{"id":3161,"date":"2014-03-17T17:26:24","date_gmt":"2014-03-17T17:26:24","guid":{"rendered":"https:\/\/unknownerror.org\/index.php\/2014\/03\/17\/problem-about-haproxy-collection-of-common-programming-errors\/"},"modified":"2014-03-17T17:26:24","modified_gmt":"2014-03-17T17:26:24","slug":"problem-about-haproxy-collection-of-common-programming-errors","status":"publish","type":"post","link":"https:\/\/unknownerror.org\/index.php\/2014\/03\/17\/problem-about-haproxy-collection-of-common-programming-errors\/","title":{"rendered":"problem about haproxy-Collection of common programming errors"},"content":{"rendered":"<ul>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/c0577af50b9980045ea1294c69ed9f52?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nconeybeare<br \/>\napache-2.2 logging log-files haproxy<br \/>\nI am trying to clean out some of the log clutter from my machines and am starting by removing requests that are generated from the server themselves. I have cache warmers running around the clock and I don&#8217;t want these polluting the logs.I was able to get apache to stop logging local requests by adding a dontlog for the local IP:SetEnvIf Remote_Addr &#8220;RE\\.DA\\.CT\\.ED&#8221; dontlog CustomLog &#8220;|logger -p local3.info -t http&#8221; combined env=!dontlogand now I am looking for something similar to put in a conf<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/a042d1ea0eb155623f13766608df04c6?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nChris<br \/>\nhaproxy<br \/>\nI am having some issues with HAProxy configuration. I have been playing around with it to try and make it more resilient to high server loads and Denial of Service. However, I felt it was working fine until suddenly I was victim of a (D)DoS attack &#8211; Haproxy was reporting the backend as down even though I could still access it fine via the direct port.Could somebody please check my HAProxy config and see if there is somewhere I am messing up or why I would be experiencing this.. I just can&#8217;t seem<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/92f2fc730689ccce060a447a3ea485ab?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nAnand Soni<br \/>\namazon-ec2 load-balancing haproxy rabbitmq<br \/>\nI wanted to use HAProxy for my web app for load balancing purpose. I am trying to add a new rabbitmq node dynamically in HAProxy server using command : haproxy -p \/var\/run\/haproxy.pid -sf $(cat \/var\/run\/haproxy.pid). I am doing tcp connection mode with leastconn balance algorithm in load balancing. What is expected is when there is 3 connection in one rabbitmq, I add a new rabbit server in HAProxy server. so the next connection would pass to 2nd rabbitmq server which is not happening in my case.<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/9d93e1c44b5203e7725c739887ac9899?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nnbevans<br \/>\nhaproxy<br \/>\nIs it possible for HAproxy to reload its configuration at runtime, without dropping existing connections?I&#8217;ve looked high and low in the documentation for some mention of this but have been unsuccessful. Does anybody know off hand?Thanks.<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/9ddfa5761b2d2c24430d171c8393daff?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nAnony-Mousse<br \/>\nload-balancing haproxy<br \/>\nWe are using HAPROXY to cluster two app servers. Currently, for test purpose, the 2 servers are virtual servers.We are observing lot of Concurrency warnings being logged in the server logs as below[CacheListener] Possible concurrency problem: Replicated version id 273 is less than or equal to in-memory version for \u00a0session tDC2DAPeZ8ChQ74l1cHgig__What I found, when I did a search in google, is that many such instances could lead to load balancer crashing.I think the issue logged here : https:\/\/<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/037cf086a31501f6c2a13816bd8fe705?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nguojinpeng<br \/>\nconnection statistics reset haproxy was<br \/>\nI&#8217;m using haproxy for load balance, it works very happily.I setup a statistics page, this page return &#8220;the connection was reset&#8221; while I refresh it sometimes.listen status 0.0.0.0:8080stats enablestats refresh 5sstats uri \/admin Is this a bug or there&#8217;s some configurition problem?thanks!