doesn't (seem to) use github, the authors might think about
installing gitlab.
Best Regards
Rainer
Hi,
it would be cool if somebody could open a PR at
https://bugs.freebsd.org/
I personally don't use FreeBSD 11 for any of my HAProxy-installations
(yet), so I'm not really affected (yet) - but thanks for the heads-up.
Regards,
Rainer
Am 2017-03-06 10:05, schrieb Matthias Fechner:
Dear Rainer,
I opened a bug report here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217576
I have only one server already upgraded to FreeBSD 11. The 10.3
installation are running fine with haproxy 1.7.3.
Thanks!
on these files
and hang - I had to kill -9 it.
After replacing the file with its previous, ASCII-only copy, everything
started to work again.
Can anyone reproduce this?
Maybe it's fixed in later versions?
Regards
Rainer
Am 2017-07-20 14:18, schrieb Jarno Huuskonen:
Can you share how you've configured health checks in haproxy.cfg ?
backend site-back
balance roundrobin
mode http
option httpchk GET /healthcheck.htm HTTP/1.1\r\nHost:\
site.com\r\nConnection:\ close
http-check expect string server_up
/questions/29248144/working-configuration-for-haproxy-with-the-force-persist-setting
This pretty much how I would end up doing it and I'm curious to know if
there are any errors in my thinking.
(haproxy 1.7.9)
Regards
Rainer
for the link, I've responded there so that the response can be
found for future readers.
Willy
Thank you!
Best Regards
Rainer
Hi,
I have lines like these:
Apr 19 09:32:03 lb-prod haproxy[16717]: 127.0.0.1:50898
[19/Apr/2018:09:32:03.174] srv-pub-front-ssl srv-pub-back-ssl/WINSRV
0/0/0/36/290 500 284 - - --VN 3/1/0/1/0 0/0 "POST /SaveStatistics
HTTP/1.1"
Does that mean that the backend-server (WINSRV) replied
nd-servers.
curl-ing the URLs works without problems.
Because it's all encrypted, I have a hard time figuring out what haproxy
is actually sending to the backend.
Is there a way to enable some sort of logging on what requests are
actually made to the backend?
Best Regards
Rainer
Am 2019-06-25 14:44, schrieb Lukas Tribus:
Hello Rainer,
On Tue, 25 Jun 2019 at 12:53, wrote:
Hi,
I tried to read up on this but there are many examples and not all of
them seem "correct".
It's simple: do not content-switch based on SNI. Use the host header
instead. That's it.
Am 2019-06-25 16:54, schrieb Lukas Tribus:
Hello Rainer,
On Tue, 25 Jun 2019 at 16:18, wrote:
The requests from the healthchecks *do* arrive at the right vhosts on
the backend, there's a code 200 in the logs.
So, I wonder what exactly is timing out for haproxy.
The server on the other end
Am 2019-06-25 18:26, schrieb Lukas Tribus:
Hell Rainer,
On Tue, 25 Jun 2019 at 18:01, wrote:
Ah, OK.
Thanks.
However, I still get L7TOUT on the healthchecks.
I don't follow.
Are health checks working or not? You started this thread saying:
Healthchecks are OK.
But running a curl gives
t
this).
On of my configs, the stick-table config is a bit larger, like this:
stick-table type string len 52 size 100k expire 60m
stick store-response res.cook(JSESSIONID)
stick on req.cook(JSESSIONID)
But it should not be relevant to the error, right?
Anyone got any ideas?
Regards
Rainer
Am 2019-06-20 13:18, schrieb Lukas Tribus:
Hello,
you only enabled SNI for health checks (check-sni). You need to enable
SNI for the actual traffic with the sni keyword.
sni str(intern3.local)
or
sni hdr(host)
lukas
Ah, ok.
Thanks a lot!
I now used
ssl_fc_sni_reg -i host3.intern
I
Am 2019-06-25 19:44, schrieb Lukas Tribus:
Hello Rainer,
[...]
I suggest your try a HEAD request for the haproxy health check instead:
option httpchk HEAD /swagger/ui/index HTTP/1.1\r\nHost:\
app-api.dom.intern\r\nUser-agent:\ LB-Check-API\r\nConnection:\ close
There is no need
at address for sending (which it obviously can't, when it's
not MASTER)?
Rainer
rised up it
from 6 to 15, but no luck.
How could I fix this?
You probably need option httpclose.
-Rainer
GET /ip_monitor_mysql.php HTTP/1.1\r\nHost:
p-stage.1st.domain\r\nConnection:\ close server app2 first.ip:80
weight 1 check server input1 second.ip:80 weight 1 check
listen admin 0.0.0.0:22002
mode http
stats uri /
Regards,
Rainer
Am Tue, 30 Jul 2013 21:40:34 +0200
schrieb Lukas Tribus luky...@hotmail.com:
Hi Rainer!
I'm using haproxy on FreeBSD 9.1-amd64 inside a VMware VM.
I realized that when I have a situation where all servers in a
backend are down, haproxy crashes:
Jul 30 08:03:52 px2-bla kernel: pid
Am 30.07.2013 um 21:40 schrieb Lukas Tribus luky...@hotmail.com:
Hi Rainer!
