haproxytech
Help needed regarding runtime endpoint in dataplaneapi
Hi guys, I have now been able to installed the dataplaneapi (Community version) and use some of its commands. However I do have some questions below when reading https://www.haproxy.com/documentation/dataplaneapi/enterprise/#get-/services/haproxy/runtime/servers
(1) I can use the following URL to get my registered two servers: curl -sk -u 'admin:adminpwd' -H "Content-Type:application/json" -X GET http://localhost:5555/v2/services/haproxy/configuration/servers?backend=app | jq .; One is 10.0.13.124 and another one is 10.0.13.188; **My question is that why I cannot replace "localhost" with the public IP? Or I should ask whether we can run the dataplane API on more than localhost? ** Btw, I am hosting the HAProxy on one EC2 instance..
(2) I also tried another REST API to get the current status of the servers. However it returns me an empty list. Do I miss anything here?
curl -sk -u 'admin:adminpwd' -H "Content-Type:application/json" -X GET http://localhost:5555/v2/services/haproxy/runtime/servers?backend=app | jq
The following shows how I build the haproxy.cfg
backend app
balance roundrobin
server app1 10.0.13.124:8080 check
server app2 10.0.13.188:8080 check
I also tried to add a new servers in the backend but it didn't succeed as well.
curl -sk -u 'admin:adminpwd' -H "Content-Type:application/json" -X POST -d '{"name": "app3", "address": "192.168.1.23", "port": 8080, "check": "enabled"}' "http://localhost:5555/v2/services/haproxy/configuration/servers?backend=app&version=1" | jq .
It returns:
{
"code": 400,
"message": "14: err transactionId=ac38b30e-3f29-46be-bb97-1006572253b6 "
}
I checked /tmp/haproxy/failed/haproxy.cfg.ac38b30e-3f29-46be-bb97-1006572253b6, and the new IP was added. But why it still show it is an error??
Any suggestions?
More info:
haproxy.cfg
global
maxconn 4000
log /dev/log local0
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
stats socket /var/run/haproxy.sock user haproxy group haproxy mode 660 level admin expose-fd listeners
defaults
mode http
log global
option httplog
option dontlognull
timeout connect 10s
timeout client 1m
timeout server 1m
maxconn 3000
frontend main *:80
mode http
default_backend app
backend app
balance roundrobin
server app1 10.0.13.124:8080 check
server app2 10.0.13.188:8080 check
dataplaneapi.hcl
config_version = 2
name = "careful_aardvark"
mode = "single"
dataplaneapi {
host = "0.0.0.0"
port = 5555
user "admin" {
insecure = true
password = "adminpwd"
}
transaction {
transaction_dir = "/tmp/haproxy"
}
advertised {}
}
haproxy {
config_file = "/etc/haproxy/haproxy.cfg"
haproxy_bin = "/usr/sbin/haproxy"
reload {
reload_delay = 5
reload_cmd = "service haproxy reload"
restart_cmd = "service haproxy restart"
}
}
Hi, I am not sure what the issue is here?
- Are you trying to access dataplaneapi on other address then localhost?
- Can you log to the machine and see if there are runtime servers reported on the socket using this command: https://cbonte.github.io/haproxy-dconv/2.6/management.html#9.3-show%20servers%20state
I have pretty much the same config and pretty much the same problem... All READING works just fine. Any attempt to add a new server, or delete an existing gives a useless
curl -X PUT --user dataplaneapi:pwd "http://localhost:5555/v2/services/haproxy/transactions/25075b0e-ab4e-45fd-b92a-f6edc89bab40"
{"code":400,"message":"14: err transactionId=25075b0e-ab4e-45fd-b92a-f6edc89bab40 "}
curl -X DELETE --user dataplaneapi:pwd "http://localhost:5555/v2/services/haproxy/configuration/servers/web3?backend=h2&force_reload=true&version=2"
{"code":400,"message":"14: err transactionId=381eb6fb-12cc-4728-97bc-b25da215b6f4 "}
the file shows the right thing:
diff -u /etc/haproxy/haproxy.cfg /tmp/haproxy/failed/haproxy.cfg.6a34c1c4-21f8-4cc2-8630-9beb445cbbfd
--- /etc/haproxy/haproxy.cfg 2023-03-07 05:46:23.969555021 -0500
+++ /tmp/haproxy/failed/haproxy.cfg.6a34c1c4-21f8-4cc2-8630-9beb445cbbfd 2023-03-07 05:54:57.765555986 -0500
@@ -1,4 +1,4 @@
-# _md5hash=72fe4aee101b9da4abe7a3f60c6134e8
+# _md5hash=b30ec7f01e8c503e27f85c8d7338381d
# _version=3
# Dataplaneapi managed File
# changing file directly can cause a conflict if dataplaneapi is running
@@ -68,7 +68,6 @@
default-server ssl tfo verify none alpn h2 check allow-0rtt
http-request disable-l7-retry if METH_POST
- server web3 192.168.1.5:443 cookie web3 check
server web2 192.168.1.6:443 cookie web2 check
log at trace level gives absolutely no extra info:
time="2023-03-07T05:54:57-05:00" level=info msg="[::1] - - [07/Mar/2023:05:54:57 -0500] \"DELETE /v2/services/haproxy/configuration/servers/web3?backend=h2&version=3 HTTP/1.1\" 400 85 \"-\" \"curl/7.74.0\""
versions might be bit different in the examples since I just copied from failed things over the last couple of hours.
