HAProxy doesn't automatically reload DNS
The hostname used for server
is resolved during haproxy
startup when configuration file is parsed or during health checks. You don't have any checks defined for your server
so you can get updated hostname only during restart/reload. If you want server
hostname to be updated at runtime you need to define health checks.
See HAProxy documentation Server IP address resolution using DNS for details.
Related videos on Youtube
Kaymaz
Updated on September 18, 2022Comments
-
Kaymaz almost 2 years
I've installed HAProxy 1.7.5-2 on a Debian Stretch (9) for a blue/green deployment infrastructure.
HAProxy is setup in TCP mode and reloads DNS every 5 seconds but it doesn't.
global log 127.0.0.1 local0 warning stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 10m user haproxy group haproxy daemon # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ # An alternative list with additional directives can be obtained from # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS ssl-default-bind-options no-sslv3 defaults log global mode tcp option dontlognull timeout connect 360s timeout client 300s timeout server 300s retries 99999 resolvers aws-vpc-dns nameserver vpc {DNSIP}:53 resolve_retries 30 timeout retry 1s hold valid 5s frontend site-frontend bind *:80 use_backend site-backend backend site-backend balance roundrobin server company-www target.services.company.com resolvers aws-vpc-dns listen blue-webapp-http bind :9000 balance roundrobin server company-blue blue.services.company.com resolvers aws-vpc-dns
When I change the DNS record to something else, the
host
command on the HAProxy server returns the new addresses correctly.Reloading/restarting HAProxy service is the only way I've found for now.
Any clue on what could be the issue?
-
Kaymaz over 5 yearsThat did the trick, thank you! Do you know why if I set
target.services.company.com
to google.com for example, I receive 502 Bad Gateway (HAProxy is behind a load balancer)