Good,
local@PGSYNCTEST:~$ sudo /etc/init.d/haproxy restart [sudo] password for local: * Restarting haproxy haproxy [ALERT] 078/181429 (1600) : Starting frontend pgdbplatform_frontend_cluster01: cannot bind socket [0.0.0.0:5432] [fail] This is because Postgres occupied port 5432 Hence, we try again local@PGSYNCTEST:~$ sudo service postgresql stop * Stopping PostgreSQL 9.3 database server [ OK ] local@PGSYNCTEST:~$ sudo /etc/init.d/haproxy restart * Restarting haproxy haproxy [ OK ] local@PGSYNCTEST:~$ sudo service postgresql start * Starting PostgreSQL 9.3 database server But my questions are not about how to start HA-Proxy, my questions are that we received no logs of RSYSLOG from HA-Proxy, even log files of HA-Proxy are not created. May I send you the attachment, you will see all of our settings inside, our errors are that NO LOGS OF HA-PROXY CREATION. May you support, Ha. ----- Original Message ----- From: "Jarno Huuskonen" <[email protected]> To: "Ha Quan Le" <[email protected]> Cc: [email protected] Sent: Friday, March 20, 2015 1:42:24 PM Subject: Re: Checked: send/accept-proxy over unix socket not working Hi, On Fri, Mar 20, Ha Quan Le wrote: > local@PGSYNCTEST:~$ sudo -u haproxy /etc/init.d/haproxy restart > * Restarting haproxy haproxy > [WARNING] 078/171401 (1267) : [/usr/local/sbin/haproxy.main()] Cannot raise > FD limit to 90034. You're trying to start/restart haproxy as haproxy user (sudo -u). start/restart as root and let haproxy drop privs (user / group in haproxy.cfg). > [ALERT] 078/171401 (1267) : Starting frontend GLOBAL: error when trying to > preserve previous UNIX socket [/var/run/haproxy.sock] > [ALERT] 078/171401 (1267) : Starting frontend > pgdbplatform_frontend_cluster01: cannot bind socket [0.0.0.0:5432] Try restarting as root. If it still doesn't work then make sure that there's no haproxy process left from earlier tests. And if it still complains about cannot bind [0.0.0.0:5432] then you have something else already listening to that socket. -Jarno -- Jarno Huuskonen
---------------------------- GOOD HAProxy 1.5 -------------------------- 1) Removal of old HA-Proxy1.4 $ sudo apt-get remove haproxy 2) Preparation $ cd /usr/local/src/ local@PGSYNCTEST:/usr/local/src$ sudo apt-get install build-essential local@PGSYNCTEST:/usr/local/src$ sudo apt-get build-dep -y haproxy local@PGSYNCTEST:/usr/local/src$ sudo apt-get install -y libssl-dev local@PGSYNCTEST:/usr/local/src$ sudo apt-get install libpcre3-dev 3) Download HA-Proxy 1.5 local@PGSYNCTEST:/usr/local/src$ sudo wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.11.tar.gz local@PGSYNCTEST:/usr/local/src$ sudo tar xvf haproxy-1.5.11.tar.gz local@PGSYNCTEST:/usr/local/src$ cd haproxy-1.5.11 4) Installation local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY -DCONFIG_HAP_CRYPT -DUSE_ZLIB -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DUSE_OPENSSL -DUSE_SYSCALL_FUTEX -DUSE_PCRE -I/usr/include -DCONFIG_HAPROXY_VERSION=\"1.5.11\" -DCONFIG_HAPROXY_DATE=\"2015/01/31\" \ -DBUILD_TARGET='"linux2628"' \ -DBUILD_ARCH='""' \ -DBUILD_CPU='"generic"' \ -DBUILD_CC='"gcc"' \ -DBUILD_CFLAGS='"-O2 -g -fno-strict-aliasing"' \ -DBUILD_OPTIONS='"USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1"' \ -c -o src/haproxy.o src/haproxy.c gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY -DCONFIG_HAP_CRYPT -DUSE_ZLIB -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DUSE_OPENSSL -DUSE_SYSCALL_FUTEX -DUSE_PCRE -I/usr/include -DCONFIG_HAPROXY_VERSION=\"1.5.11\" -DCONFIG_HAPROXY_DATE=\"2015/01/31\" -c -o src/sessionhash.o src/sessionhash.c gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY -DCONFIG_HAP_CRYPT -DUSE_ZLIB -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DUSE_OPENSSL -DUSE_SYSCALL_FUTEX -DUSE_PCRE -I/usr/include -DCONFIG_HAPROXY_VERSION=\"1.5.11\" -DCONFIG_HAPROXY_DATE=\"2015/01/31\" -c -o src/base64.o src/base64.c .... local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo make install