Installing and configuring HAProxy

To configure and install HAProxy, the server administrator account must have superuser privileges.

We do not recommend installing the HAProxy load balancer on the same server as the application because HAProxy and Kaspersky Web Traffic Security use the same port (1344) for interaction with other LAN servers.

To install and configure HAProxy:

1. If the server uses a firewall, open port 1344:
2. On the server that you want to use for ICAP balancing, install the HAProxy package. To do so, run one of the following commands depending on the utilized operating system:
   • CentOS Red Hat Enterprise Linux, Rocky Linux, RED OS:

     yum install haproxy

   • SUSE Linux Enterprise Server:

     zypper install haproxy

   • Ubuntu and Debian:

     apt-get install haproxy

3. On the server that you want to use for ICAP balancing, add the following blocks of settings to the /etc/haproxy/haproxy.cfg file:

   frontend ICAP

   bind 0.0.0.0:1344

   mode tcp

   default_backend icap_pool

   backend icap_pool

   balance <balancing scheme, roundrobin is recommended>

   mode tcp

   server <name of ICAP server 1> <IP address of cluster node>:<ICAP server port> check

   server <name of ICAP server 2> <IP address of cluster node>:<ICAP server port> check

   server <name of ICAP server 3> <IP address of cluster node>:<ICAP server port> check

4. On the server that you want to use for ICAP balancing, restart the HAProxy service. To do so, execute the command:

   service haproxy restart

The HAProxy load balancer will be configured.

Page top