Home

About Us

Advertisement

Contact Us

PRIVACY POLICY

Maalavs Blog

Your Trusted Voice Across the World.

Search

📌Linux HAProxy Configuration Guide🚀

Author: Madhan Gopalakrishnan | Published on : 11-02-202

HAProxy (High Availability Proxy) is a powerful, open-source load balancer and proxy server designed to efficiently distribute traffic across multiple servers, ensuring high availability and optimized performance. This guide provides a step-by-step setup, making it easy for beginners and administrators alike! 🛠️

🔧 2. Prerequisites

🌐 2.1 Network Requirements

✔️ A minimum of two backend servers and one HAProxy server ✔️ Static IP addresses assigned to all servers ✔️ Proper DNS resolution for backend servers ✔️ Firewall rules allowing traffic on necessary ports (80, 443 for HTTP/HTTPS, 22 for SSH, etc.)

💻 2.2 Compute Requirements

Minimum: 2 vCPU, 4GB RAM (for small deployments) ✅ Recommended: 4 vCPU, 8GB RAM (for production) ✅ At least 20GB disk spaceOperating System: RHEL, CentOS, Ubuntu, or Debian

🛠️ 2.3 Software Requirements

HAProxy package (latest stable version) ✅ OpenSSL for SSL/TLS termination (if required) ✅ System utilities: net-tools, curl, vim or nano

🏗️ 3. Installation of HAProxy

🐧 3.1 Installing on Ubuntu/Debian

sudo apt update  # 📌 Updates the package list to get the latest versions
sudo apt install -y haproxy  # ⚡ Installs HAProxy without user confirmation

🏗️ 3.2 Installing on CentOS/RHEL

sudo yum install -y epel-release  # 📌 Enables Extra Packages for Enterprise Linux (EPEL) repository
sudo yum install -y haproxy  # ⚡ Installs HAProxy package

3.3 Verifying Installation

haproxy -v  # 🔍 Displays the installed HAProxy version

⚙️ 4. Step-by-Step Configuration

🏁 4.1 Day 1 Activity (Initial Setup)

🛠️ 4.1.1 Configuring HAProxy

🔹 Backup the default HAProxy configuration file:

sudo cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak  # 🛡️ Creates a backup of the config file

🔹 Open and edit the HAProxy configuration file:

sudo nano /etc/haproxy/haproxy.cfg  # ✍ Opens the configuration file in nano editor

🔹 Define the global settings:

global
   log /dev/log local0  # 📌 Logs messages to syslog
   log /dev/log local1 notice  # Defines logging level
   chroot /var/lib/haproxy  # 🔒 Enhances security
   stats socket /run/haproxy/admin.sock mode 660 level admin  # 📊 Enables admin stats socket
   stats timeout 30s  # ⏳ Sets timeout for stats
   user haproxy  # 👤 Runs HAProxy as user haproxy
   group haproxy  # 👥 Runs HAProxy as group haproxy
   daemon  # 🏃 Runs HAProxy in the background

🔹 Configure default settings:

defaults
   log global  # 📌 Uses global logging settings
   mode http  # 🌍 Sets mode to HTTP for web traffic
   option httplog  # 📝 Enables logging for HTTP requests
   timeout connect 5000ms  # ⏳ Connection timeout
   timeout client 50000ms  # ⏳ Client timeout
   timeout server 50000ms  # ⏳ Server timeout

🔹 Define frontend configuration:

frontend http_front
   bind *:80  # 🔗 Listens on port 80 for incoming requests
   default_backend web_servers  # 📌 Sends traffic to backend servers

🔹 Define backend configuration:

backend web_servers
   balance roundrobin  # 🔄 Distributes traffic evenly among backend servers
   server web1 192.168.1.101:80 check  # 🖥️ First backend server with health check
   server web2 192.168.1.102:80 check  # 🖥️ Second backend server with health check

🔹 Save the configuration and restart HAProxy:

sudo systemctl restart haproxy  # 🔄 Restarts HAProxy to apply changes
sudo systemctl enable haproxy  # 🚀 Enables HAProxy to start on boot

🔹 Verify HAProxy status:

sudo systemctl status haproxy  # ✅ Checks if HAProxy is running

📊 4.2 Day 2 Activity (Monitoring & Optimization)

📈 4.2.1 Enabling HAProxy Stats Page

🔹 Modify haproxy.cfg to add a stats section:

listen stats
   bind *:8080  # 📡 Listens on port 8080 for the stats page
   stats enable  # 📊 Enables statistics
   stats uri /stats  # 🔍 Defines the URL to access stats
   stats auth admin:password  # 🔑 Sets username and password for stats page

🔹 Restart HAProxy:

sudo systemctl restart haproxy  # 🔄 Restart HAProxy with updated config

🔹 Access the stats page: http://<haproxy-ip>:8080/stats 📊

📜 4.2.2 Setting Up Logging

🔹 Ensure rsyslog is installed and configured:

sudo apt install -y rsyslog  # 🐧 For Ubuntu/Debian
sudo yum install -y rsyslog  # 🏗️ For RHEL/CentOS

🔹 Enable HAProxy logging:

sudo nano /etc/rsyslog.d/haproxy.conf  # ✍ Creates a log config file

🔹 Add the following:

local0.* /var/log/haproxy.log  # 📌 Sends HAProxy logs to a dedicated file

🔹 Restart rsyslog:

sudo systemctl restart rsyslog  # 🔄 Restarts rsyslog to apply changes

🔒 4.2.3 Configuring SSL Termination (Optional)

🔹 Obtain an SSL certificate (self-signed or from Let’s Encrypt). 🔹 Configure HAProxy to use SSL:

frontend https_front
   bind *:443 ssl crt /etc/haproxy/certs/server.pem  # 🔒 Uses SSL certificate
   default_backend web_servers  # 🚀 Routes traffic to backend servers

🔹 Restart HAProxy:

sudo systemctl restart haproxy  # 🔄 Restarts HAProxy with SSL settings

🎯 5. Conclusion

By following this guide, you have successfully installed, configured, and optimized HAProxy for high availability and efficient load balancing. 🌍🚀 Keep monitoring your setup to ensure seamless operations! 🔍💡

Featured Articles

Search

Author Details

Madhan Gopalakrishnan

I am a passionate “tech blogger” with a knack for breaking down complex topics into simple insights or exploring the latest trends in AI With 5 years of experience in IT Infra implementation and maintenance, I love to share knowledge through in-depth articles and practical tips. When not writing, you can find my hobby “traveling to offbeat destinations”.

Follow Us on

Categories

Archives

Tags