We recently attended the inaugural HAProxy Conference in Amsterdam. Loadbalancer.org are proud to be part of the HAProxy community and we were glad to be involved with the event. It was an opportunity to hear a range of speakers discuss their use of HAProxy, often in interesting ways.
Willy Tarreau, original author and lead maintainer of HAProxy, opened with his keynote on HAProxy 2.0 and beyond. Simplicity was the watchword. Simplicity for performance: ensuring HAProxy runs at full speed out of the box, even when using a default or minimal configuration. They achieved this with sensible default values and performance settings, taking the onus away from the end user having to know what special settings to configure. Simplicity for security: end-to-end and hassle free HTTP/2 encryption, layer 7 retries, and dynamic SSL certificate updates. Making HAProxy simpler reduces the learning curve and decreases the probability of human error introducing security issues through bad configuration!
Traffic shadowing was an exciting new feature, providing the ability to mirror a proportion of traffic and send it to another environment, such as a testing deployment. Other improvements included easier HAProxy core dumps for debugging and end-to-end support for the TCP Fast Open extension.
Many speakers described using Kubernetes in some fashion. The technology's popularity had led to the proprietary HAProxy Kubernetes Ingress Controller being written by HAProxy Technologies, the commercial arm of HAProxy.
A common theme was the move away from vertical scaling, i.e. buying ever bigger, increasingly expensive hardware load balancers (F5 were mentioned many times), to horizontal scaling, using HAProxy and other free & open source software on commodity hardware.
It was cool to see a lot of love for IPVS, the layer 4, Linux kernel based load balancer, a.k.a. LVS. Many speakers described using it near the edge of a multi-tiered load balancing deployment, with HAProxy nodes sitting underneath one or more IPVS nodes. Of particular interest was GitHub's solution which made use of GUE based tunnelling, an emerging draft encapsulation scheme that I will definitely explore and discuss in a future blog!
To conclude, there were lots of cool technologies and ideas presented. I came away with confidence that we've backed the right horses here at Loadbalancer.org: our load balancer combines both HAProxy and IPVS which still remains a killer combo, and one that's used by some of the world's biggest companies.
We're looking forward to returning for HAProxy Conference 2020!