What is HAProxy and what is not ?

HAProxy
Free, very fast and reliable solution for :

• HA (High Availability)
• Load balancing - suited for very high traffic web sites
• Proxying

It can load balance any TCP service, particularly suited for HTTP as it supports session persistence and layer 7 processing.

Usage

• De-facto standard
• Open source
• Shipped with most mainstream Linux distributions
• Often deployed by default in cloud platforms

HAProxy is :

• TCP Proxy 
• Accept a TCP connection from a listening socket, connect to a server.
• Allows traffic in both directions
• HTTP RP
• Also called Gateway
• As a server, receives HTTP requests and passes the requests to servers

• Server load balancer
  It can load balance TCP connections and HTTP requests
• TCP mode : Load balancing decisions are taken for the whole connection.
• HTTP mode : Decisions are taken per request.

•  Content-based switch 
• Any element from the request can decide what server to pass the request or connection to. 
• Makes possible to handle multiple protocols over a same port (eg: http, https, ssh)

• SSL terminator / initiator / offloader
• SSL/TLS may be used on the connection coming from the client / to the server / both side

• TCP normalizer 
• Protects abnormal traffic - invalid packets, flag combinations, window advertisements, sequence numbers, incomplete connections (SYN floods)
  

• HTTP normalizer
• When configured to process HTTP traffic, only valid complete requests are passed.
• protects against a lot of protocol-based attacks

• HTTP fixing tool
• can modify / fix / add / remove / rewrite the URL or any request or response header
• helps fixing interoperability issues in complex environments

• Traffic regulator
• can apply some thresholds, which protects the servers against overloading
• adjust traffic priorities based on the contents

• A protection against DDoS and service abuse
• Detect when an abuse is happening, then take action (slow down the offenders, block them, send them to outdated contents, etc).

• HTTP compression offloader
• It can compress responses which were not compressed by the server, thus reducing the page load time for clients with poor connectivity or using high-latency, mobile networks.

HAProxy is not :

• Explicit HTTP proxy
  proxy that browsers use to reach the internet. Like, Squid

• Caching proxy
  returns as-is the contents its received from the server. Like, Varnish

• Data scrubber
  It will not modify the body of requests nor responses.

• Web server
  During startup, it isolates itself inside a chroot jail and drops its privileges, so that it will not perform any single file-system access once started.
  So, it cannot be turned into a web server. Like, Apache or Nginx

• Packet-based LB
  It will not see IP packets nor UDP datagrams and will not perform NAT or even less DSR. Like, IPVS (Linux Virtual Server)