Re: Multiprocess and backends
On 18/12/2014 05:24 πμ, Baptiste wrote: On Wed, Dec 17, 2014 at 10:39 PM, Pavlos Parissis pavlos.paris...@gmail.com wrote: Hi, I remember someone( maybe Baptiste) saying that in multi process mode backends will be picked up by the process which frontend is bound to. But, I found not to be the case in 1.5.9. I also remember that this works only when you have 1to1 relationship between frontend and backends, which is my case. In the following output of stat sockets I see both backends to be monitored by both processes. If I bind graphite_example.com_SSL backend to the some process as the graphite_example.com_SSL frontend, it works as expected where graphite_example.com_SSL is monitored only by process 2. It isn't a problem to use bind-process in backend settings and I am just asking out of curiosity. [...snip..] Hi Pavlos, Your test is not relevant. Since you have no bind-process on your SSL backend, HAProxy starts it up on both proceses you started up. OK then I remember wrong, please accept my apologies for my bad memory. Please try adding a bind-process 1 in your SSL backend and report us the result. I have done that and as I wrote it works. Thanks a lot for the clarification, Pavlos signature.asc Description: OpenPGP digital signature
Multiprocess and backends
Hi, I remember someone( maybe Baptiste) saying that in multi process mode backends will be picked up by the process which frontend is bound to. But, I found not to be the case in 1.5.9. I also remember that this works only when you have 1to1 relationship between frontend and backends, which is my case. In the following output of stat sockets I see both backends to be monitored by both processes. If I bind graphite_example.com_SSL backend to the some process as the graphite_example.com_SSL frontend, it works as expected where graphite_example.com_SSL is monitored only by process 2. It isn't a problem to use bind-process in backend settings and I am just asking out of curiosity. Cheers, Pavlos echo 'show stat'|nc -U /var/lib/haproxy/stats1 haproxy,FRONTEND,,,0,0,5,0,0,0,0,0,0,OPEN,1,2,00,0,2000 haproxy,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,0,0,0,,0,19,0,,1,2,0,,0, graphite_example.com,FRONTEND,,,0,1,5,6,1008,7290,0,0,0,OPEN,,, graphite_example.com,server-101.example.com,0,0,0,1,,3,504,3645,,0,,0,0, graphite_example.com,server-102.example.com,0,0,0,1,,3,504,3645,,0,,0, graphite_example.com,BACKEND,0,0,0,1,5000,6,1008,7290,0,0,,0,0,0,0,UP,2,2,0 graphite_example.com_SSL,server-103.example.com,0,0,0,0,,0,0,0,,0,,0,0,0 graphite_example.com_SSL,server-104.example.com,0,0,0,0,,0,0,0,,0,,0,0, graphite_example.com_SSL,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,2,2, echo 'show stat'|nc -U /var/lib/haproxy/stats2 haproxy,FRONTEND,,,0,1,5,1,122,1955,0,0,0,OPEN,2,2,00, haproxy,BACKEND,0,0,0,0,5000,0,122,1955,0,0,,0,0,0,0,UP,0,0,0,,0,28,0,,2,2 graphite_example.com,server-101.example.com,0,0,0,0,,0,0,0,,0,,0,0,0,0,U graphite_example.com,server-102.example.com,0,0,0,0,,0,0,0,,0,,0,0,0,0,U graphite_example.com,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,2,2,0,,0,2 graphite_example.com_SSL,FRONTEND,,,0,0,5,0,0,0,0,0,0,OPEN graphite_example.com_SSL,server-103.example.com,0,0,0,0,,0,0,0,,0,,0,0,0 graphite_example.com_SSL,server-104.example.com,0,0,0,0,,0,0,0,,0,,0,0,0 graphite_example.com_SSL,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,2,2,0, global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 10 userhaproxy group haproxy daemon stats socket /var/lib/haproxy/stats uid 0 gid 0 mode 0440 level admin ssl-server-verify none tune.ssl.default-dh-param 2048 stats socket /var/lib/haproxy/stats1 uid 0 gid 0 mode 0440 level admin process 1 stats socket /var/lib/haproxy/stats2 uid 0 gid 0 mode 0440 level admin process 2 nbproc 2 cpu-map 1 0 cpu-map 2 1 defaults maxconn 5 rate-limit sessions 2000 modehttp log global option contstats option tcplog option httplog no option dontlognull option tcp-smart-accept option tcp-smart-connect option http-keep-alive option redispatch balance roundrobin timeout http-request15s timeout http-keep-alive 15s retries 2 timeout queue 1m timeout connect 10s timeout client 15s timeout server 15s timeout check 5s option forwardfor header F5SourceIP listen haproxy bind :8080 stats uri / stats show-node stats refresh 10s stats show-legends no log frontend graphite_example.com bind 10.189.200.1:80 bind-process 1 default_backend graphite_example.com backend graphite_example.com #bind-process 1 default-server inter 10s option httpchk GET / HTTP/1.1\r\nHost:\ graphite.example.com\r\nUser-Agent:\ HAProxy server server-101.example.com 10.96.70.65:80 check server server-102.example.com 10.96.70.66:80 check frontend graphite_example.com_SSL bind 10.189.200.1:443 ssl crt /somepath/pem bind-process 2 default_backend graphite_example.com_SSL backend graphite_example.com_SSL default-server inter 10s #bind-process 2 option httpchk GET / HTTP/1.1\r\nHost:\ graphite.example.com\r\nUser-Agent:\ HAProxy server server-103.example.com 10.96.70.109:443 ssl check check-ssl server server-104.example.com 10.96.70.160:443 ssl check check-ssl signature.asc Description: OpenPGP digital signature
