Hi, On Tue, Oct 20, 2009 at 06:50:22PM +0300, tasos nousis wrote: > Hi, > i'm trying to use HAPROXY in front of 3 web servers,and getting weird > results. > So the configuration is as follows(its an aggregation of several sites i ran > into, tested with several variations,though not seeing any result): > global > log 127.0.0.1 local0 > log 127.0.0.1 local1 notice > log loghost local0 info > maxconn 25000 > #debug > #quiet > user haproxy > group haproxy > > defaults > log global > mode http > option httplog > option dontlognull > retries 3 > option redispatch > maxconn 25000 > timeout connect 5000 > timeout client 2000 > timeout server 10000 > timeout http-request 15000 > > listen webfarm 192.168.0.7:80 > mode http > stats enable > stats auth someuser:somepassword > balance roundrobin > option abortonclose > option forceclose > option httpclose > option forwardfor > maxconn 25000 > server webA 192.168.0.2:80 > server webB 192.168.0.4:80 > server webC 192.168.0.13:80 > > so i benchmark from another server in the lan with ab . > Benchmarking each server separately never ends up having failed requests > Benchmarking the server with HAProxy and only having 1 server to load > balance never ends up having failed requests > Benchmarking with more than 1 end up with a lot of failures(serving though > the same amount of requests?and failing about an extra half of them) > Is this some misconfiguration on the limits for concurrent requests?
Limits seem OK. You did not tell us what type of load you inject with ab. Are those large/small objects, how much concurrency, how many connections per second, etc... At some point, system tuning becomes important (backlog, source ports, ...) At medium to large connections rates (a few thousands per second), "option forceclose" can cause trouble, as the system will refuse to quickly reallocate a same source port for a new connection. Also, have you checked that you don't have nf_conntrack (or ip_conntrack) loaded on the server where haproxy runs ? And if this server only runs haproxy, please run ab from there to ensure you have proper network connectivity (cable, negociation and NIC issues are fairly common). Regards, Willy
