HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world’s most visited ones. – http://haproxy.org
I recently came across HAProxy while trying to setup HA/Failover server. I had it setup using NGINX Reverse Proxy and it was working well, but I was starting to have second thoughts about it, as it was being used just for proxy/LB stuff. During my research I came across the term HAProxy a lot and wanted to test it. I have a small (but quite similar to larger NGINX environment) test environment setup with HAProxy, and the first thing it came into my mind after some initial use was “Damn, this thing is fast! Faster than my NGINX setup!”. I still haven’t migrated completely to HAProxy as there are lots of things, some quite complex, that needs to be tested with it.
Setting Multiple Domains
If you are familiar with apache or NGINX web servers, then you might have come across (or know quite well) about VirtualHosts. It is the method used by those webservers to set up various applications/websites in a single server. HAProxy uses ACL (Access Control List) for this task. Coming directly from Apache and NGINX, it seemed similar in some ways,but different.
Configuring ACLs in HAProxy
Assuming HAProxy is already installed in the system, let’s see how multiple domains can be used in HAProxy. Simple config file is shown below. It has been taken and modified from different websites/blogs/tutorials including default haproxy config file, and mostly inspired from this blog.
global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4096 user haproxy group haproxy daemon stats socket /var/lib/haproxy/stats defaults mode http log global option httplog option dontlognull stats enable stats auth username:password stats uri /hpstats retries 3 timeout http-request 3 timeout queue 10s timeout connect 1m timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 4096 frontend http-in # We are binding HAProxy to port 80, such that it listens directly on port 80. bind *:80 option http-server-close # The following defines the domain names that we are planning on proxying # Make sure to replace your-domain(1,2).com with real domains that are being proxied # Also, using better/meaningful names instead of host_domain1, host_domain2 is recommended acl host_domain1 hdr(host) -i your-domain1.com acl host_domain2 hdr(host) -i your-domain2.com # The following section defines which backend to be used by HAProxy # If it is host_domain1 then it will use backend domain1, similarly domain2 if requests come for host_domain2 # It can be used for multiple domains in same fashion. # Also, using better/meaningful names instead of domain1_backend, domain2_backend is recommended use_backend domain1_backend if host_domain1 use_backend domain2_backend if host_domain2 # The following secion is the backend secion of domain1 # It defines which IPs to be used when domain1 is queried to the HAProxy # Make sure to replace IP_ADDRESS_OF_NODEs with your real IP addresses backend domain1_backend balance roundrobin # There are lots of balancing algorithms in HAProxy. option httpclose option forwardfor cookie JSESSIONID prefix server node0 IP_ADDRESS_OF_NODE-0 check server node1 IP_ADDRESS_OF_NODE-1 check server node2 IP_ADDRESS_OF_NODE-2 check # The following secion is the backend secion of domain2 # It defines which IPs to be used when domain2 is queried to the HAProxy # Make sure to replace IP_ADDRESS_OF_NODEs with your real IP addresses backend domain2_backend balance roundrobin # There are lots of balancing algorithms in HAProxy. option httpclose option forwardfor cookie JSESSIONID prefix server node0 IP_ADDRESS_OF_NODE-0 check server node1 IP_ADDRESS_OF_NODE-1 check server node2 IP_ADDRESS_OF_NODE-2 check
After this, the
A Record of the domains should be pointed to the IP of the server HAProxy is running. After completion of DNS migration, the domains will be proxied through this server and HA/Failover can be achieved.
Enabling logging in HAProxy
I guess logging is enabled by default, but we aren’t able to find any logfiles in
/var/log/haproxy.log because rsyslogd is not listening any address. For that you have to do some configurations in
/etc/haproxy.cfg file, there should be something like these lines in the global section, if not then add them.
global log 127.0.0.1 local2 ... ...
Create a file
/etc/rsyslog.d/ if it is not already there (most probably it is not there). And add the following:
Then, uncomment these two lines from
... $ModLoad imudp $UDPServerRun 514 ...
Finally, restart rsyslog,
systemctl restart rsyslog and check
/var/log/ folder for