Different httpchck on the same backend
Hello, is it possible to perform different checks according to the server destination? I have an active/passive backend that contain 2 servers. The first server is the A machine (main), the second server is the B machine (backup). These machines runs a web application with a Database (which is located on an another machine) and Apache. My backend is configure to perform httpchk on a PHP script which control the state of the web app (basically just a request on a web page which have his content generate by a SQL request). If this check is OK, clients go to A. If not, they go to B. But if the check is NOK due to Database issues and Apache is correctly running on A, I want to clients go to A (or B if Apache on A is not running). That's why I need a second check script which only control the state of Apache. I need TWO different httpchk for ONE backend. I don't have see this possibility on the official documentation or by Internet researches. So, to do this, I have defined two VirtualHost. The first (listening on port 80) is the normal web site with the PHP script on /check/check.php. The second (listening on port 8000) is here to allow another PHP script on the same URL. backend config: backend www.site.fr mode http log global balance roundrobin cookie CZKLJasD insert indirect nocache option httpclose option httpchk GET /check/check.php HTTP/1.1\r\nHost:\ www.site.fr option forwardfor except 127.0.0.1 server main 192.168.1.65:80 cookie main check port 80 server bu 192.168.1.66:80 cookie bu check port 80 backup server bmain 192.168.1.65:80 cookie bmain check port 8000 backup server bbu 192.168.1.66:80 cookie bbu check port 8000 backup This configuration is working well on my model. But I don't want to add another port listening on my Apache on production. Is it possible to perform two different checks on the same backend. One for main and bu, another for bmain and bbu? The ideal config: backend www.site.fr mode http log global balance roundrobin cookie CZKLJasD insert indirect nocache option httpclose option httpchk1 GET /check/check_database_and_apache.php HTTP/1.1\r\nHost:\ www.site.fr option httpchk2 GET /check/check_apache.php HTTP/1.1\r\nHost:\ www.site.fr option forwardfor except 127.0.0.1 server main 192.168.1.65:80 cookie main check1 port 80 server bu 192.168.1.66:80 cookie bu check1 port 80 backup server bmain 192.168.1.65:80 cookie bmain check2 port 80 backup server bbu 192.168.1.66:80 cookie bbu check2 port 80 backup Best regards, Adrien
Re: haproxy question about check
Hello. Sorry for my latency on the answer. Thank you for the trick about the check. I will test it when i have times. About the multi site question, i will explain because it's a bit confusing. I have two agency at this time : one this 2 WEB/DNS server (agency A) and the other with 1 WEB/DNSserver (agency B). Agency A have two WAN line . My zones are configured with 3 NS record, 2 go on Agency A via different public adress. My firewall NAT the public adress on 2 different private adress (on DMZ), and using view I adjust the response . Today,in order to provide service continuity, I start the DNS server of agency B when the DNS server of Agency A are down. But it's a lose of power and server that i want to use now with haproxy. Have i been clear? Hello, On 05/21/2010 03:15 PM, eni-urgence wrote: Hello all. I discover haproxy few weeks ago and I want to thanks willy for his very good product. I'm planing to integrate haproxy to our dmz. I want to use haproxy for loadbalancing heavy secure php/ajax applications with cookie persitence: a collaborate scheduler and a image consult extranet. stunnel service will handle https connections and forward decrypted requests to haproxy on port 88. Then haproxy will forward connections to web server on port 10088, 100089 (and so...) on a mass virtual host configuration of apache (see below). In /var/www/vhost-SSL/ on web server, there is some symbolic links to the php sources. Some domains are not linked to same path because they don't provide the same application. So i don't want to have to delete/rename the running.ok file on every path when I want to shutdown the webserver. I want to use the httpcheck on port 10081 and the file running.ok . But I want a soft stop of service. I want haproxy to stop forwarding new connection if he don't find the running.ok file but continue to forward connection if cookie is initialised. so i will configure a backup server with same cookies (like said in Haproxy documentation). Use http-check disable-on-404 for this So now my questions : - is it possible to check only the header like this /HEAD / HTTP/1.0 /for backup server ? option httpchk HEAD / HTTP/1.0 - Like said in the article of willy (http://1wt.eu/articles/2006_lb/),it is good to load balance the encryption/decryption flow too. So a haproxy instance in tcp mode (layer 4), seems to be a good solution. But our applications have to know the client IP for security reasons. I read that a recompiled kernel with tproxy support will forward connections keeping the real client IP. Is that true ? Yes it is, tproxy has been included in mainstream =2.6.28 kernel. Usage of X-Forwarded-For header is preferred if you use stunnel. - I want to manage a multi site configuration keeping the session persistence. How can I manage to do so? I don't understand this question :) Regards, Hervé.
