HAProxy Review

Advanced traffic rules, including stick tables and ACLs, allow me to shape traffic


What is our primary use case?

I'm using HAProxy in two use cases. 

The first is as an internal load balancer for OpenStack services, in private cloud solutions. So HAProxy is used in front of Galera (MySQL cluster), Nova API, and also in front of exposed docker services. 

The second use case is as a load balancer for a Web hosting solution. HAProxy is load balancing external traffic.

Configuration of HAProxy includes brute force sandboxing (including stick tables and hardcoded ACL for defined paths), splitting traffic by dynamic and static content to redirect it to the proper back-end, SSL, and HTTP headers management.

How has it helped my organization?

I can simplify configurations of many internal services (e.g. Web server configs) by moving some elements (like SSL) to HAProxy. I can also disable additional applications, like Varnish, by moving traffic shaping configurations to HAProxy.

What is most valuable?

Advanced traffic rules, including stick tables and ACLs, which allow me to shape traffic while it's load balanced.

Performance configuration options with threads, processes, and core stickiness are also very valuable.

What needs improvement?

In my opinion, there are three main areas to improve:

  1. Make remote management more modern by adding API.
  2. Propose a general HA solution for HAProxy (no I'm using keepalived for this).
  3. Thread option should be a bit more stable.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with scalability, but multiprocess config for HAProxy is more efficient than multi-thread.

Which solutions did we use previously?

I used NGINX in my Web environment. HAProxy has more traffic shaping options and it's a dedicated VNF load-balancer.

How was the initial setup?

Initial setup was straightforward. The documentation is pretty thorough and up to date, and it is also easy to search.

What other advice do I have?

During the implementation, you have to plan ACLs and back-ends first. That allows you to prepare a cleaner config.

I rate HAProxy a 10 out of 10. It is fast, flexible, and rock solid.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email