Installing and Configuring HAProxy Load Balancer on Ubuntu 20.04
HAProxy, short for High Availability Proxy, is an open-source load balancing tool designed to efficiently route HTTP traffic across several backend systems—whether applications, websites, or databases. Known for its speed and reliability, HAProxy scales effortlessly, earning the trust of leading platforms such as Twitter, GitHub, and Amazon Web Services.
Why HAProxy Matters in Today’s Connected World
In an era where applications might serve millions globally—such as social media platforms—even brief downtimes can lead to financial setbacks and user dissatisfaction. High availability is therefore essential. One proven strategy is to deploy multiple instances of your infrastructure and position a load balancer at the entry point to distribute traffic effectively.
Key Advantages of HAProxy
HAProxy is built to ensure uninterrupted service by handling infrastructure failures gracefully. To leverage its capabilities, design your system with redundancy—running multiple instances of critical services prone to failure or regular updates. HAProxy’s failover mechanism actively monitors the performance and health of your clustered servers, routing traffic exclusively to those that are functioning correctly. This ensures all pillars of high availability—redundancy, failover, and monitoring—are in place.
Objective of This Guide
In this walkthrough, you’ll learn how to install and configure HAProxy on an Ubuntu 20.04 system to manage web traffic between two backend servers.
Prerequisites
Before beginning, ensure the following:
- Three Ubuntu 20.04 servers connected via a private network. All servers should be located in the same data center.
- A user account with sudo privileges.
This tutorial uses the following sample configuration. Update these details based on your own setup:
- Hostname: main-server
Public IP: 192.0.2.10
Private IP: 10.0.0.10 - Hostname: server-1
Public IP: 192.0.2.11
Private IP: 10.0.0.11 - Hostname: server-2
Public IP: 192.0.2.12
Private IP: 10.0.0.12
Install Apache only on server-1
and server-2
. Avoid installing it on main-server
to prevent port conflicts, as both Apache and HAProxy use port 80.
Step 1: Installing HAProxy on the Main Server
To begin, access your main server via SSH and update your package list:
$ sudo apt update
Next, install HAProxy using the following command:
$ sudo apt install -y haproxy
Verify that HAProxy is active and running:
$ sudo systemctl status haproxy
Look for the following line in the output to confirm it’s operational:
...
Active: active (running)
...
To display the installed version of HAProxy, use the following command:
$ haproxy -v
You should see output resembling the following:
HA-Proxy version 2.0.13-2ubuntu0.2 2021/08/16 - https://haproxy.org/
With HAProxy successfully installed, you’re now ready to proceed with its configuration to balance web traffic across your backend servers.
Step 2: Setting Up the HAProxy Configuration File
HAProxy’s primary configuration file is located at:
/etc/haproxy/haproxy.cfg
Before making any changes, safeguard the current configuration by creating a backup with the cp
command:
$ sudo cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bk
Next, open the configuration file with the nano
editor:
$ sudo nano /etc/haproxy/haproxy.cfg
Inside the file, you’ll find several distinct configuration sections:
global
This top-level section defines system-wide settings related to performance and security. Avoid modifying these defaults for now. A sample setup may look like this:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
...
defaults
This section includes commonly used settings like timeouts and error handling. As with the global
section, leave these values untouched for now:
defaults
log global
mode http
...
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
...
errorfile 408 /etc/haproxy/errors/408.http
frontend and backend
These sections control traffic flow. You’ll define a frontend to bind to port 80 and link it to a backend labeled web_servers
. The backend section distributes requests using the roundrobin
method across two nodes. Alternatively, you could use leastconn
to prioritize less busy servers. Be sure to replace the private IP addresses with those of your own servers. The check
keyword enables health checks.
frontend example_front_end
bind *:80
option forwardfor
default_backend web_servers
backend web_servers
balance roundrobin
server server-1 10.0.0.11:8080 check
server server-2 10.0.0.12:8080 check
listen
Optionally, create a listen
section for performance metrics. These settings allow access to HAProxy statistics via a browser. Replace ha_proxy_admin
and EXAMPLE_PASSWORD
with your desired credentials.
