Configuring a Cluster Load Balancer
The cluster load balancer receives traffic from applications sending log and trace data, and from users interacting with the Seq UI.
Suitable Load Balancers
Seq clusters can be fronted by most popular HTTP load balancers, including the application load balancers of major cloud providers, HAProxy, IIS ARR, and Nginx.
While Seq has no special requirements from the load balancer, it is critically important that the load balancer is robust and deployed to sufficiently capable hardware in order for the cluster to operate reliably.
If in doubt, choose a load balancer you are familiar with and confident operating, from a vendor that can provide adequate support. The Seq support team will be glad to help with load balancer configuration, but cannot troubleshoot all possible load balancer issues.
Reaching the Load Balancer
The load balancer must be reachable at the Load Balancer URI. For example, https://seq.example.com. Applications and users of the Seq cluster need to be able to resolve this hostname and reach the load balancer in order to interact with the cluster.
Inbound and Target Ports
This table describes how load balancer ports are mapped onto the ports exposed by Seq nodes. This configuration assumes TLS will be terminated at the load balancer. To terminate TLS at the Seq nodes themselves, adjust the configuration accordingly.
| Load Balancer Port | Seq Node Port | Purpose |
|---|---|---|
| 80 | Load balancer redirect to HTTPS (no target port) | Redirect users who attempt to reach the cluster on via unencrypted connections to the secure endpoint. |
| 443 | 80 | Terminate incoming TLS connections, forward to Seq nodes' Node Listen URI endpoints. |
| 45341 | 5341 | Optional. Terminate incoming TLS ingestion port connections, forward to Seq nodes' ingestion-only endpoints, if configured. |
Many examples show the use of Seq's "traditional" port 5341 for log ingestion. This is normally used with unsecured HTTP. We recommend against allowing unsecured port 5341 ingestion traffic to Seq clusters: use and forward the HTTPS port 45341 instead.
Active Node Health Checks
Seq nodes respond individually to the /health endpoint. A 200/OK response from /health indicates that the node should receive HTTP requests from the load balancer:
GET /healthProduces a 200 response from healthy Seq servers:
{"status":"healthy","description":"The Seq node is in service.","cluster":{"nodeId":"d2dd4249848d63648f40c100f9734fa2"}}Load balancers that support active health checks should take nodes out of service when consecutive health checks fail, and return nodes immediately to service once a health check is successful.
Example HAProxy Configuration
The configuration below is a simplified HAProxy example using plain HTTP.
global
log stdout format raw local0 notice
defaults
mode http
timeout connect 5s
timeout http-request 5s
timeout client 90s
timeout server 90s
log global
frontend seq_cluster
bind :80
default_backend seq_node_pool
backend seq_node_pool
option httpchk GET /health
default-server slowstart 60s
server node01 node01.example.local:80 check
server node02 node02.example.local:80 check
server node03 node03.example.local:80 check
Updated about 2 months ago