HAProxy community

Understand scur statistic (frontend vs backend)


#1

I am monitoring my haproxy. It has a frontend for https and redirects to two backends.

One of the statistics that I have in graph is scur stat (current sessions).

I understand that this value tells me the number of current active sessions by my users.

The problem is in the data obtained and that I can not understand. In the frontend I get values of active sessions much greater than the sum of the sessions in the backends. Should not the number of sessions in the frontend be rigged to the sum of the sessions in the backend?

If not, what values are correct? What does the value of the fronted refer to? and especially, what does the value of the frontend refer to?

Attached two images, the first is the frontend, the second the two backends

image

image


#2

No, that’s not at all the case. You’ll have to provide your configuration to understand the behavior exactly, but I assume this is simply caused by http-keep-alive.


#3

I can provide you my “global” and “defaults”, but I can tell you that I don’t use the http-keep-alive option:

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/proxy.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 2048

    ca-base /etc/ssl/c
    crt-base /etc/ssl/p

defaults
log global
mode http
option forwardfor
option http-server-close
option httplog
option dontlognull
option log-health-checks
timeout connect 5000
timeout client 50m
timeout server 50m
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http

Anyway, I need to understand the “scur” statistic, what it means in the frontend and what it means in the backend.

If you need any additional information about the configuration of haproxy let me know.

Thanks


#4

You are using option http-server-close, you did not set timeout http-keep-alive or timeout http-request and have timeout client set to 50 minutes.

What this means is that you don’t do any kind of keep-alive on the server side (backend), but you DO keep-alive in the frontend with a timeout of 50 minutes.

Please read about http-server-close and timeout http-keep-alive in the docs.

It is the counter of the currently open (TCP) connections, both on the frontend and the backend. Your keep-alive use on the frontend with an effective 50 minutes timeout and disabled keep-alive on the backend causes the mismatch you are seeing.