HAProxy community

Failing to start with systemd and unexplained issues

Greetings. I was keen on some specific functionality of haproxy so I built 1.7.0 on my CentOS 7 server. The build when fine and I didn’t really have any issues. However for the life of me I can not get it to be controlled with systemd. Here is what I have. This is the binary that I ended up with:

Copyright 2000-2016 Willy Tarreau willy@haproxy.org

Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement
OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1

Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity(“identity”), deflate(“deflate”), raw-deflate(“deflate”), gzip(“gzip”)
Built with OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
Running on OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built with PCRE version : 8.32 2012-11-30
Running on PCRE version : 8.32 2012-11-30
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built without Lua support
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND

Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.

Available filters :
[COMP] compression
[TRACE] trace
[SPOE] spoe

and here is the startup issue that I get from systemd:

[root@haproxy haproxy-1.7.0]# systemctl -l status haproxy.service
● haproxy.service - SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
   Loaded: loaded (/etc/rc.d/init.d/haproxy)
   Active: failed (Result: exit-code) since Sat 2016-12-10 10:35:56 PST; 7min ago
 Docs: man:systemd-sysv-generator(8)
  Process: 19985 ExecStart=/etc/rc.d/init.d/haproxy start (code=exited, status=1/FAILURE)

Dec 10 10:35:56 haproxy.home.whootis.com systemd[1]: Starting SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments....
Dec 10 10:35:56 haproxy.home.whootis.com haproxy[19985]: /etc/rc.d/init.d/haproxy: line 26: [: =: unary operator expected
Dec 10 10:35:56 haproxy.home.whootis.com haproxy[19985]: /etc/rc.d/init.d/haproxy: line 98: /usr/sbin/haproxy: No such file or directory
Dec 10 10:35:56 haproxy.home.whootis.com haproxy[19985]: Errors found in configuration file, check it with 'haproxy check'.
Dec 10 10:35:56 haproxy.home.whootis.com systemd[1]: haproxy.service: control process exited, code=exited status=1
Dec 10 10:35:56 haproxy.home.whootis.com systemd[1]: Failed to start SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments..
Dec 10 10:35:56 haproxy.home.whootis.com systemd[1]: Unit haproxy.service entered failed state.
Dec 10 10:35:56 haproxy.home.whootis.com systemd[1]: haproxy.service failed.

The file in init.d doesn’t appear to be formatted incorrectly as far as I can tell, but here it is anyway:

[root@haproxy haproxy-1.7.0]# cat /etc/init.d/haproxy 
#!/bin/sh
#
# chkconfig: - 85 15
# description: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited \
#              for high availability environments.
# processname: haproxy
# config: /etc/haproxy/haproxy.cfg
# pidfile: /var/run/haproxy.pid

# Script Author: Simon Matter <simon.matter@invoca.ch>
# Version: 2004060600

# Source function library.
if [ -f /etc/init.d/functions ]; then
  . /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
  . /etc/rc.d/init.d/functions
else
  exit 0
fi

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

# This is our service name
BASENAME=`basename $0`
if [ -L $0 ]; then
  BASENAME=`find $0 -name $BASENAME -printf %l`
  BASENAME=`basename $BASENAME`
fi

BIN=/usr/sbin/$BASENAME

CFG=/etc/$BASENAME/$BASENAME.cfg
[ -f $CFG ] || exit 1

PIDFILE=/var/run/$BASENAME.pid
LOCKFILE=/var/lock/subsys/$BASENAME

RETVAL=0

start() {
  quiet_check
  if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
  fi

  echo -n "Starting $BASENAME: "
  daemon $BIN -D -f $CFG -p $PIDFILE
  RETVAL=$?
  echo
  [ $RETVAL -eq 0 ] && touch $LOCKFILE
  return $RETVAL
}

stop() {
  echo -n "Shutting down $BASENAME: "
  killproc $BASENAME -USR1
  RETVAL=$?
  echo
  [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
  [ $RETVAL -eq 0 ] && rm -f $PIDFILE
  return $RETVAL
}

restart() {
  quiet_check
  if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
  fi
  stop
  start
}

reload() {
  if ! [ -s $PIDFILE ]; then
return 0
  fi

  quiet_check
  if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
  fi
  $BIN -D -f $CFG -p $PIDFILE -sf $(cat $PIDFILE)
}

check() {
  $BIN -c -q -V -f $CFG
}

quiet_check() {
  $BIN -c -q -f $CFG
}

rhstatus() {
  status $BASENAME
}

condrestart() {
  [ -e $LOCKFILE ] && restart || :
}

# See how we were called.
case "$1" in
  start)
start
;;
  stop)
stop
;;
  restart)
restart
;;
  reload)
reload
;;
  condrestart)
condrestart
;;
  status)
rhstatus
;;
  check)
check
;;
  *)
echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"
exit 1
esac
 
exit $?

