How does HAProxy on GCP Kubernetes find new Pods coming up and going down
Hello, I have an existing system I am trying to understand at work. HAProxy is set as ingress in GCP kubernetes cluster that connects to application server pods. In its configuration file the server...
View ArticleProxy Protocol - PR_END_OF_FILE_ERROR
Debian 11 haproxy 2.2.9-2+deb11u3 I have a basic haproxy.cfg working as expected and it’s forwarding ssl to the backend The apache backend sees the proxy IP not the original client’s IP so I change...
View ArticleLocal log stops when use "log-send-hostname" for Syslog
Hello We use HAProxy 2.6.6. Log configuration is as below: global log 192.168.X.Y:514 local0 notice log /dev/log local0 log /dev/log local1 notice #log-send-hostname In this situation, Local log works...
View ArticleGracefully terminate keepalive connections during shutdown
Hello, I found this discussion on some older HAProxy forum. I have very similar “issue” to solve. We have quite complex set-up so I don’t want to dive into details. To describe it simply - we are...
View ArticleMaximum number of peers in community version of HAProxy
We are currently using v2.2.24 of the community version of HAProxy. We are using stick tables to test for excessive requests. While we are spreading traffic equally across our HAProxy estate via F5...
View ArticleHaproxy 2.2.9 not passing down the full url to kubernetes ingress
dietpi@jump02:~$ cat /etc/hosts 127.0.0.1 localhost myapp.myproject.local 127.0.1.1 jump02 ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters Step 1: Confirm ingress...
View ArticleMultiple http-check in backend
Hi, I am trying to figure out how to use multiple http-check in my backend. I can’t figure out the proper syntax. Any help is appreciated. backend avax-mainnet option httpchk stick-table type ip size...
View ArticleTroubling wiht ipv6 adresses
Hello, we have received complaints that some users cannot access the site during the day. Somehow they see maintanence page. When we examined the haproxy logs, we saw that all 503 error’s requests’...
View ArticlePrevent failback with active/active servers
Hi all, I’m looking for a way to prevent failback when 1 node in my backend goes down. I have this backend conf with my SSO instances (keycloak) backend auth_identity acl acl_auth_identity_pages...
View ArticleIs haproxy impacted by CVE-2022-37434?
I try to find out if haproxy and keepalived are or can be affected by CVE-2022-37434 I’ve tried to grep source code of both applications to find method inflateGetHeader which is the cause of the...
View ArticleUsing a variable to extract array of values from a JWT
Hi all, I have a JWT token from our auth provider that contains an array of permissions. It looks like haproxy can not deal with an array. Following is the instruction I am using: http-request...
View ArticleTheoretical limits for a HAProxy instance
Hello, We are performing a lot of load tests, and we hit what we think it is an artificial limit of some sort, or a parameter that we are not taking into account (HAProxy config setting, kernel...
View ArticleRouting SSH connections with HAProxy
Hello. I need help. I will try to describe the situation in detail: There is a dedicated server with a primary IPv4 address and an additional IPv4 address. This dedicated server has LXD...
View ArticleHow can i get content path in Haproxy?
Hi I stored port number in client side path and i want to use it in webserver in frontend section. How can i get path content in Haproxy? i dont want to use if command My code is: global log /dev/log...
View ArticleGet a list of connected clients in TCP mode
Hello everyone I’m using HAProxy in TCP mode and would like to have some command line to query HAProxy process to get a list of current connected clients. My clients have sessions for hours and i’d...
View ArticlecD flags issues
Hello, Does anyone know what is the cause and what should i do to fix it ? 10.241.20.34:41160 [28/Nov/2022:23:10:35.770] https-in~ nodes_GITLAB/node1 0/0/1/0/26433 101 405 - - cD-- 19/19/0/0/0 0/0...
View ArticleCreate SSL connection to backend
I am trying to configure a ‘f5 server-ssl profile’ onto an HAProxy front-end. I am not sure how to configure it so that when HAProxy initiates a connection (to let’s say a backend server) to do it via...
View ArticleExternal Health checks with ACL?
In my search to solve a problem for my company I am finding that I am needing more and more complex configurations within HAproxy due to my companies not optimal way of delivering services to...
View ArticleHTTP redirect if mysql backend changes
Hi, I currently have two backends : The first monitors two mariadb servers (via MySQL checks). The second monitors two apache servers (HTTP checks). How can I create a frontend for the apache servers...
View ArticleCreate new certificates using REST API?
Hello We need to be able to create SSL certificates on scale ( hundred of domains certificates ) , and we need to automate SSL management with minimum manual work, thus we are seeking an advice on the...
View Article