Knowledge Base
Welcome to HAProxy’s extensive and ever-expanding knowledge base. Created by a team of experts including HAProxy’s Core Development Team; it covers a wide range of topics to help you achieve maximum potential.
IP Masking in HAProxy
An HAProxy load balancer allows you to mask IP addresses in order to protect the privacy of your users. Read on to learn more. How do load balancers fit into the larger debate over data privacy and security? It helps to step back and consider how HAProxy adds a layer...
Bot Protection with HAProxy
HAProxy is a high-performance load balancer that provides advanced defense capabilities for detecting and protecting against malicious bot traffic to your website. Combining its unique ACL, map, and stick table systems with its powerful configuration language allows...
Application-Layer DDoS Attack Protection with HAProxy
HAProxy’s high-performance security capabilities are utilized as a key line of defense by many of the world’s top enterprises. Application-layer DDoS attacks are aimed at overwhelming an application with requests or connections, and in this post we will show you how...
Using HAProxy with the Proxy Protocol to Better Secure Your Database
The Proxy protocol is a widely used invention of our CTO at HAProxy Technologies, Willy Tarreau, to solve the problem of TCP connection parameters being lost when relaying TCP connections through proxies. Its primary purpose is to chain proxies and reverse-proxies...
Load Balancing/Routing
HAProxy Layer 7 Retries and Chaos Engineering
HAProxy 2.0 introduced layer 7 retries, which provides resilience against unreachable nodes, network latency, slow servers, and HTTP errors. HAProxy powers the uptime of organizations with even the largest traffic demands by giving them the flexibility and confidence...
Dissecting the HAProxy Kubernetes Ingress Controller
The new HAProxy Kubernetes Ingress Controller provides a high-performance ingress for your Kubernetes-hosted applications. Register for the on demand webinar "The HAProxy Kubernetes Ingress Controller for High-Performance Ingress". Containers allow cross-functional...
The New HAProxy Data Plane API: Two Examples of Programmatic Configuration
Use the HAProxy Data Plane API to manage your load balancer configuration dynamically using HTTP commands. Sign up for the upcoming HAProxy 2.0 webinars Designing for high availability nearly always means having a strong proxying / load balancing layer. A proxy...
HAProxy 2.0 and Beyond
HAProxy Technologies is excited to announce the release of HAProxy 2.0, bringing features critical for cloud-native and containerized environments, while retaining its industry-leading performance and reliability. HAProxy 2.0 adds a powerful set of core features as...
SSL
Let’s Encrypt (ACMEv2) for HAProxy
HAProxy Technologies is proud to announce the availability of an integrated Let’s Encrypt ACMEv2 Lua client for HAProxy and HAProxy Enterprise (HAPEE). HAProxy Enterprise comes bundled with Lua support in a precompiled binary conveniently distributed using your Linux...
TLS 1.3 and 0-RTT in HAProxy
Transport Layer Security (TLS) is a cryptographic protocol that enables secure communications over a computer network. It has been in widespread use on the Internet for various services, such as e-commerce, web browsing, and instant messaging. TLS has also been made...
SSL Client Certificate Information in HTTP Headers and Logs
HAProxy and SSL HAProxy has many nice features when speaking about SSL, despite SSL has been introduced in it lately. One of those features is the client side certificate management, which has already been discussed on the blog. One thing was missing in the article,...
SSL Offloading Impact on Web Applications
SSL Offloading Nowadays, it is common (and convenient) to use the Load-Balancer SSL capabilities to cypher/uncypher traffic from clients to the web application platform. Performing SSL at the Load-Balancer Layer is called "SSL offloading", because you offload this...
Microservices
Dissecting the HAProxy Kubernetes Ingress Controller
The new HAProxy Kubernetes Ingress Controller provides a high-performance ingress for your Kubernetes-hosted applications. Register for the on demand webinar "The HAProxy Kubernetes Ingress Controller for High-Performance Ingress". Containers allow cross-functional...
