Knowledge Base
Welcome to HAProxy’s extensive and ever-expanding knowledge base. Created by a team of experts including HAProxy’s Core Development Team; it covers a wide range of topics to help you achieve maximum potential.
February 2023 – CVE-2023-25725: Header Parser Fixed
HAProxy Technologies has announced that HAProxy 2.0 or newer, HAProxy Enterprise 2.0 or newer, and HAProxy ALOHA 12.5 or newer are affected by CVE-2023-25725. If you are using an affected product you should upgrade to the latest version immediately or apply the...
4 Most Common Website Security Threats (2023) + Solutions
For infrastructure administrators tasked with ensuring the reliable operation of their applications, the thought of a lurking cyberattack can be one to lose sleep over. An attack on your system and the services you provide could result in a security breach, loss of...
Secure Cookies Using HAProxy Enterprise
My colleague Baptiste previously published an article on how to protect cookies while offloading SSL. I recently encountered a customer who wanted to achieve a very similar goal but using a more recent HAProxy Enterprise version. This post will explain the best...
Fundamentals: Application Acceleration and the Benefits for your Service Delivery
Application acceleration is all about improving the responsiveness of a digital service. When clients access web applications, they are expecting near-immediate feedback from servers. Maintaining that level of performance requires ensuring the right resources are...
Load Balancing/Routing
Fundamentals: What Sets Containers Apart from Virtual Machines
Containers have fast become one of the most efficient ways of virtually deploying applications, offering more agility than a virtual machine (VM) can typically provide. Both containers and VMs are great tools for managing resources and application deployment, but what...
Fundamentals: Application Acceleration and the Benefits for your Service Delivery
Application acceleration is all about improving the responsiveness of a digital service. When clients access web applications, they are expecting near-immediate feedback from servers. Maintaining that level of performance requires ensuring the right resources are...
Fundamentals: What is an API Gateway?
When talking about managing web applications and the services they provide, the term “API gateway” is often thrown around, but what does it mean? In order to unpack how a gateway functions, we first need to understand what an API is. Application Programming Interface...
Fundamentals: Load Balancing and the Right Distribution Algorithm for You
With the right load balancing in place, the demand of increasing web traffic can become manageable, but how do you determine which load balancing algorithm is best suited for your applications? Does the ease of use of static load balancing better suit the services you...
SSL
Secure Cookies Using HAProxy Enterprise
My colleague Baptiste previously published an article on how to protect cookies while offloading SSL. I recently encountered a customer who wanted to achieve a very similar goal but using a more recent HAProxy Enterprise version. This post will explain the best...
Fundamentals: Application Acceleration and the Benefits for your Service Delivery
Application acceleration is all about improving the responsiveness of a digital service. When clients access web applications, they are expecting near-immediate feedback from servers. Maintaining that level of performance requires ensuring the right resources are...
Restrict API Access with Client Certificates (mTLS)
An application programming interface (API) provides access to the features of a business application, but with the visual elements stripped away. By using APIs, devices like tablets, self-service kiosks, point-of-sale terminals, and robotic sensors can connect up to...
Announcing HAProxy Data Plane API 2.2
The HAProxy Data Plane API 2.2 lays the foundation for first-class service discovery and introduces native support for Consul. It also adds storage and file handling for SSL certificates, Map files, and SPOE configuration files. Watch our on-demand webinar "What’s New...
Microservices
Consul Service Discovery for HAProxy
HAProxy with the HAProxy Data Plane API can integrate with Consul to enable service discovery for your load balancer configuration. Many Ops team professionals rank HAProxy as their favorite load balancer because it adds high availability, security and...
Power Your Consul Service Mesh with HAProxy
Many of you use HashiCorp Consul for service discovery. It makes connecting one backend application or service to another easy: Your Consul servers store a catalog of addresses to all of your services; when an application within the network wants to discover where a...
Circuit Breaking in HAProxy
With HAProxy, you can implement a circuit breaker to protect services from widespread failure. Martin Fowler, who is famous for being one of the Gang of Four authors who wrote Design Patterns: Elements of Reusable Object-Oriented Software, hosts a website where...
Accelerate Your APIs by Using the HAProxy Cache
HAProxy's cache helps boost API performance by serving saved messages to your users. The age of rendering most of a web page's contents on the server and then delivering it as a colossal HTML file is fading into the past. Modern web frameworks like Angular, React, and...
