules.d/*.conf: 
    LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule ssl_module modules/mod_ssl.so
  5. Comment the #ServerAdmin you@example.com line.
  6. Add Include conf/odh-ranger-lb.conf to the end of the file.
  7. Save httpd.conf.
  8. From the same folder, open vi odh-ranger-lb.conf.
  9. Add the following content.
    Note

    <VirtualHost *:8443> must match the default port of Apache HTTP Server service. 
    <VirtualHost *:8443>
        SSLEngine On
        SSLProxyEngine On
        SSLCertificateFile /etc/security/serverKeys/<<lb_hostname>>.crt
        SSLCertificateKeyFile /etc/security/serverKeys/<<lb_hostname>>.key
 
        SSLCACertificateFile /etc/security/serverKeys/oraclerootCA.crt
        SSLProxyCACertificateFile /etc/security/serverKeys/oraclerootCA.crt
        SSLVerifyClient none
        SSLOptions +ExportCertData
        SSLProxyVerify none
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerName off
        SSLProxyCheckPeerExpire off
        ProxyRequests off
        ProxyPreserveHost off
 
        Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
 
        <Proxy balancer://rangercluster>
               BalancerMember https://<<un0-fqdn>>:6182 loadfactor=1 route=1
               BalancerMember https://<<un1-fqdn>>:6182 loadfactor=1 route=2
 
 
                Order Deny,Allow
                Deny from none
                Allow from all
 
                ProxySet lbmethod=byrequests scolonpathdelim=On stickysession=ROUTEID maxattempts=1 failonstatus=500,501,502,503 nofailover=Off
        </Proxy>
 
        # balancer-manager
        # This tool is built into the mod_proxy_balancer
        # module and will allow you to do some simple
        # modifications to the balanced group via a gui
        # web interface.
        <Location /balancer-manager>
                SetHandler balancer-manager
                Order deny,allow
                Allow from all
        </Location>
 
 
       ProxyPass /balancer-manager !
       ProxyPass / balancer://rangercluster/
       ProxyPassReverse / balancer://rangercluster/
 
</VirtualHost>
    • <<lb_hostname>>: Replace with the load balancer hostname (un0 in this case)
    • <<un0-fqdn>>: Replace with existing Ranger Admin hostname (un0 in this case)
    • <<un1-fqdn>>: Replace with new Ranger Admin hostname (un1 in this case)
    Note

    Certificates and keys are already generated and available in the node. Don't copy the certificate to any other place nor generate a new certificate
  10. Save the file.
  11. Restart Apache HTTP Server.
    service httpd restart