Hi,
On 23.01.2014 16:43, Baptiste wrote:
> Hi Thomas,
>
> Please share your configuration (anonymized).
>
Ive attached the config.
> Baptiste
>
thanks,
thomas
> On Thu, Jan 23, 2014 at 1:28 PM, Thomas Heil
> <[email protected]> wrote:
>>
> Hi,
>
> We are running in haproxy 1.5dev21 commit
> fa7fc95e16fae8b30f2522f59bb945c596e48419. I see very high memory
> usage just after 5 days.
global
maxconn 65000
ulimit-n 65535
uid 0
gid 0
daemon
## tune.pipesize 524288 # only in 1.5
tune.bufsize 33668
tune.maxrewrite 1024
#stats socket /var/run/haproxy.stat level admin
stats socket /var/run/haproxy.stat level admin
nbproc 1
#Loging
#log 172.24.4.39 local0
#log 172.24.4.39 local1 notice
#Logging
cpu-map all 1 2
defaults
maxconn 40000
retries 10
option redispatch
no option http-server-close
no option forceclose
option http-keep-alive
option prefer-last-server
option tcp-smart-accept
option tcp-smart-connect
#Logging
log global
#log-format %{+Q}o\ %{-Q}Ci\ -\ -\ [%T]\ %r\ %st\ %B\ \"\"\ \"\"\ %Cp\
\%ms\ %ft\ %b\ %s\ \%Tq\ %Tw\ %Tc\ %Tr\ %Tt\ %tsc\ %ac\ %fc\ \%bc\ %sc\ %rc\
%sq\ %bq\ %cc\ %cs\ \%hrl\ %hsl\ \%hr
#Logging
contimeout 15s
clitimeout 30s
srvtimeout 60s
userlist L1
group G1 users tiger,scott
user tiger insecure-password hello groups G1
user scott insecure-password hello groups G1
userlist L2
group G2 users a
user a insecure-password b groups G2
listen app1
bind :8080
mode http
maxconn 200
stats enable
#stats hide-version
stats uri /
#stats auth admin:spawn
#stats admin if TRUE
frontend rtmp-80
bind 1.2.3.92:80
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
mode tcp
maxconn 4000
#Logging
option tcplog
default_backend rtmp-over-http
frontend bread-84
bind 172.24.4.2:84,172.24.4.3:84,172.24.4.4:84,127.0.0.1:84
mode http
#option http-pretend-keepalive
#option forceclose
#option httpclose
option accept-invalid-http-request
reqidel ^X-Forwarded-For:.*
maxconn 20000
monitor-uri /haproxycheck
#Logging
log global
option httplog
option logasap
#
# log the name of the virtual server
capture request header Host len 50
capture request header Content-Length len 10
capture request header Accept-Language len 50
capture request header Referer len 200
capture request header User-Agent len 200
capture response header Server len 30
capture response header Content-Length len 10
capture response header Cache-Control len 8
capture response header Via len 20
capture response header Location len 20
capture cookie JSESSIONID len 32
capture response header X-Cache-Hits len 10
capture response header X-Cacheable len 10
capture response header X-Cache len 5
capture response header Content-Encoding len 10
capture response header Cache-Control len 200
capture response header Last-Modified len 200
#Logging
default_backend bk_bread
frontend bread-80-82-varnish
bind
172.24.4.2:82,172.24.4.3:82,172.24.4.4:82,1.2.3.71:82,1.2.3.72:82,1.2.3.73:82,127.0.0.1:82
bind 1.2.3.70:80
#proxy
bind 127.0.0.1:85 accept-proxy id 100
acl ssl-proxy so_id 100
reqidel ^X-Forwarded-For:.*
reqadd x-forwarded-proto:\ https if ssl-proxy
#proxy
mode http
option accept-invalid-http-request
maxconn 20000
monitor-uri /haproxycheck
#Logging
log global
option httplog
option logasap
#
capture request header Host len 50
capture request header Content-Length len 10
capture request header Accept-Language len 50
capture request header Referer len 200
capture request header User-Agent len 200
capture response header Server len 30
capture response header Content-Length len 10
capture response header Cache-Control len 8
capture response header Via len 20
capture response header Location len 20
capture cookie JSESSIONID len 32
capture response header X-Cache-Hits len 10
capture response header X-Cacheable len 10
capture response header X-Cache len 5
capture response header Content-Encoding len 10
capture response header Cache-Control len 200
capture response header Last-Modified leen 200
#Logging
acl static_content path_end .png .jpg .js .css .swf !