Is the binary in /usr/sbin/haproxy?

Has anyone been able to solve this issue? I have also run into the same issue when starting, stopping, and reloading fails running HA Proxy 1.7.9 on Cent7.

haproxy.service - SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
Loaded: loaded (/etc/rc.d/init.d/haproxy; bad; vendor preset: disabled)
Active: active (running) since Fri 2017-10-27 10:46:25 EDT; 1min 0s ago
Docs: man:systemd-sysv-generator(8)
Main PID: 12011 (haproxy)
CGroup: /system.slice/haproxy.service
└─12011 /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid

Oct 27 10:46:25 rm12-ext-haproxy01 systemd[1]: Starting SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments…
Oct 27 10:46:25 rm12-ext-haproxy01 haproxy[12002]: /etc/rc.d/init.d/haproxy: line 26: [: =: unary operator expected
Oct 27 10:46:25 rm12-ext-haproxy01 haproxy[12002]: Starting haproxy: [WARNING] 299/104625 (12010) : Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. …rning disappear.
Oct 27 10:46:25 rm12-ext-haproxy01 haproxy[12002]: [ OK ]
Oct 27 10:46:25 rm12-ext-haproxy01 systemd[1]: Started SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments…
Hint: Some lines were ellipsized, use -l to show in full.

Do not use the init.d file.

You are using systemd, you have use the systemd unit file and wrapper, not the init.d script.

rm /etc/init.d/haproxy
cd contrib/systemd
cp haproxy.service.in /lib/systemd/system/
systemctl daemon-reload
systemctl enable haproxy
systemctl start haproxy
systemctl status haproxy

Note: Haproxy 1.8 and later needs to be compiled with USE_SYSTEMD=1 for the provided systemd unit file to work (needs systemd header files, that would be libsystemd-dev on Debian/Ubuntu or systemd-devel on CentOS 7+ afaik).

does these steps apply to 2.0.3 version?if it is then im getting this error
Failed to start haproxy.service: Unit not found

Yes (if you used systemd).

If it doesn’t work, post the output of everything and let us know what OS exactly you are using.

it worked for and restarted fine. Thank you !!
but im having issue when i’m adding https details in config, it throws error

[ALERT] 212/111144 (11594) : parsing [/etc/haproxy/haproxy.cfg:15] : unknown keyword ‘tune.ssl.default-dh-param’ in ‘global’ section
[ALERT] 212/111144 (11594) : parsing [/etc/haproxy/haproxy.cfg:17] : unknown keyword ‘ssl-default-bind-ciphers’ in ‘global’ section
[ALERT] 212/111144 (11594) : parsing [/etc/haproxy/haproxy.cfg:18] : unknown keyword ‘ssl-default-bind-options’ in ‘global’ section
[ALERT] 212/111144 (11594) : parsing [/etc/haproxy/haproxy.cfg:21] : unknown keyword ‘ssl-default-server-ciphers’ in ‘global’ section
[ALERT] 212/111144 (11594) : parsing [/etc/haproxy/haproxy.cfg:46] : ‘bind *:443’ unknown keyword ‘ssl’. Registered keywords :
[STAT] level
[STAT] expose-fd
[STAT] severity-output
[ TCP] defer-accept
[ TCP] interface
[ TCP] mss
[ TCP] tcp-ut
[ TCP] tfo
[ TCP] transparent
[ TCP] v4v6
[ TCP] v6only
[ TCP] namespace
[ ALL] accept-netscaler-cip
[ ALL] accept-proxy
[ ALL] backlog
[ ALL] id
[ ALL] maxconn
[ ALL] name
[ ALL] nice
[ ALL] process
[ ALL] proto
[UNIX] gid
[UNIX] group
[UNIX] mode
[UNIX] uid
[UNIX] user
[ALERT] 212/111144 (11594) : parsing [/etc/haproxy/haproxy.cfg:47] : error detected in frontend ‘http-in’ while parsing redirect rule : error in condition: unknown fetch method ‘ssl_fc’ in ACL expression ‘ssl_fc’.
[ALERT] 212/111144 (11594) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
[ALERT] 212/111144 (11594) : Fatal errors found in configuration.

You are trying to use SSL but did not compile with SSL support (USE_OPENSSL=1). Please read INSTALL and open a new thread if you have any other issues.

thanks