Re: 5000 CPS for haproxy
Hello, On Mon, Aug 01, 2011 at 07:00:37PM +0530, appasaheb bagali wrote: > hello, > > we have deployed the Haproxy on amazon cloud. > > its working fine we would like to do testing 5000 CPS . > Please suggest the way to test There are various tools for that. The principle is that you should start some dummy servers on other instances (or at least fast static servers such as nginx), and run injection tools on other instances. Such tools might be httperf, ab, inject or any such thing. You will then configure your haproxy to forward to the dummy servers and will send your injectors' requests to haproxy. The tools will tell you the data rate, connection rate, etc... You're encouraged to enable the stats page on haproxy so that you can check rates and errors in live. In general, for 5k CPS, you need a bit of system tuning, because most Linux distros come with a conntrack setting which is only valid for a desktop usage but not for a server usage, so the traffic will suddenly stop after a few seconds. Or better, simply disable the module. Also, it is important that you have at least two machines for the servers and at least two for the clients, because in such environments, you have no visibility on anything, and it's quite common that some VMs are struggling or that some network paths are saturated. If you see that two servers behave differently, at least it's easier to spot where the problem is. Regards, Willy
Re: maintenance mode and server affinity
Hi James, On Mon, Aug 01, 2011 at 04:05:41PM -0400, James Bardin wrote: > I have a number if instances using tcp mode, and a stick-table on src > ip for affinity. When a server is in maintenance mode, clients with an > existing affinity will still connect to the disabled server, and only > be re-dispatched if the connection fails (and error responses from the > backend are still successful tcp connections). Are you sure your server was set in maintenance mode, did you not just set its weight to zero ? There is a big difference between zero weight and maintenance mode : - zero weight means the server is not selected in load balancing, which means it will not get any new visitor, but will still get existing visitors ; - maintenance means the server is offline and must not receive any traffic at all, except the admin's tests selected with force-persist rules. So if this is not what you're observing, then it's a bug and we need to see how to reproduce it in order to fix it. > I've done a few things to stop this traffic when needed: > - drop the packets on the load balancer with a null route or iptables. > - block the packets with the firewall on the backend server, and let > the clients get re-dispatched. > - shutdown the services that could response from the backend, and > re-dispatch. > > > Have I missed any configuration in haproxy that will completely stop > traffic to a backend? I have no problem managing this as-is myself, > but having fewer pieces involved makes delegating administration > responsibilities easier. I agree with you. The maintenance mode was done exactly for what you need so I want to ensure it works. > Willy, is a "block server" option (or maybe a "drop table" to get rid > of affinity sessions), something that could be implemented? I think the later can be done on the stats socket using "clear table", because you can specify a rule to select which entries to clear, so you can clear any entry matching your server's ID. But it's only in 1.5, not in a stable release. Regards, Willy
Re: acl using path_beg
Got it working. the issue was a lot chained acls that were catching up the rule I was just adding. Thank you all for your help. On Mon, Aug 1, 2011 at 5:05 PM, Gabriel Sosa wrote: > well, > > is it not redirecting. just die there with a 404 status > > any other hint? > > regards > > On Sun, Jul 31, 2011 at 7:01 PM, Baptiste wrote: >> Hi, >> >> The wp-admin page of wordpress is a 302 redirecting to "wp-login.php". >> >> Have you tried to browse the backend directly? >> I guess it should not work. >> >> There are some parameters on Wordpress to tell him on which URL it >> will be hosted. >> By default, it may be "/", in your case you should turn this parameter >> to "/blog" :) >> >> cheers >> >> >> On Sun, Jul 31, 2011 at 11:46 PM, Gabriel Sosa wrote: >>> Hello folks >>> >>> I'm trying to send all the traffic that starts with /blog to a >>> specific backend and I'm using *path_beg* for that. here is a snip of >>> my config file: >>> >>> defaults >>> log global >>> timeout client 6 >>> timeout server 3m >>> timeout connect 15000 >>> retries 3 >>> option redispatch >>> >>> >>> frontend http >>> mode http >>> log global >>> option httplog >>> option >>> forceclose >>> option >>> httpclose >>> >>> bind XXX.XXX.XXX.XXX:80 # com 80 >>> >>> acl blog_acl path_beg /blog >>> use_backend blog_backend if blog_acl >>> default_backend farm80 >>> >>> >>> >>> >>> For some reason, if I browse http://www.example.com/blog everything >>> works just fine, but if I browse http://www.example.com/blog/wp-admin/ >>> (as you can guess I'm using wordpress) I get a 404 status. >>> >>> AFAIK, the acl path_beg /blog should match /blog/ or /blog/wp-admin >>> basically anything after /blog/ should be sent to that backend. >>> >>> do you have any idea why that could be not working as expected? >>> >>> Best regards >>> >>> -- >>> Gabriel Sosa >>> Si buscas resultados distintos, no hagas siempre lo mismo. - Einstein >>> >>> >> > > > > -- > Gabriel Sosa > Si buscas resultados distintos, no hagas siempre lo mismo. - Einstein > -- Gabriel Sosa Si buscas resultados distintos, no hagas siempre lo mismo. - Einstein
