Installing HAProxy From Source on CentOS 8

By | 2019-11-21
0 Comment

The CentOS 8 repositories provide HAProxy version 1.8.15. You may want or need features in newer versions. Fortunately, installing HAProxy 2.0.9 (Latest stable version as of 2019 November, 21) from source is relatively straightforward.

The steps to do so are:

  • Install required packages
  • Download the HAProxy source code
  • Compile and install HAProxy
  • Create an unprivileged service account
  • Create a SystemD unit file
  • Create a SystemD environment file
  • Create a test configuration file
  • Test your installation
  • Configure HAProxy for your environment
  • Enable HAProxy to start automatically on boot

All commands in this guide should be executed as the root user.

Install Required Packages

In order to compile HAProxy, you will need to ensure a few packages from the standard repositories are installed. One of the required packages is in the PowerTools repo. The following command will ensure the PowerTools repo is enables:

# dnf config-manager --enable PowerTools

Run the following command as root to do so:

# dnf install gcc \
openssl-devel \
readline-devel \
systemd-devel \
make \
pcre-devel \
tar \
lua \
lua-devel

Download and Extract Source Code

Use the command below to download HAProxy 2.0.9.

# curl https://www.haproxy.org/download/2.0/src/haproxy-2.0.9.tar.gz > /root/haproxy-2.0.9.tar.gz

Install HAProxy 2.0.9

Extract the source archive files:

# cd
# tar xf haproxy-2.0.9.tar.gz

Change your working directory to the directory created by tar when you extracted the archive: 

# cd haproxy-2.0.9

Compile HAProxy:

# make USE_NS=1 \
USE_TFO=1 \
USE_OPENSSL=1 \
USE_ZLIB=1 \
USE_LUA=1 \
USE_PCRE=1 \
USE_SYSTEMD=1 \
USE_LIBCRYPT=1 \
USE_THREAD=1 \
TARGET=linux-glibc

If you wish to see a full list of make arguments along with short descriptions, run the command:

# make help

Install HAProxy to /opt/haproxy-2.0.9:

# make PREFIX=/opt/haproxy-2.0.9 install

Create Unprivileged HAProxy User and Group

Create an unprivileged user and group for HAProxy to run as. We will make them identical to the ones created by the HAProxy package in the standard yum repositories.

# groupadd -g 992 haproxy
# useradd -g 992 -u 995 -m -d /var/lib/haproxy -s /sbin/nologin -c haproxy haproxy

If these commands have the output shown below, HAProxy was or is installed from the repositories. This will not affect source installation. It is safe to ignore this and move to the next step.

# groupadd -g 992 haproxy
groupadd: group 'haproxy' already exists
# useradd -g 992 -u 995 -d /var/lib/haproxy -s /sbin/nologin -c haproxy haproxy
useradd: user 'haproxy' already exists

Create SystemD Unit File

Use your favorite text editor to create the SystemD unit file that controls how HAProxy will be started, reloaded, stopped, and monitored. If you are on a minimal system, it is likely vi is all that is available. If you aren’t familiar with vi, I wrote a short tutorial that should teach you enough for basic tasks such as this.

Create the file /etc/systemd/system/haproxy-2.0.9.service with the following contents:

[Unit]
Description=HAProxy 2.0.9
After=syslog.target network.target

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/haproxy-2.0.9
ExecStart=/opt/haproxy-2.0.9/sbin/haproxy -f $CONFIG_FILE -p $PID_FILE $CLI_OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
ExecStop=/bin/kill -USR1 $MAINPID

[Install]
WantedBy=multi-user.target

The USR2 signal instructs HAProxy to reload its configuration without bringing it down. USR1 brings down HAProxy, allowing processes to finish what they were doing before exiting.

Create the SystemD Environment File

Create the file /etc/sysconfig/haproxy-2.0.9 with the following contents:

# Command line options to pass to HAProxy at startup
# The default is:  
#CLI_OPTIONS="-Ws"
CLI_OPTIONS="-Ws"

# Specify an alternate configuration file. The default is:
#CONFIG_FILE=/etc/haproxy/haproxy-2.0.9.conf
CONFIG_FILE=/etc/haproxy/haproxy-2.0.9.conf

# File used to track process IDs. The default is:
#PID_FILE=/var/run/haproxy-2.0.9.pid
PID_FILE=/var/run/haproxy-2.0.9.pid

The -Ws option runs HAProxy in a mode where it is able to notify SystemD when it is done starting.

Load the configuration with the following command:

# systemctl daemon-reload

Create an HAProxy Configuration File

First, create the directory that will store HAProxy’s configuration files:

# mkdir /etc/haproxy

Create the file /etc/haproxy/haproxy-2.0.9.conf with the following contents:

global
    daemon
    maxconn 256
    user        haproxy
    group       haproxy
    chroot      /var/lib/haproxy

defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http
    bind *:8000
    default_backend servers

backend servers
    server server 127.0.0.1:81

Start and Test HAProxy

Start HAProxy:

# systemctl start haproxy-2.0.9.service

Check to see if it is running:

# ps -ef | grep haproxy | cut -c 1-100
root      9481     1  0 05:46 ?        00:00:00 /opt/haproxy-2.0.9/sbin/haproxy -f /etc/haproxy/hapr
haproxy   9482  9481  0 05:46 ?        00:00:00 /opt/haproxy-2.0.9/sbin/haproxy -f /etc/haproxy/hapr
root      9484  1713  0 05:46 pts/0    00:00:00 grep --color=auto haproxy

Configure HAProxy

The details of configuring HAProxy beyond a simple test are beyond the scope of this guide. Consult the official documentation for help. If you are new to HAProxy, the starter guide will help get you started.

Configure HAProxy to Start at Boot

# systemctl enable haproxy-2.0.9

References