Skip to content

HAProxy Load Balancer setup including logging on Debian

Published by Jens on June 7, 2013

If you are looking for a fast, reliable and easy to configure load balancer HAProxy might be the right choice for you. In the following post I will explain the quick and easy setup of a basic HAProxy balancer which in this example handles two domains, forwards them to three servers and also logs the incoming connections.
Ok, so we start by installing HAProxy:

apt-get install haproxy

Next we can already go ahead and edit the config file (choose your favorite editor, I will be using nano):

nano /etc/haproxy/haproxy.cfg

This file will be our main point of interest for setting up the server. We will insert four different blocks of information to the config file. These blocks are called “global”, “defaults”, “frontend” and “backend”.
We will start with the “global” block, which sets process-wide parameters. In our case it includes information for logging purposes, setting of a maximum of overall connections and open files as well as setting of user and group and daemonizing the balancer. For more detailed information on the possible configuration parameters please see the HAProxy Configuration Manual.

global
 log /dev/log local0 info
 log /dev/log local0 notice
 maxconn 10000
 ulimit-n 20000
 user haproxy
 group haproxy
 daemon

Next comes the “defaults” section, which will set default parameters for the following sections. For a detailed description of the values set here please refer to the documentation, but I think most of the values already explain itself. But have a look at the last value called “stats auth”. There you can put your credentials, e.g. user and password to enable access to statistics. Stats will be available at http://your-domain.com/haproxy?stats or http://your-server-ip/haproxy?stats.

defaults
 log global
 mode http
 option httplog
 option dontlognull
 retries 3
 option redispatch
 option forwardfor
 option forceclose
 maxconn 10000
 contimeout 5000
 clitimeout 50000
 srvtimeout 50000
 stats enable
 stats auth user:password

Next we include the “frontend” block, where we define access control lists (ACLs), which enable us to route to different backends based on the domain or other criterias such as i.e. URL path. In this example we will only use a basic differentiation by domain. After defining the ACLs we also assign them to different backends. So suppose we have our two domains “your-domain.com” and “your-domain2.com” our “frontend” looks like this:

frontend all 0.0.0.0:80
 acl acl_your_domain hdr_dom(host) -i your-domain.com
 acl acl_your_domain2 hdr_dom(host) -i your-domain2.com

 use_backend your_domain if acl_your_domain
 use_backend your_domain2 if acl_your_domain2

Ok, now we only have to set up our servers to the used backends “your_domain” and “your_domain2”. Since we expect “your_domain” to have a lot more traffic we will assign two of our three servers to that domain. We will also include a cookie for our backend “your_domain” in order to prevent the requesting user from switching servers on every request. Also, do not forget to replace the dummy IPs by your own server IPs.

backend your_domain
 cookie SRVID insert indirect nocache
 server srv_your_domain 1.2.3.4:80 cookie SRVID weight 1 check inter 20000
 server srv2_your_domain 1.2.3.5:80 cookie SRVID weight 1 check inter 20000

backend your_domain2
 server srv_your_domain2 1.2.3.6:80 weight 1 check inter 20000

Almost done. Some minor changes to the default config file are necessary.

nano /etc/default/haproxy

We need to set ENABLED to 1 in order to get all the init scripts working:

ENABLED=1

Ok, only some parts for the logging are still missing. First we need to tell rsyslog to catch our logs. For that purpose we create a HAProxy config file for rsyslog:

nano /etc/rsyslog.d/haproxy.conf

And then add the following:

if ($programname == 'haproxy' and $syslogseverity-text == 'info') then -/var/log/haproxy/haproxy-info.log
& ~
if ($programname == 'haproxy' and $syslogseverity-text == 'notice') then -/var/log/haproxy/haproxy-notice.log
& ~

Now the final step which will be configuring logrotation:

nano /etc/logrotate.d/haproxy

Insert the following to the file. This will rotate your HAProxy logs daily and keep them for 4 weeks.

/var/log/haproxy/*.log {
    daily
    missingok
    rotate 28
    compress
    delaycompress
    notifempty
    create 644 root adm
    sharedscripts
    postrotate
    /etc/init.d/haproxy reload > /dev/null
    endscript
}

Finally…done! You can now (re)start your server and let the balancing begin!

/etc/init.d/haproxy restart
Please vote: How useful was this post for you?
Current rating:
(4 out of 5)
Published inLinux

Comments are closed.