Effortless and Efficient—A Joy to Use
What do you like best about the product?
Ease and efficiency of the product Haptocy
What do you dislike about the product?
Nothing. We have not faced any problem with it
What problems is the product solving and how is that benefiting you?
Eases complexity of the network config
Excellent Bidirectional Auth tool
What do you like best about the product?
Two bidirectional used for auth and setti g
What do you dislike about the product?
Integration with external tools. Requires little work to define the process
What problems is the product solving and how is that benefiting you?
Proxy
Effortless to Use and Deploy with Excellent Open Source Support
What do you like best about the product?
Ease of use, deployment and support for open source
What do you dislike about the product?
Need enterprise version for any real use cases for the bank
What problems is the product solving and how is that benefiting you?
Load balancing
API management
Absolutely Amazing Experience
What do you like best about the product?
It’s amazing to see how the product supports TCP protocols
What do you dislike about the product?
Nothing much that I can tell at the moment
What problems is the product solving and how is that benefiting you?
Using in our OCP platform
Outstanding Performance and Efficiency with Excellent Observability
What do you like best about the product?
Performance and efficiency, observability
What do you dislike about the product?
Steep learning curve and complex config management
What problems is the product solving and how is that benefiting you?
Load balancing and high availability
Customizable and Efficient Load Balancing
What do you like best about the product?
I appreciate the custom configurations available in HAProxy, which allow me to add unique settings compared to other solutions. This ability to customize is particularly valuable as it enables adaptations that align closely with the specific needs of my setup. Even though the configurations can be advanced and somewhat complex, they provide a significant advantage in tailoring HAProxy to fit the organizational requirements. This customization capacity makes HAProxy a versatile and powerful tool in my work context.
What do you dislike about the product?
No point fir now
What problems is the product solving and how is that benefiting you?
HAProxy helps select and direct requests to the proper node, improving control and traffic management across multiple databases.
Configuration-Driven Simplicity Makes It a Breeze
What do you like best about the product?
The product is primarily configuration-driven, which makes it straightforward and user-friendly.
What do you dislike about the product?
There isn't anything that comes to mind that I dislike.
What problems is the product solving and how is that benefiting you?
We use it in front of our monolith clusters to route traffic between canary VMs and production VMs.
Supports flexible traffic routing and handles high request volumes with minimal overhead
What is our primary use case?
My main use case for HAProxy is as the Ingress controller for all my workloads sitting in Kubernetes, where anything entering from the public internet has to hit HAProxy first. HAProxy makes the weighted routing for blue-green deployments and also some sort of request and header-based routing to different environments and different applications or microservices in the Kubernetes clusters.
I used HAProxy mostly with the initial 1.5 or 1.6 Kubernetes clusters where it was the only solution compatible with NGINX, which I used for Kubernetes workloads and also for the monolithic architecture where the traffic comes from the external world, and we want to have a similar kind of configuration with a load balancer in place. I use the same HAProxy open source for on-premises to maintain similar toolsets, one from the commercial variant for the cloud and one for the on-premises variant.
A unique use case I would highlight is that initially, most API gateways or reverse proxies did not support all the functionalities we expect from an API gateway. For example, we needed rate limiting functionality not just on IP addresses but on a mix of multiple headers and content manipulations. I used HAProxy for rate limiting and integrated it with ModSecurity, our homegrown tool from open source, which we wanted to inline with HAProxy. Eventually, HAProxy introduced WAF functionality for web application filtering, where we configured certain rules for acceptance and content enrichment, ensuring that X-Forwarded-For requests were sent to downstream applications for visibility and effective issue triage. We wrote some plugins for HAProxy and received significant help from the HAProxy team to empower our WAF use cases over time.
What is most valuable?
In my experience, the best feature of HAProxy is its load balancing capabilities, as it provides various algorithms, stickiness, and configurations. I have extensively used HAProxy along with NGINX over the years and found its load balancing feature to stand out. Configuration management is easy once you are familiar with deploying it, but it is not flexible enough to allow complete configuration from the UI. I have not used HAProxy in the last three to four years, but previously, its UI perspective was lacking, requiring manual adjustments. Though configuration management is not a primary focus, load balancing definitely stands out in terms of feature set. Flexibility-wise, we centralized multiple environments with a single HAProxy deployment, and its ability to handle billions of events amazed me. However, while security features have replaced WAF functionality, they are limited for smaller organizations that do not need dedicated load balancers or WAF capabilities. Built-in capabilities provide a core advantage from a cost perspective, especially for those starting out, and I recommend exploring Terraform or Ansible for configuration management, though it is still in an outdated style.
