Skip to main content

Loadbalancer Configuration

[edit on GitHub]

This guide details how to set up the load balancer configuration for Chef Automate and Chef Infra Server.

Load Balancer

Assuming you have DNS configured with domain names:

  • Chef Automate: chefautomate.example.com
  • Chef Infra Server: chefinfraserver.example.com

Install Nginx

For Debian / Ubuntu :

sudo apt-get update
sudo apt-get install nginx

For Centos or Redhat :

sudo yum install epel-release
sudo yum update
sudo yum install nginx

Configure

  1. Create new file /etc/nginx/sites-available/chef-automate-lb.conf
upstream chef-automate-servers {
   server 10.1.0.101:443 max_fails=2 fail_timeout=30s;
   server 10.1.0.102:443 max_fails=2 fail_timeout=30s;
   server 10.1.0.103:443 max_fails=2 fail_timeout=30s;
}

server {
   listen 443 ssl;
   server_name chefautomate.example.com;
   ssl_certificate /etc/letsencrypt/live/chefautomate.example.com/cert.pem;
   ssl_certificate_key /etc/letsencrypt/live/chefautomate.example.com/privkey.pem;
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

   location / {
      proxy_pass https://chef-automate-servers;
      proxy_set_header Host $host;
   }
}

server {
   listen 80;
   server_name chefautomate.example.com;
   return 301 https://$server_name$request_uri;
}
  1. Create new file /etc/nginx/sites-available/chef-infra-server-lb.conf
upstream chef-infra-servers {
   server 10.1.0.101:443 max_fails=2 fail_timeout=30s;
   server 10.1.0.102:443 max_fails=2 fail_timeout=30s;
   server 10.1.0.103:443 max_fails=2 fail_timeout=30s;
}

server {
   listen 443 ssl;
   server_name chefinfraserver.example.com;
   ssl_certificate /etc/letsencrypt/live/chefinfraserver.example.com/cert.pem;
   ssl_certificate_key /etc/letsencrypt/live/chefinfraserver.example.com/privkey.pem;
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

   location / {
      proxy_pass https://chef-infra-servers;
      proxy_set_header Host $host;
   }
}

server {
   listen 80;
   server_name chefinfraserver.example.com;
   return 301 https://$server_name$request_uri;
}
  1. Enable Sites for Chef Automate and Chef Infra Server
sudo ln -s /etc/nginx/sites-available/chef-automate-lb.conf /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/chef-infra-server-lb.conf /etc/nginx/sites-enabled/
  1. Test Nginx Config
sudo nginx -t
  1. Restart Nginx
sudo systemctl restart nginx

Was this page helpful?

×









Search Results