header\_img.png
acl varnish_available nbsrv(bk_varnish_bread) ge 1
acl varnish_enabled srv_is_up(server-status/varnish-bread) ||
FALSE
acl url_action path_beg /user /dummy-images /profile-images
acl raw_ip hdr_reg(host) -f /etc/haproxy-regex-rawip-bread.lst
redirect code 301 prefix http://www.mypage.de if raw_ip
use_backend bk_varnish_bread if varnish_available
varnish_enabled static_content ! url_action
default_backend bk_bread
frontend www-81-varnish-bypass
bind
172.24.4.2:81,172.24.4.3:81,172.24.4.4:81,1.2.3.71:81,1.2.3.72:81,1.2.3.73:81,127.0.0.1:81
mode http
option accept-invalid-http-request
reqidel ^X-Forwarded-For:.*
maxconn 20000
monitor-uri /haproxycheck
#Logging
log global
option httplog
option logasap
#
#
capture request header Host len 50
capture request header Content-Length len 10
capture request header Accept-Language len 50
capture request header Referer len 200
capture request header User-Agent len 200
capture response header Server len 30
capture response header Content-Length len 10
capture response header Cache-Control len 8
capture response header Via len 20
capture response header Location len 20
capture cookie JSESSIONID len 32
capture response header X-Cache-Hits len 10
capture response header X-Cacheable len 10
capture response header X-Cache len 5
capture response header Content-Encoding len 10
capture response header Cache-Control len 200
capture response header Last-Modified len 200
#Logging
default_backend ww-frontend
frontend www-80
bind
172.24.4.2:80,172.24.4.3:80,172.24.4.4:80,1.2.3.71:80,1.2.3.72:80,1.2.3.73:80,127.0.0.1:80
mode http
option accept-invalid-http-request
reqidel ^X-Forwarded-For:.*
maxconn 20000
#Logging
log global
option httplog
option logasap
#
capture request header Host len 50
capture request header Content-Length len 10
capture request header Accept-Language len 50
capture request header Referer len 200
capture request header User-Agent len 200
capture response header Server len 30
capture response header Content-Length len 10
capture response header Cache-Control len 8
capture response header Via len 20
capture response header Location len 20
capture cookie JSESSIONID len 32
capture response header X-Cache-Hits len 10
capture response header X-Cacheable len 10
capture response header X-Cache len 5
capture response header Content-Encoding len 10
capture response header Cache-Control len 200
capture response header Last-Modified len 200
#Logging
acl valid_src src 217.92.209.242/32 141.65.161.0/24
195.39.235.27/32 172.24.4.0/16 81.17.208.10/32 91.213.91.28/32 91.213.91.20/32
1.2.3.66/26
acl valid_auth http_auth(L1)
acl solr_src src 1.2.3.66/26 172.24.0.0/16 141.65.161.0/24
217.92.209.242/32
acl solr_host hdr(host) -i 172.24.4.4
option forwardfor except 127.0.0.1
option dontlognull
acl url_default path_reg ^[^/]*$
acl url_solr path_beg /solr /SOLR
acl master_methods method POST DELETE PUT
acl raw_ip hdr_reg(host) -f /etc/haproxy-regex-rawip.lst
redirect code 301 prefix http://www.twosup.de if raw_ip
!url_solr
acl static_content path_end .jpg .gif .png .css .js .swf
acl static_exclude path_reg ^/.*?header_.*?img.png
acl varnish_available nbsrv(bk_varnish_uri) ge 1
acl varnish_enabled srv_is_up(server-status/varnish) || FALSE
#acl varnish_available srv_is_up(bk_varnish_uri/varnish-40)
acl ww-f01 hdr_reg(host) -i www\.twosup\.ww-frontend-01
