Hi. Am 15.02.2018 um 17:10 schrieb Irfan Sayed: > Hi, > > Thanks. > > 1: [root@ip-172-31-25-224 haproxy]# ls -lR /var/lib/haproxy > /var/lib/haproxy: > total 0 > srwxr-xr-x. 1 root root 0 Feb 13 08:31 stats
There is no `/var/run` in this dir > 2: I am not getting what is the meaning of this line when you says : > Do you have also the error When you comment this in? >> Just a test. > > not getting what to comment and what not to comment That happen when you top post. Please answer inline, thanks. In your config are this lines. chroot /var/lib/haproxy pidfile /var/run/haproxy.pid In the directory `/var/lib/haproxy` is no directory `/var/run/` so for me it looks like that's wrong but I'm not sure. That's the reason for this line >> Just a test. > 3: [root@ip-172-31-25-224 haproxy]# sestatus > SELinux status: enabled > SELinuxfs mount: /sys/fs/selinux > SELinux root directory: /etc/selinux > Loaded policy name: targeted > Current mode: enforcing > Mode from config file: enforcing > Policy MLS status: enabled > Policy deny_unknown status: allowed > Max kernel policy version: 28 > > 4: how to check when you say , > >> Is haproxy allowed to do his work from selinux point of view? please > elaborate grep haproxy /var/log/audit/audit.log Please take a look into this doc to debug selinux. https://wiki.centos.org/HowTos/SELinux#head-02c04b0b030dd3c3d58bb7acbbcff033505dd3af > regards, > Irfan Regards Aleks > On Thu, Feb 15, 2018 at 4:56 PM, Aleksandar Lazic <[email protected] > <mailto:[email protected]>> wrote: > > Hi. > > Am 15.02.2018 um 16:24 schrieb Irfan Sayed: > > Thanks Aleks for all your help. > > Let me try to help you with the answers for all your questions: > > > > 1: This error is actually coming from haproxy and NOT FROM spring boot > > candidate service. there is no any java exception while running the > > candidate service > > > > 2: out put for command : curl -v --max-time 5 127.0.0.1:8099 > <http://127.0.0.1:8099> > > <http://127.0.0.1:8099> > > [snipp] thanks > > > 3: output for command : haproxy -vv > > > > [root@ip-172-31-25-224 ~]# haproxy -vv > > HA-Proxy version 1.5.18 2016/05/10 > > Copyright 2000-2016 Willy Tarreau <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> > > [snipp] thanks > > Looks like you use centos or rhel? > > Have you tried this > > > > chroot /var/lib/haproxy > > > > Do you have also the error When you comment this in? > > Just a test. > > what's the output of > > ls -lR /var/lib/haproxy > > is there a `/var/run/` dir > > But layer4 shows something with selinux. > > Do you have selinux activated? > Is haproxy allowed to do his work from selinux point of view? > > > Please suggest > > Regards, > > Irfan > > Regards > Aleks > > > > On Thu, Feb 15, 2018 at 3:17 PM, Aleksandar Lazic <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: > > > > Hi Ifran. > > Am 15.02.2018 um 14:17 schrieb Irfan Sayed: > > > Hello, > > > I m newbie to the HAproxy and trying to set that as API > gateway for the > > > micro-services. > > > following is the haproxy.cfg > > > > > > ################################## > > > > > > global > > > log 127.0.0.1 local2 > > > chroot /var/lib/haproxy > > > > Do you have also the error When you comment this in? > > Just a test. > > > > > pidfile /var/run/haproxy.pid > > > maxconn 4000 > > > user root > > > group root > > > daemon > > > > [snipp] > > > > > haproxy service is up and running. however, fronend is not > able to > > > communicate with backend candidate service ... in the > haproxy stats , it > > > says following error : > > > > > > _ > > > Layer4 connection problem: General socket error (Permission > denied) > > > _ > > > > This is the error from haproxy or from spring boot? > > Please can you also show us the output of haproxy -vv , thanks, > > > > > Indeed the candidate is a springboot micro-service and is > running on > > > tomcat port 8099 , but still front end and backend > communication is not > > > happening . i m not sure , whetaher the haproxy > configuration is the > > > problem OR anywhere else ... > > > > > > please help. i m stuck up like anything > > > > What's the output of > > > > curl -v --max-time 5 127.0.0.1:8099 <http://127.0.0.1:8099> > <http://127.0.0.1:8099> > > > > > Regards, > > > irfan > > > > Regards > > Aleks
