HAProxy ALOHA Documentation 15.0


HAProxy ALOHA can operate as an HTTP proxy, in which HTTP streams are relayed through the load balancer to a pool of backend servers.

  1. The client connects to your application at the configured public IP address. The HAProxy ALOHA listens at that address and receives the packets.

  2. HAProxy ALOHA makes a separate connection to one of the backend servers and relays the packets over that connection. In other words, the client's original connection is not routed to a backend server directly. Instead, the client communicates with the HAProxy ALOHA only.

  3. The backend server sends its response back to HAProxy ALOHA and then HAProxy ALOHA relays it back to the client over the frontend connection.

Set HTTP mode

  1. In the web UI's LB Layer 7 tab, set the mode directive to http in both the frontend and backend sections of your configuration to load balance HTTP connections.

    Set the mode to http to load balance HTTP traffic.

    frontend webservice
      mode http
      bind :80
      default_backend webfarm
    backend webfarm
      mode    http
      balance roundrobin
      server  websrv1
      server  websrv2

Enable HTTP/2

To enable HTTP/2 between clients and HAProxy ALOHA, configure a bind line in your frontend section as an ssl endpoint. The alpn parameter announces that the load balancer supports HTTP/2 (h2) as its first choice and HTTP/1.1 as a backup by listing them in that order.

frontend www
   mode http
   bind :80
   bind :443 ssl crt /path/to/cert.crt alpn h2,http/1.1

   # Redirect HTTP to HTTPS
   http-request redirect scheme https unless { ssl_fc }

   default_backend servers

To enable HTTP/2 between HAProxy ALOHA and your backend servers, add the alpn parameter to your server or default-server lines:

backend servers
   mode http
   server s1 ssl alpn h2,http/1.1
   server s2 ssl alpn h2,http/1.1

This announces to the servers that HAProxy ALOHA, acting as a client, supports HTTP/2. The servers must also support it.

Enable HTTP/3

To enable HTTP/3 with the QUIC protocol:

  • Configure a bind line in your frontend section as an ssl endpoint.

  • Redirect HTTP traffic to HTTPS.

  • Add a bind line that specifies the quic4 protocol and is also configured as an ssl endpoint, with an alpn parameter set to h3.

  • Add the HTTP response header, alt-svc that invites the client to switch to the QUIC protocol.

    frontend www
       mode http
       bind :80
       bind :443  ssl crt /path/to/cert.crt
       # Redirects to HTTPS
       http-request redirect scheme https unless { ssl_fc }
       # enables HTTP/3 over QUIC
       bind quic4@:443 ssl crt /path/to/cert.crt alpn h3
       # 'Alt-Svc' header invites client to switch to the QUIC protocol
       # Max age (ma) is set to 1 minute (60 seconds), but
       # can be increased once verified working as expected
       http-response set-header alt-svc "h3=\":443\";ma=60;"

Next up

Direct Server Return