If you’re running a high-performance HAProxy setup, there are many tweaks and settings that you can benefit from. Some of these can be complex, but there are many that can quite easily increase your performance. We’ll give you some tips here to get that extra bit of performance you need!
Warning: These are mostly kernel changes and can cause unknown issues. Please Google any changes you are unsure of, or ask us!
sysctl is a program used to tweak kernel settings on your OS. These can allow you to optimize specifically the way your kernel is handling things — specifically, networking. If you are using Snapt, for HAProxy you can navigate to the Setup > Configuration > Performance menu. Alternatively, you can manually edit the
These are specifically designed to optimize your Linux installation
forhaproxy, allowing it to perform better under peak loads and allowing you to get more requests per second.
You can apply our selected tweaks by pasting the below into your
/etc/sysctl.conf file, and then running
sysctl -p" to apply the changes.
# Increase the max OS recv/send buffer size net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 # Increase the connection track table size net.ipv4.netfilter.ip_conntrack_max = 999999 # Widen the local port range to allow more ports net.ipv4.ip_local_port_range = 1024 65023 # Lower the TCPFIN timeout net.ipv4.tcp_fin_timeout = 30 # Increase the max backlog, syn tweaks net.core.netdev_max_backlog = 10000 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 3 # Enable syn cookies vs syn floods, RP filter net.ipv4.tcp_syncookies = 1 net.ipv4.conf.all.rp_filter = 1 # Increase to handle spikes of traffic net.core.somaxconn = 60000 # Increase the TIME WAIT buckets pool size for DoS/performance net.ipv4.tcp_max_tw_buckets = 1440000 net.ipv4.tcp_tw_reuse = 1 # Adjust TCP orphan limit net.ipv4.tcp_max_orphans = 262144
If any give you an error it may be because of a kernel version or anything else, just remove the relevant line. Remember to reboot or run
sysctl -p” to apply this.
Haproxy.cfg Config Changes
TCP mode groups are much less load than HTTP. Check your "mode" setting under a listen, frontend, or backend section of the config. If you don't need to do any HTTP level adjustments then TCP mode will be much faster.
There are a lot of configuration changes that effect performance, but there are (as always) some easy tweaks to get more out of your server farm. Firstly, consider adding
option httpclose to all your HTTP groups. In Snapt, this is called “Force HTTP Close.” This will stop keepalives, but that will be to your advantage. Also, add
option abortonclose – this will close aborted requests.
HAProxy limits connections on a global level as well as a frontend/listen level to the
maxconn setting. It restricts the maximum number of connections HAProxy will accept (at a time), so make sure it’s high enough. You can use this in groups as well as globally. In Snapt, this is called “Maximum Connections.”
Make sure you don't have it set high in the "global" section of the config, but not high enough in the "listen" or "frontend" section!
Only use what you require when choosing a balance method. Remember that
roundrobin is going to be much faster, so if there is no requirement for a more advanced method don’t use it (in performance sensitive situations).
HTTP compression uses a lot of CPU, and if you are in a high-performance environment, you will want to disable it. This obviously has pluses and minuses.