CentOSLinuxTutorials

How To Install HAProxy on CentOS 8

r00t

Install HAProxy on CentOS 8

In this tutorial, we will show you how to install HAProxy on your CentOS 8. For those of you who didn’t know, HAProxy is a free HTTP/TCP high availability load balancer and proxy server. It spreads requests among multiple servers to mitigate issues resulting from a single server failure. HA Proxy is used by a number of high-profile websites including GitHub, Bitbucket, Stack Overflow, Reddit, Tumblr, Twitter, and Tuenti, and is used in the OpsWorks product from Amazon Web Services.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation HAProxy on CentOS 8.

Prerequisites

  • A server running one of the following operating systems: CentOS 8.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install HAProxy on CentOS 8

Step 1. First, let’s start by ensuring your system is up-to-date.

sudo clean all
sudo dnf update

Step 2. Installing HAProxy on CentOS 8.

HAProxy is available on the default CentOS 8, Now use the following dnfa command to install HAProxy:

sudo dnf install haproxy

Step 3. Configuring HAProxy.

We are going to create a configuration file /etc/haproxy/haproxy.cfg containing the necessary settings and configurations:

sudo nano /etc/haproxy/haproxy.cfg

Enter the following into the file:

global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon
    stats socket /var/lib/haproxy/stats
    ssl-default-bind-ciphers PROFILE=SYSTEM
    ssl-default-server-ciphers PROFILE=SYSTEM
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000
frontend main
    bind *:5000
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .jpg .gif .png .css .js
    use_backend static          if url_static
    default_backend             app
backend static
    balance     roundrobin
    server      static 127.0.0.1:4331 check
backend app
    balance     roundrobin
    server  app1 127.0.0.1:5001 check
    server  app2 127.0.0.1:5002 check
    server  app3 127.0.0.1:5003 check
    server  app4 127.0.0.1:5004 check

You can view the configuration details and more information check this URL. Once you have configured HAProxy, its time to start the service:

sudo systemctl start haproxy
sudo systemctl enable haproxy

Step 4. Configure Firewall.

We will add the HAProxy to the CentOS 8 firewall and update the rules with the following commands:

sudo firewall-cmd --add-port=8088/tcp --permanent
sudo firewall-cmd --reload

Step 5. Configure HAProxy Logging.

To configure HAProxy standard logging edit /etc/rsyslog.conf and enable UDP Syslog reception on port 514:

sudo nano /etc/rsyslog.conf
...
# Provides UDP syslog reception
# for parameters see http://www.rsyslog.com/doc/imudp.html
module(load="imudp") # needs to be done just once
input(type="imudp" port="514")
...
*.info;mail.none;authpriv.none;cron.none,local2.none /var/log/messages
local2.* /var/log/haproxy.log
...

Then, save the configuration file and run the command below to check for any errors:

rsyslogd -N1
sudo systemctl restart rsyslog haproxy

Step 6. Configure Apache X-Forwarded-For Logging on Backend Servers.

Now we login to the backend servers and configure Apache to log X-Forwarded-For headers. The default line we are changing is:

...
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
...

Edit this line such that it looks like:

...
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
...

Save the file and restart Apache:

apachectl configtest
sudo systemctl restart httpd

Step 7. Testing HAProxy Load Balancer.

To verify that HAProxy is able to load balance the HTTP requests, navigate to the browser, and access HAProxy using either the hostname or IP address.

Congratulations! You have successfully installed HAProxy. Thanks for using this tutorial for installing HAProxy on your CentOS 8 systems. For additional help or useful information, we recommend you to check the official HAProxy website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Copyright © 2024 idroot.us | All Rights Reserved.
Back to top button