Hi Cyril! Responses below:
Are you really sure you're making the same request on the application side (access logs should give you a hint) ? Positive. I’m making the curl request directly from the Apache HTTP server & HAProxy server. The details for the HAProxy curl are in the thread way down below. I can share the exact curl command if it helps you (and as long as the contents stay between us). Logs from proxy are directly below: Feb 14 22:52:06 localhost haproxy[22304]: Proxy globalstats started. Feb 14 22:52:06 localhost haproxy[22304]: Proxy www-http started. Feb 14 22:52:06 localhost haproxy[22304]: Proxy www-frontend started. Feb 14 22:52:06 localhost haproxy[22304]: Proxy www-backend started. Feb 14 22:52:10 localhost haproxy[22305]: 34.195.251.10:30874 [14/Feb/2017:22:52:10.262] www-frontend~ www-backend/lp 67/0/4/6/77 200 158 - - ---- 1/1/0/1/0 0/0 "POST /chat/request.json?v=1 HTTP/1.1" On 2/14/17, 3:28 PM, "Cyril Bonté" <[email protected]> wrote: Le 14/02/2017 à 22:20, Birdwell, Rob a écrit : > Thanks for the quick reply Cyril! > > You’re correct on both counts; this is a test config & the large timeout will definitely not be kept. For the http-server-close, that was a mistake on my part; thank you for noticing that. I’ve tried the configuration both ways (as far as http-send-name-header) & receive the same result. Happy to try any additional suggestions you can provide. (BTW, I just tried removing the http-send-name-header which gave the same results). Are you really sure you're making the same request on the application side (access logs should give you a hint) ? What happens with a curl request on /api/account/61447612/data/request.json?v=1 through haproxy ? (to reproduce the ProxyPass directives in apache). Something like : curl -i --header "Accept:application/json" --header "Content-Type:application/json" --header "Authorization:<appname> appKey=<key>" -X POST https://<frontend_url>/api/account/61447612/data/request.json?v=1 --verbose --data "{\"data\": { \"data\": \"data\", \"maxWaitTime\": 60000 } }" --cacert /etc/haproxy/ssl/<frontend>.pem > > On 2/14/17, 1:58 PM, "Cyril Bonté" <[email protected]> wrote: > > Hi Rob, > > Le 14/02/2017 à 20:23, Birdwell, Rob a écrit : > > Hello, > > > > I was curious if someone would be able to assist with return codes from HAProxy. Currently, we are able to receive a 201 for a reverse proxy solution from Apache HTTP, but when utilzing HAProxy, only a 200 is received utilizing an identical cURL command. The current HAProxy/Apache HTTP & cURL outputs I have are below: > > > > HAProxy configuration: > > > > global > > > > log 127.0.0.1 local2 debug > > > > chroot /var/lib/haproxy > > pidfile /var/run/haproxy.pid > > maxconn 100000 > > group root > > daemon > > tune.ssl.default-dh-param 2048 > > > > stats socket /var/lib/haproxy/stats > > > > > > defaults > > mode http > > log global > > option httplog > > option log-separate-errors > > option dontlognull > > option http-keep-alive > > option dontlog-normal > > option http-server-close > > Not related to your issue but you have to make a choice : use > "http-server-close" or "http-keep-alive", but not both. > > > option redispatch > > option contstats > > option forwardfor > > timeout http-request 45s > > timeout queue 45s > > timeout connect 45s > > timeout client 45s > > timeout server 45s > > timeout http-keep-alive 45s > > timeout check 45s > > Those timeouts should be better tuned. > > > http-send-name-header host > > Here, there's something that can be related to what you observe. > Are you really sure you want to set a "Host" header on the request > between haproxy and your backend server ? Note that it also appears in > www-backend below. > > > maxconn 50000 > > > > listen globalstats > > mode http > > bind *:1936 > > stats enable > > stats show-desc HAProxy for <frontend_url> > > stats uri /stats > > stats show-legends > > stats show-node > > stats refresh 5s > > > > frontend www-http > > bind *:80 > > reqadd X-Forwarded-Proto:\ http > > default_backend www-backend > > > > frontend www-frontend > > bind *:443 ssl crt /etc/haproxy/ssl/<frontend>.pem > > mode http > > reqadd X-Forwarded-Proto:\ https > > default_backend www-backend > > > > backend www-backend > > redirect scheme https if !