I recently upgraded my apache servers to run in Ubuntu 12 from an older
version of Centos. Two f the new servers are getting the source IP just
fine, but one is not. This is my setup:
haproxy.cfg:
global
# Port 514, the standard syslog port, is the default
log 127.0.0.1 local0
# emerg alert crit err warning notice info
debug
log 127.0.0.1 local1 debug
#log loghost local0 info
maxconn 4096
chroot /usr/share/haproxy
daemon
#---------------------------------
defaults
#---------------------------------
log global
option dontlognull
retries 3
option redispatch
timeout connect 5000ms # 5 seconds
timeout client 300000ms # 5 minutes
timeout server 1200000ms # 20 minutes
#---------------------------------
frontend PROD_thor_webfarm
#---------------------------------
bind 10.2.0.101:80
mode http
default_backend PROD_http
maxconn 4000
#---------------------------------
frontend PROD_webfarm_https
#---------------------------------
bind 10.2.0.101:443
mode tcp
acl is_port_443 dst_port 443
use_backend PROD_https if is_port_443
default_backend PROD_http
maxconn 4000
#---------------------------------
backend PROD_http
#---------------------------------
mode http
option httplog
stats enable
stats auth admin:turnh3r3-
balance roundrobin
stick on src table PROD_https
cookie SERVERID insert indirect nocache
option httpclose
option forwardfor
option httpchk /healthcheck.txt
server prod4 10.2.0.105:80 cookie prod4 weight 34 check
server prod5 10.2.0.106:80 cookie prod5 weight 33 check
server prod6 10.5.0.107:80 cookie prod6 weight 33 check
#---------------------------------
backend PROD_https
#---------------------------------
mode tcp
option tcplog
balance roundrobin
stick-table type ip size 200k expire 30m
stick on src
server prod4 10.2.0.105:443
server prod5 10.2.0.106:443
server prod6 10.5.0.107:443
So prod4 (10.2.0.105) and prod5 (10.2.0.106) are logging just fine, passing
along the source IP as expected, but prod6 (10.5.0.107) is not.
LogFormat on all three servers is as follows:
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
I did need to install and configure the rpaf module to get logging to work,
so my virtual hosts look like this:
<VirtualHost *:80>
ServerName www.mysite.com
ServerAlias mysite.thdmz.corp
DocumentRoot /var/www/hosts/thor/current
ServerAdmin it_cont...@smartshoot.com
HostNameLookups on
UseCanonicalName off
RewriteEngine on
#RewriteCond %{REMOTE_ADDR} !^172\.1\.0\.46$
RewriteCond %{DOCUMENT_ROOT}/maintenance.html -f
RewriteRule . %{DOCUMENT_ROOT}/maintenance.html [L]
# Added to allow client IP to pass through HAProxy - AG, 9/13/13
#<IfModule mod_rpaf.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 10.2.0.101
RPAFheader X-Forwarded-For
#</IfModule>
ErrorLog ${APACHE_LOG_DIR}/prod-thor6-error
CustomLog ${APACHE_LOG_DIR}/prod-thor6-access combined
</VirtualHost>
Why would source IP logging work just fine on prod4 (10.2.0.105) and prod5
(10.2.0.106), but not on prod6 (10.5.0.107)?
Aaron
it_cont...@smartshoot.com
-------------------------------------------------------------------------------------------------------------
If you received this communication by mistake, please don't forward it to
anyone else (it may contain confidential or privileged information), please
erase all copies of it, including all attachments, and please let the sender
know it went to the wrong person. Thank you.
