Earlier this month, I packed my bag and grabbed my lanyard to attend HAProxyConf in the beautiful city of Paris. I was far from alone: hundreds of customers, colleagues, and community enthusiasts had the same idea. We overcame jetlag, stagefright, and introverted personality types for the joy of meeting and learning from some of the brightest minds in the industry.
From load balancing to cybersecurity to endless cups of strong coffee: this is HAProxyConf 2022!
My First HAProxyConf
It was my first time attending HAProxy’s now-annual community meetup. That is not surprising, given that I joined the HAProxy team six weeks ago. What was surprising was how many guests were similarly new to the HAProxy community.
One-quarter of the attendees had been using HAProxy for less than one year, demonstrating that you don’t need decades of experience, a fistful of certifications, or hundreds of GitHub commits to get started in this welcoming community.
Meeting the HAProxy Community
Without fail, the HAProxy community is diverse, engaging, intelligent, and open – both professionally and personally. Meeting and chatting with the guests and presenters was one of myhighlights. As much as I enjoyed discussing the finer points of application infrastructure, my conversations ranged topics as varied as fitness, craft beer tasting, mechanical watches, and the parallels between Babylon 5 and The Lord of the Rings.
This was not only my first HAProxy conference; it was also my first open-source community conference. I wasn’t sure what to expect, but I wasn’t the only one. Several guests remarked how refreshing it was to attend a technology event that wasn’t pushing irrelevant products with aggressive sales tactics.
Why Should You Visit HAProxyConf?
HAProxyConf brings together our open-source community and enterprise customers with a shared sense of purpose and good humor. Many open-source enthusiasts told of how they became enterprise customers, while massive businesses explained how they use the community version to manage large deployments. The whole community is remarkably cohesive whether they use HAProxy Community or pay for an enterprise product.
HAProxyConf also goes hard on technical detail. With live performance testing and code-heavy deep dives on the main stage, there was plenty of substance beyond the slick event banners and swag bags. The crowd was there for more than just media-friendly soundbites, and the HAProxy team and community delivered.
Speaking of swag, HAProxy continues to stake out the relatively uncontested ground of being the most family-friendly vendor in the event swag game. I’m sure the baby onesies and plush Loady elephants are going down a treat in many homes besides mine.
HAProxy Fusion Has Landed
The show’s star (other than the spectacular macarons) was undoubtedly HAProxy Fusion Control Plane. HAProxy Fusion lets you manage and monitor all your HAProxy Enterprise instances from a single UI or API, whether on-premises or in the cloud.
Andjelko Iharos, Director of Engineering at HAProxy Technologies, announced the general availability of HAProxy Fusion in Tuesday morning’s keynote presentation. Guests could also see HAProxy Fusion in action with an interactive demo at the booth behind the presentation theatre.
HAProxy Fusion is a vital part of our vision for end-to-end application delivery that is simple, scalable, and secure. It enables application delivery teams to build resilient geographically distributed infrastructure, highly secure APIs and applications, and efficient zero-touch workflows reducing the costs, risks, and complexity of scale.
Feedback from our users on HAProxy Fusion has been incredibly positive, which makes sense, given how they use HAProxy today.
Our on-site survey revealed that:
77% of our users run multi-location infrastructure,
74% are concerned about the security of their environment,
63% use six or more load balancer clusters,
83% already automate HAProxy configuration using the API or a third-party tool such as Ansible or Puppet.
HAProxy Fusion will improve efficiency in all these scenarios. To learn more about HAProxy Fusion Control Plane, visit the HAProxy Fusion product page and request a demo.
HAProxy Enables Greener IT By Saving Energy
We were all in for a special treat when Willy Tarreau took to the main stage for Tuesday’s opening keynote. Willy is the original creator of the HAProxy load balancer, and he continues to lead the development of the open-source project. At HAProxyConf 2022, Willy was keen to show how HAProxy intersects with his concerns about energy use and climate change.
Willy explained one of the core architectural problems affecting application performance and resource usage: adding more application servers with only a basic network load balancer (NLB) to distribute traffic doesn’t produce linear scaling. The resulting inefficiency wastes resources and energy. Willy’s demo showed that a cluster of 20 servers might be only 6.6x faster than one server.
Willy showed how HAProxy’s high-performance application load balancer increases server capacity and reduces total power consumption. His demo setup needed only one-third of the application servers required by the same setup using NLB alone. That means you could divide cloud costs by 2.5 and power consumption by 2, which shows the value of prioritizing performance in HAProxy’s design and implementation.
