HAProxy is one of most popular open source load balancers. It is a TCP/HTTP load balancer that can handle incoming traffic and spread the request to multiple endpoints and servers. HAProxy uses reverse proxy to forward the request to the endpoints based on the load-balancing algorithm.

In this blog, we will review some features of HAProxy 2.2 that were released in July 2020.

Dynamic Error Handling

HAProxy 2.2 introduces a new section in haproxy configuration, withhe new parameter http-errors. It allows you to define custom errors based on your requirements. If you have multiple endpoints for incoming connections, you can define errors on a per site-basis. It is very easy to configure if you have multiple sites with the same frontend, but you want to have different error pages for each site. 

http-errors test.severalnines.com

errorfile 400 /etc/haproxy/errorfiles/test.severalnines.com/400.http

errorfile 403 /etc/haproxy/errorfiles/test.severalnines.com/403.http



http-errors demo.severalnines.com

errorfile 400 /etc/haproxy/errorfiles/demo.severalnines.com/400.http

errorfile 403 /etc/haproxy/errorfiles/demo.severalnines.com/403.http

You need to add the following in the frontend section.

http-request deny errorfiles test.severalnines.com if { req.hdr(host) test.severalnines.com } { src test.severalnines.com }

It also can be referenced by using errorfiles directive in frontend or backend. 

Also, it simplifies the error handling actions between return, deny, and tarpit on http-request. You can handle the return, deny, and tarpit on the same request. You just need to specify the headers and body message independently.

Health Check Improvement

HAProxy supports active and passive monitoring for health checks. It ensures that your services are available before you send the traffic to them. In previous versions, if you want to configure HTTP checks for specific URL, HTTP version, or headers, you needed to configure them using directive option httpchk as below: 

backend servers

    option httpchk HEAD /health HTTP/1.1\r\nHost:\ test.local

    server appsvr1 10.10.10.100:8080 check

In the version 2.2, you can use the directive http-check send introduced in this version.

backend servers

    option httpchk

    http-check send meth HEAD uri /health ver HTTP/1.1 hdr Host test.local

    server appsvr1 10.10.10.100:8080 check

There are also new directives and existing directives improvement for health check such as : 

  • http-check-connect that is used for enabling SNI, health checks over the SOCKS4, or connections on top of SSL/TLS.
  • tcp-check-connect is used for TCP checks with some parameters added. 
  • http-check-expect and tcp-check-expect, which are used to control the health check status based on the rules for successful or failed time outs.
  • {http|tcp}-check set-var and unset-var, used to set and unset custom variables during the HTTP and TCP health checks. 

The last thing is the directive option mysql-check, it was rebuilt on top of new tcp-check rules to check MySQL services.

Syslog Over TCP

There are various ways to collect HAProxy logs; you can send the logs to the syslog files, write the logs into specific log files, write to standard output / standard error, or store the logs in HAProxy memory.

HAProxy version 2.2 introduces a new section in HAProxy configuration, called ring. It is the first in-first out queue system with an exact size that is already defined. The ring buffer won’t consume more memory than the value that was already allocated in the configuration.

The ring buffer uses the TCP for queuing the logs until it is sent to syslogs that ensure every log is processed. Configuring the ring buffer in HAProxy is straightforward, you just need to add ring directive  in HAProxy configuration.

​ring requestbuffer0

    description "request HAProxy logs"

    format rfc3164

    maxlen 1200

    size 98292

    timeout connect 2s

    timeout server 5s

    server request-haproxy-log 127.0.0.1:6514

After that, you can define below configuration on the global or frontend section.

log ring@requestbuffer0 local2

It will send the HAProxy logs through requestbuffer0 ring buffer.

Native Response Generator

The new feature in HAProxy 2.2 is a new directive called http-request-return. It can generate response return to the client without forwarding the request to the backend server. It also can be used for strings and static files which have dynamic parameters inside it.

You can create your own response using http-request-return as shown in below example:

http-after-response set-header Access-Control-Allow-Origin "%[req.hdr(Origin)]"

http-after-response set-header Access-Control-Max-Age "31536000"

http-request return status 200 content-type "text/plain" string ""

For more information on how to use HAProxy for load balancing, we have online tutorials for HAProxy with MySQL/MariaDB as well as HAProxy for PostgreSQL.