Load Balancing with HAproxy

Modified: 05 Jan 2015 18:06 UTC

Regardless of the option you choose, using some sort of load balancing solution in your infrastructure is highly recommended. However, if you need a solution that is cost-effective up front, you can setup an open source load balancing solution such as HAproxy. 

HAProxy is an open source load balancer that functions as a fast proxy server and provides high availability for TCP and HTTP-based applications. HAproxy is easy to install on a SmartMachine and includes support for SMF. Although not installed on a SmartMachine by default, HAproxy is available as a package in pkgsrc on any SmartMachine you provision. Once installed, you will need to configure HAproxy in various ways to fit your environment.

In this topic:

At a Glance

This topic shows you how to install and configure the open source load balancer HAproxy in the Joyent Public Cloud.

Installing HAproxy

To install HAproxy, run this command:

pkgin in haproxy

Installation of HAproxy includes an SMF manifest that supports the enabling, disabling, and restarting of the HAproxy persistent daemon process. You can enable that process by running:

svcadm enable haproxy:default
You can learn more about using SMF in the Joyent Public Cloud here.

The default location for HAproxy is:


The default location for the HAproxy configuration file is:


Configuring HAproxy

There are two specific components of an HAproxy configuration that you will need to address: configuration properties and the load balancing algorithms your configuration will use.

HAproxy Configuration Parameters

HAproxy is installed with a configuration file that is populated with default values for various parameters. Before you start using HAproxy, you will need to set these parameters to values that support your environment. HAproxy configuration parameters are broken down into three primary components:

Below are some notable parameters.

Parameter Value Description
mode tcp, http, or health This parameters sets the mode for the proxy instance. Use one of the three following values with this parameter.
  • TCP: The instance will work in pure TCP mode. A full-duplex connection will be established between clients and servers, and no layer 7 examination will be performed. This is the default mode. It should be used for SSL, SSH, SMTP.
  • HTTP: The instance will work in HTTP mode. The client request will be analyzed in depth before connecting to any server. Any request which is not RFC-compliant will be rejected. Layer 7 filtering, processing and switching will be possible. This is the mode which brings HAProxy most of its value.
  • HEALTH: The instance will work in "health" mode. It will just reply "OK" to incoming connections and close the connection. Nothing will be logged. This mode is used to reply to external components health checks. This mode is deprecated and should not be used anymore as it is possible to do the same and even better by combining TCP or HTTP modes with the "monitor" keyword.
maxconn number Fix the maximum number of concurrent connections on a frontend. Consumes about 17 kB of RAM per established connection. That means that a medium system equipped with 1GB of RAM can withstand around 40000-50000 concurrent connections if properly tuned.
retries number Set the number of retries to perform on a server after a connection failure.
option forwardfor, httplog, tcplog, logasap, dontlognull These are options you can set in your configuration. You can set any number of these options in your configuration by including the option parameter multiple times.
  • forwardfor: Enable insertion of the X-Forwarded-For header to requests sent to servers.
  • httplog: Enable logging of HTTP request, session state, and timers.
  • tcplog: Enable advanced logging of TCP connections with session state and timers.
  • logasap: Enable or disable early logging of HTTP requests.
  • dontlognull: Enable or disable logging of null connections.

About Proxy Sections

Proxy sections are defined in the following way:

Proxy Description
defaults <name> Sets default parameters for all sections following its declaration.
If you include more than one defaults section in a configuration file, the default parameter values are reset by the last listed section.
frontend <name> 
Describes a set of listening sockets accepting client connections. 
backend <name> 
Describes a set of servers to which the proxy will connect to forwarded incoming connections. 
listen <name> 
Defines a complete proxy with its frontend and backend parts combined in one section.
Generally, most useful for TCP-only traffic.