Hi Jonathan,
Thanks for your quick answer.
You are right, I see the haproxy server's IP in my nginx's logs and... In my
varnishnca.log too. So it means the problem is my haproxy configuration..(?).
To be sure, this is all the configuration, maybe should I play with an except
for in some case ? All help appreciated, I become crazy.
global
log /dev/log local0 info
log /dev/log local0 notice
maxconn 20000
user ha
group ha
stats socket /var/run/haproxy.stat level admin
daemon
defaults
mode http
log global
timeout connect 5s
timeout client 20s
timeout server 15s
timeout check 2s
timeout http-keep-alive 1s
timeout http-request 10s
listen web-mgt
bind 11.22.33.44:8282
option dontlog-normal
mode http
stats uri /haproxy
stats realm STATS_WEB
stats auth admin:admin
stats refresh 5s
frontend main
bind 11.22.33.44:80
option httplog
option forwardfor
option http-server-close
default_backend varnish
backend varnish
balance url_param id
option forwardfor
option http-server-close
hash-type consistent
server varnish1 10.0.9.18:80 check observe layer7
server varnish2 10.0.9.19:80 check observe layer7
frontend nocache
bind 10.0.9.1:8083
option httplog
option forwardfor
option http-server-close
default_backend webback
backend webback
balance roundrobin
cookie bing insert indirect nocache domain .domain.com
option httpchk HEAD /haproxytest.txt HTTP/1.0
server app1 10.0.9.3:80 cookie web1 check inter 2000 fall 2
server app2 10.0.9.4:80 cookie web2 check inter 2000 fall 2
server maintenance 127.0.0.1:8087 backup
option redispatch
option http-server-close
option forwardfor
option abortonclose
the backend servers of my varnish are, of course, the frontend nocache :
backend bingofuel {
.host = "10.0.9.1";
.port = "8083";
}
Le Samedi 7 décembre 2013 13h35, Jonathan Matthews <[email protected]> a
écrit :
On 7 December 2013 11:08, Clémence Varroi <[email protected]> wrote:
> I think I've made a mistake with my configuration. I can't retrieve the ip
> adresse of my clients in my logs, I have just the ip adresse of my varnish
> and I am becoming mad...
It strikes me that the culprit is probably your nginx real_ip setup,
and you need to test it with a set of synthetic, curl'd requests.
If real_ip /were/ working, and translating the X-F-F into logged IPs,
I think you'd see (at a *minimum*) the HAProxy server's IP in nginx's
logs - not the Varnish server's IP.
Don't forget to ensure real_ip is happy with:
a) multiple X-F-F request headers (which are legal but whose ordering
may be confusing nginx) and
b) X-F-F headers with multiple IPs (e.g. "X-F-F: 1.2.3.4, 2.3.4.5", etc) and
c) combinations of (a) and (b).
Cheers,
Jonathan
