Am 23-08-2019 02:04, schrieb andy.anthoine....@opt.nc:
REALLY SORRY ABOUT THAT lollllllll

I'll copy paste my bad :D

admin@sld-loadb-01-prd-cit:~$ curl -v -o /dev/null --max-time 5
--http1.0 http://10.154.2.29:8080/iws/ curl -v -o /dev/null --max-time
5 --http1.0 http://10.154.2.29:8080/eoc/login
-bash: curl: command not found

Ok, i'll separate the commands next time :)

The lb i m working on is the production one, i'll check, but can't
really do anything like installing on it.

Okay.

Telnet works :) if it's enough for you ?

should work.

admin@sld-loadb-01-prd-cit:~$ telnet 10.154.2.29 8080
Trying 10.154.2.29...
Connected to 10.154.2.29.
Escape character is '^]'.


So on the back ends are the check ports reachable and you get a 200 back.

server sli-ecmapp-01-prd-cit 10.154.2.29:8443
server sli-ecmapp-02-prd-cit 10.154.2.31:8443

admin@sld-loadb-01-prd-cit:~$ telnet 10.154.2.29 8443
Trying 10.154.2.29...
telnet: Unable to connect to remote host: No route to host

That's the problem!

The test was wrong. you make a telnet to 8443 but the check port is 8080
Try this.

echo -e 'GET /iws/ HTTP/1.0\n\r\n\r'|telnet 10.154.2.29 8080

admin@sld-loadb-01-prd-cit:~$ telnet 10.154.2.31 8443
Trying 10.154.2.31...
Connected to 10.154.2.31.
Escape character is '^]'.
^CConnection closed by foreign host.

That's another one.

echo -e 'GET /iws/ HTTP/1.0\n\r\n\r'|telnet 10.154.2.31 8080

Seems like i got one of my answer........

Yes looks like.

Is there any firewall in between the LB & BE?
Yes there is one

Are both ports (8080 & 8443) open from LB top both BE?

Looks like not a haproxy issue.

Regards
Aleks


-----Message d'origine-----
De : Aleksandar Lazic [mailto:al-hapr...@none.at]
Envoyé : vendredi 23 août 2019 10:57
À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc>
Cc : haproxy@formilux.org
Objet : Re: Help required ehhe

Hi.

Am 23-08-2019 01:43, schrieb andy.anthoine....@opt.nc:

Hi,

I can't launch the command from the LB

I love screenshots! It's so easy to copy paste from them 8-/

do you have any other tool which you can use to check if the
connection is possible from LB to Backend?

nc?
telnet?
...?

But from the server he is what i get

[root@sli-ecmapp2-prd ~]# curl -v -o /dev/null --max-time 5 --http1.0
http://10.154.2.29:8080/iws/  curl -v -o /dev/null --max-time 5
--http1.0 http://10.154.2.29:8080/eoc/login

Please one curl AFTER the other, the next time, just separate the
commands with ;.

curl -v -o /dev/null --max-time 5 --http1.0
http://10.154.2.29:8080/iws/ ; curl -v -o /dev/null --max-time 5
--http1.0 http://10.154.2.29:8080/eoc/login

* About to connect() to 10.154.2.29 port 8080 (#0)
*   Trying 10.154.2.29...
...
0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--
   0* Connected to 10.154.2.29 (10.154.2.29) port 8080 (#0)

GET /iws/ HTTP/1.0
User-Agent: curl/7.29.0
Host: 10.154.2.29:8080
Accept: */*


< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1

[snipp]

curl: (28) Resolving timed out after 5515 milliseconds

That looks strange, but maybe not the issue for now.

* About to connect() to 10.154.2.29 port 8080 (#2)
*   Trying 10.154.2.29...
* Connected to 10.154.2.29 (10.154.2.29) port 8080 (#2)

GET /eoc/login HTTP/1.0
User-Agent: curl/7.29.0
Host: 10.154.2.29:8080
Accept: */*


< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1

[snipp]

* Closing connection 2

So on the back ends are the check ports reachable and you get a 200 back.
Is there any firewall in between the LB & BE?

