On Tue, Feb 15, 2011 at 11:02:06PM +0000, Malcolm Turnbull wrote: > On 15 February 2011 22:23, Willy Tarreau <[email protected]> wrote: > > > > Hi Malcolm, > > > > On Tue, Feb 15, 2011 at 08:35:05PM +0000, Malcolm Turnbull wrote: > > > HAproxy can't seem to bind to more than 1000 ports? (well about 1017 > > > which is suspiciously close to 1024...) > > > I'm probably being really stupid but I saw the question earlier on FTP > > > and I was playing with binding large port ranges.... > > > my ulimit -n is 20000 > > > Am I missing something obvious? (usually) > > > > that looks rather strange. I remember having bound very large port ranges > > for test purposes. The largest configs I know are around 6-700 ports but > > I've never encountered anything like that. > > > > What does happen when you try to bind more ports ? Do you get an error, > > do they just not respond ? > > > > Willy > > > > When you restart HAProxy just the attempted binds > 1017 fail with the error: > > [ALERT] 045/222808 (22746) : Starting proxy VIP_Name: cannot create > listening socket > > However on further testing this seems to be because I am calling the > restart script from within Apache/PHP: > > >From the command prompt: > haproxy -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(cat > /var/run/haproxy.pid) WORKS > haproxy -f /etc/haproxy/haproxy.cfg start > haproxy -f /etc/haproxy/haproxy.cfg stop > > ALL work fine... > > But from within Apache/PHP/Sudo > `sudo /usr/local/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p > /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid) 2>&1`; > `haproxy -f /etc/haproxy/haproxy.cfg start`; > `haproxy -f /etc/haproxy/haproxy.cfg stop`; > FAILS for > @1000 ports.... > > So shouldn't effect other people in the same way... I will investigate > offlist....
OK so most likely your apache+php environment is reset to 1024 fds. Normally haproxy automatically computes the number of fds it needs and automatically performs the "ulimit -n" accordingly. Since you start it as root under apache+php, I see no reason why it should fail. You may try to set a larger global maxconn to see if it has any effect. Willy

