In this tutorial, we will show you how to install and configure HAProxy on Ubuntu 16.04 LTS. For those of you who didn’t know, HAProxy is a free HTTP/TCP high availability load balancer and proxy server. It spreads requests among multiple servers to mitigate issues resulting from a single server failure. HA Proxy is used by a number of high-profile websites including GitHub, Bitbucket, Stack Overflow, Reddit, Tumblr, Twitter, and Tuenti, and is used in the OpsWorks product from Amazon Web Services.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo
‘ to the commands to get root privileges. I will show you the step-by-step installation HAProxy on a Ubuntu 16.04 (Xenial Xerus) server.
Prerequisites
- A server running one of the following operating systems: Ubuntu 16.04 (Xenial Xerus).
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo user
or access to theroot user
. We recommend acting as anon-root sudo user
, however, as you can harm your system if you’re not careful when acting as the root.
Install HAProxy on Ubuntu 16.04 LTS
Step 1. First, make sure that all your system packages are up-to-date by running the following apt-get
commands in the terminal.
sudo apt-get update sudo apt-get upgrade
Step 2. Network Details.
Below is our network server. There are 3 web servers running with Apache2 and listening on port 80 and one HAProxy server:
Web Server Details: Server 1: web1.idroot.us 192.168.1.101 Server 2: web2.idroot.us 192.168.1.102 Server 3: web3.idroot.us 192.168.1.103 HAProxy Server: HAProxy: haproxy 192.168.1.16
Step 3. Installing HAProxy.
Now install HAProxy with the following command:
apt-get -y install haproxy
After the installation you can double-check the installed version number with the following:
haproxy -v
Step 4. Configuring HAProxy.
We have to modify the configuration file of HAProxy i.e. /etc/haproxy/haproxy.cfg
as per our requirement. (Change this configuration to your network requirements). For more configuration details check this URL.
### nano /etc/haproxy/haproxy.cfg global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256::RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS ssl-default-bind-options no-sslv3 defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend Local_Server bind 192.168.1.16:80 mode http default_backend My_Web_Servers backend My_Web_Servers mode http balance roundrobin option forwardfor http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } option httpchk HEAD / HTTP/1.1rnHost:localhost server web1.idroot.us 192.168.1.101:80 server web2.idroot.us 192.168.1.102:80 server web3.idroot.us 192.168.1.103:80 listen stats *:1936 stats enable stats hide-version stats refresh 30s stats show-node stats auth username:password stats uri /stats
Since you have done with all necessary configurations for the proxy server, verify the configuration file before restarting the service using the following command:
haproxy -c -f /etc/haproxy/haproxy.cfg
If the above command return output as “configuration file is valid” then restart the HAProxy service:
systemctl restart haproxy
Step 5. Accessing HAProxy.
Open your favorite browser and access port 80 on IP 192.168.0.16 (as configured above) in a web browser and hit refresh. You will see that HAProxy is sending requests to the backend server one by one (as per the round-robin algorithm).
Congratulations! You have successfully installed HAProxy. Thanks for using this tutorial for installing HAProxy load balancing on Ubuntu 16.04 LTS (Xenial Xerus) system. For additional help or useful information, we recommend you to check the official HAProxy website.