Re: [PATCH] [MINOR] CSS HTML fun
On Mon, Oct 12, 2009 at 11:39:54PM +0200, Krzysztof Piotr Oledzki wrote: From 6fc49b084ad0f4513c36418dfac1cf1046af66da Mon Sep 17 00:00:00 2001 From: Krzysztof Piotr Oledzki o...@ans.pl Date: Mon, 12 Oct 2009 23:09:08 +0200 Subject: [MINOR] CSS HTML fun This patch makes stats page about 30% smaller and CSS 2.1 + HTML 4.01 Transitional compliant. There should be no visible differences. Changes: - add missing /ul End tag for ul is optional according to http://www.w3.org/TR/html401/struct/lists.html#edef-UL
Re: [PATCH] [MINOR] CSS HTML fun
Hello,
2009/10/13 Dmitry Sivachenko mi...@cavia.pp.ru:
End tag for ul is optional according to
really? Something new to me :)
http://www.w3.org/TR/html401/struct/lists.html#edef-UL
hmm. /li is optional (implied by next li or closing /{u,o}l,
/{u,o}l not?
!ELEMENT UL - - (LI)+ -- unordered list --
!ATTLIST UL
%attrs; -- %coreattrs, %i18n, %events --
!ELEMENT OL - - (LI)+ -- ordered list --
!ATTLIST OL
%attrs; -- %coreattrs, %i18n, %events --
Start tag: required, End tag: required
the line stating Start tag: required, End tag: optional
is for the li
Just my 2cent
Beni.
Re: [PATCH] [MINOR] CSS HTML fun
On Tue, Oct 13, 2009 at 02:16:12PM +0200, Benedikt Fraunhofer wrote: Hello, 2009/10/13 Dmitry Sivachenko mi...@cavia.pp.ru: End tag for ul is optional according to really? Something new to me :) OMG, sorry, I am blind. Forget about that.
RE: multiple applications using HAproxy LB
Hi, Ryan Sorry, I might not have explained this clearly. What I need is explained here: http://agiletesting.blogspot.com/2009/02/load-balancing-in-amazon-ec2-with.html However, I am having problem of acl Boolean statement: acl acl_domain1 url_sub domain1 -i acl acl_domain2 url_sub domain2 -i use_backend domain1_farm if acl_domain1 use_backend domain2_farm if acl_domain2 default_backend default_farm it seems that those url_sub domain* statement will never be true. If I change it to acl acl_domain1 always_true it obviously hit domain1_farm. Is there a way to see the value of url? BTW: are you the Ryan graduated from UCB and worked for a female professor in bioinformatics field? Thanks Xia -Original Message- From: randa...@bioinfo.wsu.edu [mailto:randa...@bioinfo.wsu.edu] Sent: Monday, October 12, 2009 3:39 PM To: Ryan Schlesinger Cc: haproxy@formilux.org; xji...@xignite.com Subject: Re: multiple applications using HAproxy LB I am using Nginx in front of HAProxy to provide similar functionality. I personally like Nginx because it is a little lighter in terms of resources, but that is just my opinion. Apache would work well to. Thanks, Randall Svancara Systems Administrator/DBA/Developer Main Bioinformatics Laboratory - Original Message - From: Ryan Schlesinger r...@instanceinc.com To: xji...@xignite.com Cc: haproxy@formilux.org Sent: Monday, October 12, 2009 2:42:20 PM Subject: Re: multiple applications using HAproxy LB It sounds like what you really want is to put apache (or some other web server) in front of haproxy to do name based virtual hosting. Requests for your two domains would work like this: client - apache:80 (domain1 virtual host) - haproxy:8080 client - apache:80 (domain2 virtual host) - haproxy:8081 I'm using mod_rewrite in different virtual hosts to proxy requests to haproxy in exactly this way. Also, in this setup, a request to http://ec2XX.compute-1.amazonaws.com /xhaproxy214591 would be caught by your first (default) virtual host and proxied correctly to haproxy. I hope I understood your question correctly. Ryan