install -d "/usr/local/sbin" install haproxy "/usr/local/sbin" install haproxy-systemd-wrapper "/usr/local/sbin" install -d "/usr/local/share/man"/man1 install -m 644 doc/haproxy.1 "/usr/local/share/man"/man1 install -d "/usr/local/doc/haproxy" for x in configuration architecture haproxy-en haproxy-fr; do \ install -m 644 doc/$x.txt "/usr/local/doc/haproxy" ; \ done 5) Service start local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo vi /etc/init.d/haproxy HAPROXY=/usr/local/sbin/haproxy local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo mkdir /var/lib/haproxy local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo chown -R haproxy:haproxy /var/lib/haproxy local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo /etc/init.d/haproxy start * Starting haproxy haproxy [ OK ] 6) Checking if HA-Proxy 1.5 is running local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo /etc/init.d/haproxy status haproxy is running. 7) Re-configuration of HA-Proxy local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo vi /etc/haproxy/haproxy.cfg global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 45000 # Total Max Connections. This is dependent on your limit user haproxy group haproxy daemon nbproc 4 # Number of processors, quad-core by default chroot /var/lib/haproxy pidfile /var/run/haproxy.pid tune.ssl.default-dh-param 2048 defaults log global mode tcp option tcplog #option dontlognull option redispatch retries 3 timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout check 10s maxconn 2000 frontend pgdbplatform_frontend_cluster01 bind *:5432 mode tcp timeout client 168h option tcplog option logasap default_backend pgdbplatform_backend_cluster01 backend pgdbplatform_backend_cluster01 mode tcp option tcplog balance roundrobin # Load Balancing algorithm timeout server 168h server Primary 10.236.49.12:5432 check server HotStandby 172.24.22.68:5432 check server AsyncStandby 10.236.134.187:5432 check local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo /etc/init.d/haproxy restart 7) Checking if HA-Proxy is listening on Ports local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ netstat -napt | grep 5432 (No info could be read for "-p": geteuid()=1000 but you should be root.) tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN - tcp 0 0 10.236.49.12:5432 10.236.134.187:43864 ESTABLISHED - tcp 0 0 10.236.49.12:5432 10.236.49.12:51766 ESTABLISHED - tcp 0 0 10.236.49.12:5432 10.236.49.12:51765 ESTABLISHED - tcp 0 0 10.236.49.12:5432 172.24.22.68:44906 ESTABLISHED - tcp 0 0 10.236.49.12:54997 172.24.22.68:5432 ESTABLISHED - tcp 0 0 10.236.49.12:57405 10.236.134.187:5432 ESTABLISHED - tcp 0 0 10.236.49.12:51766 10.236.49.12:5432 ESTABLISHED - tcp 0 0 10.236.49.12:51765 10.236.49.12:5432 ESTABLISHED - tcp6 0 0 :::5432 :::* LISTEN - 8) Syslog turning on local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo mv /etc/logrotate.d/rsyslog.disabled /etc/logrotate.d/rsyslog local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo service rsyslog restart 9) Syslog reset local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo vi /etc/rsyslog.conf ----------------------------------------------------------------------------------------- # Custom log facilities for haproxy local0.* /var/log/haproxy_0.log & ~ local1.* /var/log/haproxy_1.log & ~ $ModLoad imuxsock # provides support for local system logging $ModLoad imklog # provides kernel logging support #$ModLoad immark # provides --MARK-- message capability # provides UDP syslog reception $ModLoad imudp $UDPServerRun 514 # local IP address (or name) the UDP listens should bind to #$UDPServerAddress 127.0.0.1 # provides TCP syslog reception $ModLoad imtcp $InputTCPServerRun 514 # $ModLoad ompgsql # *.