Setting Up Web Server Load Balancing Using ‘POUND’ With SSL/TLS On Rocky Linux

Setting Up Web Server Load Balancing Using ‘POUND’ With SSL/TLS On Rocky Linux

 in This Tutorial you will Learn " How To Set Up Web Servers Load Balancing Using ‘POUND’ with     
SSL/TLS Connection On Rocky Linux 8.5  
                  
Pound is a reverse-proxy load balancing server. It accepts requests from HTTP/HTTPS clients and distributes them to one or more Web servers.
SSL and TLS are both cryptographic protocols used to increase security by encrypting communication over computer networks.
_________________________________________________________________________________________
Server - Os:  Rocky Linux 8.5  64Bit      |    IP -192.168.1.20        |     Hostname - www.primaryhost.com
Backend server's IP address -  192.168.1.80
_________________________________________________________________________________________
cat /etc/system-release ; sestatus ; hostname -I ; dnf groupinstall "Development Tools" -y
dnf install epel-release -y
dnf -y install Pound
mv /etc/pound.cfg /etc/pound.cfg.org

cd /etc/pki/tls/certs ; openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/pki/tls/certs/pound.pem -out /etc/pki/tls/certs/pound.pem
chmod 600 pound.pem

nano /etc/pound.cfg
User "pound"
Group "pound"
# log level (max: 5)
LogLevel 3
# specify LogFacility
LogFacility local1
# interval of heartbeat - seconds
Alive 30

# define frontend
ListenHTTP
    Address 0.0.0.0
    Port 80
End
ListenHTTPS
    Address 0.0.0.0
    Port 443
    Cert "/etc/pki/tls/certs/pound.pem"
End
# Define Backend
Service
    BackEnd
        # backend server's IP address
        Address  192.168.1.80
        # backend server's port
        Port     80
        # set priority
        # available value is 1-9, max priority is 9
        Priority 5
    End
End
systemctl enable --now pound
nano /etc/rsyslog.conf
*.info;mail.none;authpriv.none;cron.none;local1.none    /var/log/messages
local1.*                                                /var/log/pound.log
firewall-cmd --add-service=http ; firewall-cmd --runtime-to-permanent
systemctl daemon-reload ; systemctl restart rsyslog
https://localhost/
http://localhost/
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
cat /etc/system-release ; sestatus ; hostname -I ; dnf groupinstall "Development Tools" -y
dnf install httpd -y
nano /etc/httpd/conf/httpd.conf
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
echo "<h1>Web Server Load Balancing Using ‘POUND’ With SSLTLS</h1>" > /var/www/html/index.html
systemctl daemon-reload ; systemctl restart rsyslog httpd
______________________________________________________




Share on Pinterest
Share on LinkedIn
Share on WhatsApp
Share on Telegram