Haproxy stop to serve http
Hi to all, I'm using haproxy to serve our web infrastructure, it serves about 500/600 concurrency connection, with some peak to 1000/1200 concurrency connection. All work great, and performance are also so good, but sometimes haproxy stop to serve http traffic (mode http),instead other kind of traffic continues to work (mode tcp). I'm using haproxy 1.3.18, i attach configuration file. Kernel on machine is 2.6.26-2-686 on debian 5.0 Stops are sudden, and i'm unable to replicate it. When it happens haproxy daemon is still up, and continue to serve other kind of service (mode tcp), also stats stop to work. Any help ? Best Regards Luca Pimpolari Sysctl modified are: net.ipv4.conf.default.rp_filter = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.conf.default.forwarding = 1 net.ipv6.conf.default.forwarding = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.ip_local_port_range = 1024 65023 net.ipv4.tcp_max_syn_backlog = 10240 net.ipv4.tcp_max_tw_buckets = 40 net.ipv4.tcp_max_orphans = 6 net.ipv4.tcp_synack_retries = 3 net.core.somaxconn = 8 kernel.printk = 4 4 1 7 fs.inotify.max_user_watches = 524288 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.all.rp_filter = 1 net.ipv4.tcp_tw_reuse = 1 net.core.netdev_max_backlog = 2500 vm.min_free_kbytes = 65536 vm.swappiness = 0 net.ipv4.netfilter.ip_conntrack_max = 196608 haproxy.cfg global daemon nbproc4 maxconn 4 ulimit-n 80013 defaults log global option httplog mode http optionhttpclose optionabortonclose optionforwardfor balance roundrobin stats enable stats auth#:# stats refresh 5s errorfile 503 /etc/haproxy/errors/503.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http CONFIGURAZIONE BACKEND backend Multy_Nuovo timeout server 330s timeout check 330s timeout connect 330s mode http server webA YYY.YYY.YYY.YYY:80 weight 10 check server webB YYY.YYY.YYY.YYY:80 weight 10 check server webC YYY.YYY.YYY.YYY:80 weight 5 check backend Web1 mode http server web1 YYY.YYY.YYY.YYY:80 weight 1 check backend Web2 mode http server web2 YYY.YYY.YYY.YYY:80 weight 1 check backend Multy_Admin server Multy_Admin YYY.YYY.YYY.YYY:80 weight 1 check backend Multy_Media server Multy_Media2 YYY.YYY.YYY.YYY:80 check weight 10 server Multy_Media3 YYY.YYY.YYY.YYY:80 check weight 10 server Multy_Media4 YYY.YYY.YYY.YYY:80 check weight 10 backend Multy_Files server Multy_Media YYY.YYY.YYY.YYY:80 check weight 1 backend Multy_Media_FTP server Multy_Media_FTP YYY.YYY.YYY.YYY:8081 weight 1 backend Multy_Vecchio_SSL mode tcp option ssl-hello-chk server WebA YYY.YYY.YYY.YYY:443 weight 1 server WebA YYY.YYY.YYY.YYY:443 weight 1 backend Multy_Premium mode tcp option ssl-hello-chk server rs1 YYY.YYY.YYY.YYY:443 weight 1 backend Multy_Premium_Normale server rs1 YYY.YYY.YYY.YYY:80 weight 1 check backend Multy_Forum server Forum YYY.YYY.YYY.YYY:80 weight 1 check backend Multy_Site_Media server Images YYY.YYY.YYY.YYY:80 weight 1 check backend SMTP mode tcp server SMTP YYY.YYY.YYY.YYY:25 check backend POP3 mode tcp server POP3 YYY.YYY.YYY.YYY:110 check backend IMAP mode tcp server IMAP YYY.YYY.YYY.YYY:143 check ## CONFIGURAZIONE FRONTEND frontend Frontend_Multy_Nuovo XXX.XXX.XXX.XXX:80 mode http acl nwl url_beg /nwl_listener Multy_nwl use_backend Multy_Premium_Normale if nwl acl forum url_beg /forum Multy_Forum use_backend Multy_Forum if forum default_backend Multy_Nuovo frontend Frontend_Multy_Vecchio_SSL XXX.XXX.XXX.XXX:443 mode tcp option ssl-hello-chk default_backend Multy_Vecchio_SSL frontend Multy_Admin XXX.XXX.XXX.XXX:80 mode http default_backend Multy_Admin frontend Multy_Media XXX.XXX.XXX.XXX:80 mode http acl private_ftp url_beg /private_ftp Multy_Media_FTP acl private_ftp url_beg /icons Multy_Media_FTP use_backend Multy_Media_FTP if private_ftp acl files url_beg /files Multy_Files use_backend Multy_Files if files default_backend Multy_Media frontend Fronend_443 XXX.XXX.XXX.XXX:443 mode tcp default_backend Multy_Premium frontend POP3 XXX.XXX.XXX.XXX:110 mode tcp default_backend POP3 frontend SMTP XXX.XXX.XXX.XXX:25 mode tcp default_backend SMTP frontend IMAP XXX.XXX.XXX.XXX:143 mode tcp default_backend IMAP
stats are cut off
Hey guys and girls, I'm a happy user of HAProxy, and for one of my new projects I'm running into a small problem. I have a new configuration with a 120 different instances (one instance for every site on a couple of servers), and it looks like everything works fine. However, I have a problem with the stats page, it will only show the first 38,5 sites :) Please see this screenshot: http://files.hongens.nl/2009/06/22/haproxystats.png Somewhere it's cut off after a /tr tag. This is kind of annoying, because I use the stats page to see the status of the web server nodes behind HAProxy. Don't see anything interesting in the logs.. Any ideas anyone? -- With kind regards, Angelo Höngens Systems Administrator -- NetMatch tourism internet software solutions Ringbaan Oost 2b 5013 CA Tilburg T: +31 (0)13 5811088 F: +31 (0)13 5821239 mailto:a.hong...@netmatch.nl http://www.netmatch.nl --
stats are cut off
