In this tutorial, we will show you how to install HAProxy on your CentOS 8. For those of you who didn’t know, HAProxy is a free HTTP/TCP high availability load balancer and proxy server. It spreads requests among multiple servers to mitigate issues resulting from a single server failure. HA Proxy is used by a number of high-profile websites including GitHub, Bitbucket, Stack Overflow, Reddit, Tumblr, Twitter, and Tuenti, and is used in the OpsWorks product from Amazon Web Services.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation HAProxy on CentOS 8.
Prerequisites
- A server running one of the following operating systems: CentOS 8.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install HAProxy on CentOS 8
Step 1. First, let’s start by ensuring your system is up-to-date.
sudo clean all sudo dnf update
Step 2. Installing HAProxy on CentOS 8.
HAProxy is available on the default CentOS 8, Now use the following dnfa command to install HAProxy:
sudo dnf install haproxy
Step 3. Configuring HAProxy.
We are going to create a configuration file /etc/haproxy/haproxy.cfg containing the necessary settings and configurations:
sudo nano /etc/haproxy/haproxy.cfg
Enter the following into the file:
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend main
bind *:5000
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend app
backend static
balance roundrobin
server static 127.0.0.1:4331 check
backend app
balance roundrobin
server app1 127.0.0.1:5001 check
server app2 127.0.0.1:5002 check
server app3 127.0.0.1:5003 check
server app4 127.0.0.1:5004 check
You can view the configuration details and more information check this URL. Once you have configured HAProxy, its time to start the service:
sudo systemctl start haproxy sudo systemctl enable haproxy
Step 4. Configure Firewall.
We will add the HAProxy to the CentOS 8 firewall and update the rules with the following commands:
sudo firewall-cmd --add-port=8088/tcp --permanent sudo firewall-cmd --reload
Step 5. Configure HAProxy Logging.
To configure HAProxy standard logging edit /etc/rsyslog.conf and enable UDP Syslog reception on port 514:
sudo nano /etc/rsyslog.conf
... # Provides UDP syslog reception # for parameters see http://www.rsyslog.com/doc/imudp.html module(load="imudp") # needs to be done just once input(type="imudp" port="514") ... *.info;mail.none;authpriv.none;cron.none,local2.none /var/log/messages local2.* /var/log/haproxy.log ...
Then, save the configuration file and run the command below to check for any errors:
rsyslogd -N1 sudo systemctl restart rsyslog haproxy
Step 6. Configure Apache X-Forwarded-For Logging on Backend Servers.
Now we login to the backend servers and configure Apache to log X-Forwarded-For headers. The default line we are changing is:
...
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
...
Edit this line such that it looks like:
...
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
...
Save the file and restart Apache:
apachectl configtest sudo systemctl restart httpd
Step 7. Testing HAProxy Load Balancer.
To verify that HAProxy is able to load balance the HTTP requests, navigate to the browser, and access HAProxy using either the hostname or IP address.
Congratulations! You have successfully installed HAProxy. Thanks for using this tutorial for installing HAProxy on your CentOS 8 systems. For additional help or useful information, we recommend you to check the official HAProxy website.