Re: Best way to find the version
Hi, > Just wondering what is the best way to find the haproxy version. haproxy -v - craig
Best way to find the version
Hi All, Just wondering what is the best way to find the haproxy version. This is rightscale AMI so I was not the one who installed it. Eithor yum list installed|grep haproxy or rpm -qa|grep haproxy helped. Anyhelp would be great. Also keep the awesome work guys! -Habeeb
Re: acl using path_beg
well, is it not redirecting. just die there with a 404 status any other hint? regards On Sun, Jul 31, 2011 at 7:01 PM, Baptiste wrote: > Hi, > > The wp-admin page of wordpress is a 302 redirecting to "wp-login.php". > > Have you tried to browse the backend directly? > I guess it should not work. > > There are some parameters on Wordpress to tell him on which URL it > will be hosted. > By default, it may be "/", in your case you should turn this parameter > to "/blog" :) > > cheers > > > On Sun, Jul 31, 2011 at 11:46 PM, Gabriel Sosa wrote: >> Hello folks >> >> I'm trying to send all the traffic that starts with /blog to a >> specific backend and I'm using *path_beg* for that. here is a snip of >> my config file: >> >> defaults >> log global >> timeout client 6 >> timeout server 3m >> timeout connect 15000 >> retries 3 >> option redispatch >> >> >> frontend http >> mode http >> log global >> option httplog >> option >> forceclose >> option >> httpclose >> >> bind XXX.XXX.XXX.XXX:80 # com 80 >> >> acl blog_acl path_beg /blog >> use_backend blog_backend if blog_acl >> default_backend farm80 >> >> >> >> >> For some reason, if I browse http://www.example.com/blog everything >> works just fine, but if I browse http://www.example.com/blog/wp-admin/ >> (as you can guess I'm using wordpress) I get a 404 status. >> >> AFAIK, the acl path_beg /blog should match /blog/ or /blog/wp-admin >> basically anything after /blog/ should be sent to that backend. >> >> do you have any idea why that could be not working as expected? >> >> Best regards >> >> -- >> Gabriel Sosa >> Si buscas resultados distintos, no hagas siempre lo mismo. - Einstein >> >> > -- Gabriel Sosa Si buscas resultados distintos, no hagas siempre lo mismo. - Einstein
maintenance mode and server affinity
I have a number if instances using tcp mode, and a stick-table on src ip for affinity. When a server is in maintenance mode, clients with an existing affinity will still connect to the disabled server, and only be re-dispatched if the connection fails (and error responses from the backend are still successful tcp connections). I've done a few things to stop this traffic when needed: - drop the packets on the load balancer with a null route or iptables. - block the packets with the firewall on the backend server, and let the clients get re-dispatched. - shutdown the services that could response from the backend, and re-dispatch. Have I missed any configuration in haproxy that will completely stop traffic to a backend? I have no problem managing this as-is myself, but having fewer pieces involved makes delegating administration responsibilities easier. Willy, is a "block server" option (or maybe a "drop table" to get rid of affinity sessions), something that could be implemented? Thanks, -jim
Re: session stickyness with or without serverid
On Mon, Aug 01, 2011 at 12:14:48PM -0400, Julien Vehent wrote: > You're right, I do set the weight at zero first, and then after a > couple of hours, put the server in maintenance mode. OK. > What I'm trying to reduce is the time between setting a server's weight > to zero, and seeing no connections on it. > With maxlife 1h, I get a decent compromise. After one hour from setting > the server to zero, I would probably only disconnect 0.001% of obsessive > users, so it's "fine". Yes that's the right method. However, if you want to ensure that nobody will connect to your server during the operations, you can force the server to enter the maintenance mode (using the stats socket or stats web interface). > >Cookie insertion is more reliable and more determinist since there > >are > >no tables to learn and maintain. Also, with recent versions, we now > >have > >features such as "force-persist" and "ignore-persist" which make it a > >lot > >easier to perform maintenance on live service without the user > >noticing > >and with the ability for the admin to check what he's going to put > >online > >before doing so. All these are good reasons to use a SERVERID cookie > >instead of learning a JSESSIONID cookie. > > > > I fail to see how ignore-persist can help me in this case... As I > understand it, ignore-persist will force haproxy to ignore the > persistence cookie and load balance the request to any available > backend. In my case, it would mean redirect the user with an active > session to another backend, effectively disconnecting it. Am I correct ? Exactly. Different people proceed in different ways. For instance, there are some who would use ignore-persist to match a cookie value (that of the server you're putting offline). But with the maintenance mode, this is no longer necessary. Regards, Willy
