Hey Patrick,

Have you looked at the fixes in 1.8.16? They sound kinda-sorta related to
your problem ...

J

On Sun, 23 Dec 2018 at 16:17, Patrick Valsecchi <patr...@thus.ch> wrote:

> I did a tcpdump. My config is modified to point to a local container (www)
> in a docker compose (I'm trying to simplify my setup). You can see the DNS
> answers correctly:
>
> 16:06:00.181533 IP (tos 0x0, ttl 64, id 63816, offset 0, flags [DF], proto
> UDP (17), length 68)
>     127.0.0.11.53 > localhost.40994: 63037 1/0/0 www. A 172.20.0.17 (40)
>
> Could it be related to that?
> https://github.com/haproxy/haproxy/commit/8d4e7dc880d2094658fead50dedd9c22c95c556a
> On 23.12.18 13:59, Patrick Valsecchi wrote:
>
> Hi,
>
> Since haproxy version 1.8.14 and including the last 1.9 release, haproxy
> puts all my backends in MAINT after around 31s. They first work fine, but
> then they are put in MAINT.
>
> The logs look like that:
>
> <149>Dec 23 12:45:11 haproxy[1]: Proxy www started.
> <149>Dec 23 12:45:11 haproxy[1]: Proxy plain started.
> [NOTICE] 356/124511 (1) : New worker #1 (8) forked
> <150>Dec 23 12:45:13 haproxy[8]: 89.217.194.174:49752
> [23/Dec/2018:12:45:13.098] plain www/linked 0/0/16/21/37 200 4197 - - ----
> 1/1/0/0/0 0/0 "GET / HTTP/1.1"
> [WARNING] 356/124542 (8) : Server www/linked is going DOWN for maintenance
> (DNS timeout status). 0 active and 0 backup servers left. 0 sessions
> active, 0 requeued, 0 remaining in queue.
> <145>Dec 23 12:45:42 haproxy[8]: Server www/linked is going DOWN for
> maintenance (DNS timeout status). 0 active and 0 backup servers left. 0
> sessions active, 0 requeued, 0 remaining in queue.
> [ALERT] 356/124542 (8) : backend 'www' has no server available!
> <144>Dec 23 12:45:42 haproxy[8]: backend www has no server available!
>
> I run haproxy using docker:
>
> docker run --name toto -ti --rm -v
> /home/docker-compositions/web/proxy/conf.test:/etc/haproxy/:ro -p 8080:80
> haproxy:1.9 haproxy -f /etc/haproxy/
>
> And my config is that:
>
> global
>     log stderr local2
>     chroot      /tmp
>     pidfile     /run/haproxy.pid
>     maxconn     4000
>     max-spread-checks 500
>
>     master-worker
>
>     user        nobody
>     group       nogroup
>
> resolvers dns
>   nameserver docker 127.0.0.11:53
>   hold valid 1s
>
> defaults
>     mode                    http
>     log                     global
>     option                  httplog
>     option                  dontlognull
>     option http-server-close
>     option forwardfor       except 127.0.0.0/8
>     option                  redispatch
>     retries                 3
>     timeout http-request    10s
>     timeout queue           1m
>     timeout connect         10s
>     timeout client          10m
>     timeout server          10m
>     timeout http-keep-alive 10s
>     timeout check           10s
>     maxconn                 3000
>     default-server init-addr last,libc,none
>
>     errorfile 400 /usr/local/etc/haproxy/errors/400.http
>     errorfile 403 /usr/local/etc/haproxy/errors/403.http
>     errorfile 408 /usr/local/etc/haproxy/errors/408.http
>     errorfile 500 /usr/local/etc/haproxy/errors/500.http
>     errorfile 502 /usr/local/etc/haproxy/errors/502.http
>     errorfile 503 /usr/local/etc/haproxy/errors/503.http
>     errorfile 504 /usr/local/etc/haproxy/errors/504.http
>
> backend www
>     option httpchk GET / HTTP/1.0\r\nUser-Agent:\ healthcheck
>     http-check expect status 200
>     default-server inter 60s fall 3 rise 1
>     server linked www.topin.travel:80 check resolvers dns
>
> frontend plain
>     bind :80
>
>     http-request set-header X-Forwarded-Proto       http
>     http-request set-header X-Forwarded-Host        %[req.hdr(host)]
>     http-request set-header X-Forwarded-Port        %[dst_port]
>     http-request set-header X-Forwarded-For         %[src]
>     http-request set-header X-Real-IP               %[src]
>
>     compression algo gzip
>     compression type text/css text/html text/javascript
> application/javascript text/plain text/xml application/json
>
>     # Forward to the main linked container by default
>     default_backend www
>
>
> Any idea what is happening? I've tried to increase the DNS resolve timeout
> to 5s and it didn't help. My feeling is that the newer versions of haproxy
> cannot talk with the DNS provided by docker.
>
> Thanks
>
> --
Jonathan Matthews
London, UK
http://www.jpluscplusm.com/contact.html

Reply via email to