Thanks a lot man, i'll take a look at that ! really appreciate it :) i'll come back to you if needed, but the help was great! :)
-----Message d'origine----- De : Aleksandar Lazic [mailto:al-hapr...@none.at] Envoyé : vendredi 23 août 2019 11:14 À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc> Cc : haproxy@formilux.org Objet : Re: Help required ehhe Am 23-08-2019 02:04, schrieb andy.anthoine....@opt.nc: > REALLY SORRY ABOUT THAT lollllllll > > I'll copy paste my bad :D > > admin@sld-loadb-01-prd-cit:~$ curl -v -o /dev/null --max-time 5 > --http1.0 http://10.154.2.29:8080/iws/ curl -v -o /dev/null --max-time > 5 --http1.0 http://10.154.2.29:8080/eoc/login > -bash: curl: command not found > > Ok, i'll separate the commands next time :) > > The lb i m working on is the production one, i'll check, but can't > really do anything like installing on it. Okay. > Telnet works :) if it's enough for you ? should work. > admin@sld-loadb-01-prd-cit:~$ telnet 10.154.2.29 8080 Trying > 10.154.2.29... > Connected to 10.154.2.29. > Escape character is '^]'. > > >> So on the back ends are the check ports reachable and you get a 200 >> back. > > server sli-ecmapp-01-prd-cit 10.154.2.29:8443 server > sli-ecmapp-02-prd-cit 10.154.2.31:8443 > > admin@sld-loadb-01-prd-cit:~$ telnet 10.154.2.29 8443 Trying > 10.154.2.29... > telnet: Unable to connect to remote host: No route to host That's the problem! The test was wrong. you make a telnet to 8443 but the check port is 8080 Try this. echo -e 'GET /iws/ HTTP/1.0\n\r\n\r'|telnet 10.154.2.29 8080 > admin@sld-loadb-01-prd-cit:~$ telnet 10.154.2.31 8443 Trying > 10.154.2.31... > Connected to 10.154.2.31. > Escape character is '^]'. > ^CConnection closed by foreign host. That's another one. echo -e 'GET /iws/ HTTP/1.0\n\r\n\r'|telnet 10.154.2.31 8080 > Seems like i got one of my answer........ Yes looks like. >> Is there any firewall in between the LB & BE? > Yes there is one Are both ports (8080 & 8443) open from LB top both BE? Looks like not a haproxy issue. Regards Aleks > -----Message d'origine----- > De : Aleksandar Lazic [mailto:al-hapr...@none.at] Envoyé : vendredi 23 > août 2019 10:57 À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc> Cc > : haproxy@formilux.org Objet : Re: Help required ehhe > > Hi. > > Am 23-08-2019 01:43, schrieb andy.anthoine....@opt.nc: > >> Hi, >> >> I can't launch the command from the LB > > I love screenshots! It's so easy to copy paste from them 8-/ > > do you have any other tool which you can use to check if the > connection is possible from LB to Backend? > > nc? > telnet? > ...? > >> But from the server he is what i get >> >> [root@sli-ecmapp2-prd ~]# curl -v -o /dev/null --max-time 5 --http1.0 >> http://10.154.2.29:8080/iws/ curl -v -o /dev/null --max-time 5 >> --http1.0 http://10.154.2.29:8080/eoc/login > > Please one curl AFTER the other, the next time, just separate the > commands with ;. > > curl -v -o /dev/null --max-time 5 --http1.0 > http://10.154.2.29:8080/iws/ ; curl -v -o /dev/null --max-time 5 > --http1.0 http://10.154.2.29:8080/eoc/login > >> * About to connect() to 10.154.2.29 port 8080 (#0) >> * Trying 10.154.2.29... > ... >> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- >> 0* Connected to 10.154.2.29 (10.154.2.29) port 8080 (#0) >> >>> GET /iws/ HTTP/1.0 >>> User-Agent: curl/7.29.0 >>> Host: 10.154.2.29:8080 >>> Accept: */* >>> >> >> < HTTP/1.1 200 OK >> < Server: Apache-Coyote/1.1 > > [snipp] > >> curl: (28) Resolving timed out after 5515 milliseconds > > That looks strange, but maybe not the issue for now. > >> * About to connect() to 10.154.2.29 port 8080 (#2) >> * Trying 10.154.2.29... >> * Connected to 10.154.2.29 (10.154.2.29) port 8080 (#2) >> >>> GET /eoc/login HTTP/1.0 >>> User-Agent: curl/7.29.0 >>> Host: 10.154.2.29:8080 >>> Accept: */* >>> >> >> < HTTP/1.1 200 OK >> < Server: Apache-Coyote/1.1 > > [snipp] > >> * Closing connection 2 > > So on the back ends are the check ports reachable and you get a 200 > back. > Is there any firewall in between the LB & BE? > > What's your haproxy version? > > haproxy -vv > > >> Best regards >> >> Andy >> >> -----Message d'origine----- >> De : Aleksandar Lazic [mailto:al-hapr...@none.at] Envoyé : vendredi >> 23 août 2019 10:33 À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc> >> Cc >> : haproxy@formilux.org Objet : Re: Help required ehhe >> >> Am 23-08-2019 00:49, schrieb andy.anthoine....@opt.nc: >> >>> Hi, >> >>> >> >>> Ehhe not an external ip don't worry, or i would have deleted it hehe >> >>> >> >>> No change, the problem seems to be there since before i m here, and >> >>> they now need it to be fixed >> >>> >> >>> I don't see anything in particular in the logs, beside that kind of >> >>> thing which is normal since the server is rebooted at this time ;) >> >>> >> >>> Aug 22 05:00:23 sld-loadb-01-prd-cit local1.alert haproxy[2244]: >> >>> Server ecmapp-prd-be-8443/sli-ecmapp-01-prd-cit is DOWN, reason: >> >>> Layer4 connection problem, info: "Connection refused at step 1 of >> >>> tcp-check (connect port 8080)", check duration: 0ms. 1 active and 0 >> >>> backup servers left. 62 sessions active, 0 requeued, 0 remaining in >> >>> queue. >> >> this looks to me that the loadbalancer can't connect to the backend >> check port, is something listen on the backend server on port 8080? >> >> Please can you try the following command from the loadbalancer. >> >> curl -v -o /dev/null --max-time 5 --http1.0 >> http://10.154.2.29:8080/iws/ curl -v -o /dev/null --max-time 5 >> --http1.0 http://10.154.2.29:8080/eoc/login >> >> The same for 10.154.2.31 >> >>> What do you mean by that ? >> >> I have shorten the config to reduce the size of the mail. >> >>>> mode http >> >>> >> >>> [snip more config] >> >>> >> >>> -----Message d'origine----- >> >>> De : Aleksandar Lazic [mailto:al-hapr...@none.at] Envoyé : vendredi >>> 23 >> >>> août 2019 09:41 À : ANTHOINE Andy (EXT) <andy.anthoine....@opt.nc> >>> Cc >> >>> : haproxy@formilux.org Objet : Re: Help required ehhe >> >>> >> >>> Hi. >> >>> >> >>> Am 23-08-2019 00:28, schrieb andy.anthoine....@opt.nc: >> >>> >> >>>> Hi, >> >>>> >> >>>> I got that email on this site, not sure if it's still working etc >> >>>> https://www.slideshare.net/haproxytech/haproxy-best-practice >> >> [snipp] >> >>> What's your haproxy version? >> >>> >> >>> haproxy -vv >> >>> >> >>> Application load balancing & high availability v8.5.7 (8546) >> >> That's not the full output of the command line call haproxy -vv . >> >>> Thanks a lot for the answer man ! >> >>> >> >>> >> >>> >> >>>> Thanks ! >> >>>> >> >>>> Andy >> >> Regards >> >> Aleks >> >> --------------------------------------------------------------------C >> e message et toutes les pièces jointes (ci-après le « message ») sont >> à l'attention exclusive des destinataires désignés. Il peut contenir >> des informations confidentielles. Si vous le recevez par erreur, >> merci d'en informer immédiatement l'émetteur et de le détruire. Toute >> utilisation, diffusion ou toute publication, totale ou partielle, est >> interdite, sauf autorisation. Tout message électronique étant >> susceptible d'altération, l'OPT NC décline toute responsabilité au >> titre de ce message dans l'hypothèse où il aurait été modifié. >> ----------------------------This message and any attachments (the « >> message ») are intended solely for the addresses. It may contain >> privileged information. If you receive this message in error, please >> immediately notify the sender and delete it. Any use, dissemination >> or disclosure, either whole or partial, is prohibited unless formal >> approval. Emails are susceptible to alteration; OPT NC shall not >> therefore be liable for the message if modified. >> >> Pensez à l'environnement, n'imprimez que si nécessaire. > > > -------------------------------------------------------------------- > Ce message et toutes les pièces jointes (ci-après le « message ») sont > à l'attention exclusive des destinataires désignés. Il peut contenir > des informations confidentielles. Si vous le recevez par erreur, merci > d'en informer immédiatement l'émetteur et de le détruire. Toute > utilisation, diffusion ou toute publication, totale ou partielle, est > interdite, sauf autorisation. Tout message électronique étant > susceptible d'altération, l'OPT NC décline toute responsabilité au > titre de ce message dans l'hypothèse où il aurait été modifié. > ---------------------------- > This message and any attachments (the « message ») are intended solely > for the addresses. It may contain privileged information. If you > receive this message in error, please immediately notify the sender > and delete it. Any use, dissemination or disclosure, either whole or > partial, is prohibited unless formal approval. Emails are susceptible > to alteration; OPT NC shall not therefore be liable for the message if > modified. > > Pensez à l'environnement, n'imprimez que si nécessaire. -------------------------------------------------------------------- Ce message et toutes les pièces jointes (ci-après le « message ») sont à l'attention exclusive des destinataires désignés. Il peut contenir des informations confidentielles. Si vous le recevez par erreur, merci d'en informer immédiatement l'émetteur et de le détruire. Toute utilisation, diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation. Tout message électronique étant susceptible d'altération, l'OPT NC décline toute responsabilité au titre de ce message dans l'hypothèse où il aurait été modifié. ---------------------------- This message and any attachments (the « message ») are intended solely for the addresses. It may contain privileged information. If you receive this message in error, please immediately notify the sender and delete it. Any use, dissemination or disclosure, either whole or partial, is prohibited unless formal approval. Emails are susceptible to alteration; OPT NC shall not therefore be liable for the message if modified. Pensez à l'environnement, n'imprimez que si nécessaire.
