Intro
Pound is nifty little web tool that does its job very well. Most sysadmins start using Pound out of the box and before they know it have amassed a number of disparate web sites running under the one Pound instance. This doesn't seem to be a problem for Pound which by its own lightweight design can handle the load without much stress, but the admin burden and criticality increases as the number of disparate web sites serviced by the one instance of Pound increase.
Although Pound does support include files allowing you to segment your configurations into smaller manageable files, you still have the risk of a lesser skilled sysadmin (e.g. a developer) making a mistake with their own less important Pound configuration file and bringing down the whole show. Also, if you are using Pound's cookie based sticky sessions and your multiple backend web servers store cookie details in a local session folder rather than a central database (yes, I've seen developers design this many times), then reloading Pound to affect a new configuration change will clear Pound's internal session table creating the likely possibility of some clients being remapped to a different backend web server as Pound rebuilds its new session table. Under these circumstances the likely result is that the client's cookie will not be present in the session folder of the new backend web server and the client will be thrown back to the login screen. If your sysadmin is not made aware of this application limitation and you are running a number of disparate web sites under the one instance of Pound, then life can become interesting.
Some sysadmins will commission another Pound host to overcome such concerns, but that's a bit rich as the Pound daemon is so lightweight and efficient that it doesn't consume much disk I/O or CPU time.
The ideal solution is to run multiple instances of Pound on your load balancer. Pound just happens to be very flexible in that regard too. A suitable approach would be to run one instance of Pound for each web service, e.g. one for production and one for staging. This also means that each web service will have its own Pound configuration file and any changes to it will not affect any other web service.
In this document I will show you how to run two Pound instances (prod and stag) on a single CentOS 6.3 host.
Unix: Install Pound
Install Pound onto your designated load balancer host but do not enable the default Pound service, in fact you could delete the service but that may interfere with future updates so just leave it permanently disabled for now.
yum install Pound chkconfig pound off
Unix: Create a Pound configuration directory
We will not be using the default Pound configuration file so you can ignore it completely.
Because we will be running multiple instances of Pound this implies that we will also be using multiple configuration files (one for each instance). Create a secure folder to store our Pound configuration files.
mkdir /etc/pound.d chown root:pound /etc/pound.d chmod 750 /etc/pound.d
Unix: Create the init scripts
Simply copy the default distribution script. Do not run the services just yet.
cp -p /etc/init.d/pound /etc/init.d/pound-prod chkconfig --add pound-prod chkconfig pound-prod on chkconfig --list pound-prod cp -p /etc/init.d/pound /etc/init.d/pound-stag chkconfig --add pound-stag chkconfig pound-stag on chkconfig --list pound-stagFor the production startup script edit /etc/init.d/pound-prod and change the following values:
- servicename
- options
- lockfile
#!/bin/bash # # pound This shell script starts the Pound load-balancer # # Author: Arthur Gouros # # chkconfig: - 85 15 # # description: Pound is a reverse proxy and load-balancer # processname: pound # config: /etc/pound.d/prod.conf # pidfile: /var/run/pound-prod.pid # # source function library . /etc/rc.d/init.d/functions RETVAL=0 ############################### # Custom options for production ############################### servicename="pound-prod" options="-f /etc/pound.d/prod.conf -p /var/run/pound-prod.pid" lockfile=/var/lock/subsys/pound-prod start() { echo -n $"Starting Pound $servicename: " daemon pound $options RETVAL=$? echo [ $RETVAL -eq 0 ] && touch $lockfile } stop() { echo -n $"Stopping Pound $servicename: " killproc $servicename echo [ $RETVAL -eq 0 ] && rm -f $lockfile } restart() { stop start } case "$1" in start) start ;; stop) stop ;; restart|force-reload|reload) restart ;; condrestart) [ -f $lockfile ] && restart ;; status) status $servicename RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}" exit 1 esac exit $RETVALFor the staging startup script edit /etc/init.d/pound-stag and change the following values:
- servicename
- options
- lockfile
#!/bin/bash # # pound This shell script starts the Pound load-balancer # # Author: Arthur Gouros # # chkconfig: - 85 15 # # description: Pound is a reverse proxy and load-balancer # processname: pound # config: /etc/pound.d/stag.conf # pidfile: /var/run/pound-stag.pid # # source function library . /etc/rc.d/init.d/functions RETVAL=0 ############################### # Custom options for staging ############################### servicename="pound-stag" options="-f /etc/pound.d/stag.conf -p /var/run/pound-stag.pid" lockfile=/var/lock/subsys/pound-stag start() { echo -n $"Starting Pound $servicename: " daemon pound $options RETVAL=$? echo [ $RETVAL -eq 0 ] && touch $lockfile } stop() { echo -n $"Stopping Pound $servicename: " killproc $servicename echo [ $RETVAL -eq 0 ] && rm -f $lockfile } restart() { stop start } case "$1" in start) start ;; stop) stop ;; restart|force-reload|reload) restart ;; condrestart) [ -f $lockfile ] && restart ;; status) status $servicename RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}" exit 1 esac exit $RETVAL
Unix: Create the Pound configuration file for each instance
The configuration file name is the name referred to by the -f option in the init script of the Pound instance.
All configuration directives as described in the Pound man pages can be used for each instance but there is one configuration directive called Control which is the listening socket file and has to be unique for each instance.
Be extra careful that you do not make the multiple instances of Pound listen on the same IP address and port by having duplicate entries across configurations as this will cause you problems.
For the production instance of Pound my example configuration file /etc/pound.d/prod.conf will look as follows:
########################################## # production globals ########################################## User "pound" Group "pound" Control "/var/lib/pound/prod.sock" LogFacility local2 ########################################## # www.mycompany.com ########################################## ListenHTTP Address 200.200.200.200 Port 80 Service "www.mycompany.com" BackEnd Address 192.168.200.200 Port 80 End BackEnd Address 192.168.200.201 Port 80 End End End ########################################## # End of File ##########################################For the staging instance of Pound my example configuration file /etc/pound.d/stag.conf will look as follows:
########################################## # staging globals ########################################## User "pound" Group "pound" Control "/var/lib/pound/stag.sock" LogFacility local2 ########################################## # staging.mycompany.com ########################################## ListenHTTP Address 200.200.200.201 Port 80 Service "staging.mycompany.com" BackEnd Address 192.168.200.202 Port 80 End BackEnd Address 192.168.200.203 Port 80 End End End ########################################## # End of File ##########################################The above are just examples of a really basic load balanced web service. In the big wide world we often configure Pound with admin backends, HTTPS services, conditional redirects, sticky sessions, HTTP header manipulation, etc. Please consult the Pound documentation to learn more.
Unix: Start all the Pound instances
You should be good to go now with running up all the pound instances on the one host.
service pound-prod start service pound-prod status poundctl -c /var/lib/pound/prod.sock service pound-stag start service pound-stag status poundctl -c /var/lib/pound/stag.sockNow you can manage your disparate web services independently of each other with the confidence that you won't be affecting any other services. This is also good news if you delegate the responsibility of managing these disparate web sites to different groups.