Knowledge Base
Welcome to HAProxy’s extensive and ever-expanding knowledge base. Created by a team of experts including HAProxy’s Core Development Team; it covers a wide range of topics to help you achieve maximum potential.
PacketShield: A Tool for Superior DDoS Protection
PacketShield provides stateful packet filtering and protects your network against DDoS. Packet floods are DDoS attacks in which large numbers of packets are sent to a target with the goal of saturating the target's resources. They can heavily impact the system's...
Enabling CORS in HAProxy
The HAProxy Cross-Origin Resource Sharing (CORS) Lua module streamlines adding CORS to your APIs. What is CORS? Read on to learn more. It doesn't matter whether you're using Angular, React, Vue or simple, vanilla JavaScript. You're guaranteed to need to fetch or...
HAProxy Rate Limiting: Four Examples
Use rate limiting in HAProxy to stop clients from making too many requests and promote fair usage of your services. Rate limiting in HAProxy stops a client from making too many requests during a window of time. You might have a policy that stipulates how many requests...
HAProxy SSL Termination
The HAProxy load balancer provides high-performance SSL termination, allowing you to encrypt and decrypt traffic. You can quickly and easily enable SSL/TLS encryption for your applications by using HAProxy SSL termination. HAProxy is compiled with OpenSSL, which...
Load Balancing/Routing
[Live Webinar] HAProxy Skills Lab: Introduction to Helm
Live webinar date and time: April 14th, 2020 US times: 12 noon EST, 11 AM CDT, 10 AM MDT, 9 AM PDT EU times: 6 PM CET, 5 PM GMT Helm, the Kubernetes package manager, revamps the way teams manage their Kubernetes resources and allows them to deploy applications in a...
Load Balancing PHP-FPM with HAProxy and FastCGI
HAProxy now supports the FastCGI protocol, enabling fast, secure, and observable load balancing to PHP, Python, and other dynamic scripting languages. In this post, you will learn how to load balance PHP-FPM applications using HAProxy and FastCGI. HAProxy version 2.1...
[On-Demand Webinar] HAProxy Skills Lab: Deployment Patterns in Kubernetes Using the HAProxy Kubernetes Ingress Controller
Deploy, upgrade, swap out, scale up, scale down. Kubernetes is chock full of options when it comes to creating and scheduling containers. Are you new to Kubernetes? Want to learn how replacing pods affects traffic flow? How should you configure your HAProxy Kubernetes...
Rolling Updates and Blue-Green Deployments with Kubernetes and HAProxy
The HAProxy Kubernetes Ingress Controller supports two popular deployment patterns for updating applications in Kubernetes: rolling updates and blue-green deployments.
SSL
HAProxy SSL Termination
The HAProxy load balancer provides high-performance SSL termination, allowing you to encrypt and decrypt traffic. You can quickly and easily enable SSL/TLS encryption for your applications by using HAProxy SSL termination. HAProxy is compiled with OpenSSL, which...
Let’s Encrypt (ACMEv2) for HAProxy
HAProxy Technologies is proud to announce the availability of an integrated Let’s Encrypt ACMEv2 Lua client for HAProxy and HAProxy Enterprise (HAPEE). HAProxy Enterprise comes bundled with Lua support in a precompiled binary conveniently distributed using your Linux...
TLS 1.3 and 0-RTT in HAProxy
Transport Layer Security (TLS) is a cryptographic protocol that enables secure communications over a computer network. It has been in widespread use on the Internet for various services, such as e-commerce, web browsing, and instant messaging. TLS has also been made...
SSL Client Certificate Information in HTTP Headers and Logs
HAProxy and SSL HAProxy has many nice features when speaking about SSL, despite SSL has been introduced in it lately. One of those features is the client side certificate management, which has already been discussed on the blog. One thing was missing in the article,...
Microservices
Dissecting the HAProxy Kubernetes Ingress Controller
The new HAProxy Kubernetes Ingress Controller provides a high-performance ingress for your Kubernetes-hosted applications. Register for the on demand webinar "The HAProxy Kubernetes Ingress Controller for High-Performance Ingress". Containers allow cross-functional...
[On-Demand Webinar] HAProxy Data Plane API: True Dynamic Configuration Management
Integrating HAProxy into automation tools, continuous-delivery pipelines, and service meshes just got a lot easier. We’ve introduced a new REST API that you can use to configure HAProxy fully at runtime and it’s called the Data Plane API. Tune into this webinar to...
