Hoi again, I am trying to squeeze the most out of my CPUs but I ran into the problem with stats sockets and multiple processes, see below
Starting haproxy: [WARNING] 186/183809 (33970) : Proxy 'haproxy': in
multi-process mode, stats will be limited to process assigned to the
current request.
[WARNING] 186/183809 (33970) : Proxy 'haproxy2': in multi-process mode,
stats will be limited to process assigned to the current request.
[WARNING] 186/183809 (33970) : stats socket will not work as expected in
multi-process mode (nbproc > 1), you should force process binding
globally using 'stats bind-process' or per socket using the 'process'
attribute.
CPU topology on box is the typical you find on a HP Gen 8 Blade[1]
My idea is to have 12 CPUs for 1st front-end and the rest 12 CPUs for
2nd front-end. I did the cpu-maping[2] in a chance way that CPU
utilization for each front-end goes to different physical CPU, I have 2
physical CPUs and each have 2 cores, plus hyper-threading.
It works and I can get up to 34K transactions/sec as reported by siege,
I am quite happy with that. But the statistics are not correct. The
stats pages reports 1/12th of sessions.
Any ideas what I am doing wrong (again):-)
Cheers,
Pavlos
[1]
CPU 0 CORE 0
CPU 1 CORE 0
CPU 2 CORE 0
CPU 3 CORE 0
CPU 4 CORE 0
CPU 5 CORE 0
CPU 6 CORE 1
CPU 7 CORE 1
CPU 8 CORE 1
CPU 9 CORE 1
CPU 10 CORE 1
CPU 11 CORE 1
CPU 12 CORE 0
CPU 13 CORE 0
CPU 14 CORE 0
CPU 15 CORE 0
CPU 16 CORE 0
CPU 17 CORE 0
CPU 18 CORE 1
CPU 19 CORE 1
CPU 20 CORE 1
CPU 21 CORE 1
CPU 22 CORE 1
CPU 23 CORE 1
[2]
global
log 127.0.0.1 local2 notice
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 100000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats uid 0 gid 0 mode 0440 level
admin process odd
stats socket /var/lib/haproxy/stats2 uid 0 gid 0 mode 0440 level
admin process even
# 24 Processes
nbproc 24
# Make sure we are on the same physical CPU core
cpu-map odd 0-5 12-17
cpu-map even 6-11 18-23
# Don't verify servers certificates.
ssl-server-verify none
tune.ssl.default-dh-param 2048
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option contstats
option tcplog
option dontlognull
option tcp-smart-accept
option tcp-smart-connect
option http-keep-alive
option redispatch
balance roundrobin
timeout http-request 15s
timeout http-keep-alive 15s
retries 2
timeout queue 1m
timeout connect 10s
timeout client 15s
timeout server 15s
timeout check 5s
# TODO change that to HAProxySourceIP
option forwardfor header F5SourceIP
#---------------------------------------------------------------------
# built-in status webpage
#---------------------------------------------------------------------
listen haproxy :8080
bind-process odd
stats uri /
stats show-node
stats refresh 10s
stats show-legends
listen haproxy2 :8082
bind-process even
stats uri /
stats show-node
stats refresh 10s
stats show-legends
#---------------------------------------------------------------------
# frontends which proxy to the backends
#---------------------------------------------------------------------
frontend main
bind *:80
bind-process odd
default_backend examplefe
frontend main_s
bind *:443 ssl crt /etc/ssl/wildcard.foo.com.pem
bind-process even
default_backend examplefe_s
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend examplefe
default-server inter 10s
option httpchk GET / HTTP/1.1\r\nHost:\
example.foo.com\r\nUser-Agent:\ HAProxy
server examplefe-203.foo.com examplefe-203.foo.com:80 check
server examplefe-204.foo.com examplefe-204.foo.com:80 check
backend examplefe_s
default-server inter 10s
option httpchk GET / HTTP/1.1\r\nHost:\
example.foo.com\r\nUser-Agent:\ HAProxy
server examplefe-203.foo.com examplefe-203.foo.com:443 ssl check
check-ssl
server examplefe-204.foo.com examplefe-204.foo.com:443 ssl check
check-ssl
signature.asc
Description: OpenPGP digital signature