Performance
Fundamentals: Application Acceleration and the Benefits for your Service Delivery
Application acceleration is all about improving the responsiveness of a digital service. When clients access web applications, they are expecting near-immediate feedback from servers. Maintaining that level of performance requires ensuring the right resources are...
Autoscaling with the HAProxy Kubernetes Ingress Controller and KEDA
This blog post describes how to implement autoscaling of your application pods using KEDA and the HAProxy Kubernetes Ingress Controller. Since it was published, a new feature has been added to the ingress controller that lets you autoscale the number of ingress...
Protect Servers with HAProxy Connection Limits and Queues
HAProxy connection limits and queues can help protect your servers and boost throughput when load balancing heavy amounts of traffic. When you use HAProxy as an API gateway in front of your services, it has the ability to protect those servers from traffic...
Announcing HAProxy Kubernetes Ingress Controller 1.5
We've released version 1.5 of the HAProxy Kubernetes Ingress Controller. This version unlocks access to the raw HAProxy configuration language for power users to gain more control. You can also enable mutual TLS authentication between the ingress controller and...
Webinars
[Live Webinar] HAProxy Fusion Control Plane – First Looks
HAProxy Fusion has the power to simplify, scale, and secure your HAProxy Enterprise application delivery infrastructure. As a control plane tailored to the nuances of load balancing, it enables advanced workflows that help you manage fleets of load balancer instances...
[On-Demand Webinar] HAProxy 2.7 Feature Roundup
HAProxy version 2.7 is now available! This version of the world's fastest and most widely used software load balancer brings improvements to scalability, performance, and ease of use. Register for this webinar to learn about the newest features and updates. We will...
[On-Demand Webinar] What’s New in HAProxy Data Plane API 2.6
Eager to discover new ways you can leverage HAProxy and the HAProxy Data Plane API for load balancing? In version 2.6, the API gained support for a huge number of new keywords, moved to a newer version of the Go programming language, upgraded its version of Swagger...
[On-Demand Webinar] Using CRDs to Improve Quality of Life in Kubernetes
Tuesday, July 12th, 2022 US: 12 noon EDT, 11 am CDT, 10am MDT, 9am PST EU: 6 pm CEST, 7 pm EEST Global: 4 pm UTC The HAProxy Kubernetes Ingress Controller now integrates even better with the Kubernetes ecosystem. By providing custom resources (CRDs) that represent...
Basics
Fundamentals: What Sets Containers Apart from Virtual Machines
Containers have fast become one of the most efficient ways of virtually deploying applications, offering more agility than a virtual machine (VM) can typically provide. Both containers and VMs are great tools for managing resources and application deployment, but what...
Fundamentals: Application Acceleration and the Benefits for your Service Delivery
Application acceleration is all about improving the responsiveness of a digital service. When clients access web applications, they are expecting near-immediate feedback from servers. Maintaining that level of performance requires ensuring the right resources are...
Fundamentals: What is an API Gateway?
When talking about managing web applications and the services they provide, the term “API gateway” is often thrown around, but what does it mean? In order to unpack how a gateway functions, we first need to understand what an API is. Application Programming Interface...
Fundamentals: Load Balancing and the Right Distribution Algorithm for You
With the right load balancing in place, the demand of increasing web traffic can become manageable, but how do you determine which load balancing algorithm is best suited for your applications? Does the ease of use of static load balancing better suit the services you...
Benchmarking
HAProxy Forwards Over 2 Million HTTP Requests per Second on a Single Arm-based AWS Graviton2 Instance
For the first time, a software load balancer exceeds 2-million RPS on a single Arm instance. A few weeks ago, while I was working on an HAProxy issue related to thread locking contention, I found myself running some tests on a server with an 8-core, 16-thread...
Test Driving “Power of Two Random Choices” Load Balancing
The Power of Two Random Choices load-balancing algorithm has piqued some curiosity. In this blog post, we see how it stacks up against other modern-day algorithms available in HAProxy. Recently, I was asked twice about my opinion on supporting an algorithm known as...
Hypervisors Virtual Network Performance Comparison from a Virtualized Load Balancer Point of View
Introduction At HAProxy Technologies, we edit and sell a hardware and virtual load balancer called ALOHA (which stands for Application Layer Optimisation and High-Availability). A few months ago, we managed to make it run on the most common hypervisors available:...
