Getting the active configuration file location of running instace

To speed up thing when I’m editing the config file I made some super basic scripts and added the directory where I SSH in to the path so hapchk, hapreset, hapcmd, etc are autocompleted and things are done quicker and typo-free.

Screen Shot 2022-01-20 at 05.26.08

I’ve been learning a little more of this and that and I’d like to take it a step further: I’m converting the scripts to functions (then source the file later on) and I want make my hapchk* command intelligent and have it discover where the configuration file is on its own.

I have several ideas in mind on one end from doing that each time it’s run, and the more efficient way of appending it to the user’s environment file and just use the variable since it’s unlikely to be changed once set anyway.

To discover it I could (1) test if it is in its default location or (2) find it in the systemd's service but I’d really be more comfortable if there was an official way of (3) asking the current process what was it started with–similar to what php(-fpm) -i | grep -Pi 'Loaded\sConfiguration\sFile(.*)php.ini' would do for PHP.

haproxy -vv prints everything down to its feelings and aspirations but not the current source config file. The other options that use related to files take them in as arguments they don’t print them out. I wasn’t that lucky in the master CLI either**. Got any ideas??

The fact that HAProxy runs fully in memory gives me a little hint of the answer but don’t want it to be what I fear it is. :frowning:

* # cat hapchk
haproxy -f /etc/haproxy/haproxy.cfg -c
** Master CLI output
[root@approuter ~]# hapcmd


  Type "prompt" and press return/enter to enter interactive mode. The session
  will finish after 60min of inactivity or by issuing the "quit" command.

