HaProxy configuration is good or not?

ascige · April 4, 2018, 5:21pm

Hi everyone.
I have used haproxy but I would to know if my configuration is good or not.
I try to explain my situation :
I have a load balancer (where I install haproxy ) which has two IP : one public : for example 1.1.1.1 and one private : 172.18.2.1
Then I have 3 webservers which have only one private IP : 172.18.2.2, 172.18.2.3 and 172.18.2.4.
I would that haproxy shift webserver based on load of server.
I attach my configuration. Please, is there someone who confirm that my configuration is good?
Thanks a lot for any suggest.

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon

defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http

frontend MT
bind 1.1.1.1:80
reqadd X-Forwarded-Proto:\ http
default_backend MT

backend MT
mode http
stats enable
stats hide-version
stats uri /stats
stats realm Haproxy\ Statistics
stats auth haproxy:jessie # Credentials for HAProxy Statistic report page.
balance source
stick-table type ip size 200k expire 60m
stick on src
option httpchk
option httpclose
option forwardfor
cookie LBN insert indirect nocache
server vweb1 172.18.2.2:80 cookie vweb1 check # backend server #1
server vweb2 172.18.2.3:80 cookie wweb2 check # backend server #2
server vweb3 172.18.2.4:80 cookie vweb3 check # backend server #3

shivharsh · April 5, 2018, 7:49am

Hi,

Your configuration looks good to me.

However, there are a couple of things I would like to mention:

expose-fd listeners directive has been introduced in haproxy after version 1.8. Therefore, if you use this configuration with an haproxy version lower than 1.8, you would run into an unknown keyword error.
It is advisable to have a separate LISTEN directive for haproxy stats. This would help you to keep the configuration tidy and well categorized, especially when defining multiple backends. You can have the directive defined as below:
```
 listen stats
 		bind *:9999
 		stats enable
 		stats hide-version
 		stats uri /stats
 		stats realm Haproxy\ Statistics
 		stats auth haproxy:jessie # Credentials for HAProxy Statistic report page.
```
You need to ensure that the directory /run/haproxy/ exists, else you would run into "cannot bind UNIX socket" error.

Thanks,
Shivharsh

Topic		Replies	Views
Weird HAPROXY setup not balancing Help!	0	980	May 11, 2016
HAProxy Configuration for LDAP Loadbalancing Help!	0	814	November 12, 2021
HAProxy DDoS protection suggestions Help!	0	2002	October 21, 2019
HAProxy Container Setup Help!	1	986	November 27, 2017
Config for clustering Help!	3	573	June 5, 2018

HaProxy configuration is good or not?

Related Topics