Hi,
Since haproxy version 1.8.14 and including the last 1.9 release, haproxy
puts all my backends in MAINT after around 31s. They first work fine,
but then they are put in MAINT.
The logs look like that:
<149>Dec 23 12:45:11 haproxy[1]: Proxy www started.
<149>Dec 23 12:45:11 haproxy[1]: Proxy plain started.
[NOTICE] 356/124511 (1) : New worker #1 (8) forked
<150>Dec 23 12:45:13 haproxy[8]: 89.217.194.174:49752
[23/Dec/2018:12:45:13.098] plain www/linked 0/0/16/21/37 200 4197 -
- ---- 1/1/0/0/0 0/0 "GET / HTTP/1.1"
[WARNING] 356/124542 (8) : Server www/linked is going DOWN for
maintenance (DNS timeout status). 0 active and 0 backup servers
left. 0 sessions active, 0 requeued, 0 remaining in queue.
<145>Dec 23 12:45:42 haproxy[8]: Server www/linked is going DOWN for
maintenance (DNS timeout status). 0 active and 0 backup servers
left. 0 sessions active, 0 requeued, 0 remaining in queue.
[ALERT] 356/124542 (8) : backend 'www' has no server available!
<144>Dec 23 12:45:42 haproxy[8]: backend www has no server available!
I run haproxy using docker:
docker run --name toto -ti --rm -v
/home/docker-compositions/web/proxy/conf.test:/etc/haproxy/:ro -p
8080:80 haproxy:1.9 haproxy -f /etc/haproxy/
And my config is that:
global
log stderr local2
chroot /tmp
pidfile /run/haproxy.pid
maxconn 4000
max-spread-checks 500
master-worker
user nobody
group nogroup
resolvers dns
nameserver docker 127.0.0.11:53
hold valid 1s
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 10m
timeout server 10m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
default-server init-addr last,libc,none
errorfile 400 /usr/local/etc/haproxy/errors/400.http
errorfile 403 /usr/local/etc/haproxy/errors/403.http
errorfile 408 /usr/local/etc/haproxy/errors/408.http
errorfile 500 /usr/local/etc/haproxy/errors/500.http
errorfile 502 /usr/local/etc/haproxy/errors/502.http
errorfile 503 /usr/local/etc/haproxy/errors/503.http
errorfile 504 /usr/local/etc/haproxy/errors/504.http
backend www
option httpchk GET / HTTP/1.0\r\nUser-Agent:\ healthcheck
http-check expect status 200
default-server inter 60s fall 3 rise 1
server linked www.topin.travel:80 check resolvers dns
frontend plain
bind :80
http-request set-header X-Forwarded-Proto http
http-request set-header X-Forwarded-Host %[req.hdr(host)]
http-request set-header X-Forwarded-Port %[dst_port]
http-request set-header X-Forwarded-For %[src]
http-request set-header X-Real-IP %[src]
compression algo gzip
compression type text/css text/html text/javascript
application/javascript text/plain text/xml application/json
# Forward to the main linked container by default
default_backend www
Any idea what is happening? I've tried to increase the DNS resolve
timeout to 5s and it didn't help. My feeling is that the newer versions
of haproxy cannot talk with the DNS provided by docker.
Thanks