I can reproduce it now.
Apparently with tcp-check connect we hit a bug here where haproxy does not know the destination port. Because instead of connecting to port 6379 it actually connects to port 0, the destination refuses the connection.
2 Workarounds:
- specify the port in the connect command:
tcp-check connect port 6379instead of justtcp-check connect - or specify the check port again for each server
server redis-1-centos-7 redis-1-centos-7:6379 check port 6379 inter 1s
I believe this is fixed in BUG/MINOR: tcp-check: use the server’s service port as a
fallback, which is in release 1.7.11, but Debian does not carry this release.
I suggest you install an uptodate haproxy release from Vincent Bernat (he is also an official Debian maintainer):
The 1.7 branch is fine, but you may also pick 1.8 for more features. Both will have the fix above.
The commit that fixes this issue does not research the root cause of the issue; I assume this is a regression since this clearly worked in the older releases and it also was documented this way. I will dig into this, and maybe file a open+shut bug on github to track it.
edit: the bug filed is: