DNS for Service Discovery - observed shortcomings, are we missing something?


#1

We’re currently investigating the use of DNS for service discovery to simplify our configurations and the process by which we add and remove dynamic services as HAProxy backends. We’re testing with 1.8.8 and have experienced several issues:

  1. It took a bit of time to figure out that we needed to use server-template instead of server to get HAProxy to include all of the hosts returned from DNS rather than using one. This seems to be a documentation issue more than anything else.

  2. Given the use of server-template to leverage dynamic service discovery via DNS, it seems somewhat counter-intuitive and limiting to require that we define ahead of time a maximum number of backends for the template. Using a number somewhat indicative of our production requirements (500) also seems to have a severe impact on the time it takes to restart HAProxy.

  3. Perhaps the biggest issue for us - there does not seem to be any way to determine if a specific host is included in the set of servers for a particular backend. They’re all similarly named with a numeric prefix. Is there any way to get a list of name to IP mappings or similar?

Any help on these points are greatly appreciated!


#2

Feel free to make some specific suggestions or even send a patch. Most often in these cases doc fixes from users are very valuable, because you guys know exactly what’s missing.

This is because haproxy allocates resources when starting up. The internal architecture is not really well-suited (yet?) to allow this kind of hot-reconfiguration without pre-loading empty servers. Not sure if there is anything planned in this regard, but it is the way it is because it was the only way to implement it at this point.

@Baptiste do you have any additional informations about this to share?

You can track IP changes via haproxy logs, and you can use the show servers state command on the unix admin socket; it will shows detailed information about each server including status, ip address, etc.