acl ww-f02 hdr_reg(host) -i www\.twosup\.ww-frontend-02
acl ww-f03 hdr_reg(host) -i www\.twosup\.ww-frontend-03
acl ww-f04 hdr_reg(host) -i www\.twosup\.ww-frontend-04
use_backend ww-f01 if ww-f01
use_backend ww-f02 if ww-f02
use_backend ww-f03 if ww-f03
use_backend ww-f04 if ww-f04
use_backend fs4-http if fs4_http
use_backend google-redirect if old_bm
use_backend bk_varnish_uri if varnish_available varnish_enabled
static_content ! url_solr ! static_exclude
use_backend ww-frontend unless url_solr
use_backend solr-slave if url_solr solr_host or solr_src
use_backend solr-master if master_methods url_solr solr_host or
solr_src
default_backend ww-frontend
listen rtmp :1935
mode tcp
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
maxconn 4000
#Logging
option tcplog
#Logging
balance roundrobin
stick store-request src
stick-table type ip size 200k expire 20m
stick on src
source 0.0.0.0 usesrc clientip
server stream20 172.24.4.20 check port 1111 inter 10s rise 1
fall 4 maxconn 400
server stream-backend-02 172.24.4.104 check maxconn 200
backend rtmp-over-http
mode tcp
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
#Logging
option tcplog
#Logging
balance roundrobin
stick store-request src
stick-table type ip size 200k expire 20m
stick on src
source 0.0.0.0 usesrc clientip
server stream20 172.24.4.20:1935 check port 1111 inter 10s rise
1 fall 4 maxconn 400
frontend fs4-443-before-sni
bind 1.2.3.72:443 ssl crt /etc/ssl/www.twosup.de.pem
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
mode tcp
maxconn 2000
default_backend ww-frontend
frontend breadboard-https
bind 1.2.3.70:443 ssl crt /etc/ssl/www.breadboard.de.pem
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
mode tcp
maxconn 2000
default_backend bk_bread
frontend fs4-443-before-sni-new
bind 1.2.3.69:443
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
mode tcp
maxconn 2000
option tcplog
default_backend fs4_443
frontend fs4-52088
bind :52088
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
mode tcp
maxconn 2000
#Logging
option tcplog
#Logging
default_backend fs4_52088
backend fs4_443
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
mode tcp
#Logging
option tcplog
#Logging
option ssl-hello-chk
stick-table type ip size 200k expire 480m
stick on src
#source 0.0.0.0 usesrc clientip
server cms-02 172.24.4.105:8443 maxconn 2000
backend fs4_52088
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
#Logging
mode tcp
#Logging
option tcplog
stick-table type ip size 200k expire 480m
stick on src
#source 0.0.0.0 usesrc clientip
server cms-02 172.24.4.105:52088 maxconn 2000
backend ww-frontend
mode http
#Logging
option httplog
#Logging
balance roundrobin
#balance uri
#hash-type consistent
#appsession JSESSIONID len 120 timeout 360min request-learn
stick-table type string len 32 size 1M expire 30m
stick on cookie(JSESSIONID)
#if { hdr_sub(Cookie) JSESSIONID }
stick on urlp(JSESSIONID,;)
#if { url_sub JSESSIONID }
stick on urlp(jsessionid,;)
#if { url_sub jsessionid }
stick store-request urlp(JSESSIONID,;)
stick store-request urlp(jsessionid,;)
stick store-response set-cookie(JSESSIONID)
reqirep ^Host:\ 1\.[0-9\.:]+$ Host:\ www.twosup.de
reqirep ^Host:\ fs4.freaky.de Host:\ www.twosup.de
server 01 172.24.4.101:52080 track server-status/ww-frontend-01
maxconn 200 slowstart 180s
server 02 172.24.4.100:52080 track server-status/ww-frontend-02