> help
The following commands are valid at this level:
  abort ssl ca-file <cafile>              : abort a transaction for a CA file
  abort ssl cert <certfile>               : abort a transaction for a certificate file
  abort ssl crl-file <crlfile>            : abort a transaction for a CRL file
  add acl [@<ver>] <acl> <pattern>        : add an acl entry
  add map [@<ver>] <map> <key> <val>      : add a map entry (payload supported instead of key/val)
  add ssl crt-list <list> <cert> [opts]*  : add to crt-list file <list> a line <cert> or a payload
  clear acl [@<ver>] <acl>                : clear the contents of this acl
  clear counters [all]                    : clear max statistics counters (or all counters)
  clear map [@<ver>] <map>                : clear the contents of this map
  clear table <table> [<filter>]*         : remove an entry from a table (filter: data/key)
  commit acl @<ver> <acl>                 : commit the ACL at this version
  commit map @<ver> <map>                 : commit the map at this version
  commit ssl ca-file <cafile>             : commit a CA file
  commit ssl cert <certfile>              : commit a certificate file
  commit ssl crl-file <crlfile>           : commit a CRL file
  del acl <acl> [<key>|#<ref>]            : delete acl entries matching <key>
  del map <map> [<key>|#<ref>]            : delete map entries matching <key>
  del ssl ca-file <cafile>                : delete an unused CA file
  del ssl cert <certfile>                 : delete an unused certificate file
  del ssl crl-file <crlfile>              : delete an unused CRL file
  del ssl crt-list <list> <cert[:line]>   : delete a line <cert> from crt-list file <list>
  disable agent                           : disable agent checks
  disable dynamic-cookie backend <bk>     : disable dynamic cookies on a specific backend
  disable frontend <frontend>             : temporarily disable specific frontend
  disable health                          : disable health checks
  disable server (DEPRECATED)             : disable a server for maintenance (use 'set server' instead)
  enable agent                            : enable agent checks
  enable dynamic-cookie backend <bk>      : enable dynamic cookies on a specific backend
  enable frontend <frontend>              : re-enable specific frontend
  enable health                           : enable health checks
  enable server  (DEPRECATED)             : enable a disabled server (use 'set server' instead)
  get acl <acl> <value>                   : report the patterns matching a sample for an ACL
  get map <acl> <value>                   : report the keys and values matching a sample for a map
  get var <name>                          : retrieve contents of a process-wide variable
  get weight <bk>/<srv>                   : report a server's current weight
  new ssl ca-file <cafile>                : create a new CA file to be used in a crt-list
  new ssl cert <certfile>                 : create a new certificate file to be used in a crt-list or a directory
  new ssl crlfile <crlfile>               : create a new CRL file to be used in a crt-list
  operator                                : lower the level of the current CLI session to operator
  prepare acl <acl>                       : prepare a new version for atomic ACL replacement
  prepare map <acl>                       : prepare a new version for atomic map replacement
  set dynamic-cookie-key backend <bk> <k> : change a backend secret key for dynamic cookies
  set map <map> [<key>|#<ref>] <value>    : modify a map entry
  set maxconn frontend <frontend> <value> : change a frontend's maxconn setting
  set maxconn global <value>              : change the per-process maxconn setting
  set maxconn server <bk>/<srv>           : change a server's maxconn setting
  set profiling <what> {auto|on|off}      : enable/disable resource profiling (tasks,memory)
  set rate-limit <setting> <value>        : change a rate limiting value
  set server <bk>/<srv> [opts]            : change a server's state, weight, address or ssl
  set severity-output [none|number|string]: set presence of severity level in feedback information
  set ssl ca-file <cafile> <payload>      : replace a CA file
  set ssl cert <certfile> <payload>       : replace a certificate file
  set ssl crl-file <crlfile> <payload>    : replace a CRL file
  set ssl ocsp-response <resp|payload>    : update a certificate's OCSP Response from a base64-encode DER
  set ssl tls-key [id|file] <key>         : set the next TLS key for the <id> or <file> listener to <key>
  set table <table> key <k> [data.* <v>]* : update or create a table entry's data
  set timeout [cli] <delay>               : change a timeout setting
  set weight <bk>/<srv>  (DEPRECATED)     : change a server's weight (use 'set server' instead)
  show acl [@<ver>] <acl>]                : report available acls or dump an acl's contents
  show activity                           : show per-thread activity stats (for support/developers)
  show backend                            : list backends in the current running config
  show cache                              : show cache status
  show cli level                          : display the level of the current CLI session
  show cli sockets                        : dump list of cli sockets
  show env [var]                          : dump environment variables known to the process
  show errors [<px>] [request|response]   : report last request and/or response errors for each proxy
  show events [<sink>] [-w] [-n]          : show event sink state
  show fd [num]                           : dump list of file descriptors in use or a specific one
  show info [desc|json|typed|float]*      : report information about the running process
  show map [@ver] [map]                   : report available maps or dump a map's contents
  show peers [dict|-] [section]           : dump some information about all the peers or this peers section
  show pools                              : report information about the memory pools usage
  show profiling [<what>|<#lines>|byaddr]*: show profiling state (all,status,tasks,memory)
  show resolvers [id]                     : dumps counters from all resolvers section and associated name servers
  show schema json                        : report schema used for stats
  show servers conn [<backend>]           : dump server connections status (all or for a single backend)
  show servers state [<backend>]          : dump volatile server information (all or for a single backend)
  show sess [id]                          : report the list of current sessions or dump this exact session
  show ssl ca-file [<cafile>[:<index>]]   : display the SSL CA files used in memory, or the details of a <cafile>, or a single certificate of index <index> of a CA file <cafile>
  show ssl cert [<certfile>]              : display the SSL certificates used in memory, or the details of a file
  show ssl crl-file [<crlfile[:<index>>]] : display the SSL CRL files used in memory, or the details of a <crlfile>, or a single CRL of index <index> of CRL file <crlfile>
  show ssl crt-list [-n] [<list>]         : show the list of crt-lists or the content of a crt-list file <list>
  show ssl ocsp-response [id]             : display the IDs of the OCSP responses used in memory, or the details of a single OCSP response
  show startup-logs                       : report logs emitted during HAProxy startup
  show stat [desc|json|no-maint|typed|up]*: report counters for each proxy and server
  show table <table> [<filter>]*          : report table usage stats or dump this table's contents (filter: data/key)
  show tasks                              : show running tasks
  show threads                            : show some threads debugging information
  show tls-keys [id|*]                    : show tls keys references or dump tls ticket keys when id specified
  show trace [<module>]                   : show live tracing state
  shutdown frontend <frontend>            : stop a specific frontend
  shutdown session [id]                   : kill a specific session
  shutdown sessions server <bk>/<srv>     : kill sessions on a server
  trace [<module>|0] [cmd [args...]]      : manage live tracing (empty to list, 0 to stop all)
  user                                    : lower the level of the current CLI session to user
  help [<command>]                        : list matching or all commands
  prompt                                  : toggle interactive mode with prompt
  quit                                    : disconnect

