HAProxy

Last updated
Original author(s) Willy Tarreau
Initial releaseDecember 16, 2001;22 years ago (2001-12-16)
Stable release
2.9.0 [1]   OOjs UI icon edit-ltr-progressive.svg / 5 December 2023
Repository
Written in C
Operating system Linux, FreeBSD, OpenBSD, Solaris (8/9/10), AIX (5.1–5.3), macOS, Cygwin
License GNU General Public License Version 2
Website www.haproxy.org

HAProxy is a free and open source software that provides a high availability load balancer and Proxy (forward proxy, [2] reverse proxy) for TCP and HTTP-based applications that spreads requests across multiple servers. [3] It is written in C [4] and has a reputation for being fast and efficient (in terms of processor and memory usage). [5]

Contents

HAProxy is used by a number of high-profile websites including GoDaddy, GitHub, Bitbucket, [6] Stack Overflow, [7] Reddit, Slack, [8] Speedtest.net, Tumblr, Twitter [9] [10] and Tuenti [11] and is used in the OpsWorks product from Amazon Web Services. [12]

History

HAProxy was written in 2000 [13] by Willy Tarreau, [14] a core contributor to the Linux kernel, [15] who still maintains the project.

In 2013, the company HAProxy Technologies, LLC was created.[ citation needed ] The company provides a commercial offering, HAProxy Enterprise and appliance-based application-delivery controllers named ALOHA.

Features

HAProxy has the following features:

HAProxy Community vs HAProxy Enterprise

HAProxy Enterprise Edition is an enterprise-class version of HAProxy that includes enterprise suite of add-ons, expert support, and professional services. It has some features backported from the HAProxy development branch. [20]

ALOHA

HAProxy Technologies’ ALOHA is a plug-and-play load-balancing appliance that can be deployed in any environment. ALOHA provides a graphical interface and a templating system that can be used to deploy and configure the appliance. [21]

Versions

HAProxy has had the following version releases: [22]

VersionRelease dateEnd of life
Old version, no longer maintained: 1.02001-12-162001-12-30
Old version, no longer maintained: 1.12002-03-102006-01-29
Old version, no longer maintained: 1.22003-11-092011-08-06
Old version, no longer maintained: 1.32006-06-292016-03-14
Old version, no longer maintained: 1.42010-02-262018-02-08
Old version, no longer maintained: 1.52014-06-192020-01-10
Old version, no longer maintained: 1.62015-10-132020-Q4
Old version, no longer maintained: 1.72016-11-252021-Q4
Old version, no longer maintained: 1.8 LTS2017-11-262022-Q4
Old version, no longer maintained: 1.92018-12-192020-Q2
Older version, yet still maintained: 2.0 LTS2019-06-162024-Q2 (critical fixes only)
Old version, no longer maintained: 2.12019-11-252021-Q1
Older version, yet still maintained: 2.2 LTS2020-07-072025-Q2 (critical fixes only)
Old version, no longer maintained: 2.32020-11-052022-Q1
Older version, yet still maintained: 2.4 LTS2021-05-142026-Q2
Old version, no longer maintained: 2.52021-11-232023-Q1
Older version, yet still maintained: 2.6 LTS2022-05-312027-Q2
Old version, no longer maintained: 2.72022-12-012024-Q1
Older version, yet still maintained: 2.8 LTS2023-05-312028-Q2
Current stable version:2.92023-12-052025-Q1
Legend:
Old version
Older version, still maintained
Current stable version
Latest preview version
Future release

Performance

Servers equipped with 6 to 8 cores generally achieve between 200,000 and 500,000 requests per second, and have no trouble saturating a 25 Gbit/s connection under Linux. [23] 64-core ARM servers were shown to reach 2 million requests per second and 100 Gbit/s. [24]

Similar software

See also

Related Research Articles

<span class="mw-page-title-main">Proxy server</span> Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. A SOCKS server accepts incoming client connection on TCP port 1080, as defined in RFC 1928.

