How Do You Set up HAProxy on a Linux Server?

Problem scenario
You have some web servers that you want a new HAProxy server to distribute traffic to.  You have an Ubuntu or Debian Linux server that you want HAProxy installed on.  What do you do?

Solution
Prerequisites

You have at least two web servers set up and you know their IP addresses (either internal or external).  If you do not have these, you may want to see one of these four articles:

How Do You Install Apache Web Server on Ubuntu Linux?
How Do You install Apache Web Server with CentOS/RHEL/Fedora?
How Do You install Nginx on a Debian/Ubuntu Server?
How Do You install Nginx on a CentOS/RHEL/Fedora Server?

You have a third Linux server which will receive the HAProxy installation; this server can have as little as 1 GB of RAM and just one basic processor.  You may need a more powerful server if it will support considerable traffic, but for testing it will be fine.

Procedures
These steps are to be done on the server that will get the HAProxy installation.

1.  If you are using an Ubuntu or Debian server, run these commands:
sudo apt -y update
sudo apt-get -y install haproxy

If you are using a CentOS/RHEL/Fedora server, run these commands:
sudo yum -y update
sudo yum -y install haproxy

2.a.  Modify the main configuration file with this command:
sudo vi /etc/haproxy/haproxy.cfg

2.b.  Determine if you have a CentOS/RHEL/Fedora server (a RedHat derivative) or an Ubuntu/Debian server.  Follow the step 2.b.i or 2.b.ii for your distribution only (do not do both):

2.b.i  For CentOS/RHEL/Fedora, find the "frontend main" section.  Replace the "5000" with "80".  With an indentation to match the other stanzas underneath "frontend main" insert this stanza:
    option                      forwardfor

For the "backend app" section find the stanza with "app1". Replace the 127.0.0.1 with the internal or external IP address of one of the web servers.  Replace the 5001 value with "80".    

Find the stanza with "app2". Replace the 127.0.0.1 with the internal or external IP address of one of the web servers.  Replace the 5002 value with "80".  Skip to 3.

2.b.ii  For Ubuntu or Debian, do the following.  To have HAProxy distribute traffic to different web servers, insert these stanzas at the bottom of the above file (from "frontend firstbalance to "option httpchk"):

frontend firstbalance
        bind *:80
        option forwardfor
        default_backend webservers

backend webservers
        balance roundrobin
        server webserver1 x.x.x.x:80
        server webserver2 y.y.y.y:80
        option httpchk

2.c.  Replace x.x.x.x with the IP address (either internal or external) of the first web server.  Replace y.y.y.y with the IP address (either internal or external) of the second web server.  Save the changes.

3.  Verify you have no intermediate firewall, or AWS Security Group, or Azure NSG, or Google firewall rule, between the HAProxy server and the IP address it is trying to reach.  Port 80 must be open from the HAProxy server to the other servers.  Remember if you are reaching internal IP addresses, use the internal IP address of the HAProxy server.  If you are configuring HAProxy to use external IP addresses, use the external IP adress of the HAProxy server.  To find your external IP address, use this command (assuming you have access to the internet): curl icanhazip

To find your internal IP address use this command: ip addr show | grep inet

4.  Restart HAProxy.  If you have a Debian/Ubuntu server, use this command:
sudo /etc/init.d/haproxy restart

Otherwise use this command:
sudo service haproxy start

Leave a comment

Your email address will not be published. Required fields are marked *