I'm using haproxy on FreeBSD 9.1-amd64 inside a VMware VM.
I realized that when I have a situation where all servers in a backend
are down, haproxy crashes:
Jul 30 08:03:52 px2-bla kernel: pid 58816 (haproxy
hdr(host) ACL only applies to HTTP.
Furthermore, I'm not sure there is a notion of Host header in FTP ;)
Last time I looked (admittedly with 1.4) into FTP+HAProxy, the
end-result was that it was just not possible.
AFAIK, you can use LVS for that on Linux.
Hi,
we will put haproxy in front of a Zimbra infrastructure (which we have
split-up, so that there is a „front end“, with pop, imap, smtp and a „back
end“, where the mail sits).
I have too haproxy-servers (active/standby via CARP) that are checking the
front-ends.
I check:
- smtp
- smtps
Am 28.08.2014 um 22:41 schrieb Baptiste bed...@gmail.com:
Hi,
maybe you could share your HAProxy configuration :)
By default, HAProxy tests a service every 3s, which is fine. It just
does a tcp connect, so nothing complicated for your server to handle.
Since we switched to
Am 28.08.2014 um 23:21 schrieb Baptiste bed...@gmail.com:
Ok,
I would create a monitoring backend, such as below:
Hey, thanks a lot!
I will try this and report back.
Best Regards,
Rainer
Hi,
I want to take the status of a server of a given backend and use it in
another backend or in the frontend.
If that possible?
I though there might be something simular to
nbsrv() - but I haven't found anything.
Best Regards
Rainer
Hi,
I’ve configured nginx+haproxy in front of a couple of IIS servers.
NGINX terminates SSL.
configuration is as following:
global
log /var/run/log local5
log /var/run/log local1 notice
#log loghostlocal0 info
maxconn 4096
#debug
#quiet
user www
group www
daemon
Hi,
we use HAPROXY for incoming mail, outgoing mail (authenticated), POP3, IMAP.
With incoming mail, I can make use of HAProxy’s send-proxy feature to make the
source-IP known to the backend SMTP-servers.
(Works in the lab, I just need to move a few hundred customers off port 25 for
provisioned with chef and are pretty
similar and I’ve got this issue nowhere else.
I build the package myself on my own poudriere-server and the same package
works elsewhere on much busier servers without problems.
We’ve got an icinga event-handler that restarts it…
Rainer
be correct, according to this:
http://comments.gmane.org/gmane.comp.web.haproxy/19274
http://comments.gmane.org/gmane.comp.web.haproxy/19274
But only for SSL. Don’t know about inline-TLS.
Rainer
I consider openssh for sftp pretty much unusable for clients/customers.
I wouldn’t say that.
Certainly true if they don’t actually know what they’re doing.
As for the setup: yes, the first directory users can write to in a chroot-setup
is a subdirectory of the home directory (because $HOME
> Am 30.09.2015 um 16:25 schrieb Jeff Palmer :
>
> Arnall,
>
>
> This advice is less of an haproxy specific response, and more of
> general information.
>
> As someone who's tried to manage mixed infrastructure, I would push
> back if possible, unles syour organization has
> Am 01.10.2015 um 01:22 schrieb Willy Tarreau :
>
>>
>
> I'd be tempted to place my judgement between yours and Jeff's. I'd say
> that if the company is already using the target OS on any other place,
> the cost of switching is low. If the load balancer is the opportunity
> to
> Am 06.05.2016 um 00:15 schrieb Thierry FOURNIER
> :
>
> Hi,
>
> You can look here:
>
> http://discourse.haproxy.org/t/ironbee-in-haproxy/92
>
> Thierry
>
>
Is that project actually alive?
The last (and what looks like only) commit this year was to
> Am 03.03.2017 um 15:07 schrieb David King :
>
> Hi All
>
> Hoping someone will be able to help, we're running a bit of an interesting
> setup
>
> we have 3 HAProxy nodes running freebsd 11.0 , each host runs 4 jails, each
> running haproxy, but only one of the
> Am 22.05.2018 um 06:46 schrieb TomK :
>
> Trying to mount an NFS share vi an Haproxy / Keepalived configuration. When I
> mount the NFS share directly from the host, bypassing Haproxy / Keepalived,
> it works fine. However, when I try via the Haproxy / Keepalived
> Am 21.06.2021 um 18:25 schrieb Shawn Heisey :
>
> On 2021-06-20 06:03, Shawn Heisey wrote:
>> Unrelated, and off topic because it's mostly about Apache, but strange:
>> I've been doing some tests with webpagetest.org, and seeing REALLY
>> long load times for some resources in their waterfall
> Am 07.03.2023 um 08:46 schrieb Marc West :
>
>
>
> Any other thoughts to look at or data that would be helpful to collect?
>
I admit I only toyed with TP, so I really don’t know what I’m doing there, but:
Have you tried to just use pfSense for this? The developer of the package
> Am 07.03.2023 um 18:26 schrieb Marc West :
>
> On 2023-03-07 08:09:04, Rainer Duffner wrote:
>> I admit I only toyed with TP, so I really don???t know what I???m doing
>> there, but:
>>
>> Have you tried to just use pfSense for this? The developer of th
38 matches
Mail list logo