<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/9936800199dfe72a16ce62ee3e194053?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nuser1075894<br \/>\nhaproxy stunnel pound<br \/>\nI&#8217;m looking at introducing a loadbalancer to my existing site infrastructure to help with traffic growth and provide a level of failure protection.The site I am running uses SSL certificates for the login section and I will need to continue with this functionality. The backend servers will need to be aware of the originating IP address so I can&#8217;t use the TCP loadbalancing function and will need the SSL terminated on the loadbalancer so I can insert aX-Forwarded-ForHeader. I have seen a couple of<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/6a42c74e4a6d1d5b53210302d078fd24?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nAndrew Smith<br \/>\niptables haproxy ddos linux-kernel rate-limiting<br \/>\nPlease do not reply with &#8220;this is not possible&#8221;, as it&#8217;s waste of time. I am developing cloud appliance and I have a valid reason to protect this layer against DDoS, and there are few companies doing the same, so please dont tell me that I dont have the point, as many companies looking to buy this solution and I dont see the problem with implementing it using stock LinuxMy Linux kernel is crashing with oops on 10.000 connections due to lack of resources like CPU and RAM. I was wondering how to l<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/ba4f58129529ab060d72c06cf6047386?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nDaniel Hough<br \/>\nssl haproxy<br \/>\nI&#8217;m having an issue where HAProxy is crashing with no explanation when I switch from 1.4.12 to 1.5-dev12. The reason I&#8217;m switching is for the SSL offloading.My config file doesn&#8217;t have any errors, it&#8217;s quite simple and it works well with 1.4 &#8211; but for some reason when I run it with 1.5-dev12 I see the logs noting that the two backends I have have been set up, and then when I hit one of the frontends, I get an HTTP 400 in the browser and suddenly HAProxy isn&#8217;t running anymore when I check.I under<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/12ad4fd494f03937329824153dc87704?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\ngrowse<br \/>\nhaproxy rabbitmq graphite<br \/>\nI&#8217;m trying to pull some metrics into Graphite over a RabbitMQ exchange. I&#8217;ve got my publishers merrily publishing data to an exchange called metrics, and I&#8217;ve configured carbon.conf with the following:ENABLE_AMQP = True AMQP_HOST = hostname AMQP_PORT = 5672 AMQP_VHOST = \/vhost AMQP_USER = user AMQP_PASSWORD = password AMQP_EXCHANGE = metrics AMQP_METRIC_NAME_IN_BODY = TrueThe rMQ installation is a two-node cluster behind haproxy.When this works, it works great. However, quite often, carbon throw<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/f6a8ca88c99d57934d4c5b7bc88f3772?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nAndrew B<br \/>\nphp ssl reverse-proxy haproxy joomla<br \/>\nHaving a strange problem with Haproxy. I&#8217;m using it to frontend SSL connections to a few Joomla sites and the sites don&#8217;t appear to be picking up on the https front end which is leading to javascript errors.The relevant sections in my haproxy config:frontend http-inbind *:80 acl is_abc hdr_end(host) -i abc.comuse_backend abc if is_abcfrontend https-in bind :443 ssl crt certificate.pem crt \/var\/certs\/servers reqadd Front-End-Https:\\ On reqadd X-Forwarded-Proto:\\ https acl is_abc hdr_end(host) -i<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/1d23d0d593dd0fb981e27cb55fe72480?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nbeardtwizzle<br \/>\nload-balancing haproxy<br \/>\nI have haproxy running as my load-balancer and from the stats web interface that comes with haproxy, I can put a web server into maintenance mode (and bring it back out again) &#8211; which is great!However, I also want to be able to perform that same action from the command line (for use in some automated deployment workflows). Is this possible, and if so how?Many thanks<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/670285d86a8fc3ab7b3b71ecd5329736?