Hi Ansible experts,
I am practicing the use of ansible-galaxy to setup the load balancer role with haproxy on serverd.lab.example.com. The apache web servers are serverb and serverc (domain lab.example.com).
The ansible job failed at nlb job step "Start the haproxy service", where the role content of nlb/tasks/main.yml is:
--- # This role installs HAProxy and configures it. - name: Download and install haproxy yum: name=haproxy state=present - name: Configure the haproxy cnf file with hosts template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg notify: restart haproxy - name: Start the haproxy service service: name=haproxy state=started enabled=yes
The resultant haproxy.cfg (in serverd) is:
frontend http-in bind *:80 default_backend servers backend servers balance roundrobin server serverb.lab.example.com 10.0.2.17:80 server serverc.lab.example.com 10.0.2.18:80
The last 4 message lines of "systemctl status haproxy.service" are:
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: [ALERT] 008/104954 (41358) : Starting frontend http-in: cannot bind socket [0.0.0.0:80] Jan 09 10:49:54 serverd.lab.example.com systemd[1]: haproxy.service: Main process exited, code=exited, status=1/FAILURE Jan 09 10:49:54 serverd.lab.example.com systemd[1]: haproxy.service: Failed with result 'exit-code'. Jan 09 10:49:54 serverd.lab.example.com systemd[1]: Failed to start HAProxy Load Balancer.non-zero return code
It seems there are problems with haproxy.cfg.
Can anyone help me resolve this issue ? Thanks.
Best regards,
Jonathan
After refresh restarting my server (due to abnormal ended), all the lab virtual machines were restarted. At the time when serverd (the haproxy server) got ready, I checked ipv4's 80/tcp port status, it is on LISTEN state. Console output as below:
[root@serverd ~] # netstat -nltp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1190/haproxy
[root@serverd ~] #
Then I checked the haproxy function with curl commands at ansible node, it works (without making any change, just environment refreshed.) -- it can now switch between serverb and serverc web servers.
$ curl http://serverd.lab.example.com
--> connect to serverb
$ curl http://serverd.lab.example.com
--> connect to serverc
Thank you, Remzi.
The full message of "systemctl status haproxy.service" is:
serverd.lab.example.com | FAILED | rc=3 >>
● haproxy.service - HAProxy Load Balancer
Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2022-01-09 10:49:54 CST; 2min 32s ago
Process: 41358 ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE $OPTIONS (code=exited, status=1/FAILURE)
Process: 41355 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 41358 (code=exited, status=1/FAILURE)
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: | with such a configuration. To fix this, please ensure that all following
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: | timeouts are set to a non-zero value: 'client', 'connect', 'server'.
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: [WARNING] 008/104954 (41358) : config : missing timeouts for backend 'servers'.
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: | While not properly invalid, you will certainly encounter various problems
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: | with such a configuration. To fix this, please ensure that all following
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: | timeouts are set to a non-zero value: 'client', 'connect', 'server'.
Jan 09 10:49:54 serverd.lab.example.com haproxy[41358]: [ALERT] 008/104954 (41358) : Starting frontend http-in: cannot bind socket [0.0.0.0:80]
Jan 09 10:49:54 serverd.lab.example.com systemd[1]: haproxy.service: Main process exited, code=exited, status=1/FAILURE
Jan 09 10:49:54 serverd.lab.example.com systemd[1]: haproxy.service: Failed with result 'exit-code'.
Jan 09 10:49:54 serverd.lab.example.com systemd[1]: Failed to start HAProxy Load Balancer.non-zero return code
Hi,
Probaly apahce or nginx listening tcp/80. Therefore haproxy cant start.
If you dont know which program use tcp/80, find it via netstat;
example;
netstat -nplt |grep 80
[root@fedora ~]# netstat -nplt |grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6893/nginx: master
tcp6 0 0 :::80 :::* LISTEN 6893/nginx: master
[root@fedora ~]#
Thanks. From the output of netstat command, I found the tcp/80 of ipv4 did not up, but ipv6's port 80 went up.
[root@serverd ~] # netstat -nltp | grep 80
tcp6 0 0 :::80 :::* LISTEN 46141/httpd
[root@serverd ~] #
It may be the problem source because in haproxy.cfg only ipv4 addresses are defined. But how to make ipv4 port tcp/80 listen ?
You can stop and disable apache, then haproxy can start.
Disable and stop apache;
systemctl disable httpd
systemctl stop httpd
start haproxy;
systemctl start haproxy
After refresh restarting my server (due to abnormal ended), all the lab virtual machines were restarted. At the time when serverd (the haproxy server) got ready, I checked ipv4's 80/tcp port status, it is on LISTEN state. Console output as below:
[root@serverd ~] # netstat -nltp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1190/haproxy
[root@serverd ~] #
Then I checked the haproxy function with curl commands at ansible node, it works (without making any change, just environment refreshed.) -- it can now switch between serverb and serverc web servers.
$ curl http://serverd.lab.example.com
--> connect to serverb
$ curl http://serverd.lab.example.com
--> connect to serverc
Thank you, Remzi.
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.