- Load balancing the Webserver (http/https traffic) using Pound on Linux

The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively.

WHAT POUND IS:
  * A reverse-proxy: it passes requests from client browsers to one or more back-end servers.
  * A load balancer: it will distribute the requests from the client browsers among several back-end servers, while keeping session information.
  * An SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers.
  * An HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones.
  * A fail over-server: should a back-end server fail, Pound will take note of the fact and stop passing requests to it until it recovers.
  * A request redirector: requests may be distributed among servers according to the requested URL.

Pound is a very small program, easily audited for security problems. It can run as setuid/setgid and/or in a chroot jail. Pound does not access the hard-disk at all (except for reading the certificate file on start, if required) and should thus pose no security threat to any machine.

Installation:
OpenSuSe user can install pound using "1-click" installer - here

Others - Download and unpack the source tarball, installation is the standard ./configure&&make&&make install. (If you plan on utilizing Pound's SSL support, specify ./configure ––with-ssl.

Look for the pound executable in /usr/local/sbin and look for the configuration file, pound.cfg, in /usr/local/etc.

Next, configure Pound. Here's a simple pound.cfg file:
ListenHTTP
Address 1.2.3.4
Port 80
Service
  Backend
    Address 192.168.0.1
    Port 80
  End
  Backend
    Address 192.168.0.2
    Port 80
  End
End
This instructs Pound to listen on the public IP address 1.2.3.4 and pass requests evenly to the two backend machines named with Service. If the machines have significantly different resources available to them, you can alter the odds of a server being chosen with the Priority directive. Values may be 1 through 9, where the value 9 means use most often, and the value 1 means least frequent. Pound balances servers dynamically: if a server goes down, Pound automatically removes the system from the pool of available servers.

Many web applications use sessions and Pound can track sessions between a client browser and the host backend server. Pound supports five techniques: client IP address, basic authentication, URL parameter, cookie value, and header value. Only one session definition is allowed per Service.

For example, to use client IP-based tracking that keeps sessions active for ten minutes, add the following to your Pound config file:
Session
  Type IP
  TTL 600
End
To harden Pound, run the daemon as a non-privileged user. To do this, use the User and Group directives to specify the user and group, respectively:
User    "nobody"
Group   "nobody"
Keep in mind that after adding Pound into your network setup, your backend servers will log the IP address of your Pound machine instead of the client IP of the person browsing your site. As a general rule, Pound passes all headers as set by the client to the backend servers, with two exceptions: Pound adds a X-Forwarded-For header, and may add information about the SSL certificate.

You can use the X-Forwarded-for header to update your logging mechanism to record the correct information.

For example, If you're using Apache combined logging, replace the letter h (remote host) with:
\"%{X-Forwarded-for}i\"






source:http://linuxpoison.blogspot.com/2010/04/135781677513160.html

Labels

Web Search Gmail Google Docs Mobile YouTube Google Maps Google Chrome User interface Tips iGoogle Social Google Reader Traffic Making Devices cpp programming Ads Image Search Google Calendar tips dan trik Google Video Google Translate web programming Picasa Web Albums Blogger Google News Google Earth Yahoo Android Google Talk Google Plus Greasemonkey Security software download info Firefox extensions Google Toolbar Software OneBox Google Apps Google Suggest SEO Traffic tips Book Search API Acquisitions InOut Visualization Web Design Method for Getting Ultimate Traffic Webmasters Google Desktop How to Blogging Music Nostalgia orkut Google Chrome OS Google Contacts Google Notebook SQL programming Google Local Make Money Windows Live GDrive Google Gears April Fools Day Google Analytics Google Co-op visual basic Knowledge java programming Google Checkout Google Instant Google Bookmarks Google Phone Google Trends Web History mp3 download Easter Egg Google Profiles Blog Search Google Buzz Google Services Site Map for Ur Site game download games trick Google Pack Spam cerita hidup Picasa Product's Marketing Universal Search FeedBurner Google Groups Month in review Twitter Traffic AJAX Search Google Dictionary Google Sites Google Update Page Creator Game Google Finance Google Goggles Google Music file download Annoyances Froogle Google Base Google Latitude Google Voice Google Wave Google Health Google Scholar PlusBox SearchMash teknologi unik video download windows Facebook Traffic Social Media Marketing Yahoo Pipes Google Play Google Promos Google TV SketchUp WEB Domain WWW World Wide Service chord Improve Adsence Earning jurnalistik sistem operasi AdWords Traffic App Designing Tips and Tricks WEB Hosting linux How to Get Hosting Linux Kernel WEB Errors Writing Content award business communication ubuntu unik