All sessions to postgresql backends are terminated with the SD code

Hello. I have the simple configuration with 2 postgresql servers in backend.
HAProxy version 2.4.12-1ppa1~focal 2022/01/11

defaults
        timeout connect 5000
        timeout client  50000
        timeout server  50000

listen pg_read2
    bind 10.1.107.182:55432
    mode tcp
    option tcplog
    balance leastconn
    option pgsql-check user check_user
    default-server inter 3s fall 3 rise 3 on-marked-down shutdown-sessions
    server pg_bigd3 10.1.107.170:5432 check
    server pg_bigd4 10.1.107.171:5432 check

There are the php application to connect through HAProxy to PostgreSQL. When i do request and close connection in php, HAProxy logs the SD termination state on every request:

pg_read2 pg_read2/pg_bigd4 1/0/35 2113 SD 12/5/4/1/0 0/0
pg_read2 pg_read2/pg_bigd4 1/0/61 6872 SD 14/6/5/2/0 0/0
pg_read2 pg_read2/pg_bigd3 1/0/68 6839 SD 17/7/6/3/0 0/0
pg_read2 pg_read2/pg_bigd3 1/0/78 36249 SD 16/6/5/2/0 0/0
pg_read2 pg_read2/pg_bigd3 1/0/73 6911 SD 17/6/5/2/0 0/0
pg_read2 pg_read2/pg_bigd4 1/0/64 6872 SD 19/7/6/3/0 0/0
pg_read2 pg_read2/pg_bigd4 1/0/71 6886 SD 18/6/5/2/0 0/0
pg_read2 pg_read2/pg_bigd4 1/0/74 36557 SD 19/7/6/2/0 0/0
pg_read2 pg_read2/pg_bigd3 1/0/68 6886 SD 18/6/5/3/0 0/0
pg_read2 pg_read2/pg_bigd3 1/0/71 6901 SD 17/5/4/2/0 0/0

BUT all required data are received (data size is correct and time of request execution is correct) and all works. No any errors is logged.
What it can be?

Hello,

I am experiencing the exact same issue.
When I use SSL mode I got all connections terminated with SD state.

postgres=# SHOW ssl;
 ssl 
-----
 on
(1 row)

but app which uses database works properly, don’t see any errors.

But in logs there are only SD responses.

Also in WEB metrics there are a lot of errors:

image132×122 3.2 KB

However, when I disable SSL mode in PostgreSQL, all responses are properly received and terminated with the -- state.

Do you know how to resolve this issue?

Hello,

has anyone faced this problem before?

Could it be an issue with a wrong HA Proxy configuration, or is it normal when SSL encryption is working? Everything seems fine, but all connections are closed with the SD state.

As per the documentation:

 SD   The connection to the server died with an error during the data
      transfer. This usually means that HAProxy has received an RST from
      the server or an ICMP message from an intermediate equipment while
      exchanging data with the server. This can be caused by a server crash
      or by a network issue on an intermediate equipment.

So if you expect that the postgresql server closes the connection with a reset, then you can ignore this error.

Thank you for the response.

I’m not sure that the application should terminate all connections with a reset, especially since the app properly closes the connection when SSL is disabled on the Postgres side.

This makes me wonder whether the issue lies more with HAProxy or with the database itself.

I don’t think there is any issue here.

Haproxy reports a connection reset with SD in the logs as documented.
Postresql probably uses connection resets after a graceful TLS shutdown.

None of this is a problem.

Ok, I understand. Thank you for your help.