The CentOS 8 repositories provide HAProxy version 1.8.15. You may want or need features in newer versions. Fortunately, installing HAProxy 2.0.9 (Latest stable version as of 2019 November, 21) from source is relatively straightforward.
The steps to do so are:
- Install required packages
- Download the HAProxy source code
- Compile and install HAProxy
- Create an unprivileged service account
- Create a SystemD unit file
- Create a SystemD environment file
- Create a test configuration file
- Test your installation
- Configure HAProxy for your environment
- Enable HAProxy to start automatically on boot
All commands in this guide should be executed as the root user.
Install Required Packages
In order to compile HAProxy, you will need to ensure a few packages from the standard repositories are installed. One of the required packages is in the PowerTools repo. The following command will ensure the PowerTools repo is enables:
# dnf config-manager --enable PowerTools
Run the following command as root to do so:
# dnf install gcc \
openssl-devel \
readline-devel \
systemd-devel \
make \
pcre-devel \
tar \
lua \
lua-devel
Download and Extract Source Code
Use the command below to download HAProxy 2.0.9.
# curl https://www.haproxy.org/download/2.0/src/haproxy-2.0.9.tar.gz > /root/haproxy-2.0.9.tar.gz
Install HAProxy 2.0.9
Extract the source archive files:
# cd
# tar xf haproxy-2.0.9.tar.gz
Change your working directory to the directory created by tar when you extracted the archive:
# cd haproxy-2.0.9
Compile HAProxy:
# make USE_NS=1 \
USE_TFO=1 \
USE_OPENSSL=1 \
USE_ZLIB=1 \
USE_LUA=1 \
USE_PCRE=1 \
USE_SYSTEMD=1 \
USE_LIBCRYPT=1 \
USE_THREAD=1 \
TARGET=linux-glibc
If you wish to see a full list of make arguments along with short descriptions, run the command:
# make help
Install HAProxy to /opt/haproxy-2.0.9:
# make PREFIX=/opt/haproxy-2.0.9 install
Create Unprivileged HAProxy User and Group
Create an unprivileged user and group for HAProxy to run as. We will make them identical to the ones created by the HAProxy package in the standard yum repositories.
# groupadd -g 992 haproxy
# useradd -g 992 -u 995 -m -d /var/lib/haproxy -s /sbin/nologin -c haproxy haproxy
If these commands have the output shown below, HAProxy was or is installed from the repositories. This will not affect source installation. It is safe to ignore this and move to the next step.
# groupadd -g 992 haproxy
groupadd: group 'haproxy' already exists
# useradd -g 992 -u 995 -d /var/lib/haproxy -s /sbin/nologin -c haproxy haproxy
useradd: user 'haproxy' already exists
Create SystemD Unit File
Use your favorite text editor to create the SystemD unit file that controls how HAProxy will be started, reloaded, stopped, and monitored. If you are on a minimal system, it is likely vi is all that is available. If you aren’t familiar with vi, I wrote a short tutorial that should teach you enough for basic tasks such as this.
Create the file /etc/systemd/system/haproxy-2.0.9.service with the following contents:
[Unit]
Description=HAProxy 2.0.9
After=syslog.target network.target
[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/haproxy-2.0.9
ExecStart=/opt/haproxy-2.0.9/sbin/haproxy -f $CONFIG_FILE -p $PID_FILE $CLI_OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
ExecStop=/bin/kill -USR1 $MAINPID
[Install]
WantedBy=multi-user.target
The USR2 signal instructs HAProxy to reload its configuration without bringing it down. USR1 brings down HAProxy, allowing processes to finish what they were doing before exiting.
Create the SystemD Environment File
Create the file /etc/sysconfig/haproxy-2.0.9 with the following contents:
# Command line options to pass to HAProxy at startup
# The default is:
#CLI_OPTIONS="-Ws"
CLI_OPTIONS="-Ws"
# Specify an alternate configuration file. The default is:
#CONFIG_FILE=/etc/haproxy/haproxy-2.0.9.conf
CONFIG_FILE=/etc/haproxy/haproxy-2.0.9.conf
# File used to track process IDs. The default is:
#PID_FILE=/var/run/haproxy-2.0.9.pid
PID_FILE=/var/run/haproxy-2.0.9.pid
The -Ws option runs HAProxy in a mode where it is able to notify SystemD when it is done starting.
Load the configuration with the following command:
# systemctl daemon-reload
Create an HAProxy Configuration File
First, create the directory that will store HAProxy’s configuration files:
# mkdir /etc/haproxy
Create the file /etc/haproxy/haproxy-2.0.9.conf with the following contents:
global
daemon
maxconn 256
user haproxy
group haproxy
chroot /var/lib/haproxy
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http
bind *:8000
default_backend servers
backend servers
server server 127.0.0.1:81
Start and Test HAProxy
Start HAProxy:
# systemctl start haproxy-2.0.9.service
Check to see if it is running:
# ps -ef | grep haproxy | cut -c 1-100
root 9481 1 0 05:46 ? 00:00:00 /opt/haproxy-2.0.9/sbin/haproxy -f /etc/haproxy/hapr
haproxy 9482 9481 0 05:46 ? 00:00:00 /opt/haproxy-2.0.9/sbin/haproxy -f /etc/haproxy/hapr
root 9484 1713 0 05:46 pts/0 00:00:00 grep --color=auto haproxy
Configure HAProxy
The details of configuring HAProxy beyond a simple test are beyond the scope of this guide. Consult the official documentation for help. If you are new to HAProxy, the starter guide will help get you started.
Configure HAProxy to Start at Boot
# systemctl enable haproxy-2.0.9