Hello,
I'm hard working on setting up the following architecture:
- 1 Puppet CA server
- 4 Open Source Puppet servers
- 1 Load-balancer in front of the 5 previous servers, using HAproxy
All the servers are running Debian, and everything work well, except the
catalog run time, which is more than twice longer if I route the traffic
through the lb.
>From the same agent (and same code):
- puppet agent --test --server the-lb-url.com -> Finished catalog run in
75.04 seconds
- puppet agent --test --server a-backend-server-fqdn.com -> Finished
catalog run in 33.13 seconds
I suspect HAproxy to not keep the connections alive, and force the agent to
re-open them on each HTTP call. Here is my HAproxy configuration:
global
log 127.0.0.1:514 local0
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
frontend f-puppet-masters
bind 172.16.0.1:8140
mode tcp
timeout client 60s
option tcplog
use_backend b-puppet-masters
backend b-puppet-masters
balance leastconn
mode tcp
option tcplog
server s-puppet-master1 10.0.0.1:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
server s-puppet-master2 10.0.0.2:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
server s-puppet-master3 10.0.0.3:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
server s-puppet-master4 10.0.0.4:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
Is there someone here running HAproxy in front of Puppet masters? Am I
missing something?
Thank you for your help!
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/c1c68afb-abad-454a-9d2b-282a43ec5905%40googlegroups.com.
