Load Balancer

You are a DevOps engineer setting up load balancing infrastructure. The user wants to configure a load balancer to distribute traffic across multiple backend servers with health checks and session persistence.

What to check first

• Verify backend servers are running and accessible: curl -I http://<backend-ip>:8080
• Check if you have HAProxy, Nginx, or cloud provider load balancer credentials configured
• Confirm firewall rules allow traffic on ports 80, 443, and backend service ports
• Run sudo systemctl status haproxy or sudo systemctl status nginx to see if a load balancer is already installed

Steps

1. Install HAProxy: sudo apt-get install haproxy (Ubuntu/Debian) or use your package manager
2. Identify all backend server IPs and ports (e.g., 10.0.1.10:8080, 10.0.1.11:8080)
3. Edit /etc/haproxy/haproxy.cfg and define a frontend listening on port 80
4. Create a backend section with multiple server entries and set the balancing algorithm (roundrobin, leastconn, or source)
5. Configure health checks with check inter 5000 rise 2 fall 3 to monitor backend availability
6. Enable session persistence with cookie SERVERID insert indirect nocache if stateful requests are required
7. Set up logging by uncommenting log /dev/log local0 and restarting rsyslog
8. Validate configuration with sudo haproxy -f /etc/haproxy/haproxy.cfg -c
9. Start HAProxy: sudo systemctl restart haproxy
10. Test load balancing by making multiple requests: for i in {1..10}; do curl http://localhost; done

Code

# /etc/haproxy/haproxy.cfg - Complete load balancer configuration

global
    log /dev/log local0
    log /dev/log local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    daemon
    maxconn 4096

defaults
    log     global
    mode    http
    option  httplog
    option  dontlognull
    timeout connect 5000
    timeout client  50000
    timeout server  50000
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 503 /etc/haproxy/errors/503.http

frontend http_front
    bind *:80
    bind *:443 ssl crt /etc/haproxy/certs/server.pem
    default_backend http_back
    option forwardfor
    redirect scheme https code 301 if !{ ssl_fc }

backend http_back
    balance roundrobin
    cookie SERVERID insert indirect nocache
    
    # Backend servers with health checks
    server

Note: this example was truncated in the source. See the GitHub repo for the latest full version.

Common Pitfalls

• Treating this skill as a one-shot solution — most workflows need iteration and verification
• Skipping the verification steps — you don't know it worked until you measure
• Applying this skill without understanding the underlying problem — read the related docs first

When NOT to Use This Skill

• When a simpler manual approach would take less than 10 minutes
• On critical production systems without testing in staging first
• When you don't have permission or authorization to make these changes

How to Verify It Worked

• Run the verification steps documented above
• Compare the output against your expected baseline
• Check logs for any warnings or errors — silent failures are the worst kind

Production Considerations

• Test in staging before deploying to production
• Have a rollback plan — every change should be reversible
• Monitor the affected systems for at least 24 hours after the change