HAProxy community

503 due to DNS issue (ELB AWS IP changes)

Hi,

I’m encountering strange behaviour using haproxy 1.8.

I’m using below frontend and backend

frontend https-fr
bind *:443 ssl crt /etc/haproxy/ssl/mycert.crt
acl plateformefr hdr(host) -i www.test.com
use_backend plateformefr if plateformefr

backend plateformefr
http-request set-header X-Forwarded-For %[src]
server node1 myserver:443 ssl verify none

Last week, as my node was unavailable during few minutes, haproxy disabled this node.

To avoid this happens again, we’ve disabled health check removing “check” from “server node1 myserver:443 check ssl verify none”

Last friday, everything working fine.

Today (monday), haproxy returned 503 error.

Below last Friday logs and first today logs:

haproxy.log.1
Feb 14 18:52:04 ip-priv-ip haproxy[4456]: public_ip:13358 [14/Feb/2020:18:52:03.983] https-fr~ plateformefr/node1 0/0/1/315/316 200 10023 - - ---- 5/3/0/1/0 0/0 “GET /index.php?page=mypage HTTP/1.1”

haproxy.log
Feb 17 08:12:25 ip-priv-ip haproxy[4456]: public_ip:11591 [17/Feb/2020:08:12:25.177] https-fr~ plateformefr/node1 0/0/13/31/45 503 755 - - ---- 2/2/1/2/0 0/0 “GET / HTTP/1.1”

This loadbalancer is only used an internal way so it is normal that no traffic is generated during week end.

To resolve this issue, we’ve restarted haproxy.

Does this issue is due to an inactivity time? Is there a way to avoid this behaviour?

Thanks

The error seems to deal with AWS ELB IP changes.

I’m using ELB FQDN as node target.

Hi,

HAProxy embeds a runtime resolver for some time now, you can use it to follow-up ELB FQDN resolution changes:
https://cbonte.github.io/haproxy-dconv/2.0/configuration.html#5.3.2

1 Like