HAProxyConf 2021

Featured Presentations

Session

Annotations, Config Snippets, and Custom Resources: Three Ways to Customize Your HAProxy Kubernetes Ingress Controller

Annotations, Config Snippets, and Custom Resources: Three Ways to Customize Your HAProxy Kubernetes Ingress Controller
Our Ingress Controller brings HAProxy to Kubernetes where the controller reacts to Kubernetes events and generates HAProxy configuration based on user input. This input can be provided in different ways: annotations, static files, custom resources. In this presentation, we will go through the details of each input type and compare it with other types.
Speaker
Moemen Mhedhbi
Moemen Mhedhbi
Software Engineer HAProxy Technologies

Session

Enabling SD-WAN Operations Using HAProxy

Enabling SD-WAN Operations Using HAProxy
A typical SD-WAN solution consists of multiple components for management plane, control plane and data plane. Proxy services are required for data plane endpoints to communicate with OAM components across multiple underlay networks or routing domains. Separation of traffic across multiple routing domains is key to support a multi-tenant solution with multiple underlay networks. High availability and security is paramount requirement for communication between the external (WAN) and internal (management LAN). This talk describes how HAProxy is used in the Nuage's SD-WAN solution to provide a secure HA mechanism to provide the communication across the internal and external SD-WAN components. We will discuss how the scalable load-balancing capability of HAProxy can be used to support additional value-added services for SD-WAN and how HAProxy monitoring capabilities can be used to provide a health monitoring system for the OAM services.
Speakers
Gurpreet Singh
Gurpreet Singh
Sr Product Manager Nokia
Patrick Dumais
Patrick Dumais
Senior Software Designer Nokia

Session

Extending HAProxy with Rust Beyond Lua Restrictions

Extending HAProxy with Rust Beyond Lua Restrictions
At Yelp, a platform that connects tens of millions of people with tens of millions of great local businesses, we use HAProxy to load balance our traffic, block bots, and enable smart routing. Many of the features are powered by plugins written in Rust and Lua. In this presentation, I will describe how we extend HAProxy with the Rust programming language and HAProxy's Lua API, benefiting from Rust's features such as code and memory safety, speed, and even non-blocking access to file operations.
Speaker
Aleksandr Orlenko
Aleksandr Orlenko
Software Engineer Yelp

Session

Fostering Fearlessness: Working in the Middle of the Day Instead of the Middle of the Night

Fostering Fearlessness: Working in the Middle of the Day Instead of the Middle of the Night
There's no shortage of articles on CI/CD and how to run a configuration validation utility before reloading or restarting a service, but this type of validation is not the same as acceptance testing. Furthermore, these validations don't always give you (or your leadership team) the confidence to allow you to make big changes to your Production Infrastructure during normal business hours, often preferring to err on the side of caution and scheduling a maintenance window when you might prefer to be in bed. Utilizing local network configurations and HAProxy, we've upgraded major versions of PHP—and even HAProxy itself—in the middle of the day with zero downtime, and with zero fear that we were going to interrupt our Production workload for over 100,000 websites. Let's explore some strategies for reclaiming your late nights/early mornings by demonstrating infrastructure reliability and real-world acceptance testing.
Speaker
Michael O'Neill
Michael O'Neill
Principal Infrastructure Software Engineer BoomTown!

Session

HAProxy on 5G Edge: Practical Advice for Load Balancing at the Network Edge

HAProxy on 5G Edge: Practical Advice for Load Balancing at the Network Edge
There’s been a lot of talk about "the network edge" — but what does that really mean in the context of your architecture? With the proliferation of high-speed 5G networks, a whole new world of immersive experiences will be unlocked, but their development could result in unforeseen architectural challenges.This session will review Verizon’s 5G Edge infrastructure that enables developers to deploy compute resources geographically closer to users than ever before, via Wavelength Zones. In this talk, we will explore how you can leverage HAProxy Enterprise on Verizon 5G Edge to enable a highly-available load balancer as part of your mobile edge computing architecture. Moreover, we will demonstrate how Terraform and the HAProxy Data Plane API can be used to automate the deployment of the 5G Edge reference architecture.
Speaker
Robert Belson
Robert Belson
Strategy Analyst Verizon

