Configuring HAProxy

The configuration of HAProxy is one of the more complicated (read: flexible!) parts of the Lighthouse system. Just about any setup can be accommodated, it’s helpful to have an HAProxy config reference on hand.

Let’s start with an example:

haproxy.yaml

config_file: "/etc/haproxy.cfg"
socket_file: "/var/run/haproxy.sock"
pid_file: "/var/run/haproxy.pid"
bind_address: "127.0.0.1"
global:
  - "daemon"
  - "maxconn 40000"
  - "user haproxy"
  - "log /var/run/syslog local2"
defaults:
  - "balance roundrobin"
  - "timeout connect 10s"
  - "timeout client 20s"
  - "timeout server 20s"
stats:
  port: 9009
  uri: "/haproxy"
  timeouts:
    connect: 4000
    server: 30000

The only required configuration settings are the config_file, socket_file, and pid_file but such a bare-bones setup is probably not what you want. The main points of configuration will be the global and defaults settings, where you can list any HAProxy config directives that will go under those respective stanzas in the generated config file.

Note

If HAProxy is not currently running when lighthouse-writer tries to restart it, HAProxy will be started automatically.

Proxies

Sometimes it can be useful to list straight-up proxies in the generated HAProxy configuration. For example, if you have a 3rd-party partner API you talk to on a whitelisted IP basis you would want a dedicated proxy machine with a known IP that listens on a port and proxies to the business partner.

To facilitate such a use-case the HAProxy YAML config supports a proxies setting. Each entry in the mapping under proxies is a separate named proxy with certain settings requirements themselves.

For example:

haproxy.yaml

config_file: "/etc/haproxy.cfg"
socket_file: "/var/run/haproxy.sock"
pid_file: "/var/run/haproxy.pid"
bind_address: "0.0.0.0"
global:
  - "daemon"
  - "user haproxy"
proxies:
  business_partner:
      port: 1100
      upstreams:
        - host: "b2b.partner.com"
          port: 88
          max_conn: 400
      options:
        - "mode http"

This config sets up a “business_partner” proxy that takes traffic from the local port 1100 and forwards it to a partner server on port 88.

Peers

A new feature available in HAProxy 1.5 and newer is the concept of peers.

When a node is reported as up and available, information about the HAProxy instance that lives on the node is included along with it. This allows the config file generator to list the peers of each cluster, allowing HAProxy to coordinate cluster-wide statistics in what’s known as “stick tables”.

Note

This feature is automatically used and only available in HAProxy 1.5 and newer.

Stats Listener

HAProxy comes with a built-in feature for serving up a status page with all sorts of useful information. Each known backend and frontend is listed along with their statuses and usage statistics (see the live demo on haproxy.org for an example).

To enable the feature for your HAProxy instance, include the stats setting in your YAML config. A port to use for serving the page is required, check the stats settings section for more detailed info.

Settings

  • config_file (required):

    This is the path of the HAProxy config file that will be automatically generated by Lighthouse.

  • socket_file (required):

    The path to the UNIX socket file Lighthouse should use to communicate with HAProxy.

  • pid_file (required):

    The path to the PID file for HAProxy.

  • global:

    Optional list of directives to put under the “global” stanza in the generated HAProxy config file.

  • defaults:

    Optional list of directives to put under the “defaults” stanza in the generated HAProxy config file.

  • bind_address:

    The address to bind to for the various ports HAProxy will listen on. Default is “localhost”.

  • meta_cluster_ports:

    A mapping of meta cluster name to a port. This tells HAProxy to bind to that port to handle traffic for the meta cluster.

  • proxies:

    Optional setting section for configuring simple proxies. Each of the proxy entries have their own settings requirements, see Proxies Settings below.

  • stats:

    Optional but recommended feature for having HAProxy serve a simple web page with status and metrics info (see the live demo on haproxy.org for an example). This setting has further required settings that are listed below.

Proxies Settings

  • port (required):

    The local port to bind to and listen for traffic to proxy on.

  • upstreams (required):

    List of servers to proxy traffic to. If multiple servers are listed they’re balanced with a round robin algorithm.

  • bind_address:

    Optional setting for the address to use when binding the local port. Defaults to “localhost”.

  • options:

    A list of extra directive lines to include in the generated “listen” stanza for the proxy.

Stats Settings

  • port (required):

    The local port to bind to and serve up the stats page with.

  • uri:

    Optional uri path for the page. For example if the port is set to 9009 and the uri set to “/haproxy_stats”, the HAProxy stats page would be available at http://<machine address>:9009/haproxy_stats.

  • timeouts:

    Optional timeouts. These are a mapping from timeout name to value, the only names recognized are connect, client and server.