could not bind socket while haproxy restart

I m restarting HAproxy by following command

haproxy -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)

but i get following message

[ALERT] 183/225022 (9278) : Starting proxy appli1-rewrite: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli2-insert: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli3-relais: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli4-backup: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy ssl-relay: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli5-backup: cannot bind socket

my haproxy.cfg file looks likefollowing

global
    log 127.0.0.1    local0
    log 127.0.0.1    local1 notice
    #log loghost    local0 info
    maxconn 4096
    #chroot /usr/share/haproxy
    user haproxy
    group haproxy
    daemon
    #debug
    #quiet

defaults
    log    global
    mode    http
    option    httplog
    option    dontlognull
    retries    3
    option redispatch
    maxconn    2000
    contimeout    5000
    clitimeout    50000
    srvtimeout    50000

listen    appli1-rewrite 0.0.0.0:10001
    cookie    SERVERID rewrite
    balance    roundrobin
    server    app1_1 192.168.34.23:8080 cookie app1inst1 check inter 2000 rise 2 fall 5
    server    app1_2 192.168.34.32:8080 cookie app1inst2 check inter 2000 rise 2 fall 5
    server    app1_3 192.168.34.27:8080 cookie app1inst3 check inter 2000 rise 2 fall 5
    server    app1_4 192.168.34.42:8080 cookie app1inst4 check inter 2000 rise 2 fall 5

listen    appli2-insert 0.0.0.0:10002
    option    httpchk
    balance    roundrobin
    cookie    SERVERID insert indirect nocache
    server    inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
    server    inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
    capture cookie vgnvisitor= len 32

    option    httpclose        # disable keep-alive
    rspidel ^Set-cookie:\ IP=    # do not let this cookie tell our internal IP address

listen    appli3-relais 0.0.0.0:10003
    dispatch 192.168.135.17:80

listen    appli4-backup 0.0.0.0:10004
    option    httpchk /index.html
    option    persist
    balance    roundrobin
    server    inst1 192.168.114.56:80 check inter 2000 fall 3
    server    inst2 192.168.114.56:81 check inter 2000 fall 3 backup

listen    ssl-relay 0.0.0.0:8443
    option    ssl-hello-chk
    balance    source
    server    inst1 192.168.110.56:443 check inter 2000 fall 3
    server    inst2 192.168.110.57:443 check inter 2000 fall 3
    server    back1 192.168.120.58:443 backup

listen    appli5-backup 0.0.0.0:10005
    option    httpchk *
    balance    roundrobin
    cookie    SERVERID insert indirect nocache
    server    inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
    server    inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
    server    inst3 192.168.114.57:80 backup check inter 2000 fall 3
    capture cookie ASPSESSION len 32
    srvtimeout    20000

    option    httpclose        # disable keep-alive
    option  checkcache        # block response if set-cookie & cacheable

    rspidel ^Set-cookie:\ IP=    # do not let this cookie tell our internal IP address

    #errorloc    502    http://192.168.114.58/error502.html
    #errorfile    503    /etc/haproxy/errors/503.http
    errorfile    400    /etc/haproxy/errors/400.http
    errorfile    403    /etc/haproxy/errors/403.http
    errorfile    408    /etc/haproxy/errors/408.http
    errorfile    500    /etc/haproxy/errors/500.http
    errorfile    502    /etc/haproxy/errors/502.http
    errorfile    503    /etc/haproxy/errors/503.http
    errorfile    504    /etc/haproxy/errors/504.http

what is wrong with my aproach


Two options:

  1. You aren't running as root; probably needs a sudo in front of your command to start it on the command line if you aren't running as root (check with whoami).
  2. Another process, likely another instance of HAProxy, is already bound to those ports. Check with netstat -apn.

On RedHat Linux with enabled SELinux (which should be enabled), just enable the haproxy_connect_any boolean value, which allows haproxy to connect the socket to any port:

setsebool -P haproxy_connect_any on

Maybe is because of selinux I type

setenforce 0

and solve the problem. The command is to make selinux to premissive mode. A not proper set selinux may block many service or connection.