Surviving the Traffic Spike: A Sysadmin's Guide to HAProxy 1.4
It starts with a creeping climb in load averages. Then, your Apache error logs fill up with server reached MaxClients setting, consider raising the MaxClients setting. Suddenly, you are swapping memory to disk. Then comes the silence. Your server isn't just slow; it's gone. If you've ever been hit by the "Digg Effect" or a front-page feature on VG.no, you know this pain. One server, no matter how much RAM you throw at it, eventually hits a wall.
The solution isn't just "get a bigger box." That is a trap. The solution is horizontal scaling. Today, we are looking at the newly stable HAProxy 1.4 (released last month) to distribute load across multiple backend nodes. This is the exact architecture we use to keep high-traffic Norwegian media sites online when the news breaks.
Why Apache mod_proxy Isn't Enough
Many admins stick to what they know: Apache with mod_proxy_balancer. While functional, Apache relies on a threaded or prefork model. Every connection eats RAM. When you are under a DDoS attack or a massive traffic spike, Apache bloats until the OOM-killer steps in.
HAProxy is different. It uses a single-threaded, event-driven, non-blocking engine. It can saturate a Gigabit line with a fraction of the CPU usage required by Apache or even Nginx. It acts as a traffic cop, efficiently routing requests to your backend web servers (the workers) without getting bogged down itself.
The Architecture: The CoolVDS Standard
For a robust setup targeting Norwegian users, you generally need three nodes:
- Node 1 (Load Balancer): Lightweight Xen VPS running HAProxy.
- Node 2 & 3 (Web Workers): Powerful VPS instances running Apache/PHP or Lighttpd.
We strictly recommend Xen virtualization (which we use exclusively at CoolVDS) for the load balancer. Unlike OpenVZ, where neighbors can steal your kernel resources, Xen provides strict isolation. When you need to push 20,000 concurrent sessions, you cannot afford a shared kernel bottleneck.
Configuration: HAProxy 1.4 on CentOS 5
Let's get your hands dirty. Assuming you have the EPEL repositories enabled on your CentOS 5 instance, install HAProxy:
yum install haproxyThe magic happens in /etc/haproxy/haproxy.cfg. Below is a production-ready configuration that handles session persistence (sticky sessions), which is critical if your users are logging into a PHP application.
global
log 127.0.0.1 local0
maxconn 4096
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen webfarm 0.0.0.0:80
mode http
stats enable
stats uri /haproxy?stats
balance roundrobin
cookie JSESSIONID prefix
option httpclose
option forwardfor
server web01 192.168.1.10:80 cookie A check
server web02 192.168.1.11:80 cookie B check
Pro Tip: Notice the stats uri line? This enables a web interface where you can view real-time traffic rates and server health. It is invaluable for debugging which backend node is lagging. Secure this with a password immediately in a production environment.
The Hardware Reality: Latency and I/O
Software configuration is only half the battle. If your VPS is hosted in Germany or the US, your Norwegian users face 30-100ms of added latency before the request even hits HAProxy. Physics is undefeated.
At CoolVDS, our datacenter is located directly in Oslo with direct peering to NIX (Norwegian Internet Exchange). This keeps latency under 5ms for local users. Furthermore, high-concurrency logging can kill disk I/O performance on standard SATA drives.
We utilize enterprise SAS 15k RPM drives in RAID 10 arrays. While some providers are experimenting with early SSDs, they often lack the write-endurance for server logging. Our SAS arrays offer the proven reliability and write speeds necessary to handle the intensive logging generated by HAProxy in debug mode without locking up the system.
Data Sovereignty and Datatilsynet
For the "Pragmatic CTOs" reading this: hosting outside Norway introduces legal headaches under the Personal Data Act (Personopplysningsloven). Datatilsynet is becoming increasingly strict about where sensitive user data resides.
By keeping your load balancer and database nodes within Norwegian borders on CoolVDS infrastructure, you simplify compliance significantly. You know exactly where your bits are physically located.
Next Steps
HAProxy 1.4 is a significant leap forward for open-source load balancing. It allows you to perform health checks on your backends and remove them from the pool automatically if they crash, ensuring your users never see a 503 error.
Don't wait for your next traffic spike to take down your revenue stream. Spin up a test environment today.
Ready to scale? Deploy a Xen-based VPS on CoolVDS in Oslo. Our 15k SAS RAID 10 storage handles the heavy I/O so you can focus on uptime.