Benchmarking SSL Performance
Recently, there has been some attacks against website which aimed to steal user identity. In order to protect their users, major website owners had to find a solution. Unfortunately, we know that sometimes, improving security means downgrading performance. SSL/TLS is...
Random Tips
Preserve Stick Table Data When Reloading HAProxy
With HAProxy situated in front of their servers, many people leverage it as a frontline component for enabling extra security and observability for their networks. HAProxy provides a way to monitor the number of TCP connections, the rate of HTTP requests, the number...
Serve Dynamic Custom Error Pages with HAProxy
Set up custom error pages in HAProxy to ensure consistent, branded messaging that supports any backend web stack. The memory is probably still fresh: You're shopping online at your favorite website, looking for something specific, you've got it narrowed down to two or...
[Conference Presentation] Dynamic Application Routing Over SSL with HAProxy Enterprise
Back in May, HAProxy Senior Systems Engineer Chad Lavoie presented at the OpenStack Summit Boston. Chad presented on using maps in HAProxy to dynamically route requests while securing your site with SSL combined with the use of the Update Module (included in HAProxy...
HAProxy and HTTP Errors 408 in Chrome
Lately, there was some discussions on HAProxy's mailing list about 408 errors printed in Chrome browsers. Origin of 408 errors 408 is the status code used by web servers or proxies when the client has not sent a whole HTTP request during a certain period of time. It...
Observability
Use Your Load Balancer to Monitor Application Health
HAProxy and HAProxy Enterprise collect a vast amount of information about the health of your applications being load balanced. That data, which uses the Prometheus text-based format for metrics, is published to a web page hosted by the load balancer, and since many...
Visualize HAProxy Metrics with InfluxDB
HAProxy generates over a hundred metrics to give you a nearly real-time view of the state of your load balancers and the services they proxy, but to get the most from this data, you need a way to visualize it. InfluxData’s InfluxDB suite of applications takes...
Logging with the HAProxy Kubernetes Ingress Controller
The HAProxy Kubernetes Ingress Controller publishes two sets of logs: the ingress controller logs and the HAProxy access logs. After you install the HAProxy Kubernetes Ingress Controller, logging jumps to mind as one of the first features to configure. Logs will tell...
Using HAProxy as an API Gateway, Part 4 [Metrics]
HAProxy publishes more than 100 metrics about the traffic flowing through it. When you use HAProxy as an API gateway, these give you insight into how clients are accessing your APIs. Several metrics come to mind as particularly useful, since they can help you...
DevOps
Announcing HAProxy Data Plane API 2.7
HAProxy Technologies is proud to unveil the 2.7 release of HAProxy Data Plane API. This release was a huge undertaking, and as with the 2.6 release, we focused on extending support for configuration keywords. We are happy to announce that with this release we support...
Verify OAuth JWT Tokens with HAProxy
With HTTP REST APIs serving as the backbone of modern web applications, securing those APIs presents a critical challenge for organizations. APIs are typically designed to be discoverable, self-documenting, and easily consumed by a range of programming languages, and...
[On-Demand Webinar] What’s New in HAProxy Data Plane API 2.6
Eager to discover new ways you can leverage HAProxy and the HAProxy Data Plane API for load balancing? In version 2.6, the API gained support for a huge number of new keywords, moved to a newer version of the Go programming language, upgraded its version of Swagger...
Announcing HAProxy Data Plane API 2.6
In HAProxy Data Plane API version 2.6, we continued the effort of expanding support for HAProxy configuration keywords, as this has been the priority with this release cycle, and it will be in the next one too to meet our goal of achieving complete feature parity with...
Kubernetes
Fundamentals: What Sets Containers Apart from Virtual Machines
Containers have fast become one of the most efficient ways of virtually deploying applications, offering more agility than a virtual machine (VM) can typically provide. Both containers and VMs are great tools for managing resources and application deployment, but what...
Custom Resources with HAProxy Kubernetes Ingress Controller
HAProxy Kubernetes Ingress Controller provides custom resources named Backend, Defaults, and Global that let you manage ingress controller settings more efficiently. In this blog post, you'll learn why custom resources are such a powerful feature and see tips for...
