Cantech Knowledge Base

Your Go-To Hosting Resource

  1. Linux
  2. How to Deploy HAProxy on Ubuntu 22.04?

How to Deploy HAProxy on Ubuntu 22.04?

HAProxy is open-source software that distributes network traffic and improves performance as a load balancer. It ensures that requests go to the right server and prevents overload on a single server. It forwards requests to different backend servers based on various rules.

Further, it is used to manage web traffic. It works really well with high-traffic websites and applications. Moreover, it supports multiple protocols, such as HTTP, HTTPS, and TCP.

Using it on Ubuntu 22.04 is reliable and efficient. It runs smoothly without consuming too many system resources but can handle a large number of connections at the same time. It helps in troubleshooting network issues.

HAProxy also protects servers from attacks by blocking suspicious traffic. It provides SSL termination to secure connections, and administrators can control access to different services. Further, it filters requests so that only valid ones can reach the backend servers. It checks if backend servers are working properly and removes unhealthy servers automatically from the load-balancing process. When they are stable, it adds them back.

HAProxy is lightweight and fast. It does not slow down the system. You can get detailed statistics about server usage, too.

Setting up HAProxy on Ubuntu 22.04 needs all the right elements in place before starting with the actual deployment process. Let’s cover the entire process and discuss each step thoroughly.

Preparing the Environment

First, you need to have a clean setup ready for HAProxy and its backend servers. For that, get a Cantech instance running Ubuntu 22.04 as the HAProxy server. Also, you will need at least two additional instances to act as backend servers with Ubuntu 22.04 running on them.

Now, make sure all your servers are connected to the same VPC 2.0 network on Cantech. This ensures that they can communicate effectively. Further, set up a domain A record that points to your HAProxy server’s IP address, like haproxy.example.com. This way, the traffic gets directed correctly.

Topology Overview

For this article, let’s assume the following setup. In this configuration, HAProxy will distribute incoming requests between the two backend servers, which run the Apache web server.

  • HAProxy Server – The server will be the load balancer.
    • Public hostname – haproxy.example.com
    • VPC 2.0 IP – 10.128.0.2
  • Backend Servers – These are the actual servers handling the web traffic.
    • Server 1 – VPC 2.0 IP: 10.128.0.3
    • Server 2 – VPC 2.0 IP: 10.128.0.4

Installing HAProxy

Start by accessing your HAProxy server using SSH. Login and then create a non-root user with sudo privileges. You can name this user haproxyadmin for clarity.

Now, go to the new user account and update your package index. You need to make sure you have the latest package info.

After that, you can install HAProxy using the following command –

$ sudo apt install haproxy -y

You may want to get the latest version of HAProxy, but it is not always available from the default Ubuntu repositories. In that case, you can add a PPA repository like this –

$ sudo add-apt-repository ppa:vbernat/haproxy-2.8 -y

The installation will be complete, then enable HAProxy to start automatically when the server boots.
Confirm everything is working by checking the status of the HAProxy service –

$ sudo systemctl status haproxy

You should see that HAProxy is active and running.

Configuring the HAProxy Server

HAProxy is now installed. You need to configure it after that.

The main configuration file of HAProxy determines how it will operate. This file is located in the system’s configuration directory. It contains different sections that define various settings.

The global section contains system-wide settings such as logging and security options. The defaults section specifies performance-related parameters like timeout values.

These settings influence how HAProxy handles incoming connections.

=> Back up the file first before modifying it so that you don’t lose your original settings.

$ sudo cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.backup

=> Now, open the file in a text editor like Nano to make changes.

$ sudo nano /etc/haproxy/haproxy.cfg

Here, you will define the frontend and backend configurations for HAProxy. The frontend handles incoming traffic and the backend defines how that traffic is distributed among your backend servers.

