Hi. I have installed haproxy 1.4.22-5 on a simple "host-only" network using VirtualBox to test out a configuration of OpenAM (formerly OpenSSO) in a redundant HA setup.
My environment is as follows: +----------------------+ |laptop w/hostonly i/f | |192.168.56.1 | +--------+-------------+ | +--------------+ | +---------------+ | + | +-----v---------+ | +-------v-----------+ |Webserver1 | | | haproxy | |192.168.56.6:80| -----+ | 192.168.56.2:8080 | +---------------+ +-+---------------+-+ | | | | +--------v--------+ +--v---------------+ |openAM1 | | openAM2 | |192.168.56.3:8080| | 192.168.56.4:8080| +-----------------+ +------------------+ Webserver1 is set to use web services from the openAM servers using the IP address of the LB (haproxy) as the destination for the requests. I can connect from my laptop's browser to the openAM servers behind haproxy server and that works fine (http://openam.gw.com:8080/openam) however when I try to access the webserver1 machine I get an error. Checking the logs of the haproxy I get several of the following: Sep 12 11:13:34 localhost haproxy[2948]: 192.168.56.6:43758 [12/Sep/2013:11:13:34.733] openam openam/<NOSRV> -1/-1/-1/-1/0 400 188 - - PRNN 0/0/0/0/0 0/0 "<BADREQ>" When webserver1 sends a POST to one of the servers behind HAProxy, HAProxy immediately responds to the POST without trying to connect to either openAM1 or openAM2 with an error 400. webserver1 gives up after retrying a couple of times and then an error is returned to the browser. I am suspecting either a configuration error on my part or perhaps something wrong with the virtual host network I have set up (see picture above). NOTE Any help would be appreciated. Thanks, James ================================================================ --- HTTP POST --- POST /openam/namingservice HTTP/1.0 User-Agent: OpenAM Web Agent/4.0.0 Connection: close Accept: text/xml Content-Type: text/xml; charset=UTF-8 Host: openam.gw.com Content-Length: 260 <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <RequestSet vers="1.0" svcid="com.iplanet.am.naming" reqid="5"> <Request><![CDATA[ <NamingRequest vers="3.0" reqid="3"> <GetNamingProfile> </GetNamingProfile> </NamingRequest>]]> </Request> </RequestSet> ----------------- End POST ---------------- -----------POST RESP directly from haproxy -------------- HTTP/1.0 400 Bad request Cache-Control: no-cache Connection: close Content-Type: text/html <html><body><h1>400 Bad request</h1> Your browser sent an invalid request. </body></html> ------------------------------------------- ================================================================ HAProxy configuration: -------------------------------------------------------------- # this config needs haproxy-1.1.28 or haproxy-1.2.1 global log 127.0.0.1 local2 maxconn 1024 pidfile /var/run/haproxy.pid user haproxy group haproxy daemon defaults log global mode http option httplog option dontlognull retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 listen haproxy 192.168.56.2:8080 stats enable option httpchk cookie SERVERID insert nocache balance roundrobin server openam1 192.168.56.3:8080 cookie 01 id 1001 check inter 2000 rise 2 fall 5 server openam2 192.168.56.4:8080 cookie 02 id 1002 check inter 2000 rise 2 fall 5 errorfile 400 /etc/haproxy/errors/400.http