Announcing HAProxy Kubernetes Ingress Controller 1.8
We’re proud to announce the release of version 1.8 of the HAProxy Kubernetes Ingress Controller! In this release, we added support for full rootless mode, Prometheus metrics for the controller itself, and examples that are synchronized with our Helm chart. In this...
[On-Demand Webinar] Using CRDs to Improve Quality of Life in Kubernetes
Tuesday, July 12th, 2022 US: 12 noon EDT, 11 am CDT, 10am MDT, 9am PST EU: 6 pm CEST, 7 pm EEST Global: 4 pm UTC The HAProxy Kubernetes Ingress Controller now integrates even better with the Kubernetes ecosystem. By providing custom resources (CRDs) that represent...
Service Discovery
[On-Demand Webinar] What’s New in the HAProxy Data Plane API 2.3
The HAProxy Data Plane API enables remote, dynamic configuration of your HAProxy load balancers. Version 2.3 of the API adds: service discovery for AWS EC2 instances and Auto Scaling groups, the ability to view, add, and remove HAProxy ACLs, support for forwarding API...
Consul Service Discovery for HAProxy
HAProxy with the HAProxy Data Plane API can integrate with Consul to enable service discovery for your load balancer configuration. Many Ops team professionals rank HAProxy as their favorite load balancer because it adds high availability, security and...
Announcing HAProxy Data Plane API 2.3
The HAProxy Data Plane API 2.3 expands its service discovery mechanisms and introduces native support for discovering AWS EC2 instances and auto-scaling groups. It also adds a new configuration file that supports HCL and YAML, an Inotify configuration watcher, and...
Power Your Consul Service Mesh with HAProxy
Many of you use HashiCorp Consul for service discovery. It makes connecting one backend application or service to another easy: Your Consul servers store a catalog of addresses to all of your services; when an application within the network wants to discover where a...
Cloud
Fundamentals: What Sets Containers Apart from Virtual Machines
Containers have fast become one of the most efficient ways of virtually deploying applications, offering more agility than a virtual machine (VM) can typically provide. Both containers and VMs are great tools for managing resources and application deployment, but what...
AWS EC2 Service Discovery with HAProxy
AWS Auto Scaling groups are a powerful tool for creating scaling plans for your application. They let you dynamically create a group of EC2 instances that will maintain a consistent and predictable level of service. HAProxy's Data Plane API adds a cloud-native method...
HAProxy Enterprise Offers SAML-based Single Sign-on
HAProxy Enterprise handles SAML single sign-on for your applications and integrates with identity providers like Azure Active Directory. Single sign-on (SSO) is such a familiar convenience for companies that it's easy to forget how powerful it is. When employees...
Building Blocks of a Modern Proxy
A major outcome of IT/Ops evolution is realizing the importance of a reverse proxy, such as HAProxy, in achieving modern application delivery. This is the first post in a series about HAProxy's role in building a modern systems architecture that relies on cloud-native...
LUA
Announcing HAProxy 2.7
HAProxy 2.7 is now available! Register for the webinar HAProxy 2.7 Feature Roundup to learn more about this release and participate in a live Q&A with our experts. Once again, the latest HAProxy update features improvements across the board, upgrading old features...
Enabling CORS in HAProxy
The HAProxy Cross-Origin Resource Sharing (CORS) Lua module streamlines adding CORS to your APIs. What is CORS? Read on to learn more. It doesn't matter whether you're using Angular, React, Vue, or simple, vanilla JavaScript. You're guaranteed to need to fetch or...
5 Ways to Extend HAProxy with Lua
Use Lua to add fetches, converters, actions, services and tasks to HAProxy. Did you know that HAProxy embeds the Lua scripting language, which you can use to add new functionality? HAProxy features an extremely powerful and flexible configuration language and gives...
Let’s Encrypt (ACMEv2) for HAProxy
HAProxy Technologies is proud to announce the availability of an integrated Let’s Encrypt ACMEv2 Lua client for HAProxy and HAProxy Enterprise (HAPEE). HAProxy Enterprise comes bundled with Lua support in a precompiled binary conveniently distributed using your Linux...
Need More Assistance?
Contact the authoritative experts on HAProxy who will assist you in finding the solution that best fits your needs for deployment, scale, and security.