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nthiesdiggity<br \/>\nubuntu mysql haproxy high-availability<br \/>\nI am trying to setup HAProxy with MySQL failover with Ubuntu. I used a setup similar to this serverfault question, however I am getting the following error when starting haproxy:[ALERT] 341\/220001 (17405) : parsing [\/etc\/haproxy\/haproxy.cfg:29] : unknown option &#8216;mysql-check&#8217;. [ALERT] 341\/220001 (17405) : Error(s) found in configuration file : \/etc\/haproxy\/haproxy.cfg [ALERT] 341\/220001 (17405) : Fatal errors found in configuration.I even tried installing the lastest version of HAProxy (1.4.22).<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/76e59746c03e64deff4d85f71d3e1afc?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nquanta<br \/>\nhaproxy<br \/>\nI am using HA Proxy HA-Proxy version 1.4.18 2011\/09\/16 I am trying to insert the following into \/etc\/init.d\/haproxy.cfg file# Use General Purpose Couter (gpc) 0 in SC1 as a global abuse counter # Monitors the number of request sent by an IP over a period of 10 secondsstick-table type ip size 1m expire 10s store gpc0,http_req_rate(10s)tcp-request connection track-sc1 srctcp-request connection reject if { src_get_gpc0 gt 0 }# Table definition stick-table type ip size 100k expire 30s store conn_cu<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/22a3da3f9741dde6e4502080ef5797a9?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nAdrian<br \/>\nmysql load-balancing haproxy connection<br \/>\nI&#8217;ve set up load balancing MySQL slaves using HAProxy via a xinetd. 2 load balancers shared a virtual IP that is managed by Pacemaker:crm configure show:node SVR120-27148.localdomain node SVR255-53192.localdomain primitive failover-ip ocf:heartbeat:IPaddr2 \\params ip=&#8221;192.168.5.9&#8243; cidr_netmask=&#8221;32&#8243; \\op monitor interval=&#8221;5s&#8221; \\meta is-managed=&#8221;true&#8221; primitive haproxy ocf:heartbeat:haproxy \\params conffile=&#8221;\/etc\/haproxy\/haproxy.cfg&#8221; \\op monitor interval=&#8221;30s&#8221; \\meta is-managed=&#8221;true&#8221; colocation hapr<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/ab7343eb3338ac85b65a111a3dd00da4?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nuser128296<br \/>\npostfix load-balancing haproxy<br \/>\nI want to configure Haproxy for outgoing mails load balancing on my centos 5.6 vps server. for this i have installed postfix on load balancer. My postfix sasl configuration as follows to use Haproxy and sasl authentication.smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination data_directory = \/var\/lib\/postfix inet_protocols = ipv4 smtp_sasl_<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/4ea238e24d419de9ca75d33036135776?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nOuterEdge<br \/>\nssl https haproxy openssl<br \/>\nI&#8217;ve got a HAProxy LB solution setup and working correctly. All HTTP traffic on port 80 is being passed through succesfully.I&#8217;m now trying to get SSL traffic to work (in TCP mode and on just one server for now) however I keep getting the following error when testing via openssl:26396:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:588:However, when I try the same test (openssl s_client -connect) on the web servers IP address and hostname, everything seems to look O<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/e7a09db53f1482fe1ec510c29ad400f0?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nghickman<br \/>\ntomcat haproxy<br \/>\nHAProxy is pinging tomcat and requesting a very small page causing Tomcat to create a new session every 2 seconds. Is there is a way to programmatically (or through a config) tell Tomcat to not create a new session for a specific page?<\/li>\n<\/ul>\n<p>Web site is in building<\/p>\n","protected":false},"excerpt":{"rendered":"<p>coneybeare apache-2.2 logging log-files haproxy I am trying to clean out some of the log clutter from my machines and am starting by removing requests that are generated from the server themselves. I have cache warmers running around the clock and I don&#8217;t want these polluting the logs.I was able to get apache to stop [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3161","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/3161","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=3161"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/3161\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=3161"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=3161"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=3161"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}