Loadbalancing for an FTP server¶
In this tutorial we’ll look at how to deploy the HAProxy charm to provide TCP load balancing for a VM running an FTP server. This tutorial is done on LXD and assumes that you have a Juju controller bootstrapped and a machine model to deploy charms.
Requirements¶
You will need a working station, e.g., a laptop, with AMD64 architecture. Your working station should have at least 4 CPU cores, 8 GB of RAM, and 50 GB of disk space.
Tip
You can use Multipass to create an isolated environment by running:
multipass launch 24.04 --name charm-tutorial-vm --cpus 4 --memory 8G --disk 50G
This tutorial requires the following software to be installed on your working station (either locally or in the Multipass VM):
Juju 3.3
LXD 5.21.4
Use Concierge to set up Juju and LXD:
sudo snap install --classic concierge
sudo concierge prepare -p machine
This first command installs Concierge, and the second command uses Concierge to install and configure Juju and LXD.
For this tutorial, Juju must be bootstrapped to a LXD controller. Concierge should
complete this step for you, and you can verify by checking for msg="Bootstrapped Juju" provider=lxd
in the terminal output and by running juju controllers.
If Concierge did not perform the bootstrap, run:
juju bootstrap lxd tutorial-controller
Set up a tutorial model¶
To manage resources effectively and to separate this tutorial’s workload from your usual work, create a new model using the following command:
juju add-model haproxy-tutorial
Deploy the HAProxy charm¶
We will deploy charm from Charmhub using the 2.8/edge channel:
juju deploy haproxy --channel=2.8/edge
Deploy and configure the FTP server¶
First, we’ll spin up a Juju machine to host our FTP server:
juju add-machine
Once the machine is in an “Active” state, install and configure the FTP server. The following command will install vsftpd and configure the daemon to run in passive mode with anonymous login enabled:
cat << EOF | juju ssh 1
sudo apt update; sudo apt install vsftpd -y
sudo sed -i -e 's/anonymous_enable=NO/anonymous_enable=YES/g' /etc/vsftpd.conf
cat << EEOF | sudo tee -a /etc/vsftpd.conf
pasv_enable=Yes
pasv_max_port=10100
pasv_min_port=10100
EEOF
sudo systemctl reload vsftpd.service
EOF
Deploy and configure the ingress configurator charms¶
To expose our FTP server through HAProxy, we need to deploy two instance of the Ingress Configurator charm, one to configure the control port and the other to configure the data port. Add a machine to host the two charms:
juju add-machine
Then, deploy the two charms to the new machine:
juju deploy ingress-configurator ftp-control --channel=latest/edge --to 2
juju deploy ingress-configurator ftp-data --channel=latest/edge --to 2
Once the two charms have settled into an “Active” state, update their configuration and integrate them with HAProxy using the haproxy-route-tcp relation:
FTP_SERVER_ADDRESS = $(juju status --format json | jq -r '.machines."5"."ip-addresses".[0]')
juju config ftp-control tcp-backend-addresses=$FTP_SERVER_ADDRESS tcp-backend-port=21 tcp-frontend-port=2100
juju config ftp-data tcp-backend-addresses=$FTP_SERVER_ADDRESS tcp-backend-port=10100 tcp-frontend-port=10100
juju integrate ftp-control:haproxy-route-tcp haproxy
juju integrate ftp-data:haproxy-route-tcp haproxy
Verify connection to the FTP server¶
Once all of the charms have settled into an “Active” state, verify that the FTP server is reachable through HAProxy:
HAPROXY_IP=$(juju status --format json | jq -r '.applications.haproxy.units."haproxy/0"."public-address"')
ftp -P 2100 ftp://$HAPROXY_IP
After running the command you should see 230 Login successful and an interactive session is opened:
...
331 Please specify the password.
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
200 Switching to Binary mode.
ftp>
Clean up the environment¶
Well done! You’ve successfully completed this tutorial.
To remove the model environment you created, use the following command:
juju destroy-model haproxy-tutorial