0

i'm trying to configure haproxy on a red hat 7.1 machine (haproxy 1.5.4)

to proxy a few nodejs instances.

if i try to access on port 80 (haproxy frontend) it returns error 503 if i try to access on port 3000 (node app service), it returns ok

here my haproxy configuration:

global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon
    stats socket /var/lib/haproxy/stats
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000
frontend  main *:80
    default_backend             app
backend app
    balance     roundrobin
    server  app1 127.0.0.1:3000 check

Any guidance is welcome.

Sombriks
  • 141
  • 2
  • 8
  • What do your logs say? What about the stats page or socket; is the backend up? Also, if you're proxying on the same machine as the backend, why not just have Node listen on port 80, or use iptables to mangle the packets? – GregL Nov 09 '15 at 20:05
  • In your description you mention port 300 but in the config it points to port 3000. This is a typo either in the post or your haproxy configs – David King Nov 09 '15 at 20:39
  • @GregL, my backend answers ok, still no idea why it's not working. i've swapped my configuration with this one http://pastebin.com/y1ycT2kx but still not working. right now i've tested haproxy from command line instead service and it gave me this message: $ haproxy -f /etc/haproxy/haproxy.cfg [WARNING] 312/175650 (533) : [haproxy.main()] Cannot raise FD limit to 8011. [ALERT] 312/175650 (533) : Starting proxy http-in: cannot bind socket [0.0.0.0:80] – Sombriks Nov 09 '15 at 23:02

1 Answers1

1

Thanks everyone for the help, the problem was selinux. more details on this thread: Weird interaction with systemctl with Haproxy on CentOS 7

all i needed to make was to run this command: 

sudo semanage port --add --type http_port_t --proto tcp 3000

and changed my config file to this:

global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     1000
    user        haproxy
    group       haproxy
    daemon
    stats socket /var/lib/haproxy/stats

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

frontend  main 0.0.0.0:80
    default_backend             app

backend app
    balance     roundrobin
    server  app1 127.0.0.1:3000 check
Community
  • 1
Sombriks
  • 141
  • 2
  • 8
  • Please mark your question as answered so other people don't come in to try help you out to find out you are good to go. – DavidGamba Nov 10 '15 at 20:09
  • @DavidG serverfault/stackoverflow forbids me to do that in less than 48 hours. there's 17 hours left so i can do that. – Sombriks Nov 11 '15 at 02:53