All geek questions in one place

Haproxy / docker An activated listener was not found (check the 'bind' directives)! Output

I am trying to run haproxy with docker. I followed the instructions below:

https://hub.docker.com/_/haproxy/

I managed to create a docker image, but after trying to launch it.

using

docker run -d --link another_container:another_container --name mc-ha -v haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro my_own_haproxy:latest

I get this error:

 [ALERT] 298/054910 (1) : [haproxy.main()] No enabled listener found (check for 'bind' directives) ! Exiting.

I searched for it, but the only thing I found was the ha proxy source code.

Here is my haproxy.cfg

 global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend esNodes bind *:8091 mode http default_backend srNodes backend srNodes mode http balance roundrobin option forwardfor http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } option httpchk HEAD / HTTP/1.1\r\nHost:localhost server web01 0.0.0.0:10903/project/es check

EDIT: Btw I also tried changing the backend node url to my docker ip address. But still no luck.

+5
source share
4 answers

Thanks to comment by @Michael. I was able to solve the problem.

First, I remove the haproxy command from the docker file. And then I run the haproxy command manually inside the container.

Voila! My configuration file is not a file. His catalog. Lol

The problem is with my docker -v command.

I change it to the full path

-v FULL_PATH / customhaproxy.cfg: /usr/local/etc/haproxy/haproxy.cfg

+4
source

You need to remove the daemon keyword from the docker file - the docker needs a foreground process to run, otherwise the docker will exit immediately.

I think the error message you see is due to the docker coming out faster than the haproxy being bound to any ports.

+3
source

I really had to restart docker-machine (using OSX), otherwise every time I started container with the ability to mount the volume (tried both absolute and relative paths) - it set haproxy.cfg as a directory

+1
source 
 ls -l /etc/ssl/certs ls -l /etc/ssl/private chmod -r 400 /etc/ssl/private

It is also possible to change permissions for certificates, but I'm not sure. Running haproxy with globally readable ssl keys is a very bad security practice, so they completely disable startup.

0
source

Source: https://habr.com/ru/post/1234506/

More articles:


All Articles