Using HAProxy as an API Gateway, Part 3 [Health Checks]
Achieving high availability rests on having good health checks. HAProxy as an API gateway gives you several ways to do this. Run your service on multiple servers. Place your servers behind an HAProxy load balancer. Enable health checking to quickly remove unresponsive...
Using HAProxy as an API Gateway, Part 2 [Authentication]
HAProxy is a powerful API gateway due to its ability to provide load balancing, rate limiting, observability and other features to your service endpoints. It also integrates with OAuth 2, giving you control over who can access your APIs. In this blog post, you'll see...
HAProxy 1.9.2 Adds gRPC Support
HAProxy provides end-to-end proxying of HTTP/2 traffic. Use HAProxy to route, secure, and observe gRPC traffic over HTTP/2. Read on to learn more. HAProxy 1.9 introduced the Native HTTP Representation (HTX). Not only does this allow you to use HTTP/2 end-to-end, it...
Performance
Test Driving “Power of Two Random Choices” Load Balancing
The Power of Two Random Choices load-balancing algorithm has piqued some curiosity. In this blog post, we see how it stacks up against other modern-day algorithms available in HAProxy. Recently, I was asked twice about my opinion on supporting an algorithm known as...
HAProxy 1.9.2 Adds gRPC Support
HAProxy provides end-to-end proxying of HTTP/2 traffic. Use HAProxy to route, secure, and observe gRPC traffic over HTTP/2. Read on to learn more. HAProxy 1.9 introduced the Native HTTP Representation (HTX). Not only does this allow you to use HTTP/2 end-to-end, it...
Multithreading in HAProxy
There are two possible ways to have HAProxy run on multiple CPU cores: By using the multiprocess model, where HAProxy automatically starts a number of separate system processes (method available since HAProxy version 1.1.7) By using the multithreading model, where...
Webinars
[Live Webinars] HAProxy 2.0
Following the road paved by past releases, HAProxy 2.0 brings a powerful set of new core features as well as completely new functionality further improving its support for modern architectures. In a series of three webinars we'll cover: Tuesday, July 2, 2019 -...
[On Demand Webinar] Exploring HAProxy 2.0 – Take a Tour through the New Features
HAProxy 2.0 is packed with capabilities tailored for container and cloud environments, including cloud-native threading and logging, end-to-end HTTP/2, gRPC, Layer 7 retries, the new Data Plane API, traffic shadowing, the Kubernetes Ingress Controller…and more. Join...
[On Demand Webinar] The HAProxy Kubernetes Ingress Controller for High-Performance Ingress
Considering the dynamic nature of scheduling containers into Kubernetes, routing external traffic into your cluster can involve a lot of moving pieces. When you plug the HAProxy Kubernetes Ingress Controller in, changes to pods and services are picked up automatically...
[On Demand Webinar] Deep Dive Into HAProxy Logging
There's more to logs than grep! In this deep dive, you'll learn how to unleash the power of your HAProxy logs. See how understanding the data captured empowers you to operationalize that data, debug issues, and stay ahead of lurking problems. Join our live webinar...
Basics
5 Ways to Extend HAProxy with Lua
Use Lua to add fetches, converters, actions, services and tasks to HAProxy. Did you know that HAProxy embeds the Lua scripting language, which you can use to add new functionality? HAProxy features an extremely powerful and flexible configuration language and gives...
Exploring the HAProxy Stats Page
The HAProxy Stats page provides a near real-time feed of data about the state of your proxied services. In a previous blog post, Introduction to HAProxy Logging, you saw how to harness the power of HAProxy to improve observability into the state of your load...
Extending HAProxy with the Stream Processing Offload Engine
The HAProxy Stream Processing Offload Engine filter enables you to extend HAProxy in any language without modifying its core codebase. Inspired by the possibilities? Read on to learn more. Imagine you're living in the distant future and you're stomping around town in...
Introduction to HAProxy Logging
When it comes to operationalizing your log data, HAProxy provides a wealth of information. In this blog post, we demonstrate how to set up HAProxy logging, target a Syslog server, understand the log fields, and suggest some helpful tools for parsing log files. [On...