Re: Haproxy + Ajax
Thank you for you quick answer and sorry for my late response Hervé COMMOWICK a écrit : This is an old interview, HAProxy (=1.4) now support keepalive on the client side. Don't use http-pretend-keepalive unless your backend server need it (apache doesn't need this) To enable keepalive, you just need to have option http-server-close instead of option httpclose. Regards, Hervé. On 05/21/2010 06:11 PM, eni-urgence wrote: Hello (again). In this interview http://linuxfr.org/2008/09/15/24484.html (in french), Willy Tareau said that there is some problem with php application which use ajax technologie. because haproxy ignore keep alive. Is there a big impact on performance ? My web server are configured with /KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimeout 15/ and i dont think php redefine this variable. I read that a option http-pretend-keepalive have been added to version 1.4.4. have i any interrest to use this option? Is there any kind of thing about not using ajax and haproxy together? Like haproxy cut the url which can be very long with ajax call. Is someone had experience problem . And what kind? Thank you NICOLE Emerik Newbie french user of haproxy eni-urge...@scan-eco.com www.scan-eco.com www.quickmed.fr
Mixed TCP and HTTP switching
Hi everyone I have a problem, and I'm not sure if HAProxy can solve it I have a range of different requests coming in on a server to port 80, and am using HAProxy to switch them to the relevant back end servers. Most of these requests are HTTP requests and I have layer 7 mode working fine, doing everything i need Now I have to also send a tcp request though the same port. I need HAProxy to detect if it is a tcp request, and if so route it to server 1, otherwise parse the HTTP and work out which server to use based on the HTTP content Is this possible? Laurie -- Dr Laurie Young Scrum Master New Bamboo Follow me on twitter: @wildfalcon Follow us on twitter: @newbamboo Creating fresh, flexible and fast-growing web applications is our passion. 3rd Floor, Gensurco House, 46A Rosebery Avenue, London, EC1R 4RP http://www.new-bamboo.co.uk
unsubscribe
Thanks for your help
Servers in maintenance getting traffic
I came across this while trying to get my new stack and configuration up and running. A portion of my config looks like this: backend lb.example.com server web1 web1.example.com:80 track web1.example.com/web1 server web2 web2.example.com:80 track web2.example.com/web2 backend web1.example.com server web1 web1.example.com:80 check backend web2.example.com server web2 web2.example.com:80 check disabled Note that web2.example.com/web2 is disabled for testing. This is recognized from a stats perspective. That is, the web2 backend is marked down and web2/web2 is marked as MAINT. Additionally, lb/web2 is marked as MAINT(via). Everything seems correct, except that when I send traffic to backend lb, web2 is still receiving balanced traffic. I will state up front that I am not yet familiar with the haproxy code, but in a cursory look, it appears this is happening when the config file is parsed. When web2/web2 is being marked as disabled, we set newsrv-state on that server, but this will never affect other servers that are tracking it. It seems like after all of the config is parsed and all servers are set up, we need to walk through all of the untracking servers and properly configure all of the servers that are tracking them. Maybe this means a call to set_server_(up|down|disabled) for each which will update all of the tracking servers? Again, I'm not all that familiar with the code, but I think this is what is happening. Regardless, I know it's broken. :-) Any thoughts? - Jim
how to associate front and back ends?
I have 3 back end environments. qa (q), uat (u), and live (l). I want to provide many listeners on different ports with different connection limits that I will point different clients at. I used to do this by using listen everywhere. I had listen statements for the q, u and t server pools. I also had listen statements for each client listener that did connection limiting, and pointed at localhost:port to get to the actual load balancing listeners. I think the preferred way to do this would be to define 3 backends, and many front ends. How do I associate a front end with a back end? use_backend appears to want a conditional. I just want to say, for this frontend, always use this backend. -Matt _ Hotmail has tools for the New Busy. Search, chat and e-mail from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_1
Re: how to associate front and back ends?
On Jun 2, 2010, at 2:29 PM, M B wrote: How do I associate a front end with a back end? use_backend appears to want a conditional. I just want to say, for this frontend, always use this backend. You want default_backend.
Re: how to associate front and back ends?
Le mercredi 02 juin 2010 21:29:56, M B a écrit : How do I associate a front end with a back end? use_backend appears to want a conditional. I just want to say, for this frontend, always use this backend. Simply use default_backend then. It will match all connections that are not caught by previous use_backend rules defined in the current front section. -- Guillaume Castagnino g.castagn...@pepperway.fr Tel : +33148242089