HAProxy is one of most popular open source load balancers. It is a TCP/HTTP load balancer that can handle incoming traffic and spread the request to multiple endpoints and servers. HAProxy uses reverse proxy to forward the request to the endpoints based on the load-balancing algorithm.
In this blog, we will review some features of HAProxy 2.2 that were released in July 2020.
Dynamic Error Handling
HAProxy 2.2 introduces a new section in haproxy configuration, withhe new parameter http-errors. It allows you to define custom errors based on your requirements. If you have multiple endpoints for incoming connections, you can define errors on a per site-basis. It is very easy to configure if you have multiple sites with the same frontend, but you want to have different error pages for each site.
http-errors test.severalnines.com
errorfile 400 /etc/haproxy/errorfiles/test.severalnines.com/400.http
errorfile 403 /etc/haproxy/errorfiles/test.severalnines.com/403.http
http-errors demo.severalnines.com
errorfile 400 /etc/haproxy/errorfiles/demo.severalnines.com/400.http
errorfile 403 /etc/haproxy/errorfiles/demo.severalnines.com/403.httpYou need to add the following in the frontend section.
http-request deny errorfiles test.severalnines.com if { req.hdr(host) test.severalnines.com } { src test.severalnines.com }It also can be referenced by using errorfiles directive in frontend or backend.
Also, it simplifies the error handling actions between return, deny, and tarpit on http-request. You can handle the return, deny, and tarpit on the same request. You just need to specify the headers and body message independently.
Health Check Improvement
HAProxy supports active and passive monitoring for health checks. It ensures that your services are available before you send the traffic to them. In previous versions, if you want to configure HTTP checks for specific URL, HTTP version, or headers, you needed to configure them using directive option httpchk as below:
backend servers
option httpchk HEAD /health HTTP/1.1\r\nHost:\ test.local
server appsvr1 10.10.10.100:8080 checkIn the version 2.2, you can use the directive http-check send introduced in this version.
backend servers
option httpchk
http-check send meth HEAD uri /health ver HTTP/1.1 hdr Host test.local
server appsvr1 10.10.10.100:8080 checkThere are also new directives and existing directives improvement for health check such as :
- http-check-connect that is used for enabling SNI, health checks over the SOCKS4, or connections on top of SSL/TLS.
- tcp-check-connect is used for TCP checks with some parameters added.
- http-check-expectand tcp-check-expect, which are used to control the health check status based on the rules for successful or failed time outs.
- {http|tcp}-check set-var and unset-var, used to set and unset custom variables during the HTTP and TCP health checks.
The last thing is the directive option mysql-check, it was rebuilt on top of new tcp-check rules to check MySQL services.
Syslog Over TCP
There are various ways to collect HAProxy logs; you can send the logs to the syslog files, write the logs into specific log files, write to standard output / standard error, or store the logs in HAProxy memory.
HAProxy version 2.2 introduces a new section in HAProxy configuration, called ring. It is the first in-first out queue system with an exact size that is already defined. The ring buffer won’t consume more memory than the value that was already allocated in the configuration.
The ring buffer uses the TCP for queuing the logs until it is sent to syslogs that ensure every log is processed. Configuring the ring buffer in HAProxy is straightforward, you just need to add ring directive in HAProxy configuration.
ring requestbuffer0
description "request HAProxy logs"
format rfc3164
maxlen 1200
size 98292
timeout connect 2s
timeout server 5s
server request-haproxy-log 127.0.0.1:6514After that, you can define below configuration on the global or frontend section.
log ring@requestbuffer0 local2It will send the HAProxy logs through requestbuffer0 ring buffer.
Native Response Generator
The new feature in HAProxy 2.2 is a new directive calledhttp-request-return. It can generate response return to the client without forwarding the request to the backend server. It also can be used for strings and static files which have dynamic parameters inside it.
You can create your own response using http-request-return as shown in below example:
http-after-response set-header Access-Control-Allow-Origin "%[req.hdr(Origin)]"
http-after-response set-header Access-Control-Max-Age "31536000"
http-request return status 200 content-type "text/plain" string ""For more information on how to use HAProxy for load balancing, we have online tutorials for HAProxy with MySQL/MariaDB as well as HAProxy for PostgreSQL.