Session

HAProxy: Pillar of Security at BankSITE

HAProxy: Pillar of Security at BankSITE
BankSITE Services uses HAProxy Enterprise to assist in the mitigation of Web Attacks against our network of Bank websites. HAProxy has become a critical part of BankSITE's security posture and BankSITE continues to add/refine the rules being used to help secure both our sites and network infrastructure.
Speaker
Devin Acosta
Devin Acosta
Security Consultant BankSITE Services

Session

How E Voyageurs SNCF Uses HAProxy as a Security Gate Between the Cloud and On-premises Datacenters

How E Voyageurs SNCF Uses HAProxy as a Security Gate Between the Cloud and On-premises Datacenters
Last year, we at E Voyageurs SNCF launched our migration to the cloud and our journey provided valuable lessons for others on a similar path. Specifically, we will describe how we transitioned our security protocols, including adapting our traditional point-to-point communication and hardware firewalls to a cloud-native approach. We use HAProxy as a Security Gate between the two environments, which allows us to control and audit the interactions with our partners without compromising on the benefits we get from the cloud. We utilize HAProxy's Data Plane API to control and manipulate traffic flows dynamically, and its map files to implement an allowlist system that's synchronized with the firewalls of the network interfaces.In this presentation, we will describe the tools and processes we put in place to dynamically configure HAProxy in the cloud.
Speakers
Antonin Mellier
Antonin Mellier
Cloud Architect E Voyageurs SNCF
Samuel Duvieubourg
Samuel Duvieubourg
Infrastructure Engineer E Voyageurs SNCF

Session

How HAProxy Accelerated Our Migration to the Cloud

How HAProxy Accelerated Our Migration to the Cloud
At TravelAndLeisure, our migration to the cloud meant moving more than 1200 VIPs from F5 to HAProxy. With applications spread across different technologies like Java, Node.js, Windows, and microservices, and load balancing that relied on F5's iRules, we expected the shift to be complex. However, the story we'll share is one of simplicity! How did we accomplish it? Join us to learn how we migrated to the cloud, reduced our costs, integrated monitoring, and gained the ability to detect application issues earlier and take action proactively.
Speaker
Siva Palanivel
Siva Palanivel
Software Engineer TravelAndLeisure

Session

How We Achieved 2-Million RPS: HAProxy on Arm Processors

How We Achieved 2-Million RPS: HAProxy on Arm Processors
Arm brings brilliant people together in a global ecosystem that is sparking the world’s potential. Arm technology enables specialized processing built on the economics, design freedom and accessibility of general-purpose compute that has, so far, led to more than 180 billion chips being shipped by our partners. In this presentation, we will discuss Arm's global ecosystem and highlight HAProxy's achievement of over 2 million forwarded requests per second on AWS's Arm Neoverse-based Graviton2-powered instances, as well as the associated DPbench project created by HAProxy Community Project Lead, Willy Tarreau.
Speakers
Kailas Jawadekar
Kailas Jawadekar
Sr Manager, Software Ecosystem Arm
Nenad Merdanovic
Nenad Merdanovic
Principal Solutions Architect HAProxy Technologies

Keynote

HAProxyConf 2021 Keynote Part II

HAProxyConf 2021 Keynote Part II
In this presentation, Andjelko Iharos, Director of Engineering at HAProxy Technologies, describes how an ecosystem of open-source projects has flourished around the load balancer technology. Developers can extend the load balancer in several ways, such as by building core components, Runtime API integrations, and Data Plane API integrations. This extensibility has led to better community engagement and a wider reach. One project that has gained considerable interest is the Kubernetes Ingress Controller, which is growing in exciting new directions.
Speaker
Andjelko Iharos
Andjelko Iharos
Director of Engineering HAProxy Technologies