{ ssl_fc } > > http-send-name-header host > > Same observation here, I'd recommend to make some tests without those > "http-send-name-header host". > > > server lp <backend app>:80 check > > > > Apache config: > > > > NameVirtualHost *:80 > > <VirtualHost *:80> > > ServerName <frontend_url> > > > > Redirect / https://<backend_app>/api/account/61447612/ > > > > > > </VirtualHost> > > > > NameVirtualHost *:443 > > <VirtualHost *:443> > > ServerName <frontend_url> > > LogLevel debug > > CustomLog /etc/httpd/logs/ssl_access_log frontoffice > > ErrorLog /etc/httpd/logs/ssl_access_log > > > > LimitRequestLine 1000000 > > LimitRequestFieldSize 1000000 > > > > SSLEngine On > > SSLProxyEngine On > > > > SSLProxyCheckPeerCN off > > SSLProxyCheckPeerExpire off > > > > AllowEncodedSlashes On > > ProxyPreserveHost On > > > > > > SSLCertificateFile /etc/httpd/ssl/<frontend_url>.pem > > SSLCertificateChainFile /etc/httpd/ssl/<frontend_url>.pem > > > > RewriteEngine On > > > > ProxyPass / https://<backend_app>/api/account/61447612/ retry=2 acquire=3000 timeout=600 Keepalive=On > > ProxyPassReverse https://<frontend_url>/ https://<backend_app>/api/account/61447612/ > > ProxyPassReverseCookiePath https://<backend_app>/api/account/61447612/ https://<frontend_url>/ > > > > </VirtualHost> > > > > > > > > > > Curl command is as follows: > > > > curl -i --header "Accept:application/json" --header "Content-Type:application/json" --header "Authorization:<appname> appKey=<key>" -X POST https://<frontend_url>/data/request.json?v=1 --verbose --data "{\"data\": { \"data\": \"data\", \"maxWaitTime\": 60000 } }" --cacert /etc/haproxy/ssl/<frontend>.pem > > > > > > > > Curl output from HAProxy: > > > > > > … > > > >> POST /data/request.json?v=1 HTTP/1.1 > >> Host: <frontend_app> > >> User-Agent: curl/7.47.1 > >> Accept:application/json > >> Content-Type:application/json > >> Authorization:<appname> appKey=<key> > >> Content-Length: 65 > >> > > * upload completely sent off: 65 out of 65 bytes > > < HTTP/1.1 200 OK > > < Server: WS > > < P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" > > < Date: Tue, 14 Feb 2017 07:49:09 GMT > > < Content-Length: 0 > > No "Location" header in the response, compared to what a direct request > to the backend server sends. I guess this is not the attended behaviour. > > > > > > > Curl output from Apache HTTP: > > > >> POST /data/request.json?v=1 HTTP/1.1 > >> Host: <frontend_app> > >> User-Agent: curl/7.47.1 > >> Accept:application/json > >> Content-Type:application/json > >> Authorization:LivePerson appKey=<key> > >> Content-Length: 65 > >> > > * upload completely sent off: 65 out of 65 bytes > > < HTTP/1.1 201 Created > > < Date: Tue, 14 Feb 2017 19:15:23 GMT > > < Server: WS > > < Content-Length: 0 > > < Content-Type: application/json > > < Location: https://<fronend_app>/api/<data>/<data>/data/<key> > > < P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" > > < Connection: close > > > > Perhaps I need to configure HAProxy differently? I have searched the forums and the web, but do not believe I specifically understand what is required in order to receive this code from the remote system as I do from Apache HTTP. Is this because HAProxy is configured only to return a 200 for any successful connection? Please advise and thank you very much for a wonderful product! > > No, haproxy will send the same status code as the backend. > > > > > Rob > > 970.344.5170 > > > > > -- > Cyril Bonté > > -- Cyril Bonté
