Hi Praveen.

Please keep the list in the loop, thanks.

Am 20.12.2018 um 07:00 schrieb UPPALAPATI, PRAVEEN:
> Hi Alek,
> 
> Now I am totally confused:
> 
> When I say :
> 
> 
> backend bk_8093_read
>     balance    source
>     http-response set-header X-Server %s
>     option log-health-checks
>     option httpchk GET 
> /nexus/repository/rawcentral/com.att.swm.attpublic/healthcheck.txt 
> HTTP/1.1\r\nHost:\ server1.com:8093\r\nAuthorization:\ Basic\ ...
>     server primary8093r server1.com:8093 check verify none
>     server backUp08093r server2.com:8093 check backup verify none 
>     server backUp18093r server3.com:8093 check backup verify none
> 
> Here server1.com,server2.com and physical server hostnames.

That's the issue. You should have a vhost name which is for all servers the 
same.

> When I define HOST header which server should I define I was expecting 
> haproxy will formulate that to 
> 
> http://server1.com:8093/nexus/repository/rawcentral/com.att.swm.attpublic/healthcheck.txt
> http://server2.com:8093/nexus/repository/rawcentral/com.att.swm.attpublic/healthcheck.txt
> http://server3.com:8093/nexus/repository/rawcentral/com.att.swm.attpublic/healthcheck.txt
> 
> to monitor which servers are live right , so how could I dynamically populate 
> the HOST?

I have written the following:

> I assume that nexus have a general URL and not srv1,srv2, ...

This is also mentioned in the config example.

https://help.sonatype.com/repomanager2/installing-and-running/running-behind-a-reverse-proxy

This means on the nexus should be a generic hostname which is for all servers
the same.

Maybe you can share the nexus config, nexus setup and the nexus version, as it's
normally not a big deal to setup a vhost.

Regards
Aleks


PS: What's this urldefense.proofpoint.com crap 8-O

> Please advice.
> 
> Thanks,
> Praveen.
> 
> 
> 
> -----Original Message-----
> From: Aleksandar Lazic [mailto:al-hapr...@none.at] 
> Sent: Wednesday, December 19, 2018 3:25 PM
> To: UPPALAPATI, PRAVEEN <pu5...@att.com>
> Cc: Jonathan Matthews <cont...@jpluscplusm.com>; Cyril Bonté 
> <cyril.bo...@free.fr>; haproxy@formilux.org
> Subject: Re: Http HealthCheck Issue
> 
> Am 19.12.2018 um 21:04 schrieb UPPALAPATI, PRAVEEN:
>> Ok then do I need to add the haproxy server?
> 
> I suggest to use a `curl -v
> <vhost_for_the_server>/nexus/v1/repository/rawcentral/com.att.swm.attpublic/healthcheck.txt`
> and see how curl make the request.
> 
> I assume that nexus have a general URL and not srv1,srv2, ...
> For example.
> 
> ###
> curl -vo /dev/null 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.haproxy.org&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=CaQ1GDp8D6XzObaEV3Ad9IQ3Q1TwhAAYhFQ24IgwP68&s=53v5RKBVFzzKyU7JGcd8i6eBlGyIfSavQBRkoYcXZm8&e=
> 
> * Rebuilt URL to: 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.haproxy.org_&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=CaQ1GDp8D6XzObaEV3Ad9IQ3Q1TwhAAYhFQ24IgwP68&s=k3KIXBm21aPgFFyUUyjSUxggMPVWIqkWYwdaWeDZ6NI&e=
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  
> Current
>                                  Dload  Upload   Total   Spent    Left  Speed
>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     
> 0*
>   Trying 51.15.8.218...
> * Connected to 
> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.haproxy.org&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=CaQ1GDp8D6XzObaEV3Ad9IQ3Q1TwhAAYhFQ24IgwP68&s=WMHYWYJP4ycNXvPYov7PnJdkQB26fgfXm_ByW2BCM8g&e=
>  (51.15.8.218) port 443 (#0)
> * found 148 certificates in /etc/ssl/certs/ca-certificates.crt
> * found 599 certificates in /etc/ssl/certs
> * ALPN, offering http/1.1
> * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
> *        server certificate verification OK
> *        server certificate status verification SKIPPED
> *        common name: *.haproxy.org (matched)
> *        server certificate expiration date OK
> *        server certificate activation date OK
> *        certificate public key: RSA
> *        certificate version: #3
> *        subject: OU=Domain Control Validated,OU=EssentialSSL
> Wildcard,CN=*.haproxy.org
> *        start date: Fri, 21 Apr 2017 00:00:00 GMT
> *        expire date: Mon, 20 Apr 2020 23:59:59 GMT
> *        issuer: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA
> Limited,CN=COMODO RSA Domain Validation Secure Server CA
> *        compression: NULL
> * ALPN, server accepted to use http/1.1
>> GET / HTTP/1.1
>> Host: 
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.haproxy.org&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=CaQ1GDp8D6XzObaEV3Ad9IQ3Q1TwhAAYhFQ24IgwP68&s=WMHYWYJP4ycNXvPYov7PnJdkQB26fgfXm_ByW2BCM8g&e=
>>  # <<<< That's the host header which is missing in your
> check line
>> User-Agent: curl/7.47.0
>> Accept: */*
>>
> < HTTP/1.1 200 OK
> < date: Wed, 19 Dec 2018 21:09:30 GMT
> < server: Apache
> < last-modified: Wed, 19 Dec 2018 18:32:39 GMT
> < etag: "504ff5-148d4-57d643d22eab7"
> < accept-ranges: bytes
> < content-length: 84180
> < content-type: text/html
> < age: 511
> <
> { [16150 bytes data]
> 
> ###
> 
> Btw.: This is also shown in the manual in the Example of the option.
> 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__cbonte.github.io_haproxy-2Ddconv_1.8_configuration.html-234-2Doption-2520httpchk&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=CaQ1GDp8D6XzObaEV3Ad9IQ3Q1TwhAAYhFQ24IgwP68&s=ucx2Dzw9r5Aal7WxTbUPFzqfeREB5QhdZUjlJ2eBYSk&e=
> 
> `option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www `
> 
> The manual is good, I suggest to read it several times, what I do always ;-)
> 
> You should also avoid `X-` in the response header in your config
> 
> `    http-response set-header X-Server %s`
> 
> As Norman mentioned it in on the list couples of days before.
> 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mail-2Darchive.com_haproxy-40formilux.org_msg32110.html&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=CaQ1GDp8D6XzObaEV3Ad9IQ3Q1TwhAAYhFQ24IgwP68&s=tMLlO3B0RAlc-AbDrNl5u4Mff7C8LdQvGr7TWVPpXzY&e=
> 
> Best regards
> Aleks
> 
>> -----Original Message-----
>> From: Jonathan Matthews [mailto:cont...@jpluscplusm.com] 
>> Sent: Wednesday, December 19, 2018 1:32 PM
>> To: UPPALAPATI, PRAVEEN <pu5...@att.com>
>> Cc: Cyril Bonté <cyril.bo...@free.fr>; haproxy@formilux.org
>> Subject: Re: Http HealthCheck Issue
>>
>> On Wed, 19 Dec 2018 at 19:23, UPPALAPATI, PRAVEEN <pu5...@att.com> wrote:
>>>
>>> Hmm. Wondering why do we need host header? I was able to do curl without 
>>> the header. I did not find anything in the doc.
>>
>> "curl" automatically adds a Host header unless you are directly
>> hitting an IP address.
>>
> 


Reply via email to