2

I want to load balance 2 apache/php servers with haproxy Googling around I saw that since version 1.5 dev12, haproxy supports SSL offloading, which as I understand means that there is no need for any extra components in front of haproxy to handle the SSL.

Basically, I followed this article http://blog.exceliance.fr/2012/09/10/how-to-get-ssl-with-haproxy-getting-rid-of-stunnel-stud-nginx-or-pound/ to setup haproxy

Below my config

global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 chroot /usr/share/haproxy uid 99 gid 99 daemon #debug #quiet defaults log global mode http option httplog option dontlognull retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 frontend ft_test mode http bind 0.0.0.0:443 ssl crt /home/prx/haproxy_ssl/haproxy.ssl prefer-server-ciphers # other (self described) options are: [ciphers <suite>] [nosslv3] [notlsv1] default_backend bk_test backend bk_test mode http balance roundrobin server inst1 10.1.2.43:80 check inter 2000 fall 3 server inst2 10.1.2.142:80 check inter 2000 fall 3

The problem is that the backend servers both receive requests at the same time I mean, I refresh the page once and every time 3 requests appear on the web server's log A sample of the logs

10.1.2.138 - - [24/Jan/2013:12:16:09 -0500] "GET /index.php HTTP/1.1" 200 67170 10.1.2.138 - - [24/Jan/2013:12:16:09 -0500] "GET /index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524 10.1.2.138 - - [24/Jan/2013:12:16:09 -0500] "GET /index.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146

Sometimes 2 request will hit one server and 1 the other, but 1 page refresh results to 3 requests arriving at the backend I checked the backend servers configs and they are OK

Is the haproxy config wrong? Thanks

Improve this question
5
  • Is it possible these requests you see are just multiple HTTP requests to load the page? I believe the roundrobin balance will have each separate request go to a different backend server. If you wanted a user to only interact with a single backend server at a time, I think you'd need to look into persistence. As another possibility, could you be seeing the backend server checks in the logs? Commented Jan 24, 2013 at 19:02
  • Hi. I have ruled out all of the above. The page I request is just a phpinfo(). Nothing else. Additionally, the instant I refresh the browser I see the 3 requests, so it cannot be from any checks Commented Jan 24, 2013 at 20:42
  • Paul you were right. The phpinfo() was making 3 requests actually. Sometimes your mind gets stuck in the simplest things. Thanks for the help and sorry Commented Jan 25, 2013 at 8:57
  • No problem, I'm glad it was an easy one. I added my comment as an answer if you want to mark it to close this out. Commented Jan 25, 2013 at 13:51
  • Thomas, Does your config work for both 80 & 443 I am trying to figure out how to get my Load Balancers to support SSL and nonSSL traffic Commented Apr 3, 2013 at 0:49

1 Answer 1

Reset to default
2

Is it possible these requests you see are just multiple HTTP requests to load the page? I believe the roundrobin balance will have each separate request go to a different backend server. If you wanted a user to only interact with a single backend server at a time, I think you'd need to look into persistence. As another possibility, could you be seeing the backend server checks in the logs?

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.