DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Generative AI has transformed nearly every industry. How can you leverage GenAI to improve your productivity and efficiency?

SBOMs are essential to circumventing software supply chain attacks, and they provide visibility into various software components.

Related

  • Close Site Search Indexing via Kubernetes HAProxy Ingress
  • Optimizing Server Management With HAProxy’s Advanced Health Checks
  • Implementing HTTP Load Balancer Using HAProxy on AWS

Trending

  • Multiple Stakeholder Management in Software Engineering
  • Reinforcement Learning in CRM for Personalized Marketing
  • Top 5 Trends in Big Data Quality and Governance in 2025
  • Building V1 Gen-AI Products at Scale: Technical Product Patterns That Work
  1. DZone
  2. Software Design and Architecture
  3. Performance
  4. HAProxy Performance Tweaks: sysctl and config

HAProxy Performance Tweaks: sysctl and config

Learn about the changes you should make to sysctl and HAProxy configurations to improve the performance of your entire setup.

By 
Nadine Arnold user avatar
Nadine Arnold
·
May. 07, 17 · Tutorial
Likes (3)
Comment
Save
Tweet
Share
17.7K Views

Join the DZone community and get the full member experience.

Join For Free

If you’re running a high-performance HAProxy setup, there are many tweaks and settings that you can benefit from. Some of these can be complex, but there are many that can quite easily increase your performance. We’ll give you some tips here to get that extra bit of performance you need!

Warning: These are mostly kernel changes and can cause unknown issues. Please Google any changes you are unsure of, or ask us!

Sysctl.conf Changes

sysctl is a program used to tweak kernel settings on your OS. These can allow you to optimize specifically the way your kernel is handling things — specifically, networking. If you are using Snapt, for HAProxy you can navigate to the Setup > Configuration > Performance menu. Alternatively, you can manually edit the /etc/sysctl.conf file.

These are specifically designed to optimize your Linux installation forhaproxy, allowing it to perform better under peak loads and allowing you to get more requests per second.

You can apply our selected tweaks by pasting the below into your /etc/sysctl.conf file, and then running  sysctl -p" to apply the changes.

# Increase the max OS recv/send buffer size
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

# Increase the connection track table size
net.ipv4.netfilter.ip_conntrack_max = 999999

# Widen the local port range to allow more ports
net.ipv4.ip_local_port_range = 1024 65023

# Lower the TCPFIN timeout
net.ipv4.tcp_fin_timeout = 30

# Increase the max backlog, syn tweaks
net.core.netdev_max_backlog = 10000
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 3

# Enable syn cookies vs syn floods, RP filter
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.rp_filter = 1

# Increase to handle spikes of traffic
net.core.somaxconn = 60000

# Increase the TIME WAIT buckets pool size for DoS/performance
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_reuse = 1

# Adjust TCP orphan limit
net.ipv4.tcp_max_orphans = 262144

If any give you an error it may be because of a kernel version or anything else, just remove the relevant line. Remember to reboot or run sysctl -p” to apply this.

Haproxy.cfg Config Changes

Below are several tips to keep in mind when creating or adjusting your haproxy.cfg file.

Mode Selection

TCP mode groups are much less load than HTTP. Check your "mode" setting under a listen, frontend, or backend section of the config. If you don't need to do any HTTP level adjustments then TCP mode will be much faster.

HTTP Tweaks

There are a lot of configuration changes that effect performance, but there are (as always) some easy tweaks to get more out of your server farm. Firstly, consider adding option httpclose to all your HTTP groups. In Snapt, this is called “Force HTTP Close.” This will stop keepalives, but that will be to your advantage. Also, add  option abortonclose – this will close aborted requests.

Maxconn Setting

HAProxy limits connections on a global level as well as a frontend/listen level to the maxconn setting. It restricts the maximum number of connections HAProxy will accept (at a time), so make sure it’s high enough. You can use this in groups as well as globally. In Snapt, this is called “Maximum Connections.”

Make sure you don't have it set high in the "global" section of the config, but not high enough in the "listen" or "frontend" section!

Balance Method

Only use what you require when choosing a balance method. Remember that roundrobin is going to be much faster, so if there is no requirement for a more advanced method don’t use it (in performance sensitive situations).

Compression

HTTP compression uses a lot of CPU, and if you are in a high-performance environment, you will want to disable it. This obviously has pluses and minuses.

HAProxy

Published at DZone with permission of Nadine Arnold. See the original article here.

Opinions expressed by DZone contributors are their own.

Related

  • Close Site Search Indexing via Kubernetes HAProxy Ingress
  • Optimizing Server Management With HAProxy’s Advanced Health Checks
  • Implementing HTTP Load Balancer Using HAProxy on AWS

Partner Resources

×

Comments

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • [email protected]

Let's be friends: