Install HAProxy with Lua and multithreading support on centos

Here are the steps needed for installing HAProxy with lua and multithreading support.

First install all required libs as root

sudo -i 
yum -y install epel-release 
yum -y install make gcc perl pcre-devel zlib-devel wget openssl-devel readline-devel

and then install lua from source

cd
curl -R -O http://www.lua.org/ftp/lua-5.3.5.tar.gz
tar zxf lua-5.3.5.tar.gz
cd lua-5.3.5
make linux test
make linux install

now build HAProxy from source

cd
wget http://www.haproxy.org/download/1.9/src/haproxy-1.9.2.tar.gz
tar xvzf haproxy-1.9.2.tar.gz 
cd haproxy-1.9.2
make TARGET=linux2628 USE_PCRE=1 USE_PCRE_JIT=1 USE_OPENSSL=1 USE_ZLIB=1 USE_LINUX_TPROXY=1 USE_REGPARM=1 USE_LUA=1 USE_THREAD=1 USE_TFO=1
make install
cd ..

optional if you want to setup as service will not work in docker.

on Centos6

cd haproxy-1.9.2/examples
cp haproxy.init /etc/init.d/haproxy
chmod 755 /etc/init.d/haproxy
#edit the /etc/init.d/haproxy to point BIN to correct location i.e./usr/local/sbin/haproxy
systemctl daemon-reload

add a haproxy no login user

id -u haproxy &> /dev/null || useradd -s /usr/sbin/nologin -r haproxy

Don’t forget to place your config file here

/etc/haproxy/haproxy.cfg

can have this for testing

global
  #debug                                   # uncomment to enable debug mode for HAProxy

defaults
  mode http                                # enable http mode which gives of layer 7 filtering
  timeout connect 5000ms                   # max time to wait for a connection attempt to a server to succeed
  timeout client 50000ms                   # max inactivity time on the client side
  timeout server 50000ms                   # max inactivity time on the server side

backend legacy                             # define a group of backend servers to handle legacy requests
  server legacy_server  172.217.3.100:80       # add a server to this backend

frontend app                               # define what port to listed to for HAProxy
  bind *:80
  default_backend legacy                   # set the default server for all request

To test your configuration

haproxy -f /etc/haproxy/haproxy.cfg -c

no error is good error

Enable the service to allow it to restart automatically at system boot up.

chkconfig haproxy on  ---> centos 6
# On centos 7
#systemctl daemon-reload
# systemctl enable haproxy.service
# systemctl status haproxy.service  --> status
# systemctl start haproxy.service   --> start
# systemctl stop haproxy.service    --> stop

lets verify everything

#Verification
$lua -v
Lua 5.3.5  Copyright (C) 1994-2018 Lua.org, PUC-Rio
 
#Verification
$haproxy -vv
HA-Proxy version 1.9.2 2019/01/16 - https://haproxy.org/
Build options :
  TARGET  = linux2628
  CPU     = generic
  CC      = gcc
  CFLAGS  = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-old-style-declaration -Wno-ignored-qualifiers -Wno-clobbered -Wno-missing-field-initializers -Wtype-limits
  OPTIONS = USE_LINUX_TPROXY=1 USE_ZLIB=1 USE_REGPARM=1 USE_THREAD=1 USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 USE_PCRE_JIT=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with OpenSSL version : OpenSSL 1.0.2k-fips  26 Jan 2017
Running on OpenSSL version : OpenSSL 1.0.2k-fips  26 Jan 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.5
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with PCRE version : 8.32 2012-11-30
Running on PCRE version : 8.32 2012-11-30
PCRE library supports JIT : yes
Encrypted password support via crypt(3): yes
Built with multi-threading support.

Available polling systems :
      epoll : pref=300,  test result OK
       poll : pref=200,  test result OK
     select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
              h2 : mode=HTX        side=FE|BE
              h2 : mode=HTTP       side=FE
       <default> : mode=HTX        side=FE|BE
       <default> : mode=TCP|HTTP   side=FE|BE

Available filters :
	[SPOE] spoe
	[COMP] compression
	[CACHE] cache
	[TRACE] trace

You can do all the above in a docker.Pick your centos version

$docker pull centos:6.6

and login to box

$docker run -i -t centos
[root@8408b1ae8004 /]#

now run the haproxy lua scripts provided above.

Further Reading

Multithreading in HAProxy - HAProxy Technologies

and latest make file options

haproxy/haproxy