The result of HAProxy’s improvement to application performance and resource usage in Willy’s live demo was proper linear scaling, which means you get the maximum value from every server and need fewer servers to handle traffic loads. That’s a massive win for our users and for our efforts to reduce energy use.
What is the HAProxy Community Saying?
One of the best things about HAProxyConf is that it’s a genuine community effort. Our innovative customers and users spoke about why they chose HAProxy and how they solved tough challenges in various application delivery scenarios. Out of this wonderful variety, a few common themes emerged.
Scale and performance
Like HAProxy’s Willy Tarreau, our users push the boundaries of performance at scale – this is a top priority for many of the largest organizations attending HAProxyConf. HAProxy users are scaling their applications and businesses to new heights because HAProxy has a considerable performance advantage over the competition, providing higher throughput, lower latency, and lower resource use.
We were thrilled to see the real-world benchmarks from our users showing that HAProxy is the world’s fastest software load balancer, and we intend to sustain our success by continuing to invest in R&D in performance – mostly because it’s important to our users and partly because we just love seeing graphs with squiggly lines going up and to the right.
When evaluating reverse proxies for their new traffic stack, Sanjay Singh and Sri Ram Bathina from LinkedIn found that HAProxy smashed performance expectations. Testing for latency degradation above 10ms with traffic scaling, HAProxy scaled 12x higher than ATS and 4x higher than Envoy. Great result!
Comparing HAProxy with Envoy and Traefik, Adam Mills from Roblox found that HAProxy delivered an unbeatable performance in both throughput and latency. Judging by the graphs, it wasn’t even close, with up to 2X higher throughput and 3X lower latency than Envoy and 10X the performance of Traefik.
Docker’s cloud-native Kubernetes deployment can transfer 80PB/month. Ryan Hristovski from Docker explained how HAProxy made this possible by providing autoscaling, blue-green deployment, and no-downtime upgrades, as well as the flexibility to take advantage of performance and reliability tricks in K8s and Docker.
Cloudflare achieves consistent high availability on Postgres by leveraging the flexibility and stability of HAProxy. They use HAProxy to load balance across five read replicas and avoid the problem of multiple masters. Vignesh Ravichandran from Cloudflare found HAProxy to have perfect reliability – not a single crash or failure. As a result, they do not run HAProxy in a high-availability configuration. In their opinion, they don’t need to!
Innovation
HAProxy users are launching new applications, architectures, and business processes because HAProxy enables rapid innovation and controlled risks in a wide range of scenarios.
Robert Belson and Chris Smith from AWS brought HAProxyConf up to speed on the performance and latency requirements of mobile edge and IoT workloads using AWS Wavelength, enabling innovation in smart energy and agriculture, transport, robotics, and more. HAProxy Enterprise with Data Plane API brings the necessary flexibility to support this complex use case with dynamic load balancing, including autoscaling and geo-distributed edge discovery.
Gexel had five offices full of people before COVID hit, and suddenly they were required to enable people to work from home while maintaining all the controls needed for their PCI-DSS compliance. Carlos Casanova from Gexel showed how HAProxy features such as stick tables and rate limiting have helped them achieve a remote workforce.
Ricardo Nabinger Sanchez from Taghos explained their experience implementing HAProxy in a challenging high-scale environment turned them from community lurkers into active contributors, working closely with HAProxy developers in GitHub. Thanks for helping improve HAProxy!
Efficiency
HAProxy users work smarter, not harder – with better visibility and lower costs – because HAProxy enables efficient workflows, automation, and data-driven intelligence.
Bedrock deployed a high-scale video delivery application with the capacity to serve 50 million users. Vincent Gallissot from Bedrock found that AWS load balancers did not allow advanced load-balancing algorithms, so they needed another solution to handle the load. HAProxy provides the advanced features and resilience Bedrock needs and can autoscale load balancers along with applications in AWS for efficiency at scale.
Automated infrastructure provisioning in the cloud can save businesses time and produce consistent, predictable results. Gursimar Singh from freeCodeCamp showed how he automated HAProxy provisioning and configuration in AWS using Ansible, one of the most popular configuration management tools. HAProxy’s flexibility and programmability make it ideally suited to integration and automation, making life easier for application teams.
Buğra Öztürk showed how to reduce service downtime, maintenance time/cost, and SSL/domain cost when deploying web apps in Kubernetes. Implementing HAProxy, his deployment uses a single SSL/domain via reverse proxy with SSL termination and achieves highly available services, avoids a single point of failure, and allows him to manage his load balancer and API gateway in one place.
