This talk explores how Cloudflare uses HAProxy for health checks, load balancing and reading traffic among nodes set up with Postgres streaming replication in hot standby mode. Cloudflare operates multiple Postgres Clusters across four data centers, and all of these clusters are made up of six nodes.
During a primary failure, Cloudflare’s high availability system promotes a replica to become a primary, and HAProxy makes sure there is no write traffic between two primaries to avoid a split-brain scenario.
The presentation also explores how HAProxy helps improve Cloudflare’s security by encrypting traffic between data centers using SSL, ensuring no traffic across data centers is clear text.
Slides for the presentation
Recordings of the presentation
Link from HAProxy website
Blog on Cloudflare about performance isolation