Configuring and running the built-in balancer on a cluster node

Only applicable when integrating with multiple servers of КАТА 5.0 or a later version.

To configure the built-in balancer on a cluster node:

Connect to the cluster node over SSH to gain access to the Technical Support Mode.
Download the balancer RPM packages here.
Place the balancer RPM packages in the current directory and install them using the following commands:
yum -y install pcre2-10.23-2.el7.x86_64.rpm

yum -y install haproxy-2.6.4-6960.zap.el7.x86_64.rpm
Rename the basic configuration file of the balancer with the following command:
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.orig
Place the previously prepared configuration haproxy.cfg configuration file in the /etc/haproxy directory and set access rights for it using the following commands:
chown root:root /etc/haproxy/haproxy.cfg

chmod 640 /etc/haproxy/haproxy.cfg
Create the /etc/rsyslog.d/haproxy.conf file with the following content:
$ModLoad imudp

$UDPServerRun 514

$UDPServerAddress 127.0.0.1

if $syslogfacility-text == 'local6' then /var/log/haproxy.log

if $syslogfacility-text == 'local6' then stop
Create the /var/log/haproxy.log file and set access rights for it using the following commands:
touch /var/log/haproxy.log

chown root:adm /var/log/haproxy.log

chmod 640 /var/log/haproxy.log
If necessary, edit the log rotation settings file for the log balancer (/etc/logrotate.d/haproxy).
By default, entries are rotated daily. Entries are kept for 10 days.
Restart the system log service:
systemctl restart rsyslog
Start the built-in balancer service:
systemctl start haproxy
Allow running the built-in balancer service automatically:
systemctl enable haproxy
Check the status of the built-in balancer service:
systemctl status haproxy

The status must be running.
Check the presence of entries in the built-in balancer log:
tail /var/log/haproxy.log

The built-in balancer is configured and started on the Kaspersky Secure Mail Gateway cluster node.

Page top