Flexibility
HAProxy users are leveraging new technologies to improve their application delivery and boost their business because HAProxy works anywhere and with any application – from on-premises to the cloud to the mobile edge, from hardware to VMs to containers, and from web apps to databases to email.
To provide the ultimate high-performance experience for their users, Jérémy Lecour from Evolix explained how they created their CDN-like service by combining HAProxy with Varnish – one of the most popular open-source caching engines. HAProxy’s powerful configuration language made this easy.
ClassDojo handles nine thousand container deploys and 12 million unique entities per day, with traffic of 40k RPS. Urjit Singh Bhatia from ClassDojo showed how they manage this scale with autoscaling and dynamic server fleets to handle the variable load, reduce costs, and add flexible deployment options such as blue-green. ClassDojo made autoscaling easy by integrating HAProxy with Consul, allowing for seamless upscaling and downscaling.
Security
HAProxy users are simplifying cyber security and defending against the most challenging attacks, such as DDoS, because HAProxy is the world’s top secure application delivery platform, with integrated WAF, DDoS mitigation, bot blocking, and now centralized intelligence.
SoundCloud used HAProxy Enterprise and the stick table aggregator to deliver DDoS protection that is decentralized and fast to react – preventing abusive traffic from significantly affecting service availability and integrity. Sadegh Solati from SoundCloud showed how they achieved this result using 40 CPU cores (with peak load using 20 cores) and a 10Gb/s Ethernet connection, making HAProxy a cost-effective DDoS protection solution compared to CDN services.
Evaluating HAProxy’s web application firewall (WAF), Michael “Irish” O’Neill from BoomTown! found that it delivered more secure websites, cleaner logs, and less junk work for their servers. Test results showed a 30% drop in “404 Not Found” errors, a 70% drop in “403 Forbidden” errors, and no significant difference in “200 OK” responses – alleviating any concerns around false positives.
JD.com protects over 100,000 email accounts across multiple device types from common security threats, including credential stuffing, password leaks, and phishing. Suo Lu from JD.com explained how they used HAProxy to build a solution for secure enterprise email. JD.com uses HAProxy’s multi-layered security and extensible design to enable multi-factor authentication (MFA), load testing, rate limiting, and high availability.
FAUST has used HAProxy to help eliminate cheating and ensure fair competition with flawless results in five capture-the-flag (CTF) events. Felix Dreissig from noris network and Simon Ruderich from FAU showed how HAProxy plays a vital role in preventing TCP and HTTP fingerprinting with its ability to inspect and modify HTTP traffic transparently.
HAProxyConf 2022 Takeaways
The HAProxyConf lineup gave us three days of learning, including workshops, keynotes, technical talks, and use cases from HAProxy core developers, community, and enterprise users. So what will our attendees take away from this year’s conference?
First, the platform continues to evolve to meet the needs of even the most demanding use cases. Real-world examples of HAProxy’s extensibility showed how to scale and automate application delivery in every conceivable environment. As the sole sponsor of HAProxyConf, HAProxy Technologies works with our community to fully realize the vision of a secure end-to-end application delivery platform for everyone.
Second, the HAProxy community remains a core strength and a huge reason to get involved. Passionate and highly engaged, our community of open-source developers, enterprise customers, and users in every kind of organization – large and small – helps inspire us and drive the HAProxy platform forward.
Third, HAProxy is a stunningly capable platform in direct comparison with competing solutions. Performance benchmarks showed not just incremental gains but 4X the performance of the nearest competitor. Our users consistently tell a story of how they overcame conventional limitations using the unmatched performance of HAProxy. We are incredibly proud of the results our users have achieved with HAProxy in 2022, but we will always strive to be faster, more effective, and more efficient – because performance is in our DNA.
What Next After HAProxyConf 2022?
The first thing to do is to say “thank you” again to all of the presenters and guests who attended and shared their knowledge and to the HAProxy team members and support staff who helped run an engaging and efficient event.
Next, we want to get HAProxy Fusion Control Plane into the hands of as many enterprise users as possible so they can benefit from the simplicity and efficiency of managing HAProxy Enterprise at scale.
We look forward to working with more incredible presenters; showcasing the latest improvements to the HAProxy platform; and celebrating the accomplishments, creativity, and relationships within the magnificent HAProxy community.
Check out some photos from the conference.