Hi, I am uanble to start haproxy with 2.2 version,
We were earlier running 1.7.9 version and planned to upgrade haproxy to latest version 2.2, so therefore we are using the same configuration 1.7.9 file to the latest version of haproxy as well.
Haproxy 2.2 is unable to start with the following errors:
[WARNING] 300/184709 (2527) : parsing [/var/vcap/jobs/haproxy/config/haproxy.config:548] : a 'http-request' rule placed after a 'use_backend' rule will still be processed before.
[ALERT] 300/184709 (2527) : Error(s) found in configuration file : /var/vcap/jobs/haproxy/config/haproxy.config
[ALERT] 300/184709 (2527) : Fatal errors found in configuration.
Tue Oct 27 18:47:09 UTC 2020: Errored starting HAProxy
Not sure whats happening with the error log
haproxy -vv
HA-Proxy version 2.2.1 2020/07/23 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2025.
Known bugs: http://www.haproxy.org/bugs/bugs-2.2.1.html
Running on: Linux 4.15.0-117-generic #118~16.04.1-Ubuntu SMP Sat Sep 5 23:35:06 UTC 2020 x86_64
Build options :
TARGET = linux-glibc
CPU = generic
CC = gcc
CFLAGS = -O2 -g -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initial
izers -Wtype-limits
OPTIONS = USE_STATIC_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT -PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE +STATIC_PCRE -STATIC_PCRE2 +TPROXY +LI
NUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL -LUA +FUTEX +ACCEPT4 +ZLIB -SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL -SYSTEMD -
OBSOLETE_LINKER +PRCTL +THREAD_DUMP -EVPORTS
Default settings :
bufsize = 16384, maxrewrite = 1024, maxpollevents =
Built with multi-threading support (MAX_THREADS=64, default=1).
Built with OpenSSL version : OpenSSL 1.0.2g 1 Mar 2016
Running on OpenSSL version : OpenSSL 1.0.2g 1 Mar 2016
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2
Built with network namespace support.
Built with zlib version : 1.2.8
Running on zlib version : 1.2.8
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with PCRE version : 8.38 2015-11-23
Running on PCRE version : 8.38 2015-11-23
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Encrypted password support via crypt(3): yes
Built with gcc compiler version 5.4.0 20160609
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
fcgi : mode=HTTP side=BE mux=FCGI
<default> : mode=HTTP side=FE|BE mux=H1
h2 : mode=HTTP side=FE|BE mux=H2
<default> : mode=TCP side=FE|BE mux=PASS
Available services : none
Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace
[CACHE] cache
[FCGI] fcgi-app
From 1.7 to 2.2 is a large jump, can you elaborate how you upgraded haproxy?
Because the startup scripts are totally different, 1.7 uses a systemd wrapper while this is totally different on 2.2. So it needs a clean removal of all files, including the systemd wrapper and old init.d files.
What Ubuntu release is this?
Please share the output of systemctl status haproxy, journalctl -u haproxy. Most importantly, share the output of haproxy -c -f /var/vcap/jobs/haproxy/config/haproxy.config.
Thanks for reaching out.
So I have downloaded the HAPROXY source code from https://www.haproxy.org/download/2.2/src/
and for the startup process we are using below startup script
echo “Extracting pcre…”
tar xzf haproxy/pcre-8.38.tar.gz
cd pcre-8.38
./configure
make
make install
cd …
tar xzf haproxy/haproxy-2.2.1.tar.gz
cd haproxy-2.2.1
make TARGET=linux-glibc USE_OPENSSL=1 USE_STATIC_PCRE=1 USE_ZLIB=1 USE_PCRE_JIT=1
mkdir ${BOSH_INSTALL_TARGET}/bin
cp haproxy ${BOSH_INSTALL_TARGET}/bin/
chmod 755 ${BOSH_INSTALL_TARGET}/bin/haproxy
Ubuntu_ release:
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial
We are not running HAPROXY as a system service.
Output of haproxy -c -f /var/vcap/jobs/haproxy/config/haproxy.config
haproxy -c -f /var/vcap/jobs/haproxy/config/haproxy.config
acessed before.
[WARNING] 300/205411 (6606) : parsing [/var/vcap/jobs/haproxy/config/haproxy.config:701]: ‘option httpchk’ : hiding headers or body at the end of the version string
is deprecated. Please, consider to use ‘http-check send’ directive instead.
[ALERT] 300/205411 (6606) : Error(s) found in configuration file : /var/vcap/jobs/haproxy/config/haproxy.config
[ALERT] 300/205411 (6606) : Fatal errors found in configuration
HAPROXY config folder:
-rw-r----- 1 root vcap 12122 Oct 27 20:49 certs.ttar
drwxr-x— 2 root vcap 4096 Oct 27 20:49 errorfiles/
-rw-r----- 1 root vcap 61162 Oct 27 20:49 haproxy.config
-rw-r----- 1 root vcap 23838 Oct 27 20:49 ip_denyList.lst
-rw-r----- 1 root vcap 1222 Oct 27 20:49 ip_dmproxyAllowList.lst
drwxr-xr-x 2 root root 4096 Oct 27 20:49 ssl/
-rw-r----- 1 root vcap 1 Oct 27 20:49 ssl_redirect.map