Keynote

HAProxyConf 2021 Keynote Part I

HAProxyConf 2021 Keynote Part I
In this talk, Baptiste Assmann, principal solutions architect at HAProxy Technologies, recounts the history of the HAProxy load balancer up to the current day. As the way that teams deliver software has evolved, shifting towards cloud adoption, TLS everywhere, and containerization, HAProxy has adapted to meet those needs. While adhering to its core principles of simplicity, high performance, reliability, observability, and expansibility, features were created that support the dynamic workloads of modern application delivery.
Speaker
Baptiste Assmann
Baptiste Assmann
Principal Solutions Architect HAProxy Technologies

Session

Latest Updates in the HAProxy Data Plane API

Latest Updates in the HAProxy Data Plane API
The HAProxy Data Plane API now has the ability to get backends from AWS tags and Consul, upload SSL certificates, and other features that make it fit into modern configurations. In this presentation we will provide a brief introduction to the HAProxy Data Plane API and cover some of these new features in more depth.
Speaker
Chad Lavoie
Chad Lavoie
Director of Support HAProxy Technologies

Session

Making AI Securely Available to the Masses with HAProxy

Making AI Securely Available to the Masses with HAProxy
Let's face it. The Internet is a scary place with intrusions, scraping, and attacks happening daily. At Modzy, we help developers deploy, manage, and get value from AI at scale, and we use HAProxy to protect our platform and our customers from threats lurking across the Web. In this talk, you will learn how we created a highly available and horizontally scalable HAProxy setup, how we automated our configuration management, and how we use HAProxy as a security buffer between our applications and the outside world.
Speaker
Nathan Mellis
Nathan Mellis
Head of Engineering Modzy

Session

Optimizing HAProxy for Autoscaling: How Dynamic Servers Reduce Reloads While Improving Uptime and Scalability

Optimizing HAProxy for Autoscaling: How Dynamic Servers Reduce Reloads While Improving Uptime and Scalability
This talk will describe a new feature introduced in HAProxy 2.4: dynamic servers. We will cover the goals of this new feature, how it should be used and how it interacts with the environment, and its limitations.
Speakers
Baptiste Assmann
Baptiste Assmann
Principal Solutions Architect HAProxy Technologies
Amaury Denoyelle
Amaury Denoyelle
HAProxy Core Developer HAProxy Technologies

Session

Processing Millions of Payments Through a Cloud-native Infrastructure with HAProxy

Processing Millions of Payments Through a Cloud-native Infrastructure with HAProxy
Processing real-time payments requires reliable and secure infrastructure, and as the daily volume at Form3 is expressed in millions, the stakes are extraordinarily high. At this scale, with customers relying on you for one of the most critical parts of their business, the technologies chosen have to be best-in-class. In this talk, we will share key decisions and how we found HAProxy to be the best match for both the project and Form3's cloud-native ethos. You will learn how HAProxy fits with the plethora of supporting technologies, how we configure HAProxy remotely using its Data Plane API, how we route traffic into our Kubernetes-based Faster Payments gateway, and how we implemented high availability with Keepalived and BGP. Join us as we relive our journey in building a next-generation payment processing platform for some of the UK's biggest banks.
Speakers
Brendan Devenney
Brendan Devenney
Senior Software Engineer Form3 Financial Cloud
Piotr Olchawa
Piotr Olchawa
Senior Software Engineer Form3 Financial Cloud

Session

Using HAProxy Peers for Real-time Quota Tracking

Using HAProxy Peers for Real-time Quota Tracking
At WoltLab, we bill customers of our SaaS offering based on resource usage, which requires meticulous tracking of any request being processed. Although it appeared to be an easy task at first glance, we quickly realized that there is no simple solution that ticks all the boxes: accuracy, reliability, and zero impact on request processing. That was true until we came across HAProxy's "Peers" feature, which allows HAProxy servers to sync data amongst themselves. In this presentation, I will demonstrate the hidden powers of the Peers feature as it has enabled us to connect our HAProxy load balancers to a custom management system that passively receives all stick table updates and accumulates them for billing purposes. I'll explain how we identify different types of requests using ACLs, how we count them using stick tables, and where the magic happens in our management application. We have open-sourced our Peers Protocol implementation, which is written in TypeScript.
Speaker
Tim Düsterhus
Tim Düsterhus
Developer & Cloud Architect WoltLab