Benchmarking
Test Driving “Power of Two Random Choices” Load Balancing
The Power of Two Random Choices load-balancing algorithm has piqued some curiosity. In this blog post, we see how it stacks up against other modern-day algorithms available in HAProxy. Recently, I was asked twice about my opinion on supporting an algorithm known as...
Hypervisors Virtual Network Performance Comparison from a Virtualized Load Balancer Point of View
Introduction At HAProxy Technologies, we edit and sell a Load-Balancer appliance called ALOHA (stands for Application Layer Optimisation and High-Availability). A few month ago, we managed to make it run on the most common hypervisors available: VMWare (ESX, vsphere)...
Benchmarking SSL Performance
Introduction The story Recently, there has been some attacks against website which aimed to steal user identity. In order to protect their users, major website owners had to find a solution. Unfortunately, we know that sometimes, improving security means downgrading...
Random Tips
[Conference Presentation] Dynamic Application Routing Over SSL with HAProxy Enterprise
Back in May, HAProxy Senior Systems Engineer Chad Lavoie presented at the OpenStack Summit Boston. Chad presented on using maps in HAProxy to dynamically route requests while securing your site with SSL combined with the use of the Update Module (included in HAProxy...
HAProxy and HTTP Errors 408 in Chrome
Lately, there was some discussions on HAProxy's mailing list about 408 errors printed in Chrome browsers. Origin of 408 errors 408 is the status code used by web servers or proxies when the client has not sent a whole HTTP request during a certain period of time. It...
Configure syslog-ng to Log Readable HTTP URL from HAProxy
This tips is provided by Exosec. Exosec provides a very good monitoring product called POM, based on Nagios with very strong value added such as very simple administration, application monitoring, etc... For some of their project, they use either HAProxy or the ALOHA...
HAProxy and gzip Compression
Synopsis Compression is a Technic to reduce object size to reduce delivery delay for objects over HTTP protocol. Until now, HAProxy did not include such feature. But the guys at HAProxy Technologies worked hard on it (mainly David Du Colombier and @wlallemand)....
Observability
Tracing Requests Through HAProxy with AWS X-Ray
HAProxy integrates with AWS X-Ray to give you the best observability across your Amazon Web Services (AWS) resources, including your load balancer. Read on to learn how. There is a trend to move away from monolithic applications towards microservices. Microservices...
HAProxy Exposes a Prometheus Metrics Endpoint
HAProxy has added native support for Prometheus, allowing you to export metrics directly. Read on to learn more. Metrics are a key aspect of observability, along with logging and tracing. They contain the data that inform you about the state of your systems, which...
Binary Health Check with HAProxy 1.5: PHP-fpm/fastcgi Probe Example
Application layer health checking Health checking is the ability to probe a server to ensure the service is up and running. This is one of the root feature of any load-balancer. One can probe servers and services at different layer of the OSI model: * ARP check (not...
HAProxy Advanced Redis Health Check
Introduction Redis is an opensource nosql database working on a key/value model. One interesting feature in Redis is that it is able to write data to disk as well as a master can synchronize many slaves. HAProxy can load-balance Redis servers with no issues at all....
DevOps
HAProxy Layer 7 Retries and Chaos Engineering
HAProxy 2.0 introduced layer 7 retries, which provides resilience against unreachable nodes, network latency, slow servers, and HTTP errors. HAProxy powers the uptime of organizations with even the largest traffic demands by giving them the flexibility and confidence...
The New HAProxy Data Plane API: Two Examples of Programmatic Configuration
Use the HAProxy Data Plane API to manage your load balancer configuration dynamically using HTTP commands. Sign up for the upcoming HAProxy 2.0 webinars Designing for high availability nearly always means having a strong proxying / load balancing layer. A proxy...
HAProxy Exposes a Prometheus Metrics Endpoint
HAProxy has added native support for Prometheus, allowing you to export metrics directly. Read on to learn more. Metrics are a key aspect of observability, along with logging and tracing. They contain the data that inform you about the state of your systems, which...
