Re: Haproxy 1.7.10 constantly restarting
Thank you for answer. Sorry for stupid question. Found it. I forget about letsencrypt. it restarts when renewing certificates. Best regards, Alexey Gordeev С уважением Гордеев А.Д. On Mon, Mar 12, 2018 at 12:23 AM, Vincent Bernatwrote: > ❦ 11 mars 2018 07:19 -0400, Aleksey Gordeev : > > > I'm sorry is that question is not suitable. Please give correct channel > to contact. > > > > It's started about a month ago. I have separate instances of same > > version haproxy. One of them restarts every 2 or 3 days. > > > > I have only this in log > > > > Mar 11 06:43:21 systemd[1]: Stopping HAProxy Load Balancer... > > Mar 11 06:43:21 haproxy-systemd-wrapper[10939]: > haproxy-systemd-wrapper: SIGTERM -> 10942. > > Mar 11 06:43:21 haproxy-systemd-wrapper[10939]: > haproxy-systemd-wrapper: exit, haproxy RC=0 > > Mar 11 06:43:21 systemd[1]: Starting HAProxy Load Balancer... > > Mar 11 06:43:21 systemd[1]: Started HAProxy Load Balancer. > > Mar 11 06:43:21 haproxy-systemd-wrapper[19642]: > haproxy-systemd-wrapper: executing /usr/sbin/haproxy > > This seems to happen because something is just restarting haproxy. Maybe > logrotate? "rgrep haproxy /etc" may give a clue. > -- > Write clearly - don't be too clever. > - The Elements of Programming Style (Kernighan & Plauger) >
Re: Haproxy 1.7.10 constantly restarting
❦ 11 mars 2018 07:19 -0400, Aleksey Gordeev: > I'm sorry is that question is not suitable. Please give correct channel to > contact. > > It's started about a month ago. I have separate instances of same > version haproxy. One of them restarts every 2 or 3 days. > > I have only this in log > > Mar 11 06:43:21 systemd[1]: Stopping HAProxy Load Balancer... > Mar 11 06:43:21 haproxy-systemd-wrapper[10939]: haproxy-systemd-wrapper: > SIGTERM -> 10942. > Mar 11 06:43:21 haproxy-systemd-wrapper[10939]: haproxy-systemd-wrapper: > exit, haproxy RC=0 > Mar 11 06:43:21 systemd[1]: Starting HAProxy Load Balancer... > Mar 11 06:43:21 systemd[1]: Started HAProxy Load Balancer. > Mar 11 06:43:21 haproxy-systemd-wrapper[19642]: haproxy-systemd-wrapper: > executing /usr/sbin/haproxy This seems to happen because something is just restarting haproxy. Maybe logrotate? "rgrep haproxy /etc" may give a clue. -- Write clearly - don't be too clever. - The Elements of Programming Style (Kernighan & Plauger)
[PATCH 3/3] CLEANUP: cli: Fix a typo in the 'set rate-limit' usage
Hello, The attached patch fixes a typo in the usage message of 'set rate-limit'. -- Aurélien. >From bb62cb61291fe07eee3ce2cbc92dfcadc30d7622 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Nephtali?=Date: Sun, 11 Mar 2018 16:55:02 +0100 Subject: [PATCH 3/3] CLEANUP: cli: Fix a typo in the 'set rate-limit' usage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The correct keyword is 'ssl-sessions' (vs. 'ssl-session'). The typo was introduced in 45c742be05 ('REORG: cli: move the "set rate-limit" functions to their own parser'). Signed-off-by: Aurélien Nephtali --- src/cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cli.c b/src/cli.c index 65914451..3cae0f31 100644 --- a/src/cli.c +++ b/src/cli.c @@ -1184,7 +1184,7 @@ static int cli_parse_set_ratelimit(char **args, struct appctx *appctx, void *pri " - 'connections global' to set the per-process maximum connection rate\n" " - 'sessions global' to set the per-process maximum session rate\n" #ifdef USE_OPENSSL - " - 'ssl-session global' to set the per-process maximum SSL session rate\n" + " - 'ssl-sessions global' to set the per-process maximum SSL session rate\n" #endif " - 'http-compression global' to set the per-process maximum compression speed in kB/s\n"; appctx->st0 = CLI_ST_PRINT; -- 2.11.0
[PATCH 2/3] CLEANUP: cli: Remove a leftover debug message
