HAProxy Configuration File

The HAProxy configuration file (typically located at /etc/haproxy/haproxy.cfg) is the central file used to define how HAProxy operates. It controls load balancing, proxying, and health checking of backend servers, and is divided into several key sections. Each section has a distinct role in managing the behavior of HAProxy.

Key Sections

1. global

The global section sets process-wide settings that affect logging, user privileges, maximum connections, and other low-level parameters.

Example:

global
    log /dev/log local0
    log /dev/log local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

2. defaults

The defaults section specifies default parameters for all subsequent frontend, backend, and listen sections. This section covers settings like timeouts, logging, and error handling.

Example:

defaults
    log     global
    mode    http
    option  httplog
    option  dontlognull
    timeout connect 5000ms
    timeout client  50000ms
    timeout server  50000ms

3. frontend

The frontend section defines how HAProxy listens for incoming client connections. It specifies the IP address, port, and ACLs (Access Control Lists) used to route requests.

Example:

frontend http-in
    bind *:80
    default_backend servers

4. backend

The backend section defines the real servers that will handle client requests. It includes load balancing algorithms, server health checks, and parameters that control how requests are distributed.

Example:

backend servers
    balance roundrobin
    server server1 192.168.1.101:80 check
    server server2 192.168.1.102:80 check

5. listen

The listen section is a combined frontend and backend definition. It is used when both roles are defined in a single block, often for simple setups.

Example:

listen stats
    bind *:1936
    mode http
    stats enable
    stats hide-version
    stats realm Haproxy\ Statistics
    stats uri /stats

Additional Directives

• ACLs and Use Backend Rules: ACLs can be used within frontend sections to decide which backend should serve the request. For example:

  acl is_static path_end .jpg .png .css .js
  use_backend static_servers if is_static

• Logging and Error Handling: You can customize logging formats and define error pages.

• Health Checks: Servers in backends can be configured with health check options (check, inter, etc.) to ensure they are responsive before routing traffic.

Best Practices

• Modular Configuration: Split your configuration into multiple files or use includes if the configuration grows large, for easier management.

• Testing: Always test configuration changes using haproxy -c -f /etc/haproxy/haproxy.cfg to check for syntax errors.

• Documentation: Refer to the official HAProxy documentation for detailed explanations of every directive and advanced configuration options.

• Security: Secure the stats socket and web interface with authentication and appropriate access controls.

Conclusion

The HAProxy configuration file is a versatile and powerful way to control HAProxy’s behavior, enabling detailed management of load balancing, proxying, and health checking. By understanding and properly configuring sections such as global, defaults, frontend, backend, and listen, administrators can build robust, scalable, and secure HAProxy deployments that meet the needs of diverse network environments.