maxconn 200 slowstart 180s
server 03 172.24.4.106:52080 track server-status/ww-frontend-03
maxconn 200 slowstart 180s
server 04 172.24.4.107:52080 track server-status/ww-frontend-04
maxconn 200 slowstart 180s
option forwardfor
server static-01 172.24.4.101:52080 maxconn 200 backup track
server-fast-status/ww-frontend-01
server static-02 172.24.4.100:52080 maxconn 200 backup track
server-fast-status/ww-frontend-02
server static-03 172.24.4.106:52080 maxconn 200 backup track
server-fast-status/ww-frontend-03
server static-04 172.24.4.107:52080 maxconn 200 backup track
server-fast-status/ww-frontend-04
backend bk_varnish_uri
mode http
#Logging
option httplog
#Logging
balance uri # in latest HAProxy version, one can add 'whole'
keyword
# Varnish must tell it's ready to accept traffic
option httpchk HEAD /varnishcheck
http-check expect status 200
# client IP information
# avoid request redistribution when the number of caches
changes (crash or start up)
reqirep ^(X-Forwarded-For:\ )([^,]+).* \1\2
option forwardfor
option redispatch
retries 10
hash-type consistent
server varnish-40 172.24.4.70:80 check port 9201 inter 5s rise
1 fall 10 maxconn 2000
server varnish-41 172.24.4.71:80 check port 9201 inter 5s rise
1 fall 10 maxconn 2000
server varnish-43 172.24.4.73:80 check port 9201 inter 5s rise
1 fall 10 maxconn 2000
server varnish-44 172.24.4.74:80 check port 9201 inter 5s rise
1 fall 10 maxconn 2000
backend bk_varnish_bread
mode http
#Logging
option httplog
#Logging
balance uri # in latest HAProxy version, one can add 'whole'
keyword
# Varnish must tell it's ready to accept traffic
option httpchk HEAD /varnishcheck
http-check expect status 200
# client IP information
# avoid request redistribution when the number of caches
changes (crash or start up)
reqirep ^(X-Forwarded-For:\ )([^,]+).* \1\2
option forwardfor
option redispatch
retries 10
hash-type consistent
server varnish-40 172.24.4.70:80 check port 9201 inter 5s rise
1 fall 10 maxconn 100 slowstart 10s
server varnish-41 172.24.4.71:80 check port 9201 inter 5s rise
1 fall 10 maxconn 100 slowstart 10s
server varnish-43 172.24.4.73:80 check port 9201 inter 5s rise
1 fall 10 maxconn 100 slowstart 10s
server varnish-44 172.24.4.74:80 check port 9201 inter 5s rise
1 fall 10 maxconn 100 slowstart 10s
backend bk_bread
mode http
#Logging
option httplog
#Logging
#balance roundrobin
balance uri
hash-type consistent
appsession JSESSIONID len 120 timeout 360min request-learn
#cookie JSESSIONID prefix
#appsession JSESSIONID len 120 timeout 360min request-learn
#cookie FOOD domain .breadboard.de insert nocache
balance roundrobin
reqirep ^Host:\ 89\.[0-9\.:]+$ Host:\ www.breadboard.de
server bread-01 172.24.4.108:52080 track
server-status/ww-bread-01 maxconn 200 slowstart 180s
server bread-02 172.24.4.109:52080 track
server-status/ww-bread-02 maxconn 200 slowstart 180s
server bread-03 172.24.4.110:52080 track
server-status/ww-bread-03 maxconn 200 slowstart 180s
option forwardfor
server static-01 172.24.4.108:52080 maxconn 200 backup track
server-fast-status/ww-bread-01
server static-02 172.24.4.109:52080 maxconn 200 backup track
server-fast-status/ww-bread-02
server static-03 172.24.4.110:52080 maxconn 200 backup track
server-fast-status/ww-bread-03
backend google-redirect
mode http
#Logging
#option httplog
#Logging
balance roundrobin
server 01 172.24.4.40:80 check maxconn 500