runtime api
echo "disable server h2/web3" | socat stdio /var/run/haproxy/admin.sock
works just fine
Dataplane version
"HAProxy Data Plane API v2.7.2 3d8f41f"
"Build from: https://github.com/haproxytech/dataplaneapi"
"Build date: 2023-02-03T13:31:57Z"
haproxy -vv
HAProxy version 2.7.3-1~bpo11+1 2023/02/15 - https://haproxy.org/ Status: stable branch - will stop receiving fixes around Q1 2024. Known bugs: http://www.haproxy.org/bugs/bugs-2.7.3.html Running on: Linux 5.10.0-10-amd64 #1 SMP Debian 5.10.84-1 (2021-12-08) x86_64 Build options : TARGET = linux-glibc CPU = generic CC = cc CFLAGS = -O2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wundef -Wdeclaration-after-statement -Wfatal-errors -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference -fwrapv -Wno-address-of-packed-member -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-cast-function-type -Wno-string-plus-int -Wno-atomic-alignment OPTIONS = USE_PCRE2=1 USE_PCRE2_JIT=1 USE_OPENSSL=1 USE_LUA=1 USE_SLZ=1 USE_SYSTEMD=1 USE_PROMEX=1 DEBUG = -DDEBUG_STRICT -DDEBUG_MEMORY_POOLS
Feature list : -51DEGREES +ACCEPT4 +BACKTRACE -CLOSEFROM +CPU_AFFINITY +CRYPT_H -DEVICEATLAS +DL -ENGINE +EPOLL -EVPORTS +GETADDRINFO -KQUEUE +LIBCRYPT +LINUX_SPLICE +LINUX_TPROXY +LUA -MEMORY_PROFILING +NETFILTER +NS -OBSOLETE_LINKER +OPENSSL -OPENSSL_WOLFSSL -OT -PCRE +PCRE2 +PCRE2_JIT -PCRE_JIT +POLL +PRCTL -PROCCTL +PROMEX -PTHREAD_EMULATION -QUIC +RT +SHM_OPEN +SLZ -STATIC_PCRE -STATIC_PCRE2 +SYSTEMD +TFO +THREAD +THREAD_DUMP +TPROXY -WURFL -ZLIB
Default settings : bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with multi-threading support (MAX_TGROUPS=16, MAX_THREADS=256, default=1). Built with OpenSSL version : OpenSSL 1.1.1n 15 Mar 2022 Running on OpenSSL version : OpenSSL 1.1.1n 15 Mar 2022 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3 Built with Lua version : Lua 5.3.3 Built with the Prometheus exporter as a service Built with network namespace support. Support for malloc_trim() is enabled. Built with libslz for stateless compression. Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Built with PCRE2 version : 10.36 2020-12-04 PCRE2 library supports JIT : yes Encrypted password support via crypt(3): yes Built with gcc compiler version 10.2.1 20210110
Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as
Available services : prometheus-exporter Available filters : [BWLIM] bwlim-in [BWLIM] bwlim-out [CACHE] cache [COMP] compression [FCGI] fcgi-app [SPOE] spoe [TRACE] trace
it DOES work if I run it from command line: /.../dataplaneapi -u dataplaneapi
but the exact same command inside asterisk, and it doesnt work:
program api
command /.../dataplaneapi -u dataplaneapi