HAProxy shares how you can use stick tables for server persistence, threat detection, and collecting metrics

0
2770
2 min read

Yesterday, HAProxy published an article discussing stick tables, an in-memory storage. Introduced in 2010, it allows you to track client activities across requests, enables server persistence, and collects real-time metrics. It is supported in both the HAProxy Community and Enterprise Edition.

You can think of stick tables as a type of key-value store. The key here represents what you track across requests, such as a client IP, and the values are the counters that, for the most part, HAProxy takes care of calculating for you.

What are the common use cases of stick tables?

StackExchange realized that along with its core functionality, server persistence, stick tables can also be used for many other scenarios. They sponsored its developments and now stick tables have become an incredibly powerful subsystem within HAProxy.

Stick tables can be used in many scenarios; however, its main uses include:


Server persistence

Stick tables were originally introduced to solve the problem of server persistence. HTTP requests are stateless by design because each request is executed independently, without any knowledge of the requests that were executed before it.

These tables can be used to store a piece of information, such as an IP address, cookie, or range of bytes in the request body, and associate it with a server. Next time when HAProxy sees new connections using the same piece of information, it will forward the request on to the same server. This way it can help in tracking user activities between one request and add a mechanism for storing events and categorizing them by client IP or other keys.

Bot detection

We can use stick tables to defend against certain types of bot threats. It finds its application in preventing request floods, login brute force attacks, vulnerability scanners, web scrapers, slow loris attacks, and many more.

Collecting metrics

With stick tables, you can collect metrics to understand what is going on in HAProxy, without enabling logging and having to parse the logs. In this scenario Runtime API is used, which can read and analyze stick table data from the command line, a custom script or executable program. You can visualize this data using any dashboard of your choice. You can also use the fully-loaded dashboard, which comes with HAProxy Enterprise Edition for visualizing stick table data.

These were a few of the use cases where stick tables can be used. To get a clear understanding of stick tables and how they are used, check out the post by HAProxy.

Update: Earlier the article said, “Yesterday (September 2018), HAProxy announced that they are introducing stick tables.” This was incorrect as pointed out by a reader, stick tables have been around since 2010. The article is now updated to reflect the same.   

Read Next

Use App Metrics to analyze HTTP traffic, errors & network performance of a .NET Core app [Tutorial]

How to create a standard Java HTTP Client in ElasticSearch

Why is everyone going crazy over WebAssembly?