Does "observer layer7" verify the health check or the server responses?

Hi there,

I have a backend with a couple of servers, in HTTP mode :

backend my_backend
    mode http
    option forwardfor
    option log-health-checks

    option httpchk GET
    http-check disable-on-404

    timeout server 30s
    timeout connect 5s
    timeout check 5s

    default-server maxconn 1000 on-error fail-check inter 3s fastinter 1s downinter 1s weight 100 fall 3 rise 10

    server server1 IP1:8880 check port 18880 observe layer7
    server server2 IP2:8880 check port 18880 observe layer7 backup

On port 18880 I have an Xinetd script, very simple that returns a very basic HTTP response like this :

HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 0
Connection: close

or

HTTP/1.1 503 Service Unavailable
Content-Type: text/plain
Content-Length: 0
Connection: close

In my logs I sometimes have this kind of message :

Health check for server my_backend/server1 failed, reason: Health analyze, info: "Detected 10 consecutive errors, last one was: Invalid http response (headers)", status: 2/3 UP.

I don’t understand if those invalid headers come from the health check (port 18880) or from the upstream process (port 8880).
I guess the documentation about “observe <mode>” is not very clear about that :

This option enables health adjusting based on observing communication with the server. By default this functionality is disabled and enabling it also requires to enable health checks. There are two supported modes: “layer4” and “layer7”. In layer4 mode, only successful/unsuccessful tcp connections are significant. In layer7, which is only allowed for http proxies, responses received from server are verified, like valid/wrong http code, unparsable headers, a timeout, etc. Valid status codes include 100 to 499, 501 and 505.

Thanks for any help.

It’s not about the health check, it’s about the production traffic, so it’s the observe mode that is kicking in, as you already suspected.

Thank you for this answer.