> show info
Name: HAProxy
Version: 2.5.0-f2e0833
Release_date: 2021/11/23
Nbthread: 4
Nbproc: 1
Process_num: 1
Pid: 5090
Uptime: 0d 22h20m19s
Uptime_sec: 80419
Memmax_MB: 0
PoolAlloc_MB: 3
PoolUsed_MB: 3
PoolFailed: 0
Ulimit-n: 60154
Maxsock: 60154
Maxconn: 30000
Hard_maxconn: 30000
CurrConns: 4
CumConns: 3337556
CumReq: 314415
MaxSslConns: 0
CurrSslConns: 9
CumSslConns: 1209776
Maxpipes: 0
PipesUsed: 0
PipesFree: 0
ConnRate: 1
ConnRateLimit: 0
MaxConnRate: 43
SessRate: 1
SessRateLimit: 0
MaxSessRate: 43
SslRate: 1
SslRateLimit: 0
MaxSslRate: 24
SslFrontendKeyRate: 0
SslFrontendMaxKeyRate: 7
SslFrontendSessionReuse_pct: 100
SslBackendKeyRate: 2
SslBackendMaxKeyRate: 17
SslCacheLookups: 36146
SslCacheMisses: 40
CompressBpsIn: 0
CompressBpsOut: 0
CompressBpsRateLim: 0
Tasks: 258
Run_queue: 0
Idle_pct: 99
node: approuter.<something.else>
Stopping: 0
Jobs: 17
Unstoppable Jobs: 1
Listeners: 7
ActivePeers: 0
ConnectedPeers: 0
DroppedLogs: 0
BusyPolling: 0
FailedResolutions: 0
TotalBytesOut: 2311618031
TotalSplicdedBytesOut: 0
BytesOutRate: 8064
DebugCommandsIssued: 0
CumRecvLogs: 0
Build info: 2.5.0-f2e0833
Memmax_bytes: 0
PoolAlloc_bytes: 3950944
PoolUsed_bytes: 3950944
Start_time_sec: 1642604130
Tainted: 0


You are not asking the current php process about how it was started. You are starting a new php process with the default configuration, and producing outputs.

haproxy -vv has nothing to do with the haproxy instance that is currently running, just like php -i doesn’t have anything to do with the php process currently running.

Both commands print informations about a new process.

Not sure how that would work, if you don’t know how to connect to the haproxy process in the first place (if you don’t know where the configuration is, you probably don’t know what the configuration is either).

If you don’t know anything about the destination system, then there is no proper way.

Build a heuristic around ps if you must, or try to parse common startup scripts/systemd unit files.

Thanks, though,

If installed using a package manager a standard–I just got it. You mean the stats socket. right?

This is only for my own use, so it doens’t have to be perfect either.

[root@approuter ~]# ssh approuter2 'ps -ax' | grep -i haproxy
   1357 ?        Ss     0:00 /usr/local/sbin/haproxy -sf 1358 -x /var/lib/haproxy/stats -W -f /etc/haproxy/haproxy.cfg -p /run/
   1358 ?        Sl    29:59 /usr/local/sbin/haproxy -W -f /etc/haproxy/haproxy.cfg -p /run/

You were right. It does feel a little like cheating since you solved it for me but nevertheless THANK YOU! Now I just need to awk it out of there or maybe using grep -Po + regex whcih I’ve started to find entertaining lately, like a puzzle. :slight_smile: I think (?<=-f\s)(.*cfg)(?=\s|$) should do.

Thanks !