Installing and Configuring HAProxy Load Balancer on Ubuntu 20.04

HAProxy, short for High Availability Proxy, is an open-source load balancing tool designed to efficiently route HTTP traffic across several backend systems—whether applications, websites, or databases. Known for its speed and reliability, HAProxy scales effortlessly, earning the trust of leading platforms such as Twitter, GitHub, and Amazon Web Services.

Why HAProxy Matters in Today’s Connected World

In an era where applications might serve millions globally—such as social media platforms—even brief downtimes can lead to financial setbacks and user dissatisfaction. High availability is therefore essential. One proven strategy is to deploy multiple instances of your infrastructure and position a load balancer at the entry point to distribute traffic effectively.

Key Advantages of HAProxy

HAProxy is built to ensure uninterrupted service by handling infrastructure failures gracefully. To leverage its capabilities, design your system with redundancy—running multiple instances of critical services prone to failure or regular updates. HAProxy’s failover mechanism actively monitors the performance and health of your clustered servers, routing traffic exclusively to those that are functioning correctly. This ensures all pillars of high availability—redundancy, failover, and monitoring—are in place.

Objective of This Guide

In this walkthrough, you’ll learn how to install and configure HAProxy on an Ubuntu 20.04 system to manage web traffic between two backend servers.

Prerequisites

Before beginning, ensure the following:

  • Three Ubuntu 20.04 servers connected via a private network. All servers should be located in the same data center.
  • A user account with sudo privileges.

This tutorial uses the following sample configuration. Update these details based on your own setup:

  • Hostname: main-server
    Public IP: 192.0.2.10
    Private IP: 10.0.0.10
  • Hostname: server-1
    Public IP: 192.0.2.11
    Private IP: 10.0.0.11
  • Hostname: server-2
    Public IP: 192.0.2.12
    Private IP: 10.0.0.12

Install Apache only on server-1 and server-2. Avoid installing it on main-server to prevent port conflicts, as both Apache and HAProxy use port 80.

Step 1: Installing HAProxy on the Main Server

To begin, access your main server via SSH and update your package list:

Next, install HAProxy using the following command:

$ sudo apt install -y haproxy

Verify that HAProxy is active and running:

$ sudo systemctl status haproxy

Look for the following line in the output to confirm it’s operational:

...
Active: active (running)
...

To display the installed version of HAProxy, use the following command:

You should see output resembling the following:

HA-Proxy version 2.0.13-2ubuntu0.2 2021/08/16 - https://haproxy.org/

With HAProxy successfully installed, you’re now ready to proceed with its configuration to balance web traffic across your backend servers.

Step 2: Setting Up the HAProxy Configuration File

HAProxy’s primary configuration file is located at:

/etc/haproxy/haproxy.cfg

Before making any changes, safeguard the current configuration by creating a backup with the cp command:

$ sudo cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bk

Next, open the configuration file with the nano editor:

$ sudo nano /etc/haproxy/haproxy.cfg

Inside the file, you’ll find several distinct configuration sections:

global

This top-level section defines system-wide settings related to performance and security. Avoid modifying these defaults for now. A sample setup may look like this:

global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private
        ...

defaults

This section includes commonly used settings like timeouts and error handling. As with the global section, leave these values untouched for now:

defaults
        log     global
        mode    http
        ...
        timeout server  50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        ...
        errorfile 408 /etc/haproxy/errors/408.http

frontend and backend

These sections control traffic flow. You’ll define a frontend to bind to port 80 and link it to a backend labeled web_servers. The backend section distributes requests using the roundrobin method across two nodes. Alternatively, you could use leastconn to prioritize less busy servers. Be sure to replace the private IP addresses with those of your own servers. The check keyword enables health checks.

frontend example_front_end
    bind *:80
    option forwardfor  
    default_backend web_servers    

backend web_servers
    balance roundrobin
    server server-1 10.0.0.11:8080 check
    server server-2 10.0.0.12:8080 check

listen

Optionally, create a listen section for performance metrics. These settings allow access to HAProxy statistics via a browser. Replace ha_proxy_admin and EXAMPLE_PASSWORD with your desired credentials.

