How to enable Remote Desktop on Windows Server 2019
For this section, we are going to show in brief how to setup a high-availability/load balancer to control traffic over a specific service; in our case, we will use HTTP as for web server’s traffic.

Source: assets.digitalocean.com
For this job, we are using HAProxy as an open source solution for load balancing and services’ high availability through multiple servers. It is commonly used for a website’s traffic load balancing. HAProxy distributes the workload over many servers that offer the same services (basically web servers, databases, and so on) to improve the overall performance of the service and its reliability.
As we said earlier, this section is going to install and configure a high availability load balancer to share the load between three web servers and a backup server in case of server or service failure to take over.
So, we will have an infrastructure that looks like this:
- HAProxy server:
- OS: CentOS 7
- IP address: 172.25.25.166 and 10.0.0.10
- Hostname: haproxy.packt.co.uk
- Web server 1:
- OS: CentOS 7
- IP address: 10.0.0.11
- Hostname: webserver1.packt.co.uk
- Web server 2:
- OS: CentOS 7
- IP address: 10.0.0.12
- Hostname: webserver2.packt.co.uk
- Web server 3:
- OS: CentOS 7
- IP address: 10.0.0.13
- Hostname: webserver3.packt.co.uk
- Backup web server:
- OS: CentOS 7
- IP address: 10.0.0.20
- Hostname: backupwebserver.packt.co.uk
First, we will start by setting the web servers and to do so, we will be only using the default page generated by Apache after being installed. For more information on how to setup a web server, you can always refer to Chapter 3, Linux for Different Purposes. So, we will only need to have Apache installed and running and we need to configure the network and the machine’s hostname.
First, we will use the default package manager for CentOS 7 YUM to install the Apache web server:
$ sudo yum install httpd
Then after that, we configure the hostname:
$ sudo nano /etc/hostname
And we make sure it looks like this:
Webserver1.packt.co.uk
After that, we go to each hosts file and we configure the domain to the default localhost while adding the list of all the servers with their IP addresses:
$ sudo nano /etc/hosts
Note
This part is only needed if there is no reliable DNS server inside the infrastructure that can resolve all the infrastructure servers.
We change the default localhost address 127.0.0.1
domain name:
127.0.0.1 webserver1 Webserver1.packt.co.uk
Then, we add the following lines:
10.0.0.10 haproxy haproxy.packt.co.uk
10.0.0.11 Webserver1 Webserver1.packt.co.uk
10.0.0.12 Webserver2 Webserver2.packt.co.uk
10.0.0.13 Webserver3 Webserver3.packt.co.uk
10.0.0.20 backupWebserver backupWebserver.packt.co.uk
Before finishing, we need to open the HTTPS and HTTPS ports at the webserver firewall to make the service accessible for the visitors:
$ sudo firewallcmd permanent zone=public addport=80/tcp
$ sudo firewallcmd permanent zone=public addport=443/tcp
$ sudo firewallcmd reload
By this step, we can say that we have all our web servers ready. We can now move to our HAProxy server installation. First, we need to open the needed ports for the web service and log reception used by HAProxy:
$ sudo firewallcmd permanent zone=public addport=80/tcp
$ sudo firewallcmd permanent zone=public addport=443/tcp
$ sudo firewallcmd permanent zone=public addport=514/udp
$ sudo firewallcmd reload
Then, we can start the installation:
$ sudo yum install haproxy
And now, we go to the configuration part. Before doing the main HAProxy configuration, we need to setup the HAProxy logging feature configuration for debugging:
$ sudo nano /etc/haproxy/haproxy.cfg
Under the #Global settings options, we need to make sure that the following line is not commented:
log 127.0.0.1 local2 info
Some minor modification needs to happen at the Rsyslog
configuration file too:
$ sudo nano /etc/rsyslog.conf
That is where we need to uncomment the following two lines:
$ModLoad imudp
$UDPServerRun 514
Before finishing, we need to have a file that represents HAProxy
at the Rsyslog log
folder:
$ sudo nano /etc/rsyslog.d/haproxy.conf
And while creating it using Nano, we need to put the following line inside it:
local2.* /var/log/haproxy.log
Save the file, then apply the changes and restart Rsyslog service
:
$ sudo systemctl restart rsyslog.service
Now, we can go to the HAProxy Global settings configuration:
$ sudo nano /etc/haproxy/haproxy.cfg
First, at the default section, we need to setup the timeout for a more personalized solution. Since our server is just doing the load balancing, we can always use port 80. So, we need to take over that port, by removing its association to the Httpd
service:
$ sudo nano /etc/httpd/conf/httpd.conf
Then, we change the listening port to anything other than 80. In our example, 8080
:
Listen 8080
Then, we go to the Main Frontend section to change the port on which the web interface is serving. So we need to change the whole section to look like the following:
Frontend HAProxy
bind *:80
reqadd X-Forwarded-Proto:\ http
default_backend HAProxy
And we need to comment out the Backend section to replace it with the following:
# use_backend static if url_static
backend HAProxy *:80
mode http
stats enable
stats hide-version
stats uri /stats
stats realm Haproxy\ Statistics
stats auth haproxy:password # Change "password" with a well secured password
balance roundrobin
option httpchk
option httpclose
option forwardfor
cookie LB insert
server webserver1 10.0.0.11:80 cookie webserver1 check
server webserver3 10.0.0.12:80 cookie webserver2 check
server webserver3 10.0.0.13:80 cookie webserver3 check
server backupwebserver 10.0.0.20:80 check backup
We need to make sure that the end of the file matches our infrastructure IP addresses and hostnames. Then, we can start the HAProxy server and add it to the startup system services:
$ sudo systemctl start haproxy.service
$ sudo systemctl enable haproxy.service
To verify that there is no error at the configuration file, we can always check the service status using the following command:
$ sudo systemctl status haproxy.service -l
Then, we get each web server and put a test page just to access it and collect the test results. Then, we open the web interface of HAProxy to visualize the status of the load balancing http://10.0.0.10/stats
or http://172.25.25.166/stats
.

If we get to see the following interface, that means that our high availability server is running well. If we need to enable https to access the web interface of HAProxy using SSL, we can always install OpenSSL and configure our server to use it.