On Tue, Sep 02, 2025 at 04:18:22PM +0000, Daniel Lenar wrote: > Hello, > I was struggling to get connection reuse working when check_reuse_pool was > enabled. My patch addresses what I had to do to get see TCP connections being > reused with my haproxy configuration below. > I had very simplistic haproxy.cfg. The IPs and hostnames have been redacted. > global > log stdout format raw local0 > daemon > stats socket /tmp/stats > frontend main > bind *:8080 > mode http > option httplog > option http-keep-alive > log global > use_backend https:example.com > backend https:example.com > mode http > option httpchk GET /ready HTTP/1.1 > http-check send hdr Connection keep-alive hdr Host example.com hdr > User-Agent "Health-Check" > http-reuse always > default-server maxconn 2000 check-reuse-pool inter 3000 pool-purge-delay > 60s check ssl verify none > server servara 10.0.0.1:443 > server serverb 10.0.0.2:443 > server serverc 10.0.0.3:443 > > The tcpcheck_use_nondefault_connect() function was considering SSL as a none > default connection. If your backed servers were using SSL, then you couldn’t > reuse connections. In terms of http/https, only http backends were eligible > for connection reuse.
I have just seen your message so I did not conduct many tests. However, one thing that may explain a part of the problem is that you do not have "check-ssl" server keyword. Without it, checks will be performed in clear HTTP, thus it won't be able to reuse any connection from the pool as transport will not match. This explains why you had to change tcpcheck_use_nondefault_connect() to remove check->use_ssl. Regards, -- Amaury Denoyelle
