I originally posted this on forums.cockroachlabs.com. Posting here because my problem seems to be related to HAProxy instead of CockroachDB.
I keep getting the following error message on my website when connecting to my CockroachDB cluster through HAProxy:
SQLSTATE[HY000]: General error: 7 SSL SYSCALL error: EOF detected
The error occurs randomly. Sometimes I can run 10 queries before the message reappears, other times it appears for every query. Usually I can re-run the query a second after the message appears and the query succeeds.
If I connect directly to any of the database servers, the error never appears.
So far I haven’t found anything in the log files for haproxy or CockroachDB.
My connection string which uses PHP’s PDO extension:
try {
// Connect to the server and the database
$this->link = new PDO(‘pgsql:host=’.$this->serverName.‘;port=26257;dbname=’.$usedb.‘;sslmode=require;sslrootcert=’.$rootcert.‘;sslkey=’.$userkey.‘;sslcert=’.$usercert, $this->userName, null, $options);} catch (PDOException $e) {
echo ‘Caught PDOExcetion<br>’;
echo 'Error Message: '.$e->getMessage();
echo '<br>Error Code: '.$e->getCode();exit(1);
}
Haproxy is supposed to be passing through the SSL connections.
My /etc/haproxy/haproxy.cfg:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 4096cpu-map 1 0
cpu-map 2 1defaults
log global
mode tcp
option dontlognull
option tcplogtimeout connect 10s
timeout client 1m
timeout server 1m# TCP keep-alive on client side. Server already enables them.
option clitcpkaerrorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.httplisten psql
bind :26257
mode tcp
balance static-rr
option httpchk GET /health?ready=1
server cockroach1 192.168.17.150:26257 check port 8080
server cockroach2 192.168.17.151:26257 check port 8080
server cockroach3 192.168.17.152:26257 check port 8080
CockroachDB version: 21.1.8
HAProxy version: 2.4.7 (installed from source)
Where should I be looking for the cause of the error?