Tuesday, July 14, 2015

Setting Up Web Servers Load Balancing Using ‘POUND’ on RHEL/CentOS


POUND is a load balancing program developed by ITSECURITY Company. It is a lightweight open source reverse proxy tool which can be used as a web-server load balancer to distribute load among several servers. There are several advantages POUND gives to end user which are very convenient and does the job right.
  1. Supports virtual hosts.
  2. Configurable.
  3. When a backend server is failed or recovered from a failure, it detects it automatically and bases its load balancing decisions according to that.
  4. It rejects incorrect requests.
  5. No specified browser or webservers.
Let’s have a look at how can get this hack done.
First of all you will need a scenario for better understanding about getting this done. So I will use a scenario where there are two webservers and one gateway server which needs to balance the requests comes to gateway server to webservers.
Pound Gateway Server :
Web Server 01 :
Web Server 02 :
Install Pound Load Balancer in Linux
Pound Web Server Load Balancer

Step1: Install Pound Load Balancer on Gateway Server

1. The easiest way to install Pound is using pre-compiled RPM packages, you can find RPMs for RedHat based distributions at:
  1. http://www.invoca.ch/pub/packages/pound/
Alternatively, Pound can be easily installed from the EPEL repository as shown below.
# yum install epel-release
# yum install Pound
After Pound installed, you can verify whether it is installed by issuing this command.
# rpm –qa |grep Pound
Install Pound Load Balancer
Install Pound Load Balancer
2. Secondly, you need two web-servers to balance the load and make sure you have clear identifiers in order to test the pound configuration works fine.
Here I have two servers bearing IP addresses and
For ease of use, I have created python SimpleHTTPServer to create an instant webserver on both servers. Read about python SimpleHTTPServer
In my scenario, I have my webserver01 running on through port 8888 and webserver02 running on through port 5555.
Pound Webserver 1
Pound Webserver 1
Pound Webserver 2
Pound Webserver 2

Step 2: Configure Pound Load Balancer

3. Now it’s time to make the configurations done. Once you have installed pound successfully, it creates the pound’s config file in /etc, namely pound.cfg.
We have to edit the server and backend details in order to balance the load among the webservers. Go to /etcand open pound.cfg file for editing.
# vi /etc/pound.cfg
Make the changes as suggested below.
    Port 80

    Port    443
    Cert    "/etc/pki/tls/certs/pound.pem"

        Port    8888

        Port    5555
This is how my pound.cfg file looks like.
Configure Pound Load Balancer
Configure Pound Load Balancer
Under the “ListenHTTP” and “ListenHTTPS” tags, you have to enter the IP address of the server you have installed POUND.
By default a server handles HTTP requests though port 80 and HTTPS requests through port 443. Under the “Service” tag, you can add any amount of sub tags called “BackEnd”. BackEnd tags bears the IP addresses and the port numbers which the webservers are running on.
Now save the file after editing it correctly and restart the POUND service by issuing one of below commands.
# /etc/init.d/pound restart 
# service pound restart
# systemctl restart pound.service
Start Pound Load Balancer
Start Pound Load Balancer
4. Now it’s time to check. Open two web browsers to check whether our configurations work fine. In the address bar type your POUND gateway’s IP address and see what appears.
First request should load the first webserver01 and second request from the other web browser should load the second webserver02.
Check Pound Load Balancing
Check Pound Load Balancing
Furthermore, think of a scenario like if you have two webservers to load balance and one of the server’s performance is good and other’s performance is not so good.
So when load balancing among them, you will have to consider for which server you have to put more weight on. Obviously for the server with good performance specs.
To balance the load like that, you just have to add a single parameter inside the pound.cfg file. Let’s have a look at it.
Think server is the better server. Then you need put more requests flow to that server. Under the “BackEnd” tag which is configured for server, add the parameter “Priority” before the End tag.
Look at below example.
Pound Load Balancing Priority
Pound Load Balancing Priority
The range we can use for the “Priority” parameter is between 1-9. If we do not define it, default value of 5 will be assigned.
Then load will be balanced equally. If we define the Priority number, POUND will load the server with higher priority number more oftenly. So in this case, will be loaded more often than the server172.16.1.204:8888.

Step 3: Planning Emergency Breakdowns

Emergency Tag: This tag is used to load a server in case of all the back end servers are dead. You can add it before the last End tag of pound.cfg as follows.
           Port        8080
6. POUND always keep track of which backend servers are alive and which are not. We can define after how many seconds POUND should checkout the backend servers by adding “Alive” parameter in pound.cfg.
You can use the parameter as “Alive 30” for set it to 30 seconds. Pound will temporarily disable the backend servers which are not responding. When we say not responding server may be dead or cannot establish a connection at that moment.
POUND will check the disabled backend server after every time period you have defined in the pound.cfg file in case if the server could establish a connection, then POUND can get back to work with the server.
7. POUND daemon will be handled by poundctl command. By having that we don’t need to edit the pound.cfgfile and we can issue Listner ServerBackEnd servers and sessions etc. via a single command.
Syntax: poundctl -c /path/to/socket [-L/-l] [-S/-s] [-B/-b] [-N/-n] [-H] [-X]
  1. -c defines path to your socket.
  2. -L / -l defines the listener of your architecture.
  3. -S / -s defines the service.
  4. -B / -b defines the backend servers.
See poundctl man pages for more information.
Hope you enjoy this hack and discover more options regarding this.