I am monitoring my haproxy. It has a frontend for https and redirects to two backends.
One of the statistics that I have in graph is scur stat (current sessions).
I understand that this value tells me the number of current active sessions by my users.
The problem is in the data obtained and that I can not understand. In the frontend I get values of active sessions much greater than the sum of the sessions in the backends. Should not the number of sessions in the frontend be rigged to the sum of the sessions in the backend?
If not, what values are correct? What does the value of the fronted refer to? and especially, what does the value of the frontend refer to?
Attached two images, the first is the frontend, the second the two backends
No, that’s not at all the case. You’ll have to provide your configuration to understand the behavior exactly, but I assume this is simply caused by http-keep-alive.
You are using option http-server-close, you did not set timeout http-keep-alive or timeout http-request and have timeout client set to 50 minutes.
What this means is that you don’t do any kind of keep-alive on the server side (backend), but you DO keep-alive in the frontend with a timeout of 50 minutes.
It is the counter of the currently open (TCP) connections, both on the frontend and the backend. Your keep-alive use on the frontend with an effective 50 minutes timeout and disabled keep-alive on the backend causes the mismatch you are seeing.
Are you deliberately trying to make performance worse, just so that 2 counters that have not much to do with each other match? If that is the case, then you need to remove option http-keep-alive and set option httpclose.
I do not try to make performance worse, I just try to understand the “scur” statistic in order to have a correct value of active connections (to have an idea of active users). Is the “scur” value in the backends really worth anything? Should I take into account only the frontend in this case? I still do not have this answer clear.
Of course the main thing is performance, is there anything wrong with the current configuration?
The frontend handles connections between the browser and haproxy. The frontend scur counter is the amount of open connections on the frontend.
The backend handles connections between haproxy and the backend servers. The backend scur counter is the amount ofopen connections on the backend.
Those are 2 different things, and based on keep-alive handling, http reuse and keep-alive handling of the particular browser used and keep-alive handling in the backend server, they will be different. Your conclusion that those 2 different counters need to match is completely wrong.
Reduce the timeout http-keep-alive to a few seconds.
Then you cannot set the keep-alive timeout to half an hour. Set it to something like 3 - 5 seconds.
