It sounds like that Jeff ran out of CPU for SSL terminations and that could be addressed as described by Willy here
https://www.mail-archive.com/haproxy@formilux.org/msg13104.html and allow him to stay with a single-process stick table for the actual load balancing. -Bryan On Fri, May 2, 2014 at 10:23 AM, Willy Tarreau <w...@1wt.eu> wrote: > hi, > > On Fri, May 02, 2014 at 11:11:39AM -0600, Jeff Zellner wrote: > > Well, I thought wrong -- I see that peered sticky tables absolutely > > don't work with multiple processes, and sticky rules give a warning. > > > > Would that be a feature on the roadmap? I can see that it's probably > > pretty non-trivial -- but would be super useful, at least for us. > > Yes that's clearly on the roadmap. In order of fixing/improvements, > here's what I'd like to see : > - peers work fine when only one process uses them > - have the ability to run with explicit peers per process : if you > "just" have to declare as many peers sections as processes, it's > better than nothing. > - have stick-table (and peers) work in multi-process mode with a > shared memory system like we do with SSL contexts. > > Currently the issue is that all processes try to connect to the remote > and present the same peer name, resulting in the previous connection to > be dropped. And incoming connections will only feed one process and not > the other ones. > > I'd like to be able to do at least #1 for the release, I do think it's > doable, because I attempted it 18 months ago and ended up in a complex > corner case of inter-proxy dependence calculation, to only realize that > we didn't need to have haproxy automatically deduce everything, just let > it do what the user wants, and document the limits. > > Regards, > Willy > > >
