External Health checks with ACL?

In my search to solve a problem for my company I am finding that I am needing more and more complex configurations within HAproxy due to my companies not optimal way of delivering services to customers. The short version, is each customer has a few ports assigned to them. Which means performing health checks gets tricky because we have manyyyyyyyyyyyyyyy customers and it isnt optimal to configure hundreds of individual health check lines within HAproxy. They are working on fixing this…but for now im trying to see about implimenting an external health check that can do the work for me, then pass a value within HAproxy to determine whether a server is up or down and route traffic to another server within the cluster. Im imagining this would function in conjunction with an ACL? If im on the right track would I configure a backend to call the external check script, then pass the information to an ACL to determine which server in the cluster to send it too? If I could at least get confirmation that im on the right path or if im barking up the wrong tree again I would greatly appretiate it. If it matters its all in TCP mode. Thank you!

External health checks are supported, please make sure you read through all the necessary documentation:


Thank you for this ive actually had a hard time finding documentation that wasnt intended for enterprise. This helps and im reading through it but there is somethign I can’t seem to find right now. Can you explain or point me where to find out what sort of output format HAproxy would expect from an external health check? Also what coding languages for the script are compatible.

Exit code of the script, zero is success anything else failure, run it by hand, and check the exit code using :

echo $?

Most tools you use in your check such as curl will already offer a sensible exit code for your script to inherit, otherwise, you pass your own exit code in your script, simply:

if [ something -eq something ]; then
    exit 0
    exit 1

My advice is to make your script clean and quiet, you want it to output nothing to the terminal as I have had issues with passing weird output to HAProxy.

As for language, anything supported on the system (BASH/Python/GO/PHP…).

Just make sure you set your path variable properly in HAProxy and/or the script.

This is great information thank you very much. I have no background with scripting so I’m just learning as I go. But I think I grasp most of what your sayin!

Hi Aaron,

is it possible to decide which server to forward based on this script execution?
i mean capture this in an ACL and use it for conditional forwarding?

Best Regards,