Hi PiBa-NL,
I just found the difference - there is none - I simplified and
"anonimized" the configuration before posting it and I did not recognize
that the frontend NGINX servers are also listening on different ports
hosting different application code.
An example:
listen application80 0.0.0.0:80
balance roundrobin
option forwardfor
option httplog
monitor-uri /haproxymon
option httpchk GET /index.html HTTP/1.1\r\nHost:\
monitoring\r\nConnection:\ close
http-check expect string Welcome
#option accept-invalid-http-response
acl site_dead nbsrv lt 2
monitor fail if site_dead
server frontend01.xxx 10.10.20.72:80 check
server frontend02.xxx 10.10.20.73:80 check
server frontend03.xxx 10.10.20.74:80 check
server frontend04.xxx 10.10.20.75:80 check
listen application8078 0.0.0.0:8078
balance roundrobin
option forwardfor
option httplog
monitor-uri /haproxymon
option httpchk GET /index.html HTTP/1.1\r\nHost:\
monitoring\r\nConnection:\ close
http-check expect string Welcome
#option accept-invalid-http-response
acl site_dead nbsrv lt 2
monitor fail if site_dead
server frontend01.xxx 10.10.20.72:8078 check
server frontend02.xxx 10.10.20.73:8078 check
server frontend03.xxx 10.10.20.74:8078 check
server frontend04.xxx 10.10.20.75:8078 check
Sorry and thank you for help!
Regards,
Florian
On 20.01.2014 09:24, Florian Engelmann wrote:
Hi PiBa-NL,
Only advice i have left is to configure a 'stats' listen section and
syslogs.
I did this and I was not able to see any difference.
Besides that you should try and perform some tcpdump/wireshark traffic
capturing to see what kind of traffic / headers / content is passing
along. As i'm not aware of any differences between frontend/backend and
listen sections besides the obvious. And to me it seems like the changes
in default section and frontends backends should result in the same
behavior.. Using the traffic dump you could then try to compare those
and spot any differences..
Good point - I will try to do so and record some traffic for analysis.
b.t.w. are you replacing the config on the same machine and then
testing? Or is 1 running production and the other is under a
test.domain.name? Maybe the backend sends a different reply if the
request Host header is different..?
I replaced the config in production till the error was reported by the
customer. After that I set up a test KVM to reproduce the error.
Greetings,
Florian
Greets PiBa-NL
Florian Engelmann schreef op 17-1-2014 13:43:
Hi PiBa-NL,
Found a a minor difference, not sure if it is the issue.?
- The 9000 backend checks up.php versus check.php.
- Also I don't think http-send-name-header does anything in 'tcp
mode'..
If thats not it, maybe someone else has a clue. :)
p.s. You might want to configure a stats page to see if servers are
properly checked as 'up' by haproxy.
Greets PiBa-NL
thank you for your feedback! Sorry that was my fault - both do use
check.php - the up.php is an old one. Just a copy&paste error.
I still have no idea what makes the difference. I was not able to find
a chapter in the HAProxy documentation describing the difference of
listen vs. frontend/backend. Does any article about that topic exist?
I am really interested in understanding this issue. I do not know what
the application exactly does but all I know is - it does only work if
I use the "listen" configuration.
Regards,
Florian
Florian Engelmann schreef op 16-1-2014 12:29:
Hi,
I got two configurations the should do the same. One is based on a
frontend/backend layout the second does it with just listen. The
listen configuratiuon is working fine but the fontend/backend causes a
problem on the backend. It looks like some request string is missing
because the customer application is not able to resolve some lookup
which seems to be header related. Is anybody able to tell me whats the
difference in these two configurations?
========================================
global
log /dev/log local6
#log /dev/log local6 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
maxconn 50000
stats socket /var/run/haproxy.sock mode 600 level admin
stats timeout 2m
defaults
log global
mode http
option dontlognull
option dontlog-normal
retries 2
option redispatch
timeout connect 5000
timeout client 50000
timeout server 120000
timeout http-request 5000
timeout http-keep-alive 5000
option http-server-close
http-check disable-on-404
http-send-name-header X-Target-Server
default-server minconn 1024 maxconn 4096
monitor-net 192.168.xxx.xxx/32
listen application9000 0.0.0.0:9000
balance leastconn
mode tcp
option tcplog
option httpchk GET /check.php HTTP/1.0
http-check expect string Hello World
server xcmsphp01.xxx 10.0.4.4:9000 check port 80
server xcmsphp02.xxx 10.0.4.7:9000 check port 80
server xcmsphp03.xxx 10.0.4.3:9000 check port 80
listen application80 0.0.0.0:80
balance roundrobin
option forwardfor
option httplog
monitor-uri /haproxymon
option httpchk GET /index.html HTTP/1.1\r\nHost:\
monitoring\r\nConnection:\ close
http-check expect string Welcome home
acl site_dead nbsrv lt 2
monitor fail if site_dead
server xcmsfrontend01.xxx 10.2.2.1:80 check
server xcmsfrontend02.xxx 10.2.2.2:80 check
========================================
global
log /dev/log local6
#log /dev/log local6 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
maxconn 50000
stats socket /var/run/haproxy.sock mode 600 level admin
stats timeout 2m
defaults
log global
mode http
option dontlognull
option dontlog-normal
retries 2
option redispatch
timeout connect 5000
timeout client 50000
timeout server 120000
timeout http-request 5000
timeout http-keep-alive 5000
default-server minconn 1024 maxconn 4096
monitor-net 192.168.xxx.xxx/32
frontend http-in
bind *:80
option http-server-close
option forwardfor
option httplog
monitor-uri /haproxymon
acl site_dead nbsrv(http-out) lt 2
monitor fail if site_dead
default_backend http-out
backend http-out
balance roundrobin
http-send-name-header X-Target-Server
option forwardfor
option http-server-close
#option accept-invalid-http-response
http-check disable-on-404
option httpchk GET /index.html HTTP/1.1\r\nHost:\
monitoring\r\nConnection:\ close
http-check expect string Welcome home
server xcmsfrontend01.xxx 10.2.2.1:80 check
server xcmsfrontend02.xxx 10.2.2.2:80 check
frontend php-in
bind *:9000
mode tcp
option tcplog
http-send-name-header X-Target-Server
Wont work in tcpmode
default_backend php-out
backend php-out
balance leastconn
mode tcp
option tcplog
http-send-name-header X-Target-Server
Wont work for tcp mode.
option httpchk GET /up.php HTTP/1.0
Should this be "check.php" v.s. "up.php"?
http-check expect string Hello World
server xcmsphp01.xxx 10.0.4.4:9000 check port 80
server xcmsphp02.xxx 10.0.4.7:9000 check port 80
server xcmsphp03.xxx 10.0.4.3:9000 check port 80
========================
Regards,
Florian
--
EveryWare AG
Florian Engelmann
Systems Engineer
Zurlindenstrasse 52a
CH-8003 Zürich
tel: +41 44 466 60 00
fax: +41 44 466 60 10
mail: mailto:florian.engelm...@everyware.ch
web: http://www.everyware.ch