option forwardfor
backend fs4-http
mode http
#Logging
option httplog
#Logging
balance roundrobin
cookie fs4 insert indirect nocache
server 01 127.0.0.1:8086 cookie 01 check maxconn 500
option forwardfor
backend solr-master
mode http
#Logging
option httplog
#Logging
#option http-server-close
#cookie SRV insert indirect nocache
server solr-a 172.24.4.104:8983 weight 1 maxconn 512 check
backend solr-slave
mode http
#Logging
option httplog
#Logging
#reqirep ^Host:\ * Host:\ 1.2.3.72
#reqirep ^Host:\ [0-9\.a-z:]*$ Host:\ 1.2.3.72
cookie SOLR insert indirect nocache
server solr-a 172.24.4.101:8984 cookie 01 weight 1 maxconn 512
check
server solr-b 172.24.4.100:8984 cookie 02 weight 1 maxconn 512
check
server solr-c 172.24.4.106:8984 cookie 03 weight 1 maxconn 512
check
server solr-d 172.24.4.107:8984 cookie 04 weight 1 maxconn 512
check
backend server-status
mode tcp
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
#Logging
option tcplog
#Logging
balance roundrobin
option tcpka
option httpchk
#source 0.0.0.0 usesrc clientip
server ww-frontend-01 127.0.0.1:9201 check inter 20s rise 2
fall 2
server ww-frontend-02 127.0.0.1:9202 check inter 20s rise 2
fall 2
server ww-frontend-03 127.0.0.1:9203 check inter 20s rise 2
fall 2
server ww-frontend-04 127.0.0.1:9204 check inter 20s rise 2
fall 2
server ww-bread-01 127.0.0.1:9205 check inter 20s rise 2
fall 2
server ww-bread-02 127.0.0.1:9206 check inter 20s rise 2
fall 2
server ww-bread-03 127.0.0.1:9209 check inter 20s rise 2
fall 2
server varnish 127.0.0.1:9207 check inter 20s rise 1
fall 2
server varnish-bread 127.0.0.1:9208 check inter 20s rise 1
fall 2
backend server-fast-status
mode tcp
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
#Logging
option tcplog
#Logging
balance roundrobin
option tcpka
option httpchk
server ww-frontend-01 127.0.0.1:9201 check inter 2s rise 1 fall
2
server ww-frontend-02 127.0.0.1:9202 check inter 2s rise 1 fall
2
server ww-frontend-03 127.0.0.1:9203 check inter 2s rise 1 fall
2
server ww-frontend-04 127.0.0.1:9204 check inter 2s rise 1 fall
2
server ww-bread-01 127.0.0.1:9205 check inter 2s rise 1
fall 2
server ww-bread-02 127.0.0.1:9206 check inter 2s rise 1
fall 2
server ww-bread-03 127.0.0.1:9209 check inter 2s rise 1
fall 2
backend bk_ssl_default
mode tcp
no option forceclose
no option http-server-close
no option http-keep-alive
no option prefer-last-server
#Logging
option tcplog
#Logging
tcp-request content reject
backend ww-f01
mode http
#option http-server-close
no option prefer-last-server
reqirep ^Host:\ www.twosup.ww-frontend-01.internal.de Host:\
www.twosup.de
#option abortonclose
option httpchk
server static-01 172.24.4.101:52080 cookie ww-f01 maxconn 200
backend ww-f02
mode http
#option http-server-close
reqirep ^Host:\ www.twosup.ww-frontend-02.internal.de Host:\
www.twosup.de
#option abortonclose
option httpchk
server static-02 172.24.4.100:52080 cookie ww-f02 maxconn 200
backend ww-f03
mode http
#option http-server-close
reqirep ^Host:\ www.twosup.ww-frontend-03.internal.de Host:\
www.twosup.de
option httpchk
server static-03 172.24.4.106:52080 cookie ww-f03 maxconn 200
backend ww-f04
mode http
#option http-server-close
reqirep ^Host:\ www.twosup.ww-frontend-04.internal.de Host:\
www.twosup.de
#option abortonclose
option httpchk
server static-04 172.24.4.107:52080 cookie ww-f04 maxconn 200
