Misjudging incoming traffic can overload your web servers. Load balancers like HAProxy (High Availability Proxy) can help alleviate that issue. The primary job of load balancers is to balance the load on the server by minimizing response times, optimizing the usage of your resources, and improving the performance of your multi-server configuration.
HAProxy is an open-source software widely used as a high availability load balancer and proxying TCP and HTTP connections. As a side note, there is a paid version of the software called HAProxy Enterprise with premium features and support. This article will cover the installation and configuration of the open-source version of HAProxy on CentOS 7.
Installation of HAProxy on CentOS 7
Install HAProxy
Installation is relatively easy. The below yum command will install the necessary packages along with HAProxy.
yum install haproxy
The end of the output will look like this.
Running transaction
Installing : haproxy-1.5.18-9.el7.x86_64 1/1
Verifying : haproxy-1.5.18-9.el7.x86_64 1/1
Installed:
haproxy.x86_64 0:1.5.18-9.el7
Next, we have to verify that HAProxy starts every time we reboot our server. We can accomplish that with the chkconfig command below.
chkconfig haproxy on
The command’s output will let you know that a symbolic link (symlink) was created for the HAProxy service. A symlink is a feature that helps link to a specific file or folder on your server.
Note: Forwarding request to 'systemctl enable haproxy.service'.
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
Now we will make sure we are allowing the HAProxy service to run through our firewall. The first command will enable the http server in the firewall.
firewall-cmd --permanent --zone=public --add-service=http
The next one will permanently open port 8181 in the firewall.
firewall-cmd --permanent --zone=public --add-port=8181/tcp
And the last one will reload the firewall.
firewall-cmd --reload
All of them will have the same output, as shown below.
success
Starting the Service
Let’s start the service and make sure it’s running. Input the following command to your terminal.
systemctl start haproxy && systemctl status haproxy
The output will look like the one below confirms the service is up and running.
● haproxy.service - HAProxy Load Balancer
Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2021-04-27 18:28:06 EDT; 38s ago
Main PID: 86812 (haproxy-systemd)
CGroup: /system.slice/haproxy.service
├─86812 /usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
├─86813 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds
└─86815 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds
You have successfully installed HAProxy on your server. Let’s move on to configuring the load balancer.

Configuring an HAProxy Load Balancer
Load balancing with HAProxy can be accomplished through Layer 4 or Layer 7. Understanding the differences between the two options will help you utilize load balancing in the best possible way for your server.
Layer 4 Load Balancer
Layer 4 load balancers are most commonly used for simple-packet load balancing. This type of load balancing operates at the transport level (and does not inspect the files for content), so all traffic going through a layer 4 load balancer is managed based on the network information of the request. Application ports or TCP protocols would be an example of such information. Data can quickly move because it is not inspected or encrypted when sent or received. Let’s see how your HAProxy configuration file should look like if you want to use layer 4 load balancing.
Configuring Layer 4
First, modify existing configuration files by using your preferred text editor. We used vi for this example.
vi /etc/haproxy/haproxy.cfg
Append the following lines at the end of the configuration file once opened. Make sure to replace IP addresses from the example with ones from your server in the appropriate Site Configuration sections and replace server1 and server2 with the proper server names. Any requests sent from the IP address 209.59.154.63 on port 80 will be redirected to either 209.59.154.64 or 209.59.176.93.
global
log 127.0.0.1 local0
log 127.0.0.1 local1 debug
maxconn 45000 # Total Max Connections.
daemon
nbproc 1 # Number of processing cores.
defaults
timeout server 86400000
timeout connect 86400000
timeout client 86400000
timeout queue 1000s
# [HTTP Site Configuration]
listen http_web 209.59.154.63:80
mode http
balance roundrobin # Load Balancing algorithm
option httpchk
option forwardfor
server server1 209.59.154.64:80 weight 1 maxconn 512 check
server server2 209.59.176.93:80 weight 1 maxconn 512 check
# [HTTPS Site Configuration]
listen https_web 209.59.154.63:443
mode tcp
balance source# Load Balancing algorithm
reqadd X-Forwarded-Proto: http
server server1 209.59.154.64::443 weight 1 maxconn 512 check
server server2 209.59.176.93:443 weight 1 maxconn 512 check
The code above includes both HTTP and HTTPS configurations which allow HAProxy to process requests from either protocol. A request using port 80 will use HTTP, and one using port 443 will use HTTPS. Additionally, you can modify the nbproc and mode values based on the number of cores that your system has at its disposal and whether you want http or tcp mode.
Let’s check out how layer 7 load balancing works and how to configure it.
Layer 7 Load Balancing
Layer 7 is an application layer used when you want to create a high availability application delivery network. It can inspect the content being sent or requested, unlike layer 4. This type of inspection is called load balancing at the high-level application layer. A user can open a session on your website and request a specific type of content (like an image or video) or place an order. Layer 7 would route traffic based on that user’s request type to highly optimized back-end servers storing the requested images or videos.
Configuring Layer 7
We will again use the vi text editor to open the configuration file.
vi /etc/haproxy/haproxy.cfg
Add the code below to configure layer 7 load balancing after making the following changes:
- Update the appropriate server names in place of host1, host2, and host3.
- Update the IP addresses to ones from your servers (just like in the layer 4 configuration).
- The acl defines which connections should go through the load balancer, so change acl to the URL that will serve the load balancer. In this example, it is any connections with paths beginning with /test.
- Change use_backend to the backend server that will serve the data. The use_backend indicates all URLs matching the acl line URL should be served by the backend server named test_back.
- The backend http_back defines your multi-server configuration, which is the same thing that we did in layer 4 and will handle general requests.
- The backend test_back will handle connections to domain.com/test.
frontend http_front
bind *:80
stats uri /haproxy?stats
acl url_test path_beg /test
use_backend test_back if url_test
default_backend http_back
backend http_back
balance roundrobin
server host1 209.59.154.63:80 check
server host2 209.59.154.64:80 check
backend test_back
server host3 209.59.176.93:80 check
Restart HAProxy
After configuring either layer 4 or layer 7, restart HAProxy with the following command.
systemctl restart haproxy
A successful restart will result in no output, which means HAProxy is up and running with the changes you just implemented.
Conclusion
Now you know the installation basics of HAProxy on CentOS 7. HAProxy can be used on various Linux distributions, such as Ubuntu or Debian. The paid version of HAProxy does offer premium features and support, but the open-source version allows you to complete most tasks. If your online business starts to struggle with increased traffic, HAProxy is the perfect solution for you!
Get started today on a Liquid Web VPS server, voted fastest VPS by Cloud Spectator.
Related Articles:

About the Author: Dean Conally
I am a Linux enthusiast and console gamer, dog lover, and amateur photographer. I've been working at Liquid Web for a bit less than two years. Always looking for knowledge to expand my expertise, thus tackling new technologies and solutions one day at a time.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
Best authentication practices for email senders
Read ArticleWhat is SDDC VMware?
Read Article2024 cPanel and Plesk pricing breakdown
Read ArticleCentOS Linux 7 EOL — everything you need to know
Read ArticleHow to install Node.js on Linux (AlmaLinux)
Read Article