HAProxy cannot bind socket for proxy on a remote machine

load-balancing cluster haproxy

I'm using HAProxy to load balance the incoming requests on my two tomcat backend servers. In the config file when I specify HAProxy to listen to the same machine on which the HAProxy is installed, everything is fine and it starts to work like a charm. I need HAProxy to listen to a virtual IP on another machine (so that I can install another LB as failover), but when I config HAProxy to do so, I get this error on starting HAProxy:

cannot bind socket for proxy http_proxy. Aborting.

here is my config file:

global
    maxconn 4096 # Total Max Connections. This is dependent on ulimit
    daemon
    nbproc 4 
defaults
    mode http
    clitimeout 60000
    srvtimeout 30000
    contimeout 4000
    option httpclose # Disable Keepalive

listen http_proxy 10.0.5.99:80 #the virtual IP I want to listen to
    mode http
    stats enable
    stats auth xxx:xxx
    balance source # Load Balancing algorithm
    option httpchk
    option forwardfor # This sets X-Forwarded-For
    ## Define your servers to balance
    server web1 10.0.5.102:8080 weight 1 maxconn 512 check
    server web2 10.0.5.103:8080 weight 1 maxconn 512 check

I'm using CentOS 5.1 installed on some virtual machines. It's necessary to say that I completely stopped the iptables service on the remote machine and the problem is still there. I suppose something is interfering with haproxy in the remote machine. Any Ideas?


You can also allow a process to bind to a non-local (i.e., non-existent IP) by adding net.ipv4.ip_nonlocal_bind=1 to /etc/sysctl.conf and running sysctl -p. But what sysadmin1138 is valid: you may want to look at how you've architected your failover.


When doing a failover config like you say you want, I've found that it's better to let the clustering mechanism handle the moving of IP addresses rather than somehow doing it in HAProxy. You configure the virtual IP address to move between nodes, and then configure it to have a service (HAproxy) follow that virtual IP. You then configure HAProxy to only listen on the virtual IP. This works because it's the clustering software that starts and stops the HAproxy process as it moves around, you don't do it from the normal services.


You are getting the error because haproxy tries to listen on non-existing IP address. It seems that you are starting haproxy process before VIP get assigned to the machine.

One solution is to listen on all interfaces 0.0.0.0. You can then restrict access to the VIP using iptables if needed.

Another option is to listen on the VIP, but you need to make sure the VIP exists when starting haproxy. This can be done by letting the clustering software (such as keepalived) start haproxy for you when it acquires the VIP.

Related

Why does Apache fail when the partition is full?
Why is crontab giving "No such file or directory" error when the file DOES exist?
Confusion over terminology SSH, Shell, Terminal, Command Prompt and Telnet
Managing an Active Directory Environment With Thousands of Subnets
BIND permission errors
Is it possible to run IIS7 on Windows Server 2003?
Office Server Room With Bad HVAC Affecting Lungs [closed]
Laggy server, seems iptables is doing the load
How to set a per-user resolv.conf
Is a hardware watchdog already active at my CentOS server?
Is there any such error logged by CentOS somewhere that can conclusively reveal "it is now time to pay for ECC"
What domain name should appear in a DKIM signature?