IPX/SPX stands for Internetwork Packet Exchange/Sequenced Packet Exchange. IPX and SPX are networking protocols used initially on networks using the Novell NetWare operating systems. They also became widely used on networks deploying Microsoft Windows LANS, as they replaced NetWare LANS, but are no longer widely used. IPX/SPX was also widely used prior to and up to Windows XP, which supported the protocols, while later Windows versions do not, and TCP/IP took over for networking.

TCP offload engine (TOE) is a technology used in some network interface cards (NIC) to offload processing of the entire TCP/IP stack to the network controller. It is primarily used with high-speed network interfaces, such as gigabit Ethernet and 10 Gigabit Ethernet, where processing overhead of the network stack becomes significant. TOEs are often used as a way to reduce the overhead associated with Internet Protocol (IP) storage protocols such as iSCSI and Network File System (NFS).

The Internet Communications Engine, or Ice, is an open-source RPC framework developed by ZeroC. It provides SDKs for C++, C#, Java, JavaScript, MATLAB, Objective-C, PHP, Python, Ruby and Swift, and can run on various operating systems, including Linux, Windows, macOS, iOS and Android.

<span class="mw-page-title-main">Microsoft Forefront Threat Management Gateway</span>

Microsoft Forefront Threat Management Gateway, formerly known as Microsoft Internet Security and Acceleration Server, is a discontinued network router, firewall, antivirus program, VPN server and web cache from Microsoft Corporation. It ran on Windows Server and works by inspecting all network traffic that passes through it.

WAN optimization is a collection of techniques for improving data transfer across wide area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion, and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.

Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Russian developer Igor Sysoev and publicly released in 2004. Nginx is free and open-source software, released under the terms of the 2-clause BSD license. A large fraction of web servers use Nginx, often as a load balancer.

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546

Coyote Point Systems was a manufacturer of computer networking equipment for application traffic management, also known as server load balancing. In March 2013, the company was acquired by Fortinet.

Web2py is an open-source web application framework written in the Python programming language. Web2py allows web developers to program dynamic web content using Python. Web2py is designed to help reduce tedious web development tasks, such as developing web forms from scratch, although a web developer may build a form from scratch if required.

<span class="mw-page-title-main">AppScale</span> American cloud infrastructure software company

AppScale is a software company offering cloud infrastructure software and services to enterprises, government agencies, contractors, and third-party service providers. The company commercially supports one software product, AppScale ATS, a managed hybrid cloud infrastructure software platform that emulates the core AWS APIs. In 2019, the company ended commercial support for its open-source serverless computing platform AppScale GTS, but AppScale GTS source code remains freely available to the open-source community.

Kemp, Inc. is an American technology company that was founded in 2000 in Bethpage, New York and operates in the application delivery controller industry. The company builds load balancing products which balances user traffic between multiple application servers in a physical, virtual or cloud environment.

HTTP/2 is a major revision of the HTTP network protocol used by the World Wide Web. It was derived from the earlier experimental SPDY protocol, originally developed by Google. HTTP/2 was developed by the HTTP Working Group of the Internet Engineering Task Force (IETF). HTTP/2 is the first new version of HTTP since HTTP/1.1, which was standardized in RFC 2068 in 1997. The Working Group presented HTTP/2 to the Internet Engineering Steering Group (IESG) for consideration as a Proposed Standard in December 2014, and IESG approved it to publish as Proposed Standard on February 17, 2015. The initial HTTP/2 specification was published as RFC 7540 on May 14, 2015.

QUIC is a general-purpose transport layer network protocol initially designed by Jim Roskind at Google, implemented, and deployed in 2012, announced publicly in 2013 as experimentation broadened, and described at an IETF meeting. QUIC is used by more than half of all connections from the Chrome web browser to Google's servers. Microsoft Edge, Firefox, and Safari support it.

Multipath TCP (MPTCP) is an ongoing effort of the Internet Engineering Task Force's (IETF) Multipath TCP working group, that aims at allowing a Transmission Control Protocol (TCP) connection to use multiple paths to maximize throughput and increase redundancy.

