On Thu, May 28, 2015 at 03:20:09PM +0200, Kevin Maziere wrote:
2015-05-28 11:11 GMT+02:00 mkzero <[email protected]>:On Thu, May 28, 2015 at 10:44:21AM +0200, Pavlos Parissis wrote:On 28/05/2015 10:14 πμ, Kevin Maziere wrote:2015-05-26 17:02 GMT+02:00 Lukas Tribus <[email protected] <mailto:[email protected]>>: > Hi the list > > In my backend I've many servers, and I'd like to add some that receive > a copy of all the requests arriving to the backend. Of course haproxy > won't reply to them after sending the request. > I don't find any option for 'server' in section 5 of the docs, that > will allow me to define such 'spy' servers. > Is that possible ? No, you can only send a request once, to a single server. Lukas After searching it seems that this functionality is often wanted by users, and only third part proxy (teeproxy/gor/...) are doing part of the job. Could it be added to feature request ? Maybe a new keyword for server like 'mirror' for example, which also send the traffic to the host but discard any answers. KévinDepending the purpose of the 'mirror' you can achieve it without touching HAProxy. If you want to reply traffic for debug/performance reasons and request don't carry payload(POST method etc) you can enable logging, either on HAProxy or target servers, and take from the log the info you need and replay them with a tool(curl/wget/siege etc). Another way is to use a TAP device, some of them have can 'duplicate' incoming traffic to another destination.You could probably use the tee module of iptables as well, it's pretty low-level and doesn't use too much additional ressources(apart from network bandwidth, of course).Cheers, PavlosThanks for your reply, I will test the solutions.But I'm still thinking that such behaviour will be a good improvement in haproxy :)
I can't see a usecase, except maybe laweful interception / spying, that is not covered by iptables, port mirroring or tools like tcpdump or wireshark... IMHO No need to bloat a good software when there's no real need to.
signature.asc
Description: Digital signature
