How to install and configure HAProxy on RHEL 7

How to install and configure HAProxy on RHEL 7

How-Tos Published on 3 mins Last updated

This blog post will cover the instructions on how to install HAProxy and configure it on RHEL 7 (Red Hat Enterprise Linux).

Before we dive into the installation and configuration, first we will have to compile it.

In order to compile HAProxy we will require the following prerequisites:

yum install gcc openssl-devel readline-devel systemd-devel make pcre-devel

Once the prerequisites are installed, we will download the latest stable Lua and HAProxy:

curl > lua-5.4.2.tar.gz
curl > haproxy-2.3.2.tar.gz

Follow the link to view the readme.

Next we'll extract, then compile – and install:

tar xvf lua-5.4.2.tar.gz
cd lua-5.4.2
make INSTALL_TOP=/opt/lua-5.4.2 linux install
cd ..
tar xvf haproxy-2.3.2.tar.gz
cd haproxy-2.3.2
make USE_NS=1 \
TARGET=linux-glibc \
LUA_INC=/opt/lua-5.4.2/include \
make PREFIX=/opt/haproxy-2.3.2 install

We will also create an unpreviliged user and group for HAProxy.

groupadd -g 188 haproxy
useradd -g 188 -u 188 -d /var/lib/haproxy -s /sbin/nologin -c haproxy haproxy

In order to control how HAProxy will be started, stopped, restarted, reloaded or monitored, using your text editor of choice, a SystemD Unit file /etc/systemd/system/haproxy.service will be created

Description=HAProxy 2.3.2

ExecStart=/opt/haproxy-2.3.2/sbin/haproxy -f $CONFIG_FILE -p $PID_FILE $CLI_OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
ExecStop=/bin/kill -USR1 $MAINPID


To set environment variables required by HAProxy and to notify SystemD when its started, a SystemD Environment file /etc/sysconfig/haproxy-2.3.2 will also be created.

# Command line options to pass to HAProxy at startup
# The default is:

# Specify an alternate configuration file. The default is:

# File used to track process IDs. The default is:

To load these configuration changes, SystemD will be reloaded:
systemctl daemon-reload

Unless it has been created already, the directory for the configuration will be created mkdir /etc/haproxy with the corresponding user and group ownership.

The final step for HAProxy installation and configuration: enable it to run at boot.
systemctl enable haproxy

Here's a sample of a simple haproxy.cfg that will load balance two IIS servers running on both 443 and 80:

        log local2     #Log configuration
        chroot      /var/lib/haproxy
        pidfile     /var/run/
        maxconn     4000
        user        haproxy
        group       haproxy
        stats socket /var/lib/haproxy/stats

        mode                    http
        log                     global
        option                  tcplog
        option              dontlognull
        retries             3
        maxconn                 10000
        option              redispatch
        timeout connect 4s
        timeout client 5m
        timeout server 5m

listen stats
bind *:8080
        mode http
        option forwardfor
        option httpclose
        stats enable
        stats show-legends
        stats refresh 5s
        stats uri /stats
        stats realm Haproxy\ Statistics
        stats auth loadbalancer:loadbalancer
        stats admin if TRUE
listen FrontendName
        mode tcp
        option tcplog
        balance leastconn
        stick on src
        stick-table type ip size 10240k expire 30m
        server RIPName0 check port 80 inter 10s rise 2 fall 3
        server RIPName1 check port 80 inter 10s rise 2 fall 3

The stats page can be accessed in a browser at using the username and password 'loadbalancer', as set in the configuration file.

It should look something like this:


Want more?

Configure HAProxy with TPROXY kernel for full transparent proxy