Hi Jim,
The client sent a request over HTTP and HAProxy todl him to come back
using HTTPS (status code 302 generated by HAProxy, frontend name not
suffixed by a tild '~' which means connection in clear).
So no problem at all here.
and LR code is normal in such situation, no resources exhaustion.
Baptiste
On Wed, Aug 7, 2013 at 5:10 AM, Jim Alateras <j...@comware.com.au> wrote:
> We are looking at using HAProxy for SSL termination and dropping our reliance
> on nginx. IIt seems to work for some instances but for others i get the
> following type of others
>
> Aug 7 12:08:31 localhost haproxy[15807]: 121.219.244.144:60611
> [07/Aug/2013:12:08:31.191] http_global_secure http_global_secure/<NOSRV>
> 10/-1/-1/-1/10 302 170 - - LR-- 2/2/0/0/0 0/0 "GET
> /service/vizs/action/exec?media=json&_=1375837124050 HTTP/1.1"
> Aug 7 12:08:43 localhost haproxy[15807]: 127.0.0.1:52602
> [07/Aug/2013:12:08:43.845] http_global_secure http_global_secure/<NOSRV>
> 0/-1/-1/-1/0 302 133 - - LR-- 2/2/0/0/0 0/0 "POST /ringo/observations
> HTTP/1.1"
>
> which from the documentation indicate some sort of resource exhaustion
> problem 'LR'
>
> Here is my configuration
>
> global
> log 127.0.0.1 local0
> maxconn 4096
> user haproxy
> group haproxy
> daemon
>
> defaults
> mode http
> log global
> maxconn 4096
> option dontlognull
> option redispatch
> timeout connect 5s
> timeout client 30s
> timeout server 30s
>
> frontend http_global_insecure
> bind :80
>
> bind :443 ssl crt /etc/haproxy/server.pem
> mode http
>
> option forwardfor
> option http-server-close
> option httplog
> reqadd X-Forwarded-Proto:\ https
> redirect scheme https if !{ ssl_fc }
>
> acl ringo_url path_beg /ringo
> acl phoenix_url path_beg /phoenix
> acl athena_url path_beg /athena
> acl william_url path_beg /william
> acl blowfish_url path_beg /blowfish
> acl lenny_url path_beg /lenny
>
> use_backend ringo_server if ringo_url
> use_backend phoenix_server if phoenix_url
> use_backend athena_server if athena_url
> use_backend william_server if william_url
> use_backend blowfish_server if blowfish_url
> use_backend lenny_server if lenny_url
> default_backend ringo_server
>
> frontend blowfish_tcp
> bind :35718
> mode tcp
> timeout client 300s
> backlog 4096
> maxconn 50000
> default_backend blowfish_tcp_servers
>
>
> backend blowfish_tcp_servers
> mode tcp
> option log-health-checks
> option redispatch
> option tcplog
> server blowfish_tcp1 127.0.0.1:36000
> timeout connect 1s
> timeout queue 5s
> timeout server 3600s
>
> backend ringo_server
> server ringo1 127.0.0.1:8080 maxconn 512
>
> backend phoenix_server
> server phoenix1 127.0.0.1:8080 maxconn 512
>
> backend athena_server
> server athena1 127.0.0.1:8080 maxconn 512
>
> backend william_server
> server william1 127.0.0.1:8080 maxconn 512
>
> backend blowfish_server
> reqirep ^([^\ ]*)\ /blowfish/(.*) \1\ /\2
> server blowfish1 127.0.0.1:3333 maxconn 512
>
> backend lenny_server
> reqirep ^([^\ ]*)\ /lenny/(.*) \1\ /\2
> server lenny1 127.0.0.1:3000 maxconn 512
>
>
> Any thoughts, why i might be getting those errorsa.
>
> cheers
> </jima>
>
>
>
>
>
>
