HAProxy: How to temporarily disable a backend server using the command line and the stats socket

Written by - 0 comments

Published on - Listed in HAProxy Linux

It's nothing new that HAProxy is one of the most widely used (and stable) open source (tcp) load balancers. It's documentation is very extensive and well written. It's honestly a pleasure to work with this open source software.

What is not so widely known is that HAProxy can be controlled from the command line using its "admin socket". Requirement for this is that the stats socket is actually defined in the haproxy config file (in the global section):

root@haproxy:~# grep "stats socket" /etc/haproxy/haproxy.cfg
    stats socket /run/haproxy/admin.sock mode 660 level admin

Another requirement is to have the socat command available. It can easily be installed using apt:

root@haproxy:~# apt install socat

With this all kinds of commands can be sent to the socket, for example looking at the current backend/servers status:

root@haproxy:~# echo "show servers state" | socat unix-connect:/var/run/haproxy/admin.sock stdio
1
# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port
5 backend1 1 server01.example.local 10.150.78.11 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 2 server02.example.local 10.150.78.12 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 3 server03.example.local 10.150.78.13 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 4 server04.example.local 10.150.78.14 2 0 1 1 529 15 3 3 6 0 0 0 - 80
5 backend1 5 server05.example.local 10.150.78.15 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 1 server01.example.local 10.150.78.11 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 2 server02.example.local 10.150.78.12 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 3 server03.example.local 10.150.78.13 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 4 server04.example.local 10.150.78.14 2 0 1 1 529 15 3 3 6 0 0 0 - 80
6 backend2 5 server05.example.local 10.150.78.15 2 0 1 1 529 15 3 3 6 0 0 0 - 80

The highlighted srv_op_state shows the current status of a backend server. The value 2 stands for "UP" (what you would see in the HAProxy User Interface).

Setting a backend server into maintenance mode (disabling a backend server)

If you are using HAProxy, you probably already monitor the HAProxy status, so looking at the status using socat isn't that special. However if you quickly need to place a backend server into a maintenance mode (= disabling the backend server), you can use the admin socket, too:

root@haproxy:~# echo "disable server backend1/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio

root@haproxy:~# echo "disable server backend2/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio

Looking at the admin user interface now shows this particular backend server with a brown background, it's status set to MAINT.

HAProxy backend server in MAINT status

Using socat, we can verify this on the command line:

root@haproxy:~#  echo "show servers state" | socat unix-connect:/var/run/haproxy/admin.sock stdio | grep server05
5 backend1 5 server05.example.local 10.150.78.15 0 1 1 1 1595 15 3 0 14 0 0 0 - 80
6 backend2 5 server05.example.local 10.150.78.15 0 1 1 1 1566 15 3 0 14 0 0 0 - 80

We can see the srv_op_state has changed to the value 0, the srv_admin_state next to it has changed from 0 to 1. That combo is represented in the UI as "MAINT" status.

Enabling a backend server again

Once the maintenance tasks are completed on the affected server, it can easily be enabled again:

root@haproxy:~# echo "enable server backend1/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio
root@haproxy:~# echo "enable server backend2/server05.example.local" | socat unix-connect:/var/run/haproxy/admin.sock stdio

Trafifc is now balanced to this backend server again and it shows up as UP again.

root@haproxy:~# echo "show servers state" | socat unix-connect:/var/run/haproxy/admin.sock stdio | grep server05
5 backend1 5 server05.example.local 10.150.78.15 2 0 1 1 2813 15 3 3 6 0 0 0 - 80
6 backend2 5 server05.example.local 10.150.78.15 2 0 1 1 2784 15 3 3 6 0 0 0 - 80

Other socket command examples

A great overview of other handy socket commands can be found on sleeplessbeastie's blog.







Add a comment

Show form to leave a comment

Comments (newest first)

No comments yet.

RSS feed

Blog Tags:

  AWS   Android   Ansible   Apache   Apple   Atlassian   BSD   Backup   Bash   Bluecoat   CMS   Chef   Cloud   Coding   Consul   Containers   CouchDB   DB   DNS   Database   Databases   Docker   ELK   Elasticsearch   Filebeat   FreeBSD   Galera   Git   GlusterFS   Grafana   Graphics   HAProxy   HTML   Hacks   Hardware   Icinga   Influx   Internet   Java   KVM   Kibana   Kodi   Kubernetes   LVM   LXC   Linux   Logstash   Mac   Macintosh   Mail   MariaDB   Minio   MongoDB   Monitoring   Multimedia   MySQL   NFS   Nagios   Network   Nginx   OSSEC   OTRS   Office   PGSQL   PHP   Perl   Personal   PostgreSQL   Postgres   PowerDNS   Proxmox   Proxy   Python   Rancher   Rant   Redis   Roundcube   SSL   Samba   Seafile   Security   Shell   SmartOS   Solaris   Surveillance   Systemd   TLS   Tomcat   Ubuntu   Unix   VMWare   VMware   Varnish   Virtualization   Windows   Wireless   Wordpress   Wyse   ZFS   Zoneminder