Skip to main content

HAProxy

Step 1: Understand Your Goal HAProxy is usually placed in front of:

  • Kubernetes API Server (6443) → if you want HA for multiple masters.
  • Kubernetes Services / Ingress → if you want HAProxy as a load balancer for apps exposed on worker nodes.

Since you mentioned only one master (192.168.0.106), I’ll assume:

  • You want HAProxy (192.168.0.104) to forward external traffic to services running in the cluster (through NodePorts or Ingress).

Step 2: Find a Service to Expose On your cluster, check services:

kubectl get svc -A

For example, if you have nginx service exposed as NodePort 30080, it’ll be reachable at: http://192.168.0.106:30080

Step 3: Install HAProxy On the HAProxy VM (192.168.0.104):

sudo apt update
sudo apt install haproxy -y

Step 4: Configure HAProxy

Edit config:

sudo nano /etc/haproxy/haproxy.cfg

Example for forwarding traffic from port 80 → nginx NodePort 30080:

global
  log /dev/log local0
  log /dev/log local1 notice
  daemon
  maxconn 2048

defaults 
  log global
  mode http
  option httplog
  option dontlognull
  timeout connect 5s
  timeout client 50s
  timeout server 50s

frontend http_front
  bind *:80
  default_backend nginx_backend

backend nginx_backend
  balance roundrobin
  server k8s-master 192.168.0.106:30080 check

Step 5: Restart HAProxy 

sudo systemctl restart haproxy
sudo systemctl enable haproxy

Now, when you access: http://192.168.0.104/ HAProxy will forward to your Kubernetes service (192.168.0.106:30080). If you later add multiple worker nodes, you can just add them to the backend:

backend nginx_backend
  balance roundrobin
  server k8s-worker1 192.168.0.107:30080 check
  server k8s-worker2 192.168.0.108:30080 check

5. Optional – Multiple Apps 

If you want HAProxy to serve multiple apps (different hostnames or paths), you can extend the config:

frontend http_front
  bind *:80
  acl host_app1 hdr(host) -i app1.local
  acl host_app2 hdr(host) -i app2.local
  use_backend app1_backend if host_app1
  use_backend app2_backend if host_app2
  default_backend app1_backend

backend app1_backend
  server k8s-master 192.168.0.106:30080 check

backend app2_backend
  server k8s-master 192.168.0.106:30081 check

This way HAProxy acts like a simple Ingress Controller replacement.

No Comments
Back to top