Building a Service Mesh with HAProxy and Consul
HashiCorp added a service mesh feature to Consul, its service-discovery and distributed storage tool. In this post, you'll see how HAProxy is the perfect fit as a data plane for this architecture. HAProxy is no stranger to the service mesh scene. Its high performance,...
Kubernetes
Dissecting the HAProxy Kubernetes Ingress Controller
The new HAProxy Kubernetes Ingress Controller provides a high-performance ingress for your Kubernetes-hosted applications. Register for the on demand webinar "The HAProxy Kubernetes Ingress Controller for High-Performance Ingress". Containers allow cross-functional...
[On Demand Webinar] The HAProxy Kubernetes Ingress Controller for High-Performance Ingress
Considering the dynamic nature of scheduling containers into Kubernetes, routing external traffic into your cluster can involve a lot of moving pieces. When you plug the HAProxy Kubernetes Ingress Controller in, changes to pods and services are picked up automatically...
HAProxy Ingress Controller for Kubernetes
This blog post refers to the jcmoraisjr/haproxy-ingress project. There is now a new HAProxy Ingress Controller that uses the Data Plane API to dynamically update the HAProxy configuration. Read more in our blog post Dissecting the HAProxy Kubernetes Ingress...
Service Discovery
HAProxy and Consul with DNS for Service Discovery
In this blog post we will show you a zero-touch method for integrating HAProxy with Consul by using DNS for service discovery available in HAProxy 1.8. HAProxy is the most widely used software load balancer in the world, well known for being extremely fast and...
DNS for Service Discovery in HAProxy
HAProxy Technologies’ R&D has released a patchset that allows DNS to be utilized for service discovery in HAProxy. The patchset has already been merged into the HAProxy 1.8 development branch and will soon be backported to HAProxy Enterprise 1.7r2. HAProxy is a...
Cloud
Tracing Requests Through HAProxy with AWS X-Ray
HAProxy integrates with AWS X-Ray to give you the best observability across your Amazon Web Services (AWS) resources, including your load balancer. Read on to learn how. There is a trend to move away from monolithic applications towards microservices. Microservices...
HAProxy on AWS: Best Practices Part 3
In this blog post, learn to use HAProxy, Keepalived, Terraform and Ansible to set up highly-available load balancing in AWS. In the third part of this series, we are again tackling how to implement a highly available architecture in AWS. In the first article, HAProxy...
HAProxy on AWS: Best Practices Part 2
Placing HAProxy at the edge of your AWS infrastructure is possible without involving Elastic Load Balancing (ELB). In this article, we’ll discuss how. This blog post is part of a series. See Part 1 here. There is such a thing as too many layers. There’s a restaurant...
HAProxy on AWS: Best Practices Part 1
This blog post is part of our AWS Best Practices series. See Part 2 and Part 3. There has been a constant stream of interest in running high-availability HAProxy configurations on Amazon. There are a few different approaches possible, and this is the first in a series...
LUA
5 Ways to Extend HAProxy with Lua
Use Lua to add fetches, converters, actions, services and tasks to HAProxy. Did you know that HAProxy embeds the Lua scripting language, which you can use to add new functionality? HAProxy features an extremely powerful and flexible configuration language and gives...
Let’s Encrypt (ACMEv2) for HAProxy
HAProxy Technologies is proud to announce the availability of an integrated Let’s Encrypt ACMEv2 Lua client for HAProxy and HAProxy Enterprise (HAPEE). HAProxy Enterprise comes bundled with Lua support in a precompiled binary conveniently distributed using your Linux...
HAProxy 1.6-Dev1 and LUA
HAProxy 1.6-dev1 Yesterday, Willy has released HAProxy 1.6-dev1: ANNOUNCE HAProxy 1.6-dev1. This version contains many new features and core improvements. Amongst the new features, one is LUA, contributed by Thierry (HAProxy Technologies developer). NOTE: We invite...
Need More Assistance?
Contact the authoritative experts on HAProxy who will assist you in finding the solution that best fits your needs for deployment, scale, and security.