Binding on haproxy 1.8.8

Hello,

I want to bind http entrance connection in HA-Proxy version 1.8.8-1ubuntu0.1.

I am using bind keyword, but it’s not functionnel.

The binding instruction is : bind *:80

Please help me.
Thanks in advance.

Maybe you could elaborate the problem a little bit?

Ok !

I’m configuring haproxy and i want to add the frontend part.
In this part, i want to bind the HTTP traffic,
I’m using the bind keyword but it’s not working.

And what does not working mean? Do you get any error message while starting haproxy? If yes, it would be a good idea to share that error message.

Thanks.

The whole configuration is

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon

tune.ssl.default-dh-param 2048
maxconn 5000

# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private

# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
#  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3

defaults
log global
mode http
option forwardfor
option http-server-close
option httplog
option dontlognull
timeout connect 2m
timeout client 2m
timeout server 2m
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http

frontend www-http
bind *:80
mode http
option forwardfor
option httpclose
option http-server-close
redirect prefix https://www.example.com if { hdr(host) -i example.com }

THe error when i start :

Process: 1982 ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE $EXTRAOPTS (code=exited, status=1/FAILURE)
Process: 1981 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q $EXTRAOPTS (code=exited, status=0/SUCCESS)
Main PID: 1982 (code=exited, status=1/FAILURE)

Sep 01 10:49:57 vps-2728-nextwab systemd[1]: haproxy.service: Service hold-off time over, scheduling restart.
Sep 01 10:49:57 vps-2728-nextwab systemd[1]: haproxy.service: Scheduled restart job, restart counter is at 5.
Sep 01 10:49:57 vps-2728-nextwab systemd[1]: Stopped HAProxy Load Balancer.
Sep 01 10:49:57 vps-2728-nextwab systemd[1]: haproxy.service: Start request repeated too quickly.
Sep 01 10:49:57 vps-2728-nextwab systemd[1]: haproxy.service: Failed with result ‘exit-code’.
Sep 01 10:49:57 vps-2728-nextwab systemd[1]: Failed to start HAProxy Load Balancer.

Provide the output of:

  • haproxy -vv
  • haproxy -f /real/path/to/haproxy.cfg -c

Thanks.

The result of haproxy -vv

HA-Proxy version 1.8.8-1ubuntu0.1 2018/05/29
Copyright 2000-2018 Willy Tarreau willy@haproxy.org

Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -g -O2 -fdebug-prefix-map=/build/haproxy-VmwZ9X/haproxy-1.8.8=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2
OPTIONS = USE_GETADDRINFO=1 USE_ZLIB=1 USE_REGPARM=1 USE_OPENSSL=1 USE_LUA=1 USE_SYSTEMD=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_NS=1

Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with OpenSSL version : OpenSSL 1.1.0g 2 Nov 2017
Running on OpenSSL version : OpenSSL 1.1.0g 2 Nov 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.3
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.39 2016-06-14
Running on PCRE version : 8.39 2016-06-14
PCRE library supports JIT : yes
Built with zlib version : 1.2.11
Running on zlib version : 1.2.11
Compression algorithms supported : identity(“identity”), deflate(“deflate”), raw-deflate(“deflate”), gzip(“gzip”)
Built with network namespace support.

Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.

Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace

And the result of haproxy -f /real/path/to/haproxy.cfg -c is :
Configuration file is valid

I think you only triggered some systemd threshold that now impedes to start haproxy.

Wait a few seconds, and start haproxy (systemctl start haproxy).

Thanks,
But it does not work.

Please, can you advise another solution?

Do:

systemctl stop haproxy
sleep 60
systemctl start haproxy
systemctl status haproxy

Thanks.
I was find the solution.
The problem was that i have installed apache service in same server.
So when hapoxy proxy try to bind trafic on 80 port, it could not because this port was already used by apache service.

I just stop apache service and haproxy starts correctly.

Thanks again for your help