listen stats
    bind :32600
    stats enable
    stats uri /
    stats hide-version
    stats auth ha_proxy_admin:EXAMPLE_PASSWORD

After making changes, save and close the file. If Apache is installed on the main-server, it will conflict with HAProxy on port 80. Stop Apache to prevent this issue:

$ sudo systemctl stop apache2

Now restart HAProxy to apply the updated configuration:

$ sudo systemctl restart haproxy

HAProxy is now active and ready to distribute HTTP traffic to the appropriate backend servers.

Step 3: Adjust Apache to Use Port 8080 on Backend Servers

By default, Apache listens on port 80. Since HAProxy is forwarding traffic to port 8080, you need to modify this on both server-1 and server-2.

Open the ports.conf file on each backend server:

$ sudo nano /etc/apache2/ports.conf

Find the directive:

Listen 80

And change it to:

Listen 8080

Next, open the default virtual host file on both backend servers:

$ sudo nano /etc/apache2/sites-available/000-default.conf

Look for this line:

<VirtualHost *:80>

And update it to:

<VirtualHost *:8080>

Save the changes and restart Apache on both servers:

$ sudo systemctl restart apache2

Apache is now set to listen on port 8080 on both backend servers and will be ready to receive traffic routed through HAProxy. The next step involves creating test web content on each backend node.

Step 4: Creating Web Pages on Backend Servers

Clients accessing your application will reach the HAProxy instance installed on the main server. From there, HAProxy will evenly distribute traffic across your backend systems. For this reason, you’ll need to create basic HTML content on both server-1 and server-2 within their public web directories.

Begin by removing the default Apache index files on both backend nodes:

On server-1:

$ sudo rm /var/www/html/index.html

On server-2:

$ sudo rm /var/www/html/index.html

Now, create a new HTML file on server-1 using a text editor:

$ sudo nano /var/www/html/index.html

Insert the following content into the file:

<html>
  <head>
    <title>Backend Server 1</title>
  </head>
  <body>
    <h1>Server 1 is working.</h1>
  </body>
</html>

Save the file, then repeat the process on server-2:

$ sudo nano /var/www/html/index.html

Enter the following HTML content:

<html>
  <head>
    <title>Backend Server 2</title>
  </head>
  <body>
    <h1>Server 2 is working.</h1>
  </body>
</html>

Save and close the file. You’ve now set up different content on each backend node. In the next step, you’ll test HAProxy’s ability to balance traffic between the two.

Step 5: Verifying HAProxy Load Balancing

To validate that HAProxy is distributing HTTP requests properly, open a browser and visit the public IP address of your main server:

Example: http://192.0.2.10

Initially, the page should return content served by server-1:

Server 1

Refresh the browser. You should now see the page served by server-2:

Server 2

To check runtime statistics of your HAProxy setup, visit the stats page exposed on port 32600:

Example: http://192.0.2.10:32600

Use the login credentials defined in the stats section of your configuration file. For example:

...
listen stats
    ...      
    stats auth ha_proxy_admin:EXAMPLE_PASSWORD
...

After successful authentication, a dashboard will appear showing extensive details about HAProxy’s performance metrics.

Summary

HAProxy is now up and running, successfully balancing incoming traffic from the main server to both backend nodes. In this example, different HTML content was used on each server to illustrate traffic distribution. However, in a live environment, backend nodes should serve consistent data, particularly when linked to a shared database such as MySQL with group replication. This ensures that even if one backend becomes unavailable, user experience and data remain intact.

Conclusion

In this tutorial, you installed and configured HAProxy on Ubuntu 20.04 and directed HTTP requests across two separate backend servers. This setup can be extended to accommodate additional nodes depending on your app’s traffic needs. By balancing traffic effectively, HAProxy ensures that no single server becomes overwhelmed, maintaining stability and performance even during peak usage.

Source: vultr.com

Create a Free Account

Register now and get access to our Cloud Services.

Posts you might be interested in: