Maxconn handling

Help!
1

Hello,

I am looking how to handling maxconn condition.

https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#4-maxconn

How’s does the haproxy handle if it reach to maxconn?
I would like to see it can return the custom error page if once reach to maxconn .

Thanks all!

2

Hi,

To answer your first question:

The maxconn parameter can be configured in multiple locations in haproxy.cfg file with different implications.

  1. global maxconn: Limits the maximum number of concurrent connections per haproxy process. When this limit is reached, HAProxy stops accepting new connections and the incoming connections get queued to “Linux socket queue”. This is the greatest of all the 3 maxconn values.
  2. maxconn in frontend or listen section: Limits the maximum number of concurrent connections those are accepted by a frontend or listen section. When this limit is reached, the new connections get queued to a “frontend queue”. This is a value smaller than or equal to the global maxconn.
  3. server maxconn: Limits the maximum number of concurrent connections handled by a server. When this limit is reached the incoming connections get queued either to the “proxy queue” or to the “server queue”. A connection is queued to the server queue only if the incoming request is a persistent request.

In all the above cases, the duration for which a connection can stay in a queue is governed by the “timeout queue” parameter. An HTTP 503 Service unavailable message is thrown if this timeout is reached before the connection get served.

Now, to answer your second question:

If the global maxconn value is reached, the user would only notice a delay in the processing of the request due to queuing and would not encounter an error message until the socket queue gets saturated. If the socket queue gets saturated, HAProxy would anyhow not be able to handle the error as it would be at the kernel level.
Therefore, the need to handle an error using a custom error message would only arise in a scenario wherein the timeout queue value is reached for connections in frontend queue, proxy queue or server queue. In that case, you may display a custom error page by configuring errorfile parameter in haproxy.cfg as shown below:

errorfile 503 /etc/haproxy/errorfiles/503sorry.http

Hope this is helpful !

Thanks,
Shivharsh

3

Hello,

Further check it looks like after reach to maxconn. Then, it will put into queue and the timeout queue will take care next before produce 503 error page.

global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
maxconn 20

defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor
timeout http-request 5s
timeout queue 0s
timeout connect 5s
timeout client 30s
timeout server 0s
timeout http-keep-alive 5s
timeout check 5s
maxconn 15

errorfile 504 /etc/haproxy/errors/504.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 502 /etc/haproxy/errors/502.http

Prepared the above config. Set the very low global maxconn. Put timeout queue and timeout server to 0

Generate the load test. However, it cannot show the 503 error page. It just showing generate failure load page.

It can see there are some and 503 from haproxy log

Jul 11 15:30:58 localhost haproxy[117151]: 25.215.36.44:59631 [11/Jul/2019:15:30:57.862] www-https~ www-backend/<NOSRV> 397/-1/-1/-1/397 503 319 - - SC-- 32/29/0/0/0 0/0 "GET /ticket.php HTTP/1.1"
Jul 11 17:03:24 localhost haproxy[123765]: 25.215.33.4:64361 [11/Jul/2019:17:03:24.176] www-https~ www-backend/<NOSRV> 208/-1/-1/-1/208 503 319 - - SC-- 0/0/0/0/0 0/0 "GET /ticket.php HTTP/1.1"

Could you please further advise how to fine tune it?

Thanks!