What's your haproxy version?

haproxy -vv


Best regards

Andy

-----Message d'origine-----
De : Aleksandar Lazic [mailto:al-hapr...@none.at] Envoyé : vendredi 23
août 2019 10:33 À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc> Cc
: haproxy@formilux.org Objet : Re: Help required ehhe

Am 23-08-2019 00:49, schrieb andy.anthoine....@opt.nc:

Hi,



Ehhe not an external ip don't worry, or i would have deleted it hehe



No change, the problem seems to be there since before i m here, and

they now need it to be fixed



I don't see anything in particular in the logs, beside that kind of

thing which is normal since the server is rebooted at this time ;)



Aug 22 05:00:23 sld-loadb-01-prd-cit local1.alert haproxy[2244]:

Server ecmapp-prd-be-8443/sli-ecmapp-01-prd-cit is DOWN, reason:

Layer4 connection problem, info: "Connection refused at step 1 of

tcp-check (connect port 8080)", check duration: 0ms. 1 active and 0

backup servers left. 62 sessions active, 0 requeued, 0 remaining in

queue.

this looks to me that the loadbalancer can't connect to the backend
check port, is something listen on the backend server on port 8080?

Please can you try the following command from the loadbalancer.

curl -v -o /dev/null --max-time 5 --http1.0
http://10.154.2.29:8080/iws/ curl -v -o /dev/null --max-time 5
--http1.0 http://10.154.2.29:8080/eoc/login

The same for 10.154.2.31

What do you mean by that ?

I have shorten the config to reduce the size of the mail.

mode http



[snip more config]



-----Message d'origine-----

De : Aleksandar Lazic [mailto:al-hapr...@none.at] Envoyé : vendredi
23

août 2019 09:41 À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc> Cc

: haproxy@formilux.org Objet : Re: Help required ehhe



Hi.



Am 23-08-2019 00:28, schrieb andy.anthoine....@opt.nc:



Hi,



I got that email on this site, not sure if it's still working etc

https://www.slideshare.net/haproxytech/haproxy-best-practice

[snipp]

What's your haproxy version?



haproxy -vv



Application load balancing & high availability v8.5.7 (8546)

That's not the full output of the command line call haproxy -vv .

Thanks a lot for the answer man !







Thanks !



Andy

Regards

Aleks

--------------------------------------------------------------------Ce
message et toutes les pièces jointes (ci-après le « message ») sont à
l'attention exclusive des destinataires désignés. Il peut contenir des
informations confidentielles. Si vous le recevez par erreur, merci
d'en informer immédiatement l'émetteur et de le détruire. Toute
utilisation, diffusion ou toute publication, totale ou partielle, est
interdite, sauf autorisation. Tout message électronique étant
susceptible d'altération, l'OPT NC décline toute responsabilité au
titre de ce message dans l'hypothèse où il aurait été modifié.
----------------------------This message and any attachments (the «
message ») are intended solely for the addresses. It may contain
privileged information. If you receive this message in error, please
immediately notify the sender and delete it. Any use, dissemination or
disclosure, either whole or partial, is prohibited unless formal
approval. Emails are susceptible to alteration; OPT NC shall not
therefore be liable for the message if modified.

Pensez à l'environnement, n'imprimez que si nécessaire.


--------------------------------------------------------------------
Ce message et toutes les pièces jointes (ci-après le « message ») sont
à l'attention exclusive des destinataires désignés. Il peut contenir
des informations confidentielles. Si vous le recevez par erreur, merci
d'en informer immédiatement l'émetteur et de le détruire. Toute
utilisation, diffusion ou toute publication, totale ou partielle, est
interdite, sauf autorisation. Tout message électronique étant
susceptible d'altération, l'OPT NC décline toute responsabilité au
titre de ce message dans l'hypothèse où il aurait été modifié.
----------------------------
This message and any attachments (the « message ») are intended solely
for the addresses. It may contain privileged information. If you
receive this message in error, please immediately notify the sender
and delete it. Any use, dissemination or disclosure, either whole or
partial, is prohibited unless formal approval. Emails are susceptible
to alteration; OPT NC shall not therefore be liable for the message if
modified.

Pensez à l'environnement, n'imprimez que si nécessaire.

Reply via email to