Setup HAProxy on Ubuntu in Azure/AWS/GCP

Setup and install HAProxy community edition on Ubuntu 24.04 in Azure, AWS or GCP.  Deploy straight from any of the cloud marketplaces below.  HAProxy (High Availability Proxy) is a high-performance TCP/HTTP load balancer and proxy server that helps distribute traffic across multiple backend servers.

Cloud HAProxy on Ubuntu 24.04

HAProxy on Azure

haproxy azure

Deploy HAProxy on Ubuntu 24.04 in Azure

HAProxy on AWS

Coming soon…

HAProxy on GCP

Coming soon…

Getting Started with HAProxy

Once your HA Proxy server has been deployed, the following links explain how to connect to a Linux VM:

 

 

Once connected and logged in, the following section explains how to start using HAProxy.

HAProxy Configuration File

HAProxy default installation automatically runs with a basic configuration. The configuration file for HAProxy is located at:

				
					/etc/haproxy/haproxy.cfg

				
			

This file controls how HAProxy behaves, including defining backend servers, frontends (what users connect to), and how traffic is routed.

Check Version

Run the following command to confirm the HAProxy version

				
					haproxy -v
				
			

HAProxy Load Balancer

To load balance traffic between multiple web servers, you’ll need to edit the configuration file. Run the following command:

				
					sudo nano /etc/haproxy/haproxy.cfg

				
			

Modify the configuration to load balance traffic between multiple backend web servers. Here’s a basic configuration example:

				
					# Global settings
global
    log /dev/log    local0
    log /dev/log    local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

# Default settings
defaults
    log     global
    option  httplog
    option  dontlognull
    timeout connect 5000ms
    timeout client  50000ms
    timeout server  50000ms
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

# Frontend configuration
frontend http_front
    bind *:80
    mode http
    default_backend web_servers

# Backend configuration
backend web_servers
    mode http
    balance roundrobin
    option httpchk HEAD / HTTP/1.1\r\nHost:localhost
    server web1 192.168.1.10:80 check
    server web2 192.168.1.11:80 check

				
			

Update Configuration

  • frontend http_front: This defines the frontend (the client-facing side). It listens on port 80 for HTTP traffic.
  • backend web_servers: This defines the backend servers, which are the actual web servers serving the content. The balance roundrobin distributes the traffic evenly between web1 and web2.

 

Save the changes and exit the editor (in nano, you can do this by pressing CTRL + X, then Y, and ENTER).

Restart HAProxy

After modifying the configuration file, restart HAProxy to apply the changes:

				
					sudo systemctl restart haproxy

				
			

Test Your HAProxy Setup

With HAProxy configured, traffic to your server’s public IP on port 80 will be routed to the backend web servers.

 

Visit the public IP of your HAProxy server in a web browser:

				
					http://your-haproxy-ip

				
			

You should be directed to one of your backend servers. If you refresh the page, you’ll see traffic routed to the other server (depending on your load-balancing policy).

HAProxy Stats (Optional)

HAProxy provides a web interface for monitoring traffic and the health of backend servers.

 

Add the following section to your haproxy.cfg to enable the stats page:

				
					listen stats
    bind *:8080
    stats enable
    stats uri /haproxy?stats
    stats refresh 10s
    stats admin if LOCALHOST

				
			

Save the changes and restart HAProxy:

				
					sudo systemctl restart haproxy

				
			

Now you can access the stats page by visiting:

				
					http://your-haproxy-ip:8080/haproxy?stats

				
			

Fine-Tune HAProxy Configuration (Optional)

  • Load Balancing Algorithms: HAProxy supports multiple load-balancing algorithms. You can change roundrobin to leastconn, source, or uri to alter how HAProxy distributes traffic.
  • SSL Termination: To handle SSL traffic, configure HAProxy to handle HTTPS (port 443) and terminate SSL connections.

 

Example snippet for SSL termination:

				
					frontend https_front
    bind *:443 ssl crt /etc/ssl/certs/your-cert.pem
    mode http
    default_backend web_servers

				
			

Health Checks: HAProxy automatically checks the health of the backend servers. The option httpchk directive allows you to customize this by sending HTTP requests to verify the health of each backend.

 

Documentation is below on fine tuning your haproxy configuration.

Troubleshooting and Logs

If HAProxy isn’t working as expected, check the logs:

				
					sudo tail -f /var/log/haproxy.log

				
			

Make sure your backend servers are running and accessible from the HAProxy server.

Documentation

Refer to the official documentation on further usage of HAProxy and configuration options:

 

https://docs.haproxy.org/

 

https://github.com/haproxy/haproxy

Firewall Ports

HAProxy be configured on your desired port depending on your usage requirements.

 

  • TCP 80
  • TCP 8080
  • TCP 443

 

The links below explain how to modify / create firewall rules depending on which cloud platform you are using.

 

To setup AWS firewall rules refer to – AWS Security Groups

To setup Azure firewall rules refer to – Azure Network Security Groups

To setup Google GCP firewall rules refer to – Creating GCP Firewalls

Disclaimer: HAProxy® is a registered trademark of HAProxy Technologies LLC. HAProxy Community Edition is released under the GNU General Public License version 2 (GPLv2). The license comes with a “no warranty” clause, meaning the software is provided “as-is” without any guarantees or liability for issues that may arise.

Avatar for Andrew Fitzgerald
Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud.

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x