=> Add this configuration to the end of the file –

frontend website-frontend
    bind *:80,*:443
    option httpchk GET /healthcheck
    default_backend servers

backend servers
    balance roundrobin
    server server-1 10.128.0.3:80 weight 1 check
    server server-2 10.128.0.4:80 weight 1 check

Explanation:

  • The frontend section means HAProxy should listen for traffic on both HTTP (port 80) and HTTPS (port 443). The option httpchk directive ensures HAProxy checks the health of backend servers before traffic is forwarded to them. This HTTP health check is to make sure the backend servers are functional.
  • The backend section specifies that traffic should be distributed using the roundrobin algorithm. It distributes requests evenly between Server 1 and Server 2. Each server is given a weight. This manages traffic distribution. The check option ensures that traffic is only sent to healthy servers.

Next, add a listen section to enable the monitoring dashboard for HAProxy at the end of the file.

listen stats
    bind *:8404  
    mode http   
    stats enable 
    stats uri /stats 
    stats auth admin:your_password 
    stats refresh 10s

This will create a web interface for monitoring HAProxy’s performance. You will get access to its statistics page so you can monitor real-time traffic and server performance.
The stats directive assigns a label to this section for identification, and the bind directive specifies the port on which the statistics page will be available.
Also,

  • The mode directive sets the connection type to HTTP.
  • Stats enable activates the statistics page.
  • The stats uri defines the URL path to access the page.
  • The stats auth sets a username and password for authentication.
  • The stats refresh sets the refresh interval so that the statistics update every 10 seconds.

Save and close the file once it is done.
Then, restart the HAProxy service –

$ sudo systemctl restart haproxy

Configuring the Firewall

The firewall (UFW) is active by default on Cantech’s Ubuntu servers, so you will need to open the necessary ports. Use the below command to allow traffic on port 80 for HTTP and port 8404 for the HAProxy statistics page –

$ sudo ufw allow 80/tcp

$ sudo ufw allow 8404/tcp

Finally, reload the firewall to apply the changes.

$ sudo ufw reload

Testing Backend Server Connectivity

You should now check that your backend servers are reachable from the HAProxy server. Use the ping command to verify the connectivity:
For Server 1:

$ ping 10.128.0.3

For Server 2:

$ ping 10.128.0.4

If the servers are reachable, you should see a successful ping response.

Configuring the Backend Servers

HAProxy checks the health of each backend server by sending health check requests. In case the server is unavailable, HAProxy will not send traffic to it until it passes the health check again.

So, configure the backend servers with SSH into each one and set up Apache:

$ ssh [email protected] # For server 1
$ ssh [email protected] # For server 2

Then, log in and create a non-root user with sudo privileges on each backend server. Then, update the server and install Apache:

$ sudo apt update
$ sudo apt install apache2 -y

Further. enable Apache to start at boot –

$ sudo systemctl enable apache2

Next, modify the Apache web content. Go to the web root directory and back up the default index.html file –

$ cd /var/www/html/
$ sudo mv index.html index.BAK

Now, create a new index.html for each server. For example, on Server 1, you could have:

<!DOCTYPE html>
<html>
<head>
<title>Server 1</title>
</head>
<body>
<h1>Hello!</h1>
<p>This content is served by Server 1.</p>
</body>
</html>

For Server 2, modify it similarly to indicate Server 2 is serving it. Once the changes are made, change the ownership of the index.html file:

$ sudo chown -R www-data:www-data /var/www/html/index.html

Finally, restart Apache on each backend server to apply the changes –

$ sudo systemctl restart apache2

Now, ensure that your backend servers allow HTTP traffic. You can use the following UFW command:

$ sudo ufw allow in on enp8s0 to any port 80

Finally, reload UFW to apply these rules:

$ sudo ufw reload

Accessing Your Load Balancer

Now that everything is set up, you can access your HAProxy load balancer through the browser using the domain you configured earlier:

http://haproxy.example.com

You should see the content served by one of your backend servers. Refreshing the page will round-robin the traffic between your servers. This ensures that each backend server handles a fair share of the traffic.
To monitor your HAProxy setup, you can access the stats page at:

http://haproxy.example.com:8404

Lastly, log in with the credentials you set in the HAProxy configuration file. You will now be able to see real-time statistics about your load balancing setup.
HAProxy is now set up as a load balancer. It distributes traffic between two backend servers in your Cantech VPC network.

May 14, 2025