HAProxy is a network software application that offers high availability, load balancing, and proxying for TCP and HTTP network applications. It is suited for high traffic websites, and powers many popular sites across the web. This article will show you how to install and configure HAProxy on Debian 9.1.<\/p>\n

Although HAProxy has several prominent features, this article focuses on how to setup HAProxy to “proxy” your web application.<\/p>\n

Requirements<\/h3>\n

\n
• At least two AKLWEB Host servers (for load balancing functionality) with your website or web application deployed to both of them.<\/li>\n<\/ul>\n

  Installing HAProxy<\/h3>\n

  Debian 9 already ships with HAProxy 1.7 (latest stable release at time of writing), and we can simply install it using\u00a0apt-get<\/code>:<\/p>\n

  # apt-get update\r\n# apt-get install haproxy\r\n<\/code><\/pre>\n
  If the previous commands were successful, then you have installed HAProxy and you can proceed to the next step.<\/p>\n
  Configuring HAProxy<\/h3>\n
  The HAProxy configuration file is split up into two sections \u2014 “global” and “proxies”. One deals with process-wide configuration, while the latter consists of default configuration, frontend, and backend sections.<\/p>\n
  Global Section<\/h4>\n
  Using your favorite text editor, open\u00a0\/etc\/haproxy\/haproxy.cfg<\/code>\u00a0and notice the predefined sections: “global” and “defaults”. The first thing that you may want to do is increase the\u00a0maxconn<\/code>\u00a0to a reasonable size, as this affects the connections that HAProxy allows. Too many connections may cause your web service to crash due to many requests. You will need to adjust the size to see what works for you. In the global section, we have chosen a\u00a0maxconn<\/code>\u00a0value of\u00a03072<\/code>.<\/p>\n
  global\r\n    daemon\r\n    maxconn 3072\r\n<\/code><\/pre>\n
  In the default section, add the following line under mode\u00a0http<\/code>:<\/p>\n
  option forwardfor\r\n<\/code><\/pre>\n
  This will add\u00a0X-Forwarded-For<\/code>\u00a0headers to each request, which allows your backend servers to learn the original IP address of the user.<\/p>\n
  Also, add this line to enable HTTP connection-close mode on the server side while keeping the ability to support HTTP keep-alive on the client side. This reduces latency on the client side and helps conserve server resources:<\/p>\n
  option http-server-close\r\n<\/code><\/pre>\n
  If you wish to use keep-alive on both the client and server sides, then you could use\u00a0option http-keep-alive<\/code>\u00a0instead. This option is particularly useful when the cost of establishing a new connection to the server is significant compared to the cost of retrieving the requested resource.<\/p>\n
  Finally, the resulting config file will look something like this:<\/p>\n
  defaults\r\n    mode http\r\n    option forwardfor\r\n    option http-server-close\r\n    timeout connect 5000ms\r\n    timeout client 50000ms\r\n    timeout server 50000ms\r\n<\/code><\/pre>\n
  Proxies Section<\/h4>\n
  To set up your proxy, you will need to add two sections to the configuration file to define the two parts of the proxy: the frontend and the backend.<\/p>\n
  Frontend Configuration<\/h5>\n
  The frontend will handle your HTTP connections. Add the following to the end of your\u00a0haproxy.cfg<\/code>\u00a0file:<\/p>\n
  frontend http-frontend\r\n    bind public_ip:80\r\n    reqadd X-Forwarded-Proto:\\ http\r\n    default_backend wwwbackend\r\n<\/code><\/pre>\n
  Be sure to replace\u00a0public_ip<\/code>\u00a0with your server’s public IP address or domain name.<\/p>\n
  Backend Configuration<\/h5>\n
  Setup your backend by adding the following lines to the end of your configuration file:<\/p>\n
  backend wwwbackend\r\n    server 1-www server1_ip:80 check\r\n    server 2-www server2_ip:80 check\r\n    server 3-www server3_ip:80 check\r\n<\/code><\/pre>\n
  The backend configuration used here creates 3 connections named\u00a0X-www<\/code>. (X<\/code>\u00a0is 1, 2 or 3.) Each one of them corresponds to a\u00a0serverX_ip:80<\/code>\u00a0address. (Replace\u00a0serverX_ip<\/code>\u00a0with your AKLWEB Host instances’ IP addresses.) This will allow you to load balance between each server in the specified server set (assuming each IP address corresponds to a different server). The\u00a0check<\/code>\u00a0option makes the load balancer perform health checks on the server.<\/p>\n
  Save the configuration file, and then restart HAProxy:<\/p>\n
  service haproxy restart\r\n<\/code><\/pre>\n
  If everything is working, then you will be able to connect to\u00a0http:\/\/public_ip\/<\/code>\u00a0(replacing it with your public IP or domain name as configured in the frontend step) and view your website.<\/p>\n
  Debugging Errors<\/h4>\n
  If your HAProxy instance refuses to start after your modifications, chances are that you have an error somewhere in the configuration file. To get clear messages about the issue in the configuration file, you can try to start HAProxy manually using this command:<\/p>\n
  # haproxy -f \/etc\/haproxy\/haproxy.cfg\r\n<\/code><\/pre>\n
  For instance, if you see output like this:<\/p>\n
  [ALERT] 234\/195612 (2561) : parsing [\/etc\/haproxy\/haproxy.cfg:48] : server 1-www has neither service port nor check port nor tcp_check rule 'connect' with port information. Check has been disabled.\r\n[ALERT] 234\/195612 (2561) : Error(s) found in configuration file : \/etc\/haproxy\/haproxy.cfg\r\n[ALERT] 234\/195612 (2561) : Fatal errors found in configuration.\r\n<\/code><\/pre>\n
  Then, you have forgotten to specify the port number for the server\u00a01-www<\/code>.<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","manualknowledgebasecat":[109,233,242],"manual_kb_tag":[432],"_links":{"self":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb\/2851"}],"collection":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb"}],"about":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/types\/manual_kb"}],"author":[{"embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/comments?post=2851"}],"version-history":[{"count":2,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb\/2851\/revisions"}],"predecessor-version":[{"id":2853,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb\/2851\/revisions\/2853"}],"wp:attachment":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/media?parent=2851"}],"wp:term":[{"taxonomy":"manualknowledgebasecat","embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manualknowledgebasecat?post=2851"},{"taxonomy":"manual_kb_tag","embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb_tag?post=2851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}