How to Setup High-Availability Load Balancer with ‘HAProxy’ to Control Web Server Traffic

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Babin Lonston

I'm Working as a System Administrator for last 10 year's with 4 years experience with Linux Distributions, fall in love with text based operating systems.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

29 Responses

  1. krimesh Shah says:

    The article is really good to understand quite good stuff, I got. I have a question, while testing the load balancer if it is working fine why we are accessing loadbalancer IP address where we have created all index.html file in the 4 web server.

    So the testing should be like when we access the web server by name we should be able to see from the log that which web server out of 4 it is using to server the request, isn’t it?

  2. Vikas says:

    This is an amazing article. works for me and also helped in understanding how HAProxy works.
    Thanks a ton !!

    • Ravi Saive says:

      @Vikas,

      Thanks for finding this article very useful and I am glad that you know now about HAProxy work flow..keep visiting Tecmint for more such quality articles..

      • Ashish says:

        It is a good article , but I have some question regarding the article

        1- what is the difference between tcp and http mode in haproxy .. I am confused on this topic.

        2- as you have mentioned this article as high availability with HA proxy .. this architecture does not seems high availability ,as per my view as you are using a single load balancer here , in a case if it gets down then architecture will fails as web servers are communicating with a single load balancers .. so it not seems a high availability architecture as my side .

  3. Ashish says:

    Hi Babin ,

    It is a good article , but I have some question regarding the article

    1- what is the difference between tcp and http mode in haproxy .. I am confused on this topic.

    2- as you have mentioned this article as high availability with HA proxy .. this architecture does not seems high availability ,as per my view as you are using a single load balancer here , in a case if it gets down then architecture will fails as web servers are communicating with a single load balancers .. so it not seems a high availability architecture as my side .

    I am not criticizing , article is good , but I was expecting little more from you ..

    thanks ,
    Ashish

  4. theluli says:

    Hi Nice tutorial , just have one question
    Where you are installing SSL, on load-balancer or webserver,
    and if in load-balancer why you need to install apache2 ?
    Please need this information

  5. Maykel Franco says:

    Great article!!! I like very much but I have questions…

    Can I configure LBS in other section without redirect http to https? And…

    I have different subdomain, certificates in the webserver…Now I use the heartbeat + ipvsadmin for the load balance and failover.

    Can I configure haproxy for use all certificates my websites?

    Example sites:

    example.es

    example.com

    example.net

    example.br

    etc…

    • Maykel Franco says:

      I put this configuration in haproxy.cfg and It works very well in http and https… could improve cache SSL connections to users or something?

      ———————-

      # GLOBAL SETTINGS

      global
      log 127.0.0.1 local2
      tune.ssl.default-dh-param 2048
      chroot /var/lib/haproxy
      user haproxy
      group haproxy
      daemon
      stats socket /var/run/haproxy.sock mode 600

      #———————————————————————
      defaults
      mode http
      log global
      option dontlognull
      option http-server-close
      option redispatch
      retries 3
      timeout http-request 20
      timeout queue 86400
      timeout connect 86400
      timeout client 86400
      timeout server 86400
      timeout http-keep-alive 30
      timeout check 20
      maxconn 50000

      frontend LB
      bind *:80
      mode tcp
      default_backend LB

      frontend LBS
      bind *:443
      mode tcp
      reqadd X-Forwarded-Proto:\ https
      default_backend LBS

      backend LB
      mode tcp
      balance roundrobin # Load balancing will work in round-robin process.
      server web1 192.168.0.203:80 check # backend server.
      server web2 192.168.0.204:80 check # backend server.
      # server web4-srv 192.168.0.124:80 check backup # backup fail-over Server, If three of the above fails this will be activated.

      backend LBS
      mode tcp
      stick-table type ip size 200k expire 30m
      stick on src
      default-server inter 1s
      balance roundrobin # Load balancing will work in round-robin process.
      #option ssl-hello-chk
      server web1 192.168.0.203:443 check # backend server.
      server web2 192.168.0.204:443 check # backend server.
      # server web4-srv 192.168.0.124:80 check backup # backup fail-over Server, If three of the above fails this will be activated.

  6. tharris says:

    Very nice!
    Thx

  7. Tony says:

    What if the Load Balancer itself becomes unavailable (power outage, connection outage, etc), isn’t all of the backend servers will also become unavailable as well? What would you recommend for such a situation?

    • Ricky says:

      You should have fallout server, so like there’s Active and passive Loadbalancer with same configuration. just install the apache heatbeat so once the Active is down the passive will take over.

  8. Joseph says:

    I have been using HAProxy for several years for our intranet, and have just recently converted half to ssl, but not able to get the forwarding correct. Your tutorial here shows how to add ssl to the load balancer, but will the ssl need to be installed on the webservers as well? And will the certificate have to be the same on all servers?

  9. Suman says:

    How does data replicate between the web servers. We have users upload some picture which are stored in a specific location on the web server. If the users connection lands on different web server, those files are not found. How to manage this?

    • @Suman we using 7 Server’s for our deployment with NFS for files storage, No idea about your issue will review about your issue

    • Tony says:

      You can also setup an SSHFS connection (which is basically just like a dropbox), mount it as a virtual hard drive on your servers, when a file is being placed on that drive, it will be sync-ed across all of the other drives on other servers.

  10. snehal says:

    do we have performances stat for HA proxy? what is the requirement if load test needs to be done using this load balancer?

    • Joseph says:

      @snehal HAProxy’s website show that they can support over a million connections a second with sessions. “Load” is determined by what your site is hosting and how many connections are being served. “Load” also is determined whether the site is dynamic or static. My use is a multi-master LAMP cluster. From an independent computer, I load a php script that writes to the databases as fast as it can execute. Each loop that it goes thru, has its own connection, insert, and disconnect. At 10,000 loops, the timestamps on the records between the first and the last are measured in milliseconds and are evenly split between the masters. Now when I access the site directly thru the load balanced virtual ip(which it is), the connection to the database is a one to one connection, meaning that it connects only to one server for the data, even thru a load balancer. This is the same for static pages. The load balancer spreads the load across multiple machines so that the SPF(Single Point of Failure) can be mitigated and that “load” is off set to other machines.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.