Hi Jonathan,

I've build the 1.8.16 image myself and the problem is indeed fixed. Any plan of including that fix in a 1.9.1 release?


On 23.12.18 18:20, Jonathan Matthews wrote:
Hey Patrick,

Have you looked at the fixes in 1.8.16? They sound kinda-sorta related to your problem ...


On Sun, 23 Dec 2018 at 16:17, Patrick Valsecchi <patr...@thus.ch <mailto:patr...@thus.ch>> wrote:

    I did a tcpdump. My config is modified to point to a local
    container (www) in a docker compose (I'm trying to simplify my
    setup). You can see the DNS answers correctly:

        16:06:00.181533 IP (tos 0x0, ttl 64, id 63816, offset 0, flags
        [DF], proto UDP (17), length 68)
   > localhost.40994: 63037 1/0/0 www. A (40)

    Could it be related to that?

    On 23.12.18 13:59, Patrick Valsecchi wrote:


    Since haproxy version 1.8.14 and including the last 1.9 release,
    haproxy puts all my backends in MAINT after around 31s. They
    first work fine, but then they are put in MAINT.

    The logs look like that:

        <149>Dec 23 12:45:11 haproxy[1]: Proxy www started.
        <149>Dec 23 12:45:11 haproxy[1]: Proxy plain started.
        [NOTICE] 356/124511 (1) : New worker #1 (8) forked
        <150>Dec 23 12:45:13 haproxy[8]:
        <> [23/Dec/2018:12:45:13.098]
        plain www/linked 0/0/16/21/37 200 4197 - - ---- 1/1/0/0/0 0/0
        "GET / HTTP/1.1"
        [WARNING] 356/124542 (8) : Server www/linked is going DOWN
        for maintenance (DNS timeout status). 0 active and 0 backup
        servers left. 0 sessions active, 0 requeued, 0 remaining in
        <145>Dec 23 12:45:42 haproxy[8]: Server www/linked is going
        DOWN for maintenance (DNS timeout status). 0 active and 0
        backup servers left. 0 sessions active, 0 requeued, 0
        remaining in queue.
        [ALERT] 356/124542 (8) : backend 'www' has no server available!
        <144>Dec 23 12:45:42 haproxy[8]: backend www has no server

    I run haproxy using docker:

        docker run --name toto -ti --rm -v
        -p 8080:80 haproxy:1.9 haproxy -f /etc/haproxy/

    And my config is that:

            log stderr local2
            chroot      /tmp
            pidfile     /run/haproxy.pid
            maxconn     4000
            max-spread-checks 500


            user        nobody
            group       nogroup

        resolvers dns
          nameserver docker <>
          hold valid 1s

            mode                    http
            log                     global
            option                  httplog
            option                  dontlognull
            option http-server-close
            option forwardfor       except
            option                  redispatch
            retries                 3
            timeout http-request    10s
            timeout queue           1m
            timeout connect         10s
            timeout client          10m
            timeout server          10m
            timeout http-keep-alive 10s
            timeout check           10s
            maxconn                 3000
            default-server init-addr last,libc,none

            errorfile 400 /usr/local/etc/haproxy/errors/400.http
            errorfile 403 /usr/local/etc/haproxy/errors/403.http
            errorfile 408 /usr/local/etc/haproxy/errors/408.http
            errorfile 500 /usr/local/etc/haproxy/errors/500.http
            errorfile 502 /usr/local/etc/haproxy/errors/502.http
            errorfile 503 /usr/local/etc/haproxy/errors/503.http
            errorfile 504 /usr/local/etc/haproxy/errors/504.http

        backend www
            option httpchk GET / HTTP/1.0\r\nUser-Agent:\ healthcheck
            http-check expect status 200
            default-server inter 60s fall 3 rise 1
            server linked www.topin.travel:80
        <http://www.topin.travel:80> check resolvers dns

        frontend plain
            bind :80

            http-request set-header X-Forwarded-Proto       http
            http-request set-header X-Forwarded-Host       
            http-request set-header X-Forwarded-Port        %[dst_port]
            http-request set-header X-Forwarded-For         %[src]
            http-request set-header X-Real-IP               %[src]

            compression algo gzip
            compression type text/css text/html text/javascript
        application/javascript text/plain text/xml application/json

            # Forward to the main linked container by default
            default_backend www

    Any idea what is happening? I've tried to increase the DNS
    resolve timeout to 5s and it didn't help. My feeling is that the
    newer versions of haproxy cannot talk with the DNS provided by


Jonathan Matthews
London, UK

Reply via email to