DNS for Service Discovery in HAProxy
HAProxy 1.8 and newer allows you to use DNS service discovery to detect server changes and automatically apply them to your configuration. HAProxy is a mature, high-performance software component that’s been reliably serving the load balancing and ADC markets for over...
Using HAProxy as an API Gateway, Part 3 [Health Checks]
Achieving high availability rests on having good health checks. HAProxy as an API gateway gives you several ways to do this. Run your service on multiple servers. Place your servers behind an HAProxy load balancer. Enable health checking to quickly remove unresponsive...
Performance
Test Driving “Power of Two Random Choices” Load Balancing
The Power of Two Random Choices load-balancing algorithm has piqued some curiosity. In this blog post, we see how it stacks up against other modern-day algorithms available in HAProxy. Recently, I was asked twice about my opinion on supporting an algorithm known as...
HAProxy 1.9.2 Adds gRPC Support
HAProxy provides end-to-end proxying of HTTP/2 traffic. Use HAProxy to route, secure, and observe gRPC traffic over HTTP/2. Read on to learn more. HAProxy 1.9 introduced the Native HTTP Representation (HTX). Not only does this allow you to use HTTP/2 end-to-end, it...
Multithreading in HAProxy
There are two possible ways to have HAProxy run on multiple CPU cores: By using the multiprocess model, where HAProxy automatically starts a number of separate system processes (method available since HAProxy version 1.1.7) By using the multithreading model, where...
Webinars
[Live Webinar] HAProxy Skills Lab: Introduction to Helm
Live webinar date and time: April 14th, 2020 US times: 12 noon EST, 11 AM CDT, 10 AM MDT, 9 AM PDT EU times: 6 PM CET, 5 PM GMT Helm, the Kubernetes package manager, revamps the way teams manage their Kubernetes resources and allows them to deploy applications in a...
[On-Demand Webinar] HAProxy Skills Lab: Deployment Patterns in Kubernetes Using the HAProxy Kubernetes Ingress Controller
Deploy, upgrade, swap out, scale up, scale down. Kubernetes is chock full of options when it comes to creating and scheduling containers. Are you new to Kubernetes? Want to learn how replacing pods affects traffic flow? How should you configure your HAProxy Kubernetes...
[On-Demand Webinar] HAProxy Enterprise 2.0 and Q&A
With robust logs and metrics, easy programmability for automation and scaling, support for fast message serialization, and smart ways to recover from system failures, HAProxy Enterprise 2.0 delivers the features needed for modern, cloud-native applications. In this...
[On-Demand Webinar] HAProxy 2.0 – Q&A
Modern applications are shifting towards cloud-native architectures and container platforms like Kubernetes. That means that proxies and load balancers must be equipped to manage transient services, new communication protocols, and dynamic methods for discovering...
Basics
Use Helm to Install the HAProxy Kubernetes Ingress Controller
You can use Helm to install the HAProxy Kubernetes Ingress Controller into your Kubernetes cluster, making it easier to start routing traffic using the powerful HAProxy load balancer. Learn more by registering for our webinar: "HAProxy Skills Lab: Introduction to...
HAProxy Rate Limiting: Four Examples
Use rate limiting in HAProxy to stop clients from making too many requests and promote fair usage of your services. Rate limiting in HAProxy stops a client from making too many requests during a window of time. You might have a policy that stipulates how many requests...
HAProxy SSL Termination
The HAProxy load balancer provides high-performance SSL termination, allowing you to encrypt and decrypt traffic. You can quickly and easily enable SSL/TLS encryption for your applications by using HAProxy SSL termination. HAProxy is compiled with OpenSSL, which...
5 Ways to Extend HAProxy with Lua
Use Lua to add fetches, converters, actions, services and tasks to HAProxy. Did you know that HAProxy embeds the Lua scripting language, which you can use to add new functionality? HAProxy features an extremely powerful and flexible configuration language and gives...
Benchmarking
Test Driving “Power of Two Random Choices” Load Balancing
The Power of Two Random Choices load-balancing algorithm has piqued some curiosity. In this blog post, we see how it stacks up against other modern-day algorithms available in HAProxy. Recently, I was asked twice about my opinion on supporting an algorithm known as...