* :ompgsql:127.0.0.1,rsyslogdb,rsysloguser,centos $AllowedSender UDP, 127.0.0.1, 10.236.49.12/32 $AllowedSender TCP, 127.0.0.1, 10.236.49.12/32 ########################### #### GLOBAL DIRECTIVES #### ########################### # # Use traditional timestamp format. # To enable high precision timestamps, comment out the following line. # $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # Filter duplicated messages $RepeatedMsgReduction on # # Set the default permissions for all log files. # $FileOwner root $FileGroup root $FileCreateMode 0600 $DirCreateMode 0755 $Umask 0066 $PrivDropToUser root $PrivDropToGroup root # # Where to place spool and state files # $WorkDirectory /var/spool/rsyslog # # Include all config files in /etc/rsyslog.d/ # $IncludeConfig /etc/rsyslog.d/*.conf ----------------------------------------------------------------------------------------- 10) Log fixing local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo vi /etc/rsyslog.d/haproxy.conf ----------------------------------------------------------------------------------------- # Custom log facilities for haproxy local0.* /var/log/haproxy_0.log local1.* /var/log/haproxy_1.log $ModLoad imudp #$UDPServerAddress 127.0.0.1 $UDPServerRun 514 $ModLoad imuxsock $ModLoad imklog $ModLoad imtcp $InputTCPServerRun 514 # $ModLoad ompgsql # *.* :ompgsql:127.0.0.1,rsyslogdb,rsysloguser,centos $AllowedSender UDP, 127.0.0.1, 10.236.49.12/32 $AllowedSender TCP, 127.0.0.1, 10.236.49.12/32 $IncludeConfig /etc/rsyslog.d/*.conf ----------------------------------------------------------------------------------------- local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo vi /etc/rsyslog.d/50-default.conf ----------------------------------------------------------------------------------------- # Default rules for rsyslog. # # For more information see rsyslog.conf(5) and /etc/rsyslog.conf # # First some standard log files. Log by facility. # auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none,local0,local1.none -/var/log/syslog #cron.* /var/log/cron.log #daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log #lpr.* -/var/log/lpr.log mail.* -/var/log/mail.log #user.* -/var/log/user.log # # Logging for the mail system. Split it up so that # it is easy to write scripts to parse these files. # #mail.info -/var/log/mail.info #mail.warn -/var/log/mail.warn mail.err /var/log/mail.err # # Logging for INN news system. # news.crit /var/log/news/news.crit news.err /var/log/news/news.err news.notice -/var/log/news/news.notice # # Some "catch-all" log files. # #*.=debug;\ # auth,authpriv.none;\ # news.none;mail.none -/var/log/debug #*.=info;*.=notice;*.=warn;\ # auth,authpriv.none;\ # cron,daemon.none;\ # mail,news.none -/var/log/messages # # Emergencies are sent to everybody logged in. # *.emerg :omusrmsg:* # # I like to have messages displayed on the console, but only on a virtual # console I usually leave idle. # #daemon,mail.*;\ # news.=crit;news.=err;news.=notice;\ # *.=debug;*.=info;\ # *.=notice;*.=warn /dev/tty8 # The named pipe /dev/xconsole is for the `xconsole' utility. To use it, # you must invoke `xconsole' with the `-file' option: # # $ xconsole -file /dev/xconsole [...] # # NOTE: adjust the list below, or you'll go crazy if you have a reasonably # busy site.. # daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole ----------------------------------------------------------------------------------------- local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo service rsyslog restart 11) Rotate Logs local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo vi /etc/logrotate.d/haproxy ----------------------------------------------------------------------------------------- /var/log/haproxy.log { weekly rotate 4 missingok notifempty compress delaycompress postrotate invoke-rc.d rsyslog rotate >/dev/null 2>&1 || true endscript } ----------------------------------------------------------------------------------------- 12) Reloading haproxy.conf by running the following command: local@PGSYNCTEST:/usr/local/src/haproxy-1.5.11$ sudo haproxy -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(sudo cat /var/run/haproxy.pid)
