HAProxy - fast and reliable http reverse proxy and load balancer
haproxy -f <configuration file|dir> [-L <name>]
[-n maxconn] [-N maxconn] [-C <dir>] [-v|-vv] [-d]
[-D] [-q] [-V] [-c] [-p <pidfile>] [-dk] [-ds] [-de] [-dp] [-db]
[-dM[<byte>]] [-m <megs>] [-x <unix_socket>]
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
availability environments. Indeed, it can:
- route HTTP requests depending on statically assigned cookies ;
- spread the load among several servers while assuring server
persistence through the use of HTTP cookies ;
- switch to backup servers in the event a main one fails ;
- accept connections to special ports dedicated to service
- stop accepting connections without breaking existing ones ;
- add/modify/delete HTTP headers both ways ;
- block requests matching a particular pattern ;
- hold clients to the right application server depending on
- report detailed status as HTML pages to authenticated users from an
URI intercepted from the application.
It needs very little resource. Its event-driven architecture allows it to easily
handle thousands of simultaneous connections on hundreds of instances without
risking the system's stability.
- -f <configuration file|dir>
- Specify configuration file or directory path. If the argument is a
directory the files (and only files) it contains are added in lexical
order (using LC_COLLATE=C) ; only non hidden files with ".cfg"
extension are added.
- -L <name>
- Set the local instance's peer name. Peers are defined in the peers
configuration section and used for syncing stick tables between different
instances. If this option is not specified, the local hostname is used as
- -n <maxconn>
- Set the high limit for the total number of simultaneous connections.
- -N <maxconn>
- Set the high limit for the per-listener number of simultaneous
- -C <dir>
- Change directory to <dir> before loading any files.
- Display HAProxy's version.
- Display HAProxy's version and all build options.
- Start in foreground with debugging mode enabled. When the proxy runs in
this mode, it dumps every connections, disconnections, timestamps, and
HTTP headers to stdout. This should NEVER be used in an init script since
it will prevent the system from starting up.
- Start in daemon mode.
- Start in systemd daemon mode, keeping a process in foreground.
- Disable messages on output.
- Displays messages on output even when -q or 'quiet' are specified. Some
information about pollers and config file are displayed during startup.
- Only checks config file and exits with code 0 if no error was found, or
exits with code 1 if a syntax error was found.
- -p <pidfile>
- Ask the process to write down each of its children's pids to this file in
- Disable use of kqueue(2). kqueue(2) is available only on BSD
- Disable use of speculative epoll(7). epoll(7) is available
only on Linux 2.6 and some custom Linux 2.4 systems.
- Disable use of epoll(7). epoll(7) is available only on Linux
2.6 and some custom Linux 2.4 systems.
- Disables use of poll(2). select(2) might be used instead.
- Disables use of splice(2), which is broken on older kernels.
- Disables background mode (stays in foreground, useful for debugging). For
debugging, the '-db' option is very useful as it temporarily disables
daemon mode and multi-process mode. The service can then be stopped by
simply pressing Ctrl-C, without having to edit the config nor run full
- Initializes all allocated memory areas with the given <byte>.
This makes it easier to detect bugs resulting from uninitialized memory
accesses, at the expense of touching all allocated memory once. If <
byte> is not specified, it defaults to 0x50 (ASCII 'P').
- -m <megs>
- Enforce a memory usage limit to a maximum of <megs> megabytes.
- -sf <pidlist>
- Send FINISH signal to the pids in pidlist after startup. The processes
which receive this signal will wait for all sessions to finish before
exiting. This option must be specified last, followed by any number of
PIDs. Technically speaking, SIGTTOU and SIGUSR1 are sent.
- -st <pidlist>
- Send TERMINATE signal to the pids in pidlist after startup. The processes
which receive this signal will terminate immediately, closing all active
sessions. This option must be specified last, followed by any number of
PIDs. Technically speaking, SIGTTOU and SIGTERM are sent.
- -x <unix_socket>
- Attempt to connect to the unix socket, and retrieve all the listening
sockets from the old process. Those sockets will then be used if possible
instead of binding new ones.
Since HAProxy can run inside a chroot, it cannot reliably access /dev/log. For
this reason, it uses the UDP protocol to send its logs to the server, even if
it is the local server. People who experience trouble receiving logs should
ensure that their syslog daemon listens to the UDP socket. Several Linux
distributions which ship with syslogd from the sysklogd package have UDP
disabled by default. The -r
option must be passed to the daemon in
order to enable UDP.
Some signals have a special meaning for the haproxy daemon. Generally, they are
used between daemons and need not be used by the administrator.
- - SIGUSR1
- Tells the daemon to stop all proxies and exit once all sessions are
closed. It is often referred to as the "soft-stop" signal.
- - SIGTTOU
- Tells the daemon to stop listening to all sockets. Used internally by
-sf and -st.
- - SIGTTIN
- Tells the daemon to restart listening to all sockets after a
SIGTTOU. Used internally when there was a problem during hot
- - SIGINT and SIGTERM
- Both signals can be used to quickly stop the daemon.
- - SIGHUP
- Dumps the status of all proxies and servers into the logs. Mostly used for
- - SIGQUIT
- Dumps information about memory pools on stderr. Mostly used for debugging
- - SIGPIPE
- This signal is intercepted and ignored on systems without
A much better documentation can be found in configuration.txt. On Debian
systems, you can find this file in
HAProxy was written by Willy Tarreau. This man page was written by Arnaud Cornet
and Willy Tarreau.