Hello,
I'm hard working on setting up the following architecture:
- 1 Puppet CA server
- 4 Open Source Puppet servers
- 1 Load-balancer in front of the 5 previous servers, using HAproxy
All the servers are running Debian, and everything work well, except the
catalog run time, which is more than twice longer if I route the traffic
through the lb.
>From the same agent (and same code):
- puppet agent --test --server the-lb-url.com -> Finished catalog run in
75.04 seconds
- puppet agent --test --server a-backend-server-fqdn.com -> Finished
catalog run in 33.13 seconds
I suspect HAproxy to not keep the connections alive, and force the agent to
re-open them on each HTTP call. Here is my HAproxy configuration:
global
log 127.0.0.1:514 local0
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
frontend f-puppet-masters
bind 172.16.0.1:8140
mode tcp
timeout client 60s
option tcplog
use_backend b-puppet-masters
backend b-puppet-masters
balance leastconn
mode tcp
option tcplog
server s-puppet-master1 10.0.0.1:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
server s-puppet-master2 10.0.0.2:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
server s-puppet-master3 10.0.0.3:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
server s-puppet-master4 10.0.0.4:8140 check port 8140 inter 5000 fall 3
rise 2 weight 20
Is there someone here running HAproxy in front of Puppet masters? Am I
missing something?
Thank you for your help!
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/c1c68afb-abad-454a-9d2b-282a43ec5905%40googlegroups.com.