listen stats
bind :32600
stats enable
stats uri /
stats hide-version
stats auth ha_proxy_admin:EXAMPLE_PASSWORD
After making changes, save and close the file. If Apache is installed on the main-server
, it will conflict with HAProxy on port 80. Stop Apache to prevent this issue:
$ sudo systemctl stop apache2
Now restart HAProxy to apply the updated configuration:
$ sudo systemctl restart haproxy
HAProxy is now active and ready to distribute HTTP traffic to the appropriate backend servers.
Step 3: Adjust Apache to Use Port 8080 on Backend Servers
By default, Apache listens on port 80. Since HAProxy is forwarding traffic to port 8080, you need to modify this on both server-1
and server-2
.
Open the ports.conf
file on each backend server:
$ sudo nano /etc/apache2/ports.conf
Find the directive:
Listen 80
And change it to:
Listen 8080
Next, open the default virtual host file on both backend servers:
$ sudo nano /etc/apache2/sites-available/000-default.conf
Look for this line:
<VirtualHost *:80>
And update it to:
<VirtualHost *:8080>
Save the changes and restart Apache on both servers:
$ sudo systemctl restart apache2
Apache is now set to listen on port 8080 on both backend servers and will be ready to receive traffic routed through HAProxy. The next step involves creating test web content on each backend node.
Step 4: Creating Web Pages on Backend Servers
Clients accessing your application will reach the HAProxy instance installed on the main server. From there, HAProxy will evenly distribute traffic across your backend systems. For this reason, you’ll need to create basic HTML content on both server-1
and server-2
within their public web directories.
Begin by removing the default Apache index files on both backend nodes:
On server-1:
$ sudo rm /var/www/html/index.html
On server-2:
$ sudo rm /var/www/html/index.html
Now, create a new HTML file on server-1
using a text editor:
$ sudo nano /var/www/html/index.html
Insert the following content into the file:
<html>
<head>
<title>Backend Server 1</title>
</head>
<body>
<h1>Server 1 is working.</h1>
</body>
</html>
Save the file, then repeat the process on server-2
:
$ sudo nano /var/www/html/index.html
Enter the following HTML content:
<html>
<head>
<title>Backend Server 2</title>
</head>
<body>
<h1>Server 2 is working.</h1>
</body>
</html>
Save and close the file. You’ve now set up different content on each backend node. In the next step, you’ll test HAProxy’s ability to balance traffic between the two.
Step 5: Verifying HAProxy Load Balancing
To validate that HAProxy is distributing HTTP requests properly, open a browser and visit the public IP address of your main server:
Example: http://192.0.2.10
Initially, the page should return content served by server-1
:
Server 1
Refresh the browser. You should now see the page served by server-2
:
Server 2
To check runtime statistics of your HAProxy setup, visit the stats page exposed on port 32600:
Example: http://192.0.2.10:32600
Use the login credentials defined in the stats
section of your configuration file. For example:
...
listen stats
...
stats auth ha_proxy_admin:EXAMPLE_PASSWORD
...
After successful authentication, a dashboard will appear showing extensive details about HAProxy’s performance metrics.
Summary
HAProxy is now up and running, successfully balancing incoming traffic from the main server to both backend nodes. In this example, different HTML content was used on each server to illustrate traffic distribution. However, in a live environment, backend nodes should serve consistent data, particularly when linked to a shared database such as MySQL with group replication. This ensures that even if one backend becomes unavailable, user experience and data remain intact.
Conclusion
In this tutorial, you installed and configured HAProxy on Ubuntu 20.04 and directed HTTP requests across two separate backend servers. This setup can be extended to accommodate additional nodes depending on your app’s traffic needs. By balancing traffic effectively, HAProxy ensures that no single server becomes overwhelmed, maintaining stability and performance even during peak usage.