On Wed, Sep 03, 2025 at 10:44:06AM +0200, Amaury Denoyelle wrote: > On Tue, Sep 02, 2025 at 04:18:22PM +0000, Daniel Lenar wrote: > > Hello, > > I was struggling to get connection reuse working when check_reuse_pool was > > enabled. My patch addresses what I had to do to get see TCP connections > > being reused with my haproxy configuration below. > > I had very simplistic haproxy.cfg. The IPs and hostnames have been redacted. > > global > > log stdout format raw local0 > > daemon > > stats socket /tmp/stats > > frontend main > > bind *:8080 > > mode http > > option httplog > > option http-keep-alive > > log global > > use_backend https:example.com > > backend https:example.com > > mode http > > option httpchk GET /ready HTTP/1.1 > > http-check send hdr Connection keep-alive hdr Host example.com hdr > > User-Agent "Health-Check" > > http-reuse always > > default-server maxconn 2000 check-reuse-pool inter 3000 > > pool-purge-delay 60s check ssl verify none > > server servara 10.0.0.1:443 > > server serverb 10.0.0.2:443 > > server serverc 10.0.0.3:443 > > > The tcpcheck_use_nondefault_connect() function was considering SSL as a > > > none default connection. If your backed servers were using SSL, then you > > > couldn’t reuse connections. In terms of http/https, only http backends > > > were eligible for connection reuse. > I have just seen your message so I did not conduct many tests. However, > one thing that may explain a part of the problem is that you do not have > "check-ssl" server keyword. Without it, checks will be performed in > clear HTTP, thus it won't be able to reuse any connection from the pool > as transport will not match. This explains why you had to change > tcpcheck_use_nondefault_connect() to remove check->use_ssl.
Hum, please ignore this comment, I took the problem from the wrong side. If there is any check-* keywords on the server line, we consider that reuse should not be performed. Hence you must not specify any check-*, except of course check-reuse-pool. -- Amaury Denoyelle
