I am trying to use HAProxy’s runtime API to dynamically add backend servers as mentioned on https://www.haproxy.com/blog/dynamic-scaling-for-microservices-with-runtime-api.
When I execute this command:
set server be_template/websrv1 addr google.com port 8080
I get the error as:
Invalid addr ‘google. com’ by ‘stats socket command’
(Of course I used google as an example, I have my own fqdn for actual purpose)
However I don’t receive the error when I replace google (or my own fqdn) with the actual IP. Probably this indicates the DNS resolution is not working in the runtime API. (I am able to use the same server address if I put it in thr config at start up)
Can anyone help me out with this?
This is expected behavior, as per the docs:
https://cbonte.github.io/haproxy-dconv/1.8/management.html#9.3-set%20server
set server <backend>/<server> addr <ip4 or ip6 address> [port <port>]
Replace the current IP address of a server by the one provided.
Oh I missed that! Thanks for pointing out.
I suppose I should use
set server be_template/websrv1 fqdn google.com port 8080
(Note: fqdn instead of addr)
However this is giving me the error:
could not update be_template/websrv1 FQDN by ‘stats socket command’
Right, I did not know about the fqdn feature. For this you need haproxy 1.8 though. Which release are you running?
I am running version 1.8.12
I don’t think you can specify the port, can you try without?
I am still getting the same error without specifying port.
Is there any other way I can get past this?
I don’t have an answer or solution for you right now, I will have to invest some time to check it out. Can you share the output of haproxy -vv
and your entire configuration please?
Output of haproxy -vv:
HA-Proxy version 1.8.12-8a200c7 2018/06/27
Copywright 2000-2018 Willy Tarreau <willy@haproxy.org>
Build options :
TARGET = linux26
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -fno-strict-overflow -Wno-unused-label
OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with network namespace support.
Built with zlib version : 1.2.3
Running on zlib version : 1.2.3
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with PCRE version : 7.8 2008-09-05
Running on PCRE version : 7.8 2008-09-05
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Encrypted password support via crypt(3): yes
Built with transparent proxt support using : IP_TRANSPARENT IP_FREEBIND
Built with OpenSSL version : OpenSSL 1.1.0g 2 Nov 2017
Running on OpenSSL version : OpenSSL 1.1.0g 2 Nov 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll,
Available filters :
[Trace] trace
[COMP] compression
[SPOE] spoe
Config file:
global
log /home/usera/hap-logs local0
log /home/usera/hap-logs local1 notice
maxconn 4096
stats socket /home/usera/temp.sock mode 666 level admin
stats socket ipv4@127.0.0.1:9999 level admin
stats timeout 2m
defaults
log global
mode http
option httplog
option redispatch
option log-health-checks
monitor-uri /haproxy-health-check
retries 3
timeout connect 10000
timeout queue 10000
timeout server 10000
timeout client 10000
frontend http-in
bind ipv4@*.8080
default_backend backend_servers
backend backend_servers
balance roundrobin
server webserver1 abc.com:8889 weight 1 check inter 2000 rise 2 fall 3 port 8889
server-template websrv 1-10 abc.com:8889 weight 1 check inter 2000 rise 2 fall 3 port 8889 disabled
stats enable
stats admin if TRUE
stats uri /admin?stats
stats realm Haproxy\ Statistics
stats refresh 10s
listen stats
bind ipv4@*:9992
mode http
stats enable
stats admin if TRUE
stats uri /admin?stats
stats refresh 10s
stats show-legends
stats realm Haproxy\ Statistics
Please do reply if you begin inspecting this. Thanks for your time.
This requires the internal DNS resolver to be configured, it does not use libc lookup features.
It works for me in a configuration like this:
resolvers googledns
nameserver 8888 8.8.8.8:53
nameserver 8844 8.8.4.4:53
hold valid 600s
backend test
server www1 neverssl.com:80 resolvers googledns resolve-prefer ipv4
Also, the port is never updated, it is not supported to change the port (although the command is not rejected).
I will have the documentation updated. Also there is a crash bug when this is malconfigured and haproxy has been compiled with thread support.
Thanks, internal dns resolver works for me!
Though it would have been better to rely on libc lookup. Is there any plan to make that available within the API?
I’m not aware of it, no.
A reason may be that the libc resolver infrastructure in haproxy does not update the IP address of fqdn records. Only the internal resolver can continually update the ÍP address, so it makes sense to resctrict this to the internal resolver.
Does this mean that updates to IP address during runtime (as mentioned on http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.3.1) (say due to connection timeout in a server’s health check) also won’t use the libc function (and instead rely on internal resolver)? Ideally, this should be done using libc as well, right? I don’t want to copy (and maintain) the DNS settings from /etc/resolv.conf to my HAProxy config.
No, libc resolution happens on startup only. The resolver was implemented for resolution during run-time.
In 1.9 (currently in development) the parse-resolv-conf keyword will allow automatic parsing of /etc/resolv.conf
at startup.