How to Configure HAProxy Load Balancer

HAProxy load balancer logo

HAProxy load balancer (community edition) is a versatile, customizable solution for building a highly available (HA) cloud infrastructure. Short for “highly available Proxy,” HAProxy is used by a long list of reputable organizations including Fedora, MaxCDN, OpenShift, and Reddit for complex setups. There’s even a pfSense firewall module for HAProxy integration.

If Apache load balancer and balancer manager don’t satisfy your needs, HAProxy might be the right solution for you.

Below we’ll cover the steps to develop a simple HTTP proxy server with HAProxy on a Linux cloud server.

Have full control of your environment and deploy the best operating and management systems that fit your needs with our reliable Cloud VPS solutions!

Install HAProxy Load Balancer

SSH into your server and install HAProxy from your Linux distribution repos.

CentOS: 

sudo yum install haproxy

Debian:

sudo apt-get install haproxy

Configure HAProxy

Edit the HAProxy configuration file with your command-line editor of choice – Nano, Vim, Emacs, etc.

nano /etc/haproxy/haproxy.cfg

There’s plenty of example data in there already. We’ll only cover the lines you need to edit for basic HTTP load balancing.

Change the bind port number to the necessary port for your HAProxy load balancer setup. This should likely be port 80 (HTTP), 443 (HTTPS/SSL), or the port for whatever web applications you’ll be using on backend servers . Ensure the port you specify here is open in your firewall – CSF, Firewalld, UFW, etc.

bind :5000

If you’re using the HAProxy load balancer with a free or paid SSL certificate, add two separate lines enforcing a 301 redirect for all insecure (HTTP) requests. We’ve covered how to install free SSL certificates on Ubuntu Server with Certbot.

bind *:443 ssl crt /path-to-ssl-certs/example.pem
redirect scheme https code 301 if !{ ssl_fc }

Customize your name for the backend configuration from the default “app.” This will become important if you create multiple load balancers within HAProxy. As of now, they simply need to match in both sections of your configuration file.

default_backend app
backend app 

There are multiple load balancing algorithms available within HAProxy. The default option is roundrobin. The two other most common ones are leastconn(ections) and source (IP address). Round robin should suffice for smaller setups.

balance roundrobin

At the bottom, create a line for each backend server in your setup. You can identify servers by domain, server hostname, or IP address. Remember to add a colon and the port number afterwards.

server httpsite example.com:80 check
server httpssite 1.2.3.4:443 check ssl verify none

Here’s a condensed version of everything above you can easily paste into your HAProxy configuration file.

frontend main
    bind *:80
    default_backend       lb
backend lb
    balance     roundrobin
        server httpsite example.com:80 check
        server httpssite 1.2.3.4:443 check ssl verify none

Start HAProxy

Start the HAProxy service.

systemctl start haproxy

Enable HAProxy to restart upon system reboot.

systemctl enable haproxy

Afterwards, open your load balancer URL in a web browser. It should redirect to one of the backend servers. When you refresh the page, it should show the next backend server. If not, test with a private browsing session.

Whenever you make changes to your HAProxy load balancer, restart the server application with Systemd.

systemctl restart haproxy

Learn more server administration tasks from our Cloud Server Hosting Product Guide.

J
Jacqueem Technical Writer

Technical writer focused on cybersecurity and musicianship.

More Articles by Jacqueem

Was this article helpful? Let us know!