This page contains information about our HAProxy configuration in the CloudVPS environment.

Backend services that are full active / active will automatically be pooled and depooled by HAProxy. As long as there is one instance available there will be no interruption in service.

Backend connections for each service are dynamically directed to the server with the least amount of connections using the `leastconn` load balancing algorithm.

Session persistence is maintained with HAProxy stick tables using the IP address of the client. This will ensure new client connections get forwarded to the same server every time.

Icinga is configured with the following HAProxy process checks:

• nrpe_check!check_haproxy_alive!10
• nrpe_check!check_haproxy!10

The prometheus haproxy exporter is collecting haproxy backend and frontend metrics directly from haproxy through the URL http://localhost:9900/stats;csv. This URL is read-only and only provides statistic information through the loopback interface.

Grafana dashboard: https://grafana.wikimedia.org/d/tanisM2Zz/wmcs-openstack-eqiad1-api-stats

HAProxy statistics and metrics can be queried through the "stats socket" at `/run/haproxy/haproxy.sock`.

Process information:

echo "show info" | sudo socat /run/haproxy/haproxy.sock stdio

Statistics:

echo "show stat" | sudo socat /run/haproxy/haproxy.sock stdio

• /var/log/haproxy/haproxy.log

Each controller is running HAProxy with no cross dependencies on other controllers or HAProxy instances. Each load balancer is operating on its own with no shared information like client sessions between them.

Each region has a dedicated FQDN (openstack.<region>.wikimediacloud.org) which maps to one of the OpenStack controllers running HAProxy. In the event of failure or maintenance this DNS entry will need to be remapped to the other controller in the operations/dns git repository at https://gerrit.wikimedia.org/r/admin/projects/operations/dns