Hey guys and girls, I'm a happy user of HAProxy, and for one of my new projects I'm running into a small problem. I have a new configuration with a 120 different instances (one instance for every site on a couple of servers), and it looks like everything works fine. However, I have a problem with the stats page, it will only show the first 38,5 sites :) Please see this screenshot: http://files.hongens.nl/2009/06/22/haproxystats.png Somewhere it's cut off after a /tr tag. This is kind of annoying, because I use the stats page to see the status of the web server nodes behind HAProxy. Don't see anything interesting in the logs.. Any ideas anyone? -- With kind regards, Angelo Höngens Systems Administrator -- NetMatch tourism internet software solutions Ringbaan Oost 2b 5013 CA Tilburg T: +31 (0)13 5811088 F: +31 (0)13 5821239 mailto:a.hong...@netmatch.nl http://www.netmatch.nl --
Re: stats are cut off
On Mon, 22 Jun 2009, Angelo Höngens wrote: Hey guys and girls, Hello, I'm a happy user of HAProxy, and for one of my new projects I'm running into a small problem. I have a new configuration with a 120 different instances (one instance for every site on a couple of servers), and it looks like everything works fine. However, I have a problem with the stats page, it will only show the first 38,5 sites :) Please see this screenshot: http://files.hongens.nl/2009/06/22/haproxystats.png Somewhere it's cut off after a /tr tag. This is kind of annoying, because I use the stats page to see the status of the web server nodes behind HAProxy. Don't see anything interesting in the logs.. Any ideas anyone? Which version? Does it always break at the same position? Could you share your config with us? ;) Best regards, Krzysztof Olędzki
Redirection with 301 for all subdomains with exception
Hello everybody, Could you help to fix this configuration ? I need to redirect all sub domains except 5 (admin, pro, www, img*, domain.com without sub domain) to www.domain.com I test this setting, but did not work. acl good_subs url_beg admin pro www img* redirect location www.domain.com 301 if !good_subs I have no idea for http://domain.com to http://www.domain.com and i did not know if img with wildcard work. Thanks in advance Falco
Re: Haproxy stop to serve http
Hi Luca, On Mon, Jun 22, 2009 at 01:38:53PM +0200, Luca Pimpolari - Multiplayer wrote: Hi to all, I'm using haproxy to serve our web infrastructure, it serves about 500/600 concurrency connection, with some peak to 1000/1200 concurrency connection. All work great, and performance are also so good, but sometimes haproxy stop to serve http traffic (mode http),instead other kind of traffic continues to work (mode tcp). I'm using haproxy 1.3.18, i attach configuration file. Kernel on machine is 2.6.26-2-686 on debian 5.0 Stops are sudden, and i'm unable to replicate it. When it happens haproxy daemon is still up, and continue to serve other kind of service (mode tcp), also stats stop to work. Any help ? I see that you don't have any timeout client in either your defaults section nor your frontends. So most likely after some users have failed to properly disconnect, all you connections are saturated and you cannot serve anybody anymore. And by the way, only one of your backends has timeouts, so I really suggest that you set them all in your defaults section. Also, please be careful, I see very large timeouts here. 330s for a server response in HTTP is way too long, nobody will wait that long! And having that for a health check or a connect is inappropriate too ! A typical connect timeout is around 5s. A client/server timeout depends on the application but we generally see between 10 and 60s. Regards, Willy
Re: stats are cut off
On Mon, Jun 22, 2009 at 04:22:44PM +0200, Krzysztof Oledzki wrote: On Mon, 22 Jun 2009, Angelo Höngens wrote: Hey guys and girls, Hello, I'm a happy user of HAProxy, and for one of my new projects I'm running into a small problem. I have a new configuration with a 120 different instances (one instance for every site on a couple of servers), and it looks like everything works fine. However, I have a problem with the stats page, it will only show the first 38,5 sites :) Please see this screenshot: http://files.hongens.nl/2009/06/22/haproxystats.png Somewhere it's cut off after a /tr tag. This is kind of annoying, because I use the stats page to see the status of the web server nodes behind HAProxy. Don't see anything interesting in the logs.. Any ideas anyone? Which version? Does it always break at the same position? Could you share your config with us? ;) it has the look and feel of version 1.2. I'm don't remember of such a bug there though. It might be worth checking the response length to see if it's a multiple of the response buffer size for instance. Regards, Willy
Re: Redirection with 301 for all subdomains with exception
On Mon, Jun 22, 2009 at 08:32:36PM +0200, Falco SCHMUTZ wrote: Hello everybody, Could you help to fix this configuration ? I need to redirect all sub domains except 5 (admin, pro, www, img*, domain.com without sub domain) to www.domain.com I test this setting, but did not work. acl good_subs url_beg admin pro www img* redirect location www.domain.com 301 if !good_subs the host name is not in the url but in the Host: header. So you must do that instead : acl good_subs hdr_beg(host) -i admin. pro. www. img I have no idea for http://domain.com to http://www.domain.com and i did not know if img with wildcard work. You can do that : acl good_subs hdr_beg(host) -i admin. pro. www. img domain.com For the wildcard you don't need anything special as hdr_reg() matches at the beginning of the field. However if you need finer combinations, check with the regexes. It will be harder to configure but with infinite combinations. Willy