On Sun, Jul 12, 2015 at 11:38 PM, Baptiste <bed...@gmail.com> wrote: > hi all, > > As you may have noticed already, HAProxy 1.6-dev2 version has > integrated a new feature: server IP address resolution using DNS. > Main purpose of this dev is to make HAProxy aware of a server IP > change when using environment such as AWS or docker. > > Here is the current status of HAProxy and server name resolution: > - when parsing the configuration, HAProxy uses libc functions and > resolvers provided by the operating system => if the server can't be > resolved at this step, then HAProxy can't start > - in order to make DNS resolution operational at run time, health > checks must be enabled on the server. Actually, the health check > triggers name resolution > - HAProxy uses its own resolvers using the new section called "resolvers". > - HAProxy queries ALL resolvers and take the first non-error response > - a resolution is considered in error when ALL resolvers failed > (whatever the failure was) > - When a resolution is successful, HAProxy keep it for "hold valid" > period. Once "hold valid" has expired, next health check will trigger > a new DNS resolution > > Documentation about it: > - > http://cbonte.github.io/haproxy-dconv/snapshot/configuration-1.6.html#resolvers%20%28Server%20and%20default-server%20options%29 > - http://cbonte.github.io/haproxy-dconv/snapshot/configuration-1.6.html#5.3 > > > Now current status is briefly explained, we have a few WIP tasks we > want to discuss with the community. > We want to here feedback about additional features we have in mind. > > > > First, we want to fix the error when HAProxy fails starting up because > the resolvers pointed by the system can't resolve a server's IP > address (but HAProxy resolvers could). > The idea here would to create a new flag on the server to tell HAProxy > which IP to use. The server would be enabled when the IP has been > provided by the expected tool. > IE, a new server directive could be "init-addr" (for inital IP > address) and would take a list of directive from 'libc', 'dns', > 'a.b.c.d' (arbitrary IP address), etc... (non exhaustive live, more to > come...) > Currently, HAProxy works like this: "init-addr libc,dns" > A new value could be "init-addr dns" > Or "init-addr 1.2.3.4,dns" > > > Second, we want to log server IP changes. > For now, there are 2 ways to change a server IP address: DNS > resolution or using the stats socket command: "set server addr" > 2 options: > - we setup a parameter to enable logging server IP changes, whatever > has updated the server IP > - we allow HAProxy to log server IP changes from a specific source > only. IE, log only when DNS change a server's IP > > > Third, we have to handle DNS response errors. > We thought about the 4 following cases: > - NX domain : all DNS servers can't resolve this host name > - response timeout : no response was received > - query refused : the DNS servers refused our query > - other : all other cases > => For each error, we can maintain the latest good IP for a period > decided by the user. > IE, if you want to keep a server up for 5 minutes while your servers > return NX, then setup "hold nx 5m" in your resolvers section > > > Fourth, we need a new server state when a DNS resolution is in error. > Currently, we have 2 types of state: operational or administrative > - administrative states: ready, maint, drain > - operational states: down, failed, stopped > We have to create a new state (should be operational) which reports > that HAProxy is not able to perform a proper DNS resolution for this > server. Once in that state, the server won't be able to get new > traffic, health checks will be stopped too. > HAProxy will turn the server in this state after the hold period > described in step #3. > > > That's all for now. > Looking forward to read your feedback! > > Baptiste
Hey everyone! I know the message above is very long, but we really need your feedback! An other point I want to add: do you think it would make sense to allow updating the server hostname? It could be useful in environment where people want to pre-configure a farm for scalability, but server host names are not predictable (amazon ??). Baptiste