[SPAM] Re: [PATCH] Add log-format variable %HQ, to log HTTP query strings

2015-10-01 Thread jimmy1974 
 
Hey guy,

LEDlight International Industrial Limited here,exporting LED lights.There
are a lot of program code.web:www.ledlightmake.com

Call me,let's talk details.

Rgds,
jimmy

Re: SSL errors with HAProxy

2015-10-01 Thread jimmy1974 
 


LEDlight International Industrial Limited here,exporting LED lights.There
are a lot of program code.web:www.ledlightmake.com

Call me,let's talk details.

Rgds,
jimmy

Re: haproxy queue time (qtime) nature

2015-08-21 Thread jimmy1974 
Pavlo Zhuk pavlo@... writes:

 
 
 Hi,
 I am searching for help with  understanding of qtime KPI nature for
haproxy, and possible optimization of my installation in this perspective. 
 We are using haproxy 1.5.14 in  TCP mode as a L4 load-balancer for HTTPS
endpoints for multiple domain hostnames. We are also using SNI inspection in
order to select proper backend for the request.
 
 And I've noticed that backend qtime stat vaue is pretty high (200-300ms),
which disturbs me a lot. qcur
  (current queue lengh) is zero at the same time. Are we basically slowing
down all our requests by 200ms-300ms at haproxy
  side? (not sure if I understood this value of qtime properly) Is it
related with SNI inspection? If yes - I
  am definitely searching the way to optimize it.
 All the installation - haproxy frontend as well as HTTPS backends are
living in AWS Cloud at the moment, and instance sizes are pretty big (c3,
c4), so we don't see any resource limitation.
 Example of the config below. Any feedback appreciated.
 ==global
   log 127.0.0.1 local2
   chroot  /var/lib/haproxy
   pidfile /var/run/haproxy.pid
   maxconn 4
   ulimit-n10
   userhaproxy
   group   haproxy
   daemon
   stats socket /var/lib/haproxy/stats
 
 defaults
   modehttp
   log global
   option  httplog
   option  dontlognull
   option http-server-close
   retries 3
   timeout http-request1s
   timeout queue   1m
   timeout connect 3s
   timeout client  1m
   timeout server  30s
   timeout http-keep-alive 2s
   timeout check   3s
   maxconn 4
 
 frontend https-in *:443
 mode tcp
 option tcplog
 option socket-stats
 
 tcp-request inspect-delay 5s
 tcp-request content accept if { req_ssl_hello_type 1 }
 
 use_backend foo-ssl if { req_ssl_sni -m beg foo }
 use_backend bar-ssl if { req_ssl_sni -m beg bar }
 
 backend foo-ssl *:443
 balance leastconn
 mode tcp
 option ssl-hello-chk
 
 server foo1 x.x.x.x:443 maxconn 1 check
 server foo2 x.x.x.x:443 maxconn 1 check
 
 backend bar-ssl *:443
 balance leastconn
 mode tcp
 option ssl-hello-chk
 
 server bar1 x.x.x.x:443 maxconn 1 check
 server bar2 x.x.x.x:443 maxconn 1 check==-- 
 BR,
 Pavlo Zhuk+38093 241
 
 
  hi friend!
  Give you my config of haproxy.cfg zabbix 
  #cat /etc/zabbix/zabbix_agentd.d/haproxy.cfg
UserParameter=haproxy.discovery,/usr/local/check_openstack/zhaproxy.py -d
UserParameter=haproxy.allstatus,/usr/local/check_openstack/zhaproxy.py -c
UserParameter=haproxy.parameter[*],/usr/local/check_openstack/zhaproxy.py -p
$1 -s $2 -v $3
UserParameter=haproxy.mysql_galera_cluster,/usr/local/check_openstack/zhaproxy.py
-p mysql_galera_cluster -s FRONTEND  -v status
 
(just ideas, not suggestions, not competent advice) serve up 
from www.ledlightmake.com jimmy