At Nakheel, we needed to load balance a new sharepoint instance. Our new sharepoint is single sign on, and was running on 2 web servers which needed to be load balanced. We played around with Apache for a while, and it’s awesome proxy balancer, but it gave us the problem that it was always asking for a username and password.
Apache was used, since I have a reasonable amount of experience with it load balancing servers such as Webrick, etc. After a few frustrating hours of messing with NTLM, Christian proposed a few alternatives for this.
Having this in mind, we decided to go for HAProxy, to provide load balancing and a reverse proxy for our sharepoint instance. The good this is that it is a very simple tool, it accept HTTP conenctions, and forward them.
Below is our simplified /etc/haproxy/haproxy.cfg file
global maxconn 4096 user haproxy group haproxy daemon # debug defaults mode http option forwardfor log 127.0.0.1 local0 notice maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 backend sharepoint balance roundrobin option redispatch cookie SERVERID insert nocache server sp1 172.30.16.11:80 cookie spsrv01 weight 30 check server sp2 172.30.16.12:80 cookie spsrv02 weight 30 check frontend httpid bind *:80 acl hosts_sharepoint hdr_end(host) -i intranet.domain.com acl hosts_sharepoint hdr_end(host) -i intranet.domain.com:80 use_backend sharepoint if hosts_sharepoint default_backend sharepoint
The configuration is very straightforward, and it got rid of our continuous username/password boxes, especially under firefox.
Hope this helps,