Our Ingress Controller brings HAProxy to Kubernetes where the controller reacts to Kubernetes events and generates HAProxy configuration based on user input. This input can be provided in different ways: annotations, static files, custom resources. In this presentation, we will go through the details of each input type and compare it with other types.
A typical SD-WAN solution consists of multiple components for management plane, control plane and data plane. Proxy services are required for data plane endpoints to communicate with OAM components across multiple underlay networks or routing domains. Separation of traffic across multiple routing domains is key to support a multi-tenant solution with multiple underlay networks. High availability and security is paramount requirement for communication between the external (WAN) and internal (management LAN). This talk describes how HAProxy is used in the Nuage's SD-WAN solution to provide a secure HA mechanism to provide the communication across the internal and external SD-WAN components. We will discuss how the scalable load-balancing capability of HAProxy can be used to support additional value-added services for SD-WAN and how HAProxy monitoring capabilities can be used to provide a health monitoring system for the OAM services.
At Yelp, a platform that connects tens of millions of people with tens of millions of great local businesses, we use HAProxy to load balance our traffic, block bots, and enable smart routing. Many of the features are powered by plugins written in Rust and Lua. In this presentation, I will describe how we extend HAProxy with the Rust programming language and HAProxy's Lua API, benefiting from Rust's features such as code and memory safety, speed, and even non-blocking access to file operations.
There's no shortage of articles on CI/CD and how to run a configuration validation utility before reloading or restarting a service, but this type of validation is not the same as acceptance testing. Furthermore, these validations don't always give you (or your leadership team) the confidence to allow you to make big changes to your Production Infrastructure during normal business hours, often preferring to err on the side of caution and scheduling a maintenance window when you might prefer to be in bed. Utilizing local network configurations and HAProxy, we've upgraded major versions of PHP—and even HAProxy itself—in the middle of the day with zero downtime, and with zero fear that we were going to interrupt our Production workload for over 100,000 websites. Let's explore some strategies for reclaiming your late nights/early mornings by demonstrating infrastructure reliability and real-world acceptance testing.
Principal Infrastructure Software EngineerBoomTown!
There’s been a lot of talk about "the network edge" — but what does that really mean in the context of your architecture? With the proliferation of high-speed 5G networks, a whole new world of immersive experiences will be unlocked, but their development could result in unforeseen architectural challenges.This session will review Verizon’s 5G Edge infrastructure that enables developers to deploy compute resources geographically closer to users than ever before, via Wavelength Zones. In this talk, we will explore how you can leverage HAProxy Enterprise on Verizon 5G Edge to enable a highly-available load balancer as part of your mobile edge computing architecture. Moreover, we will demonstrate how Terraform and the HAProxy Data Plane API can be used to automate the deployment of the 5G Edge reference architecture.
BankSITE Services uses HAProxy Enterprise to assist in the mitigation of Web Attacks against our network of Bank websites. HAProxy has become a critical part of BankSITE's security posture and BankSITE continues to add/refine the rules being used to help secure both our sites and network infrastructure.
Last year, we at E Voyageurs SNCF launched our migration to the cloud and our journey provided valuable lessons for others on a similar path. Specifically, we will describe how we transitioned our security protocols, including adapting our traditional point-to-point communication and hardware firewalls to a cloud-native approach. We use HAProxy as a Security Gate between the two environments, which allows us to control and audit the interactions with our partners without compromising on the benefits we get from the cloud. We utilize HAProxy's Data Plane API to control and manipulate traffic flows dynamically, and its map files to implement an allowlist system that's synchronized with the firewalls of the network interfaces.In this presentation, we will describe the tools and processes we put in place to dynamically configure HAProxy in the cloud.
At TravelAndLeisure, our migration to the cloud meant moving more than 1200 VIPs from F5 to HAProxy. With applications spread across different technologies like Java, Node.js, Windows, and microservices, and load balancing that relied on F5's iRules, we expected the shift to be complex. However, the story we'll share is one of simplicity! How did we accomplish it? Join us to learn how we migrated to the cloud, reduced our costs, integrated monitoring, and gained the ability to detect application issues earlier and take action proactively.
Arm brings brilliant people together in a global ecosystem that is sparking the world’s potential. Arm technology enables specialized processing built on the economics, design freedom and accessibility of general-purpose compute that has, so far, led to more than 180 billion chips being shipped by our partners. In this presentation, we will discuss Arm's global ecosystem and highlight HAProxy's achievement of over 2 million forwarded requests per second on AWS's Arm Neoverse-based Graviton2-powered instances, as well as the associated DPbench project created by HAProxy Community Project Lead, Willy Tarreau.
In this presentation, Andjelko Iharos, Director of Engineering at HAProxy Technologies, describes how an ecosystem of open-source projects has flourished around the load balancer technology. Developers can extend the load balancer in several ways, such as by building core components, Runtime API integrations, and Data Plane API integrations. This extensibility has led to better community engagement and a wider reach. One project that has gained considerable interest is the Kubernetes Ingress Controller, which is growing in exciting new directions.
In this talk, Baptiste Assmann, principal solutions architect at HAProxy Technologies, recounts the history of the HAProxy load balancer up to the current day. As the way that teams deliver software has evolved, shifting towards cloud adoption, TLS everywhere, and containerization, HAProxy has adapted to meet those needs. While adhering to its core principles of simplicity, high performance, reliability, observability, and expansibility, features were created that support the dynamic workloads of modern application delivery.
The HAProxy Data Plane API now has the ability to get backends from AWS tags and Consul, upload SSL certificates, and other features that make it fit into modern configurations. In this presentation we will provide a brief introduction to the HAProxy Data Plane API and cover some of these new features in more depth.
Let's face it. The Internet is a scary place with intrusions, scraping, and attacks happening daily. At Modzy, we help developers deploy, manage, and get value from AI at scale, and we use HAProxy to protect our platform and our customers from threats lurking across the Web. In this talk, you will learn how we created a highly available and horizontally scalable HAProxy setup, how we automated our configuration management, and how we use HAProxy as a security buffer between our applications and the outside world.
This talk will describe a new feature introduced in HAProxy 2.4: dynamic servers. We will cover the goals of this new feature, how it should be used and how it interacts with the environment, and its limitations.
Processing real-time payments requires reliable and secure infrastructure, and as the daily volume at Form3 is expressed in millions, the stakes are extraordinarily high. At this scale, with customers relying on you for one of the most critical parts of their business, the technologies chosen have to be best-in-class. In this talk, we will share key decisions and how we found HAProxy to be the best match for both the project and Form3's cloud-native ethos. You will learn how HAProxy fits with the plethora of supporting technologies, how we configure HAProxy remotely using its Data Plane API, how we route traffic into our Kubernetes-based Faster Payments gateway, and how we implemented high availability with Keepalived and BGP. Join us as we relive our journey in building a next-generation payment processing platform for some of the UK's biggest banks.
At WoltLab, we bill customers of our SaaS offering based on resource usage, which requires meticulous tracking of any request being processed. Although it appeared to be an easy task at first glance, we quickly realized that there is no simple solution that ticks all the boxes: accuracy, reliability, and zero impact on request processing. That was true until we came across HAProxy's "Peers" feature, which allows HAProxy servers to sync data amongst themselves. In this presentation, I will demonstrate the hidden powers of the Peers feature as it has enabled us to connect our HAProxy load balancers to a custom management system that passively receives all stick table updates and accumulates them for billing purposes. I'll explain how we identify different types of requests using ACLs, how we count them using stick tables, and where the magic happens in our management application. We have open-sourced our Peers Protocol implementation, which is written in TypeScript.