On 10/12/2009 02:30 PM, Xia Jiang wrote: Hello, I have a question regarding configuration for multiple applications using Haproxy. What I want: use Haproxy to handle LB among multiple instances, which each instance can have more than one servers. What I have: ~~~ # Configuration for one application: listen domain1 :8080 mode http balance roundrobin option httpclose option forwardfor stats uri /xhaproxy214591 option httpchk GET /healthcheck214591.php # Example server line (with optional cookie and check included) server i-41319a29 10.251.75.47:80 check inter 3000 rise 2 fall 3 maxconn 650 server i-41319a29 10.251.75.48:80 check inter 3000 rise 2 fall 3 maxconn 650 listen domain2 :8081 mode http balance roundrobin option httpclose option forwardfor stats uri /xhaproxy214591 option httpchk GET /healthcheck214591.php # Example server line (with optional cookie and check included) server i-71319a19 10.208.217.220:80 check inter 3000 rise 2 fall 3 maxconn 650 server i-71319a19 10.208.218.220:80 check inter 3000 rise 2 fall 3 maxconn 650 Question: 1. Do I have to set the one of the application port numbers to be 80? Otherwise it won’t show me the status page. 2. By setting one of the port number to be “80”, I can’t access the other application. i.e, by setting domain1 port number to be 80, by hitting http://ec2XX.compute-1.amazonaws.com , I can see the index page of “10.251.75.47” or “10.251.75.48” but I can’t view “10.208.217.220” or “10.208.218.220” by hitting http://ec2XX.compute-1.amazonaws.com :8081 Thanks! Your answer will be greatly appreciated. Xia
[PATCH] [MINOR] Collect provide http response codes received from servers
From a3aac1f1149db0b52dc66f9e70e5ab8d14418b71 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki o...@ans.pl
Date: Tue, 13 Oct 2009 21:14:09 +0200
Subject: [MINOR] Collect provide http response codes received from servers
Additional data is provided on both html csv stats:
- html: when passing a mouse over Sessions - Total (servers, backends)
- cvs: by 6 additional fields (hrsp_1xx, hrsp_2xx, hrsp_3xx, hrsp_4xx,
hrsp_5xx, hspr_other)
Patch inspired by:
http://www.formilux.org/archives/haproxy/0910/2528.html
http://www.formilux.org/archives/haproxy/0910/2529.html
---
doc/configuration.txt|6 +++
include/types/counters.h | 12 ++
src/dumpstats.c | 85 -
src/proto_http.c |8
4 files changed, 101 insertions(+), 10 deletions(-)
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 65a8cef..ef768f8 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -6726,6 +6726,12 @@ page. Both means provide a CSV format whose fields
follow.
L7STS - layer 7 response error, for example HTTP 5xx
37. check_code: layer5-7 code, if available
38. check_duration: time in ms took to finish last health check
+ 39. hrsp_1xx: http responces with 1xx code
+ 40. hrsp_2xx: http responces with 2xx code
+ 41. hrsp_3xx: http responces with 3xx code
+ 42. hrsp_4xx: http responces with 4xx code
+ 43. hrsp_5xx: http responces with 5xx code
+ 44. hrsp_other: http responces with other codes (protocol error)
9.2. Unix Socket commands
diff --git a/include/types/counters.h b/include/types/counters.h
index 6dfef22..f551bf0 100644
--- a/include/types/counters.h
+++ b/include/types/counters.h
@@ -38,6 +38,12 @@ struct pxcounters {
long long denied_req, denied_resp; /* blocked requests/responses
because of security concerns */
long long failed_req; /* failed requests (eg: invalid
or timeout) */
+ union {
+ struct {
+ long long rsp[6]; /* http resonse codes */
+ } http;
+ } p;
+