Hypervisors Virtual Network Performance Comparison from a Virtualized Load Balancer Point of View
Introduction At HAProxy Technologies, we edit and sell a Load-Balancer appliance called ALOHA (stands for Application Layer Optimisation and High-Availability). A few month ago, we managed to make it run on the most common hypervisors available: VMWare (ESX, vsphere)...
Benchmarking SSL Performance
Introduction The story Recently, there has been some attacks against website which aimed to steal user identity. In order to protect their users, major website owners had to find a solution. Unfortunately, we know that sometimes, improving security means downgrading...
Random Tips
[Conference Presentation] Dynamic Application Routing Over SSL with HAProxy Enterprise
Back in May, HAProxy Senior Systems Engineer Chad Lavoie presented at the OpenStack Summit Boston. Chad presented on using maps in HAProxy to dynamically route requests while securing your site with SSL combined with the use of the Update Module (included in HAProxy...
HAProxy and HTTP Errors 408 in Chrome
Lately, there was some discussions on HAProxy's mailing list about 408 errors printed in Chrome browsers. Origin of 408 errors 408 is the status code used by web servers or proxies when the client has not sent a whole HTTP request during a certain period of time. It...
Configure syslog-ng to Log Readable HTTP URL from HAProxy
This tips is provided by Exosec. Exosec provides a very good monitoring product called POM, based on Nagios with very strong value added such as very simple administration, application monitoring, etc... For some of their project, they use either HAProxy or the ALOHA...
HAProxy and gzip Compression
Synopsis Compression is a Technic to reduce object size to reduce delivery delay for objects over HTTP protocol. Until now, HAProxy did not include such feature. But the guys at HAProxy Technologies worked hard on it (mainly David Du Colombier and @wlallemand)....
Observability
Tracing Requests Through HAProxy with AWS X-Ray
HAProxy integrates with AWS X-Ray to give you the best observability across your Amazon Web Services (AWS) resources, including your load balancer. Read on to learn how. There is a trend to move away from monolithic applications towards microservices. Microservices...
HAProxy Exposes a Prometheus Metrics Endpoint
HAProxy has added native support for Prometheus, allowing you to export metrics directly. Read on to learn more. Metrics are a key aspect of observability, along with logging and tracing. They contain the data that inform you about the state of your systems,...
Binary Health Check with HAProxy 1.5: PHP-fpm/fastcgi Probe Example
Application layer health checking Health checking is the ability to probe a server to ensure the service is up and running. This is one of the root feature of any load-balancer. One can probe servers and services at different layer of the OSI model: * ARP check (not...
HAProxy Advanced Redis Health Check
Introduction Redis is an opensource nosql database working on a key/value model. One interesting feature in Redis is that it is able to write data to disk as well as a master can synchronize many slaves. HAProxy can load-balance Redis servers with no issues at all....
DevOps
Multi-tenant Kubernetes Clusters with the HAProxy Kubernetes Ingress Controller
Learn how to use the HAProxy Kubernetes Ingress Controller when hosting multiple tenants in your cluster and how to configure namespaces, access controls, and resource quotas. This is the third post in a series about HAProxy's role in building a modern systems...
Building Blocks of a Modern Proxy
A major outcome of IT/Ops evolution is realizing the importance of a reverse proxy, such as HAProxy, in achieving modern application delivery. This is the first post in a series about HAProxy's role in building a modern systems architecture that relies on cloud-native...
HAProxy on Docker Swarm: Load Balancing and DNS Service Discovery
Use HAProxy to add routing, load balancing, and DNS service discovery to Docker Swarm. Docker Swarm lets you expand beyond hosting Docker containers on a single machine. It oversees a cluster of servers and manages which to deploy a container to, depending on each...
HAProxy Traffic Mirroring for Real-world Testing
Traffic mirroring makes it possible to stream production traffic to a test or staging environment. Use the HAProxy Traffic Shadowing agent to enable mirroring. The HAProxy Stream Processing Offload Engine (SPOE) lets you stream data to an external agent in real time...
Kubernetes
Use Helm to Install the HAProxy Kubernetes Ingress Controller
You can use Helm to install the HAProxy Kubernetes Ingress Controller into your Kubernetes cluster, making it easier to start routing traffic using the powerful HAProxy load balancer. Learn more by registering for our webinar: "HAProxy Skills Lab: Introduction to...