Re: session stickyness with or without serverid
On Fri, 29 Jul 2011 09:11:38 +0200, Willy Tarreau wrote: Hi Julien, On Thu, Jul 28, 2011 at 07:16:32PM -0400, Julien Vehent wrote: Hey guys, We've been happy users of haproxy in front of our tomcat farm for some time now, except for one thing: when we want to put a backend in maintenance mode, via hatop, we have to deal with users coming back a few hours later with a SERVERID cookie and being routed to that backend. If it's in maintenance mode, it should not receive any traffic. I suspect you just changed its weight to zero, which means it's not elected for LB but will still serve persistent requests. Please double-check, because if you're certain that you're getting that, then you've spotted a bug. Hey Willy, You're right, I do set the weight at zero first, and then after a couple of hours, put the server in maintenance mode. What I'm trying to reduce is the time between setting a server's weight to zero, and seeing no connections on it. With maxlife 1h, I get a decent compromise. After one hour from setting the server to zero, I would probably only disconnect 0.001% of obsessive users, so it's "fine". I initially configured haproxy to balance based on a SERVERID cookie, essentially because I didn't know if the JSESSIONID would provide the appropriate persistence, but now I'm thinking that it might be a good idea to remove the SERVERID cookie and do all the work on the JSESSIONID. The goal would be to reduce the time between putting a server in maintenance and not seeing any traffic on it at all (ie. all sessions are expired). So my question is: what are the pros and cons of using a SERVERID cookie vs a JSESSIONID ? Cookie insertion is more reliable and more determinist since there are no tables to learn and maintain. Also, with recent versions, we now have features such as "force-persist" and "ignore-persist" which make it a lot easier to perform maintenance on live service without the user noticing and with the ability for the admin to check what he's going to put online before doing so. All these are good reasons to use a SERVERID cookie instead of learning a JSESSIONID cookie. I fail to see how ignore-persist can help me in this case... As I understand it, ignore-persist will force haproxy to ignore the persistence cookie and load balance the request to any available backend. In my case, it would mean redirect the user with an active session to another backend, effectively disconnecting it. Am I correct ? Maybe I'm not seeing the use case properly here. Thanks, Julien
5000 CPS for haproxy
hello, we have deployed the Haproxy on amazon cloud. its working fine we would like to do testing 5000 CPS . Please suggest the way to test Thanks Appasaheb
RE: How can we Use
HI Thanks for your mail. Can you please tell me if we want that you will be setup for us , the what will be the cost for the same. Sunit From: Baptiste [mailto:bed...@gmail.com] Sent: Saturday, July 30, 2011 6:48 PM To: SUNIT TYAGI Cc: haproxy@formilux.org Subject: Re: How can we Use Hi Sunit, It's as simple as installing haproxy package from your linux distribution. HAProxy configuration is quite easy and if you want to load-balance HTTP protocol, it will be easy to find some good example on the web. This "load-balancer" can be either a physical machine or a VM. There is no cost, everything is open source. Now, if you need (or want) some support on your load-balancer and if you want to use HAProxy, you should have a look to www.exceliance.fr . Exceliance sells either services around HAProxy (http://www.exceliance.fr/en/products/hapee) or HAProxy based load-balancer appliances: Aloha (http://www.exceliance.fr/en/products/aloha) Note that there is a VMWare version of the Aloha: http://www.exceliance.fr/en/products/aloha/aloha-va Last but not least, some HAProxy developer works at Exceliance.fr and the code made for Exceliance appliances is pushed back into HAProxy opensource version. regards On Sat, Jul 30, 2011 at 7:50 AM, SUNIT TYAGI wrote: Dear Support, We want to setup a Load Balancer with 4 Virtual server ( On Vmware ) , Can you please suggest us how can we do that & also which version will support the VPS Servers. Also is there any cost for the same . Application will be apache based & database will be my Sql. Sunit <>