long long failed_conns, failed_resp;/* failed connect() and
responses */
long long retries, redispatches;/* retried and redispatched
connections */
};
@@ -69,6 +75,12 @@ struct srvcounters {
long long retries, redispatches;/* retried and redispatched
connections */
long long failed_secu; /* blocked responses because of
security concerns */
+ union {
+ struct {
+ long long rsp[6]; /* http resonse codes */
+ } http;
+ } p;
+
long long failed_checks, down_trans;/* failed checks and up-down
transitions */
};
diff --git a/src/dumpstats.c b/src/dumpstats.c
index 849e2da..522c3f8 100644
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@@ -244,6 +244,7 @@ int print_csv_header(struct chunk *msg)
pid,iid,sid,throttle,lbtot,tracked,type,
rate,rate_lim,rate_max,
check_status,check_code,check_duration,
+
hrsp_1xx,hrsp_2xx,hrsp_3xx,hrsp_4xx,hrsp_5xx,hspr_other,
\n);
}
@@ -1300,6 +1301,8 @@ int stats_dump_proxy(struct session *s, struct proxy *px,
struct uri_auth *uri)
%u,%u,%u,
/* check_status, check_code,
check_duration */
,,,
+/* http response: 1xx, 2xx, 3xx, 4xx, 5xx,
other */
+,,
\n,
px-id,
px-feconn, px-counters.feconn_max,
px-maxconn, px-counters.cum_feconn,
@@ -1391,6 +1394,8 @@ int stats_dump_proxy(struct session *s, struct proxy *px,
struct uri_auth *uri)
,,,
/* check_status, check_code,
check_duration */
,,,
+/* http response: 1xx, 2xx, 3xx, 4xx, 5xx,
other */
+,,
\n,
px-id, l-name,
l-nbconn, l-counters-conn_max,
@@ -1467,16 +1472,32 @@ int stats_dump_proxy(struct session *s, struct proxy
*px, struct uri_auth *uri)
td%s/tdtd%s/tdtd%s/td
/* sessions rate : current, max, limit */
td%s/tdtd%s/tdtd/td
-/* sessions : current, max, limit, total,
lbtot */
+/* sessions: current, max, limit */
td%s/tdtd%s/tdtd%s/td
-
Re: Small patch for the appsession feature
Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Hi Cyril, good catch. +} + +/* -#if defined(DEBUG_HASH) -Alert(manage_client_side_cookies\n); - appsession_hash_dump((t-be-htbl_proxy)); -#endif After a quick look I think it would be nice to dump the sessions also in the client. Yes, you're right, I missed it after several tests on different snapshots. Here comes a second patch to reintroduce these debug lines : diff -Naur haproxy-1.4-dev4-appsession/src/proto_http.c haproxy-1.4-dev4-appsession2/src/proto_http.c --- haproxy-1.4-dev4-appsession/src/proto_http.c2009-10-12 21:56:38.0 +0200 +++ haproxy-1.4-dev4-appsession2/src/proto_http.c 2009-10-13 21:26:19.0 +0200 @@ -3862,6 +3862,10 @@ /* Cool... it's the right one */ manage_client_side_appsession(t, p3); +#if defined(DEBUG_HASH) + Alert(manage_client_side_cookies\n); + appsession_hash_dump((t-be-htbl_proxy)); +#endif }/* end if ((t-proxy-appsession_name != NULL) ... */ } @@ -4450,6 +4454,10 @@ request_line += t-be-appsession_name_len + 1; manage_client_side_appsession(t, request_line); +#if defined(DEBUG_HASH) + Alert(get_srv_from_appsession\n); + appsession_hash_dump((t-be-htbl_proxy)); +#endif } -- Cyril Bonté
RE: Problems with long connect times
netstat -ant | grep tcp | tr -s ' ' ' ' | awk '{print $6}' | sort | uniq
-c
193 CLOSE_WAIT
316 CLOSING
215 ESTABLISHED
252 FIN_WAIT1
4 FIN_WAIT2
1 LAST_ACK
10 LISTEN
237 SYN_RECV
61384 TIME_WAIT
So, clearly there's a time_wait problem. I've already tuned the kernel
to set the time_wait counter to 20 seconds (down from 60). I'm tempted
to crank it down further, although googling around recommends against
it. Is it possible to up the number of outstanding time_wait
connections? This host looks like it's hitting a 65536 connection
limit.
