This guide will discuss how to install and configure HAProxy Load Balancer on Debian 10 Buster. HAProxy is an open source, reliable and High Performance TCP/HTTP Load Balancer and Proxy server which runs on Linux, FreeBSD and Solaris. HAProxy is written in C and it provides a high availability load balancer for TCP and HTTP-based applications that runs on multiple servers.

In my setup, I’ll have two backend Web Applications and configure HAProxy to Load balance traffic to these HTTP servers. The servers used are as shown below for this demonstration.

ServerService
192.168.10.10HAProxy
192.168.10.11Apache Web Server 1
192.168.10.12Apache Web Server 2

Step 1: Update Debian systems

Update all the Servers you’ll use to the latest available software packages.

sudo apt update && sudo apt -y upgrade
sudo reboot

Step 2: Configure Apache Backend Servers

For this demonstration, we will use Apache web servers as backend for HAProxy frontend proxy. I’ll install Apache on my two Debian 10 servers using the following commands.

On Server1

sudo apt update
sudo apt -y install apache2
echo "<H1>Hello from Server1</H1>" | sudo tee /var/www/html/index.html 

On Server2

sudo apt update
sudo apt -y install apache2
echo "<H1>Hello from Server2</H1>" | sudo tee /var/www/html/index.html 

You can try access Server1 and Server2 Web URL and see the response.

Step 3: Install HAProxy on Debian 10 (Buster)

To install HAProxy on Debian 10 (Buster), run the following commands on the terminal.

sudo apt -y install haproxy 

Configure HAProxy.

$ sudo nano /etc/haproxy/haproxy.cfg

# Add to the end
# Define frontend
frontend apache_front
        # Frontend listen port - 80
        bind *:80
        # Set the default backend
        default_backend    apache_backend_servers
        # Enable send X-Forwarded-For header
        option             forwardfor
  
# Define backend
backend apache_backend_servers                                                                                                                     
        # Use roundrobin to balance traffic
        balance            roundrobin
        # Define the backend servers
        server             backend01 192.168.10.11:80 check
        server             backend02 192.168.10.12:80 check

Restart haproxy service

sudo systemctl restart haproxy

Verify that the configurations are working normally to access to frontend HAProxy Server.

Reload the page again and you should get response from server2.

For TCP backend your configurations will look similar to below.

frontend rserve_frontend
    bind *:80
    mode tcp
    option tcplog
    timeout client  1m
    default_backend rserve_backend

backend rserve_backend
    mode tcp
    option tcplog
    option log-health-checks
    option redispatch
    log global
    balance roundrobin
    timeout connect 10s
    timeout server 1m   
    server rserve1 <rserve hostname1>:6311 check
    server rserve2 <rserve hostname2>:6311 check
    server rserve2 <rserve hostname3>:6311 check

Configuring SSL

Combine certificate and private key.

cat fullchain.pem privkey.pem > haproxy.pem

Then configure HAProxy to use the SSL certificate on the frontend.

frontend apache-frontend
        bind *:80
        bind *:443 ssl crt /etc/letsencrypt/live/webapp.computingforgeeks.com/haproxy.pem 

Read more on HAProxy Documentation.

Similar guides:

How to Manage HAProxy servers from a Web Interface

Galera Cluster High Availability With HAProxy on Ubuntu 18.04 / CentOS 7

How to Setup MariaDB Galera Cluster on Ubuntu 18.04 with HAProxy

Getting Started With Secure HAProxy on Linux