[Live Webinar] HAProxy Skills Lab: Introduction to Helm
Live webinar date and time: April 14th, 2020 US times: 12 noon EST, 11 AM CDT, 10 AM MDT, 9 AM PDT EU times: 6 PM CET, 5 PM GMT Helm, the Kubernetes package manager, revamps the way teams manage their Kubernetes resources and allows them to deploy applications in a...
Multi-tenant Kubernetes Clusters with the HAProxy Kubernetes Ingress Controller
Learn how to use the HAProxy Kubernetes Ingress Controller when hosting multiple tenants in your cluster and how to configure namespaces, access controls, and resource quotas. This is the third post in a series about HAProxy's role in building a modern systems...
[On-Demand Webinar] HAProxy Skills Lab: Deployment Patterns in Kubernetes Using the HAProxy Kubernetes Ingress Controller
Deploy, upgrade, swap out, scale up, scale down. Kubernetes is chock full of options when it comes to creating and scheduling containers. Are you new to Kubernetes? Want to learn how replacing pods affects traffic flow? How should you configure your HAProxy Kubernetes...
Service Discovery
HAProxy on Docker Swarm: Load Balancing and DNS Service Discovery
Use HAProxy to add routing, load balancing, and DNS service discovery to Docker Swarm. Docker Swarm lets you expand beyond hosting Docker containers on a single machine. It oversees a cluster of servers and manages which to deploy a container to, depending on each...
DNS for Service Discovery in HAProxy
HAProxy 1.8 and newer allows you to use DNS service discovery to detect server changes and automatically apply them to your configuration. HAProxy is a mature, high-performance software component that’s been reliably serving the load balancing and ADC markets for over...
HAProxy and Consul with DNS for Service Discovery
In this blog post we will show you a zero-touch method for integrating HAProxy with Consul by using DNS for service discovery available in HAProxy 1.8. HAProxy is the most widely used software load balancer in the world, well known for being extremely fast and...
Cloud
Building Blocks of a Modern Proxy
A major outcome of IT/Ops evolution is realizing the importance of a reverse proxy, such as HAProxy, in achieving modern application delivery. This is the first post in a series about HAProxy's role in building a modern systems architecture that relies on cloud-native...
[On-Demand Webinar] HAProxy Data Plane API: True Dynamic Configuration Management
Integrating HAProxy into automation tools, continuous-delivery pipelines, and service meshes just got a lot easier. We’ve introduced a new REST API that you can use to configure HAProxy fully at runtime and it’s called the Data Plane API. Tune into this webinar to...
Tracing Requests Through HAProxy with AWS X-Ray
HAProxy integrates with AWS X-Ray to give you the best observability across your Amazon Web Services (AWS) resources, including your load balancer. Read on to learn how. There is a trend to move away from monolithic applications towards microservices. Microservices...
HAProxy on AWS: Best Practices Part 3
In this blog post, learn to use HAProxy, Keepalived, Terraform and Ansible to set up highly-available load balancing in AWS. In the third part of this series, we are again tackling how to implement a highly available architecture in AWS. In the first article, HAProxy...
LUA
Enabling CORS in HAProxy
The HAProxy Cross-Origin Resource Sharing (CORS) Lua module streamlines adding CORS to your APIs. What is CORS? Read on to learn more. It doesn't matter whether you're using Angular, React, Vue or simple, vanilla JavaScript. You're guaranteed to need to fetch or...
5 Ways to Extend HAProxy with Lua
Use Lua to add fetches, converters, actions, services and tasks to HAProxy. Did you know that HAProxy embeds the Lua scripting language, which you can use to add new functionality? HAProxy features an extremely powerful and flexible configuration language and gives...
Let’s Encrypt (ACMEv2) for HAProxy
HAProxy Technologies is proud to announce the availability of an integrated Let’s Encrypt ACMEv2 Lua client for HAProxy and HAProxy Enterprise (HAPEE). HAProxy Enterprise comes bundled with Lua support in a precompiled binary conveniently distributed using your Linux...
HAProxy 1.6-Dev1 and LUA
HAProxy 1.6-dev1 Yesterday, Willy has released HAProxy 1.6-dev1: ANNOUNCE HAProxy 1.6-dev1. This version contains many new features and core improvements. Amongst the new features, one is LUA, contributed by Thierry (HAProxy Technologies developer). NOTE: We invite...
Need More Assistance?
Contact the authoritative experts on HAProxy who will assist you in finding the solution that best fits your needs for deployment, scale, and security.