-Original Message-
From: Hank A. Paulson [mailto:h...@spamproof.nospammail.net]
Sent: Monday, October 12, 2009 9:14 PM
To: haproxy@formilux.org
Subject: Re: Problems with long connect times
A couple of guesses you might look at -
I have found the stats page to show deceptively low numbers at times.
You might want to check the http log stats that show the
global/frontend/backend queue numbers around the time those requests.
My guess
is that the cases where you are seeing 3 second times it is that the
backends
are slow to connect or they have reached maxconn. Also, you might want
to
double check that the clients are sending the requests in a timely
fashion.
netstat -ant | wc -l
do you have conntrack running as in the recent situation here on the
ml?
Any other messages in /var/log/messages?
netstat -s have any growing stats?
I assume you have lots backends if they are all at only maxconn 20
On 10/12/09 5:15 PM, Jonah Horowitz wrote:
I'm having a problem where occasionally under load, the time to
complete
the tcp handshake is taking much longer than it should:
Picture (Device Independent Bitmap)
My suspicion is that the number of connections available to the
haproxy
server are some how constrained and it can't answer connections for
a
moment. I'm not sure how to debug this. Has anyone else seen
something
like this?
According to the haproxy stats page, I've never come close to my
connection limit. I'm using about 1000 concurrent connections and my
request rate maxes out at 4400 requests per second. I'm not seeing
any
messages in dmesg or my /var/log/messages.
I'm running 1.4-dev3 on Linux 2.6.30.5. My config is below:
TIA,
Jonah
--- compile options ---
make USE_REGPARM=1 USE_STATIC_PCRE=1 USE_LINUX_SPLICE=1
TARGET=linux26
CPU_CFLAGS='-O2 -march=x86-64 -m64'
--- config ---
global
maxconn 2000
pidfile /usr/pkg/haproxy/run/haproxy.pid
stats socket /usr/pkg/haproxy/run/stats
log /usr/pkg/haproxy/jail/log daemon
user daemon
group daemon
defaults
timeout queue 3000
timeout server 3000
timeout client 3000
timeout connect 3000
option splice-auto
frontend stats
bind :8080
mode http
use_backend stats if TRUE
backend stats
mode http
stats enable
stats uri /stats
stats refresh 5s
frontend query
log global
option dontlog-normal
option httplog
bind :80
mode http
use_backend query if TRUE
backend query
mode http
balance roundrobin
option httpchk GET /r?q=LOOKSMARTKEYWORDLISTINGMONITORisp=DROPus
option forwardfor
option httpclose
server foo1 foo1:8080 weight 150 maxconn 20 check inter 1000 rise 2
fall 1
server foo2 foo2:8080 weight 150 maxconn 20 check inter 1000 rise 2
fall 1
server foo2 foo3:8080 weight 150 maxconn 20 check inter 1000 rise 2
fall 1
...
Re: Small patch for the appsession feature
On Die 13.10.2009 21:34, Cyril Bonté wrote: Le lundi 12 octobre 2009 23:17:43, Aleksandar Lazic a écrit : Yes, you're right, I missed it after several tests on different snapshots. Here comes a second patch to reintroduce these debug lines : Thanks.
Re: multiple applications using HAproxy LB
On Die 13.10.2009 09:14, Xia Jiang wrote:
Hi, Ryan
Sorry, I might not have explained this clearly. What I need is explained here:
http://agiletesting.blogspot.com/2009/02/load-balancing-in-amazon-ec2-with.html
However, I am having problem of acl Boolean statement:
how about to use this
acl acl_domain1 url_sub domain1 -i
acl acl_domain1 url_sub -i domain1
before pattern
acl acl_domain2 url_sub domain2 -i
acl acl_domain2 url_sub -i domain2
before pattern
use_backend domain1_farm if acl_domain1
use_backend domain2_farm if acl_domain2
default_backend default_farm
it seems that those url_sub domain* statement will never be true. If
I change it to acl acl_domain1 always_true it obviously hit
domain1_farm.
Maybe the examples in examples/acl-content-sw.cfg in haproxy tarball
will show you more possibilies ;-)
Is there a way to see the value of url?
I haven't seen any DEBUG defines in acl.c. I hope anybody else can
answer this question.
BR
Aleks