Hello, The attached patch removes a printf() that was probably used for debugging purposes. -- Aurélien. >From 220e631e6f209ed51af772b12f7f60a1a1ce5857 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Nephtali?=Date: Sat, 10 Mar 2018 20:59:56 +0100 Subject: [PATCH 2/3] CLEANUP: cli: Remove a leftover debug message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This printf() was added in f886e3478d ("MINOR: cli: Add a command to send listening sockets."). Signed-off-by: Aurélien Nephtali --- src/cli.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/cli.c b/src/cli.c index fbd26464..65914451 100644 --- a/src/cli.c +++ b/src/cli.c @@ -1416,7 +1416,6 @@ static int _getsocks(char **args, struct appctx *appctx, void *private) iov.iov_len = curoff; if (sendmsg(fd, , 0) != curoff) { ha_warning("Failed to transfer sockets\n"); - printf("errno %d\n", errno); goto out; } /* Wait for an ack */ -- 2.11.0
[PATCH 1/3] CLEANUP: ssl: Remove a duplicated #include
Hello, The attached patch removes a duplicated #include in the SSL code. -- Aurélien. >From 3955f2cd7f820e46710c1e610d4aaa2eace92c88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Nephtali?=Date: Tue, 20 Feb 2018 19:23:07 +0100 Subject: [PATCH 1/3] CLEANUP: ssl: Remove a duplicated #include MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit openssl/x509.h is included twice since commit fc0421fde ("MEDIUM: ssl: add support for SNI and wildcard certificates"). Signed-off-by: Aurélien Nephtali --- src/ssl_sock.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index e3db4e17..e2cde197 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -43,7 +43,6 @@ #include #include #include -#include #include #include #include -- 2.11.0
Updating the unofficial GitHub mirror
I'm the author of the CNCF Cloud Native Interactive Landscape, which tracks projects and products used in open source. We include HAProxy: https://landscape.cncf.io/grouping=no=ha-proxy=latest-commit However, our info on latest commit is out of date because https://github.com/haproxy/haproxy is no longer mirroring http://www.haproxy.org/. Would it be possible to update the mirror, please? -- Dan KohnExecutive Director, Cloud Native Computing Foundation https://www.cncf.io +1-415-233-1000 https://www.dankohn.com
Haproxy 1.7.10 constantly restarting
I'm sorry is that question is not suitable. Please give correct channel to contact. It's started about a month ago. I have separate instances of same version haproxy. One of them restarts every 2 or 3 days. I have only this in log Mar 11 06:43:21 systemd[1]: Stopping HAProxy Load Balancer... Mar 11 06:43:21 haproxy-systemd-wrapper[10939]: haproxy-systemd-wrapper: SIGTERM -> 10942. Mar 11 06:43:21 haproxy-systemd-wrapper[10939]: haproxy-systemd-wrapper: exit, haproxy RC=0 Mar 11 06:43:21 systemd[1]: Starting HAProxy Load Balancer... Mar 11 06:43:21 systemd[1]: Started HAProxy Load Balancer. Mar 11 06:43:21 haproxy-systemd-wrapper[19642]: haproxy-systemd-wrapper: executing /usr/sbin/haproxy I'm not very good in linux. So, what additional info can I provide? cat /proc/sys/net/ipv4/ip_local_port_range 1024 65535 ss -s Total: 4535 (kernel 5526) TCP: 7563 (estab 4341, closed 2934, orphaned 227, synrecv 0, timewait 2931/0), ports 0 Transport Total IP IPv6 * 5526 - - RAW 0 0 0 UDP 10 8 2 TCP 4629 4627 2 INET 4639 4635 4 FRAG 0 0 0 Haproxy -vv A-Proxy version 1.7.10 2018/01/02 Copyright 2000-2018 Willy TarreauBuild options : TARGET = linux2628 CPU = generic CC = gcc CFLAGS = -O2 -g -fno-strict-aliasing -DTCP_USER_TIMEOUT=18 OPTIONS = USE_LINUX_TPROXY=1 USE_ZLIB=1 USE_REGPARM=1 USE_OPENSSL=1 USE_PCRE=1 USE_PCRE_JIT=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Running on zlib version : 1.2.7 Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with OpenSSL version : OpenSSL 1.0.2n 7 Dec 2017 Running on OpenSSL version : OpenSSL 1.0.2n 7 Dec 2017 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes Built with PCRE version : 8.32 2012-11-30 Running on PCRE version : 8.32 2012-11-30 PCRE library supports JIT : yes Built without Lua support Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available filters : [COMP] compression [TRACE] trace [SPOE] spoe - С Уважением Гордеев А.Д. haproxy-main1 Description: Binary data haproxy-global.cfg Description: Binary data