Master HAProxy: Step‑by‑Step Installation, Configuration, and High‑Availability with Keepalived

With the rapid growth of the Internet, open‑source load balancers such as LVS, Nginx and HAProxy have become mainstream solutions that rival hardware appliances like F5 in performance. HAProxy offers high availability, load balancing, and TCP/HTTP proxy capabilities, supporting virtual hosts and providing a free, fast, and reliable solution.

HAProxy Introduction

HAProxy is especially suited for high‑traffic web sites that require session persistence or layer‑7 processing. Compared with LVS (layer‑4) and Nginx, HAProxy delivers superior concurrency handling and can balance MySQL read traffic.

Supports virtual hosts and works on both layer‑4 and layer‑7.

Compensates for Nginx shortcomings such as session persistence and cookie handling.

Can perform URL‑based backend health checks.

Offers higher load‑balancing speed than Nginx in pure efficiency tests.

Provides multiple algorithms for MySQL read load balancing and backend health detection.

HAProxy + Keepalived High‑Performance Web Architecture

The following steps outline the configuration of a HAProxy‑based high‑availability web service.

HAProxy Installation and Compilation

cd /usr/src
wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.21.tar.gz
tar xzf haproxy-1.4.21.tar.gz
cd haproxy-1.4.21
make TARGET=linux26 PREFIX=/usr/local/haproxy/
make install PREFIX=/usr/local/haproxy/

Configure HAProxy Service

cd /usr/local/haproxy
mkdir -p etc
touch /usr/local/haproxy/etc/haproxy.cfg

HAProxy Configuration File (haproxy.cfg)

global
    log 127.0.0.1 local0
    log 127.0.0.1 local1 notice
    maxconn 4096
    uid 99
    gid 99
    daemon

defaults
    log global
    mode http
    option httplog
    option dontlognull
    retries 3
    option redispatch
    maxconn 2000
    contimeout 5000
    clitimeout 50000
    srvtimeout 50000

frontend http-in
    bind *:80
    acl is_www hdr_end(host) -i jf1.com
    use_backend www if is_www
    default_backend www

backend www
    balance roundrobin
    cookie SERVERID insert nocache indirect
    option httpchk HEAD /index.html HTTP/1.0
    option httpclose
    option forwardfor
    server jf1 192.168.33.11:80 cookie jf1 check inter 1500 rise 3 fall 3 weight 1
    server jf2 192.168.33.11:81 cookie jf2 check inter 1500 rise 3 fall 3 weight 1

Start HAProxy Service

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/etc/haproxy.cfg

If a warning such as "Proxy 'chinaapp.sinaapp.com': in multi‑process mode, stats will be limited to process assigned to the current request" appears, edit

src/cfgparse.c

and change the condition

if (nbproc > 1)

as indicated.

Detailed HAProxy Configuration Explanation

The configuration is divided into global settings, defaults, listeners, frontends, backends, and monitoring sections. Key parameters include

maxconn

, logging, timeouts, balancing algorithms, health‑check options, and ACL rules for domain matching.

Install Keepalived Service

cd /usr/src
wget http://www.keepalived.org/software/keepalived-1.2.1.tar.gz
tar xzf keepalived-1.2.1.tar.gz
cd keepalived-1.2.1
./configure --with-kernel-dir=/usr/src/kernels/2.6.32-71.el6.x86_64/
make && make install
mkdir -p /etc/keepalived
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

Configure HAProxy + Keepalived (Master)

global_defs {
    notification_email { [email protected] }
    notification_email_from [email protected]
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL
}

vrrp_script chk_haproxy {
    script "/data/sh/check_haproxy.sh"
    interval 2
    weight 2
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 151
    priority 100
    advert_int 5
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 2222
    }
    virtual_ipaddress {
        192.168.0.133
    }
    track_script { chk_haproxy }
}

Configure HAProxy + Keepalived (Backup)

global_defs {
    notification_email { [email protected] }
    notification_email_from [email protected]
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL
}

vrrp_script chk_haproxy {
    script "/data/sh/check_haproxy.sh"
    interval 2
    weight 2
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 151
    priority 90
    advert_int 5
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 2222
    }
    virtual_ipaddress {
        192.168.0.133
    }
    track_script { chk_haproxy }
}

Create HAProxy Monitoring Script

#!/bin/bash
# auto check haproxy process
killall -0 haproxy
if [[ $? -ne 0 ]]; then
    /etc/init.d/keepalived stop
fi

Test HAProxy + Keepalived Service

After manually killing the HAProxy process on the master node, the backup node’s Keepalived logs show a failover, and the virtual IP (192.168.0.133) continues to serve traffic, confirming the high‑availability setup.

Source: https://www.cnblogs.com/zhangan/p/10930570.html