HAProxy provides a high availability load balancer and proxy server for TCP and HTTP-based applications that spreads requests across multiple servers.
It is particularly suited for very high traffic web sites and powers some of the world’s most visited ones.
HAProxy is free and open source software.
Key Features
- Single-process, event-driven model considerably reduces the cost of context switch and the memory usage. Processing several hundreds of tasks in a millisecond is possible, and the memory usage is in the order of a few kilobytes per session while memory consumed in preforked or threaded servers is more in the order of megabytes per process.
- O(1) event checker on systems that allow it (Linux and FreeBSD) allowing instantaneous detection of any event on any connection among tens of thousands.
- Delayed updates to the event checker using a lazy event cache ensures that we never update an event unless absolutely required. This saves a lot of system calls.
- Single-buffering without any data copy between reads and writes whenever possible. This saves a lot of CPU cycles and useful memory bandwidth. Often, the bottleneck will be the I/O busses between the CPU and the network interfaces. At 10-100 Gbps, the memory bandwidth can become a bottleneck too.
- Zero-copy forwarding is possible using the splice() system call under Linux, and results in real zero-copy starting with Linux 3.5. This allows a small sub-3 Watt device such as a Seagate Dockstar to forward HTTP traffic at one gigabit/s.
- MRU memory allocator using fixed size memory pools for immediate memory allocation favoring hot cache regions over cold cache ones. This dramatically reduces the time needed to create a new session.
- Work factoring, such as multiple accept() at once, and the ability to limit the number of accept() per iteration when running in multi-process mode, so that the load is evenly distributed among processes.
- CPU-affinity is supported when running in multi-process mode, or simply to adapt to the hardware and be the closest possible to the CPU core managing the NICs while not conflicting with it.
- Tree-based storage, making heavy use of the Elastic Binary tree. This is used to keep timers ordered, to keep the runqueue ordered, to manage round-robin and least-conn queues, to look up ACLs or keys in tables, with only an O(log(N)) cost.
- Optimized timer queue : timers are not moved in the tree if they are postponed, because the likeliness that they are met is close to zero since they’re mostly used for timeout handling. This further optimizes the ebtree usage.
- Optimized HTTP header analysis: headers are parsed an interpreted on the fly, and the parsing is optimized to avoid an re-reading of any previously read memory area. Checkpointing is used when an end of buffer is reached with an incomplete header, so that the parsing does not start again from the beginning when more data is read. Parsing an average HTTP request typically takes half a microsecond on a fast Xeon E5.
- Reduction of the number of expensive system calls. Most of the work is done in user-space by default, such as time reading, buffer aggregation, file-descriptor enabling/disabling.
- Content analysis is optimized to carry only pointers to original data and never copy unless the data needs to be transformed. This ensures that very small structures are carried over and that contents are never replicated when not absolutely necessary.
- Native SSL support on both sides with SNI/NPN/ALPN and OCSP stapling.
- IPv6 and UNIX sockets are supported everywhere.
- Full HTTP keep-alive for better support of NTLM and improved efficiency in static farms.
- HTTP/1.1 compression (deflate, gzip) to save bandwidth.
- PROXY protocol versions 1 and 2 on both sides.
- Data sampling on everything in request or response, including payload.
- ACLs can use any matching method with any input sample maps and dynamic ACLs updatable from the CLI stick-tables support counters to track activity on any input sample custom format for logs.
- unique-id, header rewriting, and redirects.
- Improved health checks (SSL, scripted TCP, check agent, …).
- Scalable configuration supports hundreds of thousands of backends and certificates without sweating.
Website: www.haproxy.org
Support: GitHub Code Repository
Developer: Willy Tarreau and many contributors
License: GNU General Public License v2.0 with the additional exemption that compiling, linking, and/or using OpenSSL is allowed
HAProxy is written in C. Learn C with our recommended free books and free tutorials.
Related Software
| Load Balancers | |
|---|---|
| Traefik | Modern HTTP reverse proxy and load balancer |
| HAProxy | High availability layer 7 load balancer and proxy server for TCP and HTTP |
| Cilium | eBPF-based Networking, Observability, Security |
| nginx | Includes a L7 load balancer |
| RoadRunner | High-performance PHP application server, load balancer, and process manager |
| fabio | Fast, modern, zero-conf load balancing HTTP(S) and TCP router |
| BFE | Modern L7 load balancer |
| gobetween | Modern and minimalistic L4 load balancer and reverse-proxy |
| Seesaw | Linux Virtual Server (LVS) based load balancing platform. L4 load balancer |
| nuster | High-performance HTTP proxy cache server and HTTP/TCP load balancer |
| GLB Director | Set of stateless L4 load balancer servers |
| Balance | Generic TCP proxy with round robin load balancing and failover capabilities |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |