Hi. I wanted to use the shiny new http-check feature and have seen that the connection keeps alive after the health check. I have also tried to remove "linger" but this does not change anything. Maybe I make something wrong.
My setup: I used here the docker hub haproxy Dockerfile and just used the snapshot from 1st May. Shell 01: podman run --rm -it -p 8080:8080 -v /tmp/haproxy-config:/usr/local/etc/haproxy --network host hap-snap Shell 02: podman run --rm -it -p 9000:9000 --network host -v /tmp/php-root:/var/www/html -v /tmp/php-conf:/mnt php:7.4-fpm --fpm-config /mnt/php-fpm.conf --force-stderr Shell 03: ss --tcp |egrep 9000 # this shows 'ESTAB 0 0 127.0.0.1:58076 127.0.0.1:9000' You can easily replace podman with docker. I get without any user request the following message from php-fpm. ``` [01-May-2020 21:50:32] NOTICE: fpm is running, pid 1 [01-May-2020 21:50:32] NOTICE: ready to handle connections [01-May-2020 21:51:12] WARNING: [pool www] server reached pm.max_children setting (20), consider raising it ^C[01-May-2020 21:51:33] NOTICE: Terminating ... [01-May-2020 21:51:33] NOTICE: exiting, bye-bye! ``` The configs: ``` podman run --rm -it -p 8080:8080 -v /tmp/haproxy-config:/usr/local/etc/haproxy --network host hap-snap haproxy -vv HA-Proxy version 2.2-dev6-a911548 2020/04/30 - https://haproxy.org/ Status: development branch - not safe for use in production. Known bugs: https://github.com/haproxy/haproxy/issues?q=is:issue+is:open Running on: Linux 5.3.0-45-generic #37-Ubuntu SMP Thu Mar 26 20:41:27 UTC 2020 x86_64 Build options : TARGET = linux-glibc CPU = generic CC = gcc CFLAGS = -O2 -g -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-old-style-declaration -Wno-ignored-qualifiers -Wno-clobbered -Wno-missing-field-initializers -Wno-implicit-fallthrough -Wno-stringop-overflow -Wno-cast-function-type -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference OPTIONS = USE_PCRE2=1 USE_PCRE2_JIT=1 USE_GETADDRINFO=1 USE_OPENSSL=1 USE_LUA=1 USE_ZLIB=1 Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT +PCRE2 +PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 +ZLIB -SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL -SYSTEMD -OBSOLETE_LINKER +PRCTL +THREAD_DUMP -EVPORTS Default settings : bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Built with multi-threading support (MAX_THREADS=64, default=8). Built with OpenSSL version : OpenSSL 1.1.1d 10 Sep 2019 Running on OpenSSL version : OpenSSL 1.1.1d 10 Sep 2019 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3 Built with Lua version : Lua 5.3.3 Built with network namespace support. Built with gcc compiler version 8.3.0 Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Built with PCRE2 version : 10.32 2018-09-10 PCRE2 library supports JIT : yes Encrypted password support via crypt(3): yes Built with zlib version : 1.2.11 Running on zlib version : 1.2.11 Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with the Prometheus exporter as a service Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available multiplexer protocols : (protocols marked as <default> cannot be specified using 'proto' keyword) h2 : mode=HTTP side=FE|BE mux=H2 fcgi : mode=HTTP side=BE mux=FCGI <default> : mode=HTTP side=FE|BE mux=H1 <default> : mode=TCP side=FE|BE mux=PASS Available services : prometheus-exporter Available filters : [SPOE] spoe [CACHE] cache [FCGI] fcgi-app [TRACE] trace [COMP] compression ``` HAProxy config: ``` global log stdout format raw daemon debug defaults log global mode http option httplog option dontlognull option log-health-checks timeout connect 5s timeout client 50s timeout server 50s frontend myproxy bind :8080 default_backend phpservers backend phpservers use-fcgi-app php-fpm option httpchk http-check connect default linger proto fcgi http-check send meth GET uri /ping ver HTTP/1.1 http-check expect string pong server server1 127.0.0.1:9000 proto fcgi check fcgi-app php-fpm log-stderr global docroot /var/www/html index index.php path-info ^(/.+\.php)(/.*)?$ ``` PHP Config ``` egrep -v '^(;|$)' /tmp/php-conf/php-fpm.conf [global] pid = /run/php7.4-fpm.pid error_log = /dev/stderr daemonize = no include=/mnt/www.conf ``` ``` egrep -v '^(;|$)' /tmp/php-conf/www.conf [www] user = www-data listen = 9000 pm = dynamic pm.max_children = 20 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 pm.max_requests = 500 pm.status_path = /status ping.path = /ping ping.response = pong access.log= /proc/self/fd/1 php_admin_value[error_log] = /proc/self/fd/1 php_admin_flag[log_errors] = on ```
