[jira] [Updated] (CLOUDSTACK-10228) haproxy listen on VR public Interface tcp:35999

Fri, 12 Jan 2018 05:17:30 -0800 

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10228?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pierre-Luc Dion updated CLOUDSTACK-10228:
-----------------------------------------
    Description: 
On the VR, the default configuration of HAproxy include following 
{{/etc/haproxy/haproxy.cfg}}:
{code}
listen cloud-default 0.0.0.0:35999
        option transparent
{code}

This listener is required so the daemon haproxy can start without predefined LB 
rules.

This cause a problem if a connection is open to :35999, this generate a log 
loop in {{/var/log/haproxy.log}} causing the filesystem to get filed 
{{/var/log}}
Log line example where X.X.X.X is the source NAT ip of the VR:
{code}
Jan 10 00:17:01 localhost haproxy[2513]: Connect from X.X.X.X:34919 to 
X.X.X.X:35999 (cloud-default/TCP)
{code}

h3. Simple fix to follow:
* {code}
listen cloud-default 127.0.0.1:35999
        option transparent
{code}
* change logrotate.d conf for haproxy.log to be more aggressive.



  was:
On the VR, the default configuration of HAproxy include following 
{{/etc/haproxy/haproxy.cfg}}:
{code}
listen cloud-default 0.0.0.0:35999
        option transparent
{code}

This listener is required so the daemon haproxy can start without predefined LB 
rules.

This cause a problem if a connection is open to :35999, this generate a log 
loop in {{/var/log/haproxy.log}} causing the filesystem to get filed 
{{/var/log}}

h3. Simple fix to follow:
* {code}
listen cloud-default 127.0.0.1:35999
        option transparent
{code}
* change logrotate.d conf for haproxy.log to be more aggressive.




> haproxy listen on VR public Interface tcp:35999
> -----------------------------------------------
>
>                 Key: CLOUDSTACK-10228
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10228
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.9.0, 4.10.0.0
>            Reporter: Pierre-Luc Dion
>            Assignee: Pierre-Luc Dion
>
> On the VR, the default configuration of HAproxy include following 
> {{/etc/haproxy/haproxy.cfg}}:
> {code}
> listen cloud-default 0.0.0.0:35999
>       option transparent
> {code}
> This listener is required so the daemon haproxy can start without predefined 
> LB rules.
> This cause a problem if a connection is open to :35999, this generate a log 
> loop in {{/var/log/haproxy.log}} causing the filesystem to get filed 
> {{/var/log}}
> Log line example where X.X.X.X is the source NAT ip of the VR:
> {code}
> Jan 10 00:17:01 localhost haproxy[2513]: Connect from X.X.X.X:34919 to 
> X.X.X.X:35999 (cloud-default/TCP)
> {code}
> h3. Simple fix to follow:
> * {code}
> listen cloud-default 127.0.0.1:35999
>       option transparent
> {code}
> * change logrotate.d conf for haproxy.log to be more aggressive.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to