It's nothing new that HAProxy is one of the most widely used (and stable) open source (tcp) load balancers. It's documentation is very extensive and well written. It's honestly a pleasure to work with this open source software.
What is not so widely known is that HAProxy can be controlled from the command line using its "admin socket". Requirement for this is that the stats socket is actually defined in the haproxy config file (in the global section):
root@haproxy:~# grep "stats socket" /etc/haproxy/haproxy.cfg
stats socket /run/haproxy/admin.sock mode 660 level admin
Another requirement is to have the socat command available. It can easily be installed using apt:
root@haproxy:~# apt install socat
With this all kinds of commands can be sent to the socket, for example looking at the current backend/servers status:
root@haproxy:~# echo "show servers state" | socat unix-connect:/var/run/haproxy/admin.sock stdio
1
# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port
5 backend1 1 server01.example.local 10.150.78.11 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 2 server02.example.local 10.150.78.12 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 3 server03.example.local 10.150.78.13 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 4 server04.example.local 10.150.78.14 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 5 server05.example.local 10.150.78.15 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 1 server01.example.local 10.150.78.11 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 2 server02.example.local 10.150.78.12 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 3 server03.example.local 10.150.78.13 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 4 server04.example.local 10.150.78.14 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 5 server05.example.local 10.150.78.15 2 0 1 1 529 15 3 3 6 0 0 0 - 80
The highlighted srv_op_state shows the current status of a backend server. The value 2 stands for "UP" (what you would see in the HAProxy User Interface).
If you are using HAProxy, you probably already monitor the HAProxy status, so looking at the status using socat isn't that special. However if you quickly need to place a backend server into a maintenance mode (= disabling the backend server), you can use the admin socket, too:
root@haproxy:~# echo "disable server backend1/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio
root@haproxy:~# echo "disable server backend2/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio
Looking at the admin user interface now shows this particular backend server with a brown background, it's status set to MAINT.
Using socat, we can verify this on the command line:
root@haproxy:~# echo "show servers state" | socat unix-connect:/var/run/haproxy/admin.sock stdio | grep server05
5 backend1 5 server05.example.local 10.150.78.15 0 1 1 1 1595 15 3 0 14 0 0 0 - 80
6 backend2 5 server05.example.local 10.150.78.15 0 1 1 1 1566 15 3 0 14 0 0 0 - 80
We can see the srv_op_state has changed to the value 0, the srv_admin_state next to it has changed from 0 to 1. That combo is represented in the UI as "MAINT" status.
Once the maintenance tasks are completed on the affected server, it can easily be enabled again:
root@haproxy:~# echo "enable server backend1/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio
root@haproxy:~# echo "enable server backend2/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio
Trafifc is now balanced to this backend server again and it shows up as UP again.
root@haproxy:~# echo "show servers state" | socat unix-connect:/var/run/haproxy/admin.sock stdio | grep server05
5 backend1 5 server05.example.local 10.150.78.15 2 0 1 1 2813 15 3 3 6 0 0 0 - 80
6 backend2 5 server05.example.local 10.150.78.15 2 0 1 1 2784 15 3 3 6 0 0 0 - 80
A great overview of other handy socket commands can be found on sleeplessbeastie's blog.
No comments yet.
AWS Android Ansible Apache Apple Atlassian BSD Backup Bash Bluecoat CMS Chef Cloud Coding Consul Containers CouchDB DB DNS Database Databases Docker ELK Elasticsearch Filebeat FreeBSD Galera Git GlusterFS Grafana Graphics HAProxy HTML Hacks Hardware Icinga Influx Internet Java KVM Kibana Kodi Kubernetes LVM LXC Linux Logstash Mac Macintosh Mail MariaDB Minio MongoDB Monitoring Multimedia MySQL NFS Nagios Network Nginx OSSEC OTRS Office OpenSearch PGSQL PHP Perl Personal PostgreSQL Postgres PowerDNS Proxmox Proxy Python Rancher Rant Redis Roundcube SSL Samba Seafile Security Shell SmartOS Solaris Surveillance Systemd TLS Tomcat Ubuntu Unix VMWare VMware Varnish Virtualization Windows Wireless Wordpress Wyse ZFS Zoneminder