Re: Multiprocess and backends
On Wed, Dec 17, 2014 at 10:39 PM, Pavlos Parissis pavlos.paris...@gmail.com wrote: Hi, I remember someone( maybe Baptiste) saying that in multi process mode backends will be picked up by the process which frontend is bound to. But, I found not to be the case in 1.5.9. I also remember that this works only when you have 1to1 relationship between frontend and backends, which is my case. In the following output of stat sockets I see both backends to be monitored by both processes. If I bind graphite_example.com_SSL backend to the some process as the graphite_example.com_SSL frontend, it works as expected where graphite_example.com_SSL is monitored only by process 2. It isn't a problem to use bind-process in backend settings and I am just asking out of curiosity. Cheers, Pavlos echo 'show stat'|nc -U /var/lib/haproxy/stats1 haproxy,FRONTEND,,,0,0,5,0,0,0,0,0,0,OPEN,1,2,00,0,2000 haproxy,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,0,0,0,,0,19,0,,1,2,0,,0, graphite_example.com,FRONTEND,,,0,1,5,6,1008,7290,0,0,0,OPEN,,, graphite_example.com,server-101.example.com,0,0,0,1,,3,504,3645,,0,,0,0, graphite_example.com,server-102.example.com,0,0,0,1,,3,504,3645,,0,,0, graphite_example.com,BACKEND,0,0,0,1,5000,6,1008,7290,0,0,,0,0,0,0,UP,2,2,0 graphite_example.com_SSL,server-103.example.com,0,0,0,0,,0,0,0,,0,,0,0,0 graphite_example.com_SSL,server-104.example.com,0,0,0,0,,0,0,0,,0,,0,0, graphite_example.com_SSL,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,2,2, echo 'show stat'|nc -U /var/lib/haproxy/stats2 haproxy,FRONTEND,,,0,1,5,1,122,1955,0,0,0,OPEN,2,2,00, haproxy,BACKEND,0,0,0,0,5000,0,122,1955,0,0,,0,0,0,0,UP,0,0,0,,0,28,0,,2,2 graphite_example.com,server-101.example.com,0,0,0,0,,0,0,0,,0,,0,0,0,0,U graphite_example.com,server-102.example.com,0,0,0,0,,0,0,0,,0,,0,0,0,0,U graphite_example.com,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,2,2,0,,0,2 graphite_example.com_SSL,FRONTEND,,,0,0,5,0,0,0,0,0,0,OPEN graphite_example.com_SSL,server-103.example.com,0,0,0,0,,0,0,0,,0,,0,0,0 graphite_example.com_SSL,server-104.example.com,0,0,0,0,,0,0,0,,0,,0,0,0 graphite_example.com_SSL,BACKEND,0,0,0,0,5000,0,0,0,0,0,,0,0,0,0,UP,2,2,0, global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 10 userhaproxy group haproxy daemon stats socket /var/lib/haproxy/stats uid 0 gid 0 mode 0440 level admin ssl-server-verify none tune.ssl.default-dh-param 2048 stats socket /var/lib/haproxy/stats1 uid 0 gid 0 mode 0440 level admin process 1 stats socket /var/lib/haproxy/stats2 uid 0 gid 0 mode 0440 level admin process 2 nbproc 2 cpu-map 1 0 cpu-map 2 1 defaults maxconn 5 rate-limit sessions 2000 modehttp log global option contstats option tcplog option httplog no option dontlognull option tcp-smart-accept option tcp-smart-connect option http-keep-alive option redispatch balance roundrobin timeout http-request15s timeout http-keep-alive 15s retries 2 timeout queue 1m timeout connect 10s timeout client 15s timeout server 15s timeout check 5s option forwardfor header F5SourceIP listen haproxy bind :8080 stats uri / stats show-node stats refresh 10s stats show-legends no log frontend graphite_example.com bind 10.189.200.1:80 bind-process 1 default_backend graphite_example.com backend graphite_example.com #bind-process 1 default-server inter 10s option httpchk GET / HTTP/1.1\r\nHost:\ graphite.example.com\r\nUser-Agent:\ HAProxy server server-101.example.com 10.96.70.65:80 check server server-102.example.com 10.96.70.66:80 check frontend graphite_example.com_SSL bind 10.189.200.1:443 ssl crt /somepath/pem bind-process 2 default_backend graphite_example.com_SSL backend graphite_example.com_SSL default-server inter 10s #bind-process 2 option httpchk GET / HTTP/1.1\r\nHost:\ graphite.example.com\r\nUser-Agent:\ HAProxy server server-103.example.com 10.96.70.109:443 ssl check check-ssl server server-104.example.com 10.96.70.160:443 ssl check check-ssl Hi Pavlos, Your test is not relevant. Since you have no bind-process on your SSL backend, HAProxy starts it up on both proceses you started up. Please try adding a bind-process 1 in your SSL backend and report us the result. Baptiste