At Nakheel, we needed to load balance a new sharepoint instance. Our new sharepoint is single sign on, and was running on 2 web servers which needed to be load balanced. We played around with Apache for a while, and it’s awesome proxy balancer, but it gave us the problem that it was always asking for a username and password.
Apache was used, since I have a reasonable amount of experience with it load balancing servers such as Webrick, etc. After a few frustrating hours of messing with NTLM, Christian proposed a few alternatives for this.
Having this in mind, we decided to go for HAProxy, to provide load balancing and a reverse proxy for our sharepoint instance. The good this is that it is a very simple tool, it accept HTTP conenctions, and forward them.
Below is our simplified /etc/haproxy/haproxy.cfg file
global
maxconn 4096
user haproxy
group haproxy
daemon
# debug
defaults
mode http
option forwardfor
log 127.0.0.1 local0 notice
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
backend sharepoint
balance roundrobin
option redispatch
cookie SERVERID insert nocache
server sp1 172.30.16.11:80 cookie spsrv01 weight 30 check
server sp2 172.30.16.12:80 cookie spsrv02 weight 30 check
frontend httpid
bind *:80
acl hosts_sharepoint hdr_end(host) -i intranet.domain.com
acl hosts_sharepoint hdr_end(host) -i intranet.domain.com:80
use_backend sharepoint if hosts_sharepoint
default_backend sharepoint
The configuration is very straightforward, and it got rid of our continuous username/password boxes, especially under firefox.
Hope this helps,
Michael
Leave a Reply