Buddy is a web-based and self-hosted continuous integration and delivery software for Git developers that can be used to build, test, and deploy web sites and applications with code from GitHub, Bitbucket, and GitLab. It employs Docker containers with pre-installed languages and frameworks for builds, alongside DevOps, monitoring and notification actions.

HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web, complementing the widely-deployed HTTP/1.1 and HTTP/2. Unlike previous versions which relied on the well-established TCP, HTTP/3 uses QUIC, a multiplexed transport protocol built on UDP. On 6 June 2022, IETF published HTTP/3 as a Proposed Standard in RFC 9114.

XDP is an eBPF-based high-performance data path used to send and receive network packets at high rates by bypassing most of the operating system networking stack. It is merged in the Linux kernel since version 4.8. This implementation is licensed under GPL. Large technology firms including Amazon, Google and Intel support its development. Microsoft released their free and open source implementation XDP for Windows in May 2022. It is licensed under MIT License.

<span class="mw-page-title-main">Cilium (computing)</span>

Cilium is a cloud native technology for networking, observability, and security. It is based on the kernel technology eBPF, originally for better networking performance, and now leverages many additional features for different use cases. The core networking component has evolved from only providing a flat Layer 3 network for containers to including advanced networking features, like BGP and Service mesh, within a Kubernetes cluster, across multiple clusters, and connecting with the world outside Kubernetes. Hubble was created as the network observability component and Tetragon was later added for security observability and runtime enforcement. Cilium runs on Linux and is one of the first eBPF applications being ported to Microsoft Windows through the eBPF on Windows project.

References

  1. "Release 2.9.0". 5 December 2023. Retrieved 19 December 2023.
  2. "HAProxy as Forward Proxy".
  3. "MySQL Load Balancing with HAProxy". Severalnines AB. 2011. Retrieved 19 February 2013.
  4. "HAProxy on Freecode" . Retrieved 5 April 2013.
  5. "Nuts & Bolts: HAproxy" . Retrieved 8 April 2013.
  6. "The inner guts of Bitbucket". YouTube . Retrieved 26 February 2015.
  7. "What it takes to run Stack Overflow" . Retrieved 22 November 2013.
  8. "All Hands on Deck". Slack Engineering. 29 June 2020. Retrieved 2020-07-07.
  9. "HAProxy: they use it!" . Retrieved 5 April 2013.
  10. "List of sites using HAProxy". Archived from the original on 10 June 2013. Retrieved 5 April 2013.
  11. "Tuenti+WebRTC (Voip2day 2014)".
  12. "HAProxy layer - AWS Opsworks" . Retrieved 5 April 2013.
  13. "HAProxy: design choices and history" . Retrieved 5 April 2013.
  14. "Willy Tarreau: About me" . Retrieved 5 April 2013.
  15. "LKML: Willy Tarreau: [ANNOUNCE] Linux 2.4.37.11" . Retrieved 5 April 2013.
  16. Corbett, Daniel (2018-12-19). "HAProxy 1.9 Has Arrived". HAProxy Technologies. Retrieved 2019-01-22.
  17. Ramirez, Nick (2022-05-31). "Announcing HAProxy 2.6". HAProxy Technologies. Retrieved 2023-07-30.
  18. Mhedhbi, Moemen (2018-05-31). "Hitless Reloads / Hot Restarts with HAProxy!". HAProxy Technologies. Retrieved 2019-01-22.
  19. Ramirez, Nick (2019-01-16). "HAProxy 1.9.2 Adds gRPC Support". HAProxy Technologies. Retrieved 2019-01-22.
  20. "HAProxy Technologies Announces Improvements to Performance, Management, and Security for Enterprises" (Press release). 2 May 2018. Retrieved 23 Oct 2018.
  21. "ALOHA Hardware Appliance Application Delivery Controller" . Retrieved 23 Oct 2018.
  22. "HAProxy" . Retrieved 15 December 2022.
  23. haproxy.org#plat
  24. www.haproxy.com/blog/haproxy-forwards-over-2-million-http-requests-per-second-on-a-single-aws-arm-instance/
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.