Last checked and updated on 10 Jun 2026
What Is New in HAProxy 1.9
HAProxy 1.9 delivers significant enhancements in performance, security, and dynamic configuration. This release focuses on modernizing the data plane with features like HTTP/2 termination and improved SSL/TLS capabilities.
| Category | Key Changes |
|---|---|
| New Features | Native HTTP/2 Support, Dynamic Certificate Updates, Server Queue Priority, DNS SRV Records |
| Performance | Multithreading, Faster SSL/TLS, Improved Connection Handling |
| Observability | Prometheus Native Support, New Stick Table Counters |
| Bug Fixes | Various fixes for HTTP processing, SSL, and connection stability |
How does HTTP/2 support change the game?
HAProxy 1.9 introduces native HTTP/2 termination, allowing it to decode HTTP/2 traffic directly without relying on an external SSL terminator. This simplifies architectures by reducing the number of components needed to handle modern protocols.
In practice, you can now terminate encrypted HTTP/2 connections at the load balancer and communicate with backend servers over HTTP/1.1. This matters because it reduces latency by eliminating the need for a separate HTTP/2 proxy and gives you full visibility into the HTTP/2 traffic flow.
What are the key performance upgrades?
Multithreading is the headline performance feature, enabling HAProxy to utilize multiple CPU cores for processing connections. This dramatically increases throughput on modern multi-core systems.
The SSL/TLS engine was also rewritten for better performance and lower memory usage. Connection handling improvements include better queue management and the new server queue priority feature, which lets you prioritize certain requests when servers are under heavy load.
How is dynamic configuration improved?
Dynamic certificate updates via the set ssl cert command allow you to rotate SSL certificates without restarting the process. This is crucial for maintaining zero-downtime deployments when certificates need to be updated.
DNS SRV record support enables more sophisticated service discovery patterns, particularly useful in containerized environments where backend endpoints change frequently. The runtime API was expanded to give more control over the process while it's running.
What monitoring enhancements were added?
Native Prometheus support means HAProxy can now export metrics in Prometheus format without needing external converters. This makes it much easier to integrate with modern monitoring stacks built around Prometheus and Grafana.
New stick table counters provide better visibility into tracking and persistence patterns. The expanded metrics give deeper insight into queue times, connection rates, and SSL statistics, which helps with troubleshooting performance issues.
FAQ
Does HTTP/2 support work for both frontend and backend connections?
In HAProxy 1.9, HTTP/2 is supported only on the frontend side for termination. Backend connections to servers still use HTTP/1.1, but this allows you to modernize your client-facing infrastructure immediately.
How do I enable multithreading in HAProxy 1.9?
Add nbthread directive in your global section specifying the number of threads. You'll also need to configure bind lines with process affinity to distribute load across threads effectively.
Can I update SSL certificates without any downtime?
Yes, use the runtime API command set ssl cert <filename.pem> <newcert.pem> to update certificates on the fly. The change takes effect immediately for new connections without restarting the process.
What's the benefit of server queue priority?
This feature lets you prioritize certain requests when servers are overloaded. You can ensure critical requests get through first instead of being stuck behind a queue of less important traffic.
Does Prometheus integration replace the existing stats page?
No, it complements it. The traditional stats page remains available while Prometheus metrics are exposed on a separate endpoint for scraping by Prometheus servers.