HAProxy positively impacted our organization by exceeding scalability expectations, initially projected at 200k requests but ultimately handling over 15 million transactions per second without any issues. We assume it can handle beyond 1 billion transactions per second since we encountered no performance hiccups. In terms of reliability, we have not experienced significant issues, though reliability concerns can arise during configuration management reloads. Cost savings are notable for startups needing minimal feature sets across WAF, API gateway, and load balancer functions, making HAProxy a cost-effective foundational tool that can save more than $100k per year for users.
What needs improvement?
One needed feature for HAProxy is a more robust API Gateway, which still has limitations despite many validations for Kubernetes, especially around ease of use and persona-based designs for different user roles. The existing functionalities around load balancing do not focus enough on security or configuration management aspects. The reloading functionality is effective as it allows soft reloads without interrupting traffic patterns, but configuration management should improve significantly, especially concerning UI and GitOps principles for easier management. While RBAC is implemented, it is not sufficiently granular for controlling access privileges, which should improve over time for managing distinct features.
A significant area for improvement in HAProxy is its tenancy model; managing multiple environments can be challenging, especially with mergers, acquisitions, or domain changes. It lacks centralized management capabilities for uniform configuration templates across regions. The tool should allow smooth version transitions and facilitate zero-touch deployments to streamline operations.
Enhancements in tooling and integration with technologies like eBPF are crucial for HAProxy. The customer support aspect also requires improvement, as their SLA responses are often not immediate enough for users who depend on HAProxy as a primary tool. Documentation can be better, particularly regarding configuration templates and best practices that fit diverse requirements.
For how long have I used the solution?
I have been using HAProxy for almost four to five years during my career at Arista Networks and some portion at the Zeta as well, especially for the Kubernetes workload deployments from the marketplace.
What do I think about the stability of the solution?
HAProxy is generally stable in my experience, though issues can arise during configuration management when changes are necessary.
What do I think about the scalability of the solution?
For scalability, HAProxy meets my needs, supporting our initial horizontal scaling and then adapting to vertical scaling in a VMware environment, utilizing Horizontal Pod Autoscaler (HPA) for Kubernetes and Vertical Pod Autoscaler (VPA) for the VM deployments.
How are customer service and support?
My interactions with HAProxy's customer support were limited, but the feedback from my team indicated satisfactory service; however, SLAs were longer than our expectations.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Before HAProxy, I initially used NGINX and switched due to scaling and reliability needs, finding HAProxy more maintainable and user-friendly with better documentation.
How was the initial setup?
We purchased HAProxy via the AWS Marketplace, deploying it with our own methods using the provided Helm charts.
What was our ROI?
I estimate seeing a return on investment with HAProxy, as it significantly reduced staff requirements and enhanced scaling capabilities, particularly when transitioning from NGINX, which faced issues. Although HAProxy simplified the transition to Kubernetes, operational differences remained minimal over time.
What's my experience with pricing, setup cost, and licensing?
My experience with HAProxy's pricing was positive, though I do not remember the exact figures as it was a few years ago. The pricing remains competitive compared to other vendors, and the service is somewhat aligned with recent tooling developments, although pricing structures may require re-evaluation for future offerings.
Which other solutions did I evaluate?
I considered NGINX during my selection process and also looked into Kong, which I find to be a robust API gateway with better functionality alongside Envoy.
What other advice do I have?
We measured transaction rates and cost savings by comparing alternatives like dedicated tools for WAF, such as Cloudflare WAF or AWS WAF, noting their costs and estimating a 30% to 40% saving. We evaluated metrics with Prometheus, analyzed through Grafana, and created custom metrics that confirmed our handling of requests without any performance issues during our scale-up period. Cost-wise, we determined HAProxy was a tool that could replace WAF, load balancer, and reverse proxy capabilities in a unified solution.
I would rate HAProxy an eight out of ten because of concerns around configuration management, the need for better management of multiple environments, a single source of truth, UI enhancements, and the potential for more frequent updates and support. Once these areas are improved, HAProxy could easily become a nine or ten out of ten.
My advice to new users is to pre-plan their intended feature use, clearly define limitations, and understand compatibility to avoid scalability issues. It is also crucial to benchmark in real-time environments. Overall, HAProxy is a great product; thorough evaluation is important to ensure that it meets user expectations before fully committing.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Outstanding Performance and Excellent Support in an Open-Source Load Balancer
What do you like best about the product?
This open-source load balancer offers outstanding performance and comes with excellent support.
What do you dislike about the product?
One small suggestion I have is that it would be helpful if the configuration were available in a standardized format. This would make it much easier to create templates or automate the generation process.
What problems is the product solving and how is that benefiting you?
This is a highly scalable and efficient load balancer that offers a wide range of powerful features. Additionally, the WAF performs exceptionally well.
