HAProxy Logging in Ubuntu Lucid

At Transloadit we use HAProxy "The Reliable, High Performance TCP/HTTP Load Balancer" so that we can offer different services on 1 port.

For instance, depending on the hostname, a requests to port 80 can be routed to either nodejs (in case of api.transloadit.com), or nginx (in case of www.transloadit.com).

HAProxy has been good to us and setting it up was a breeze. But getting HAProxy to log on Ubuntu Lucid was harder than I thought. All of the tutorials I found either didn't cover logging, or had deprecated information on it.

Google suddenly stopped being my friend.

HAProxy Wants to Log

For performance & maintenance reasons HAProxy doesn't log directly to files. Instead it wants to log against a syslog server. This is a separate Linux daemon that most servers are equipped with already, but HAProxy requires it to listen on UDP port 514, and usually that's not enabled.

A syslog server:

• receives log entries
• decides what's interesting
• writes it to disk in a highly optimized way

these aspect can all be configured by you.

If we look at the top of your current /etc/haproxy/haproxy.cfg file, we may find something like:

global
        maxconn         10000
        ulimit-n        65536
        log             127.0.0.1 local1 notice

In your backends or default config, refer to global:

defaults
    log             global

As you can see 127.0.0.1 is where it will try to find a syslog server to log to. On Unbuntu Lucid the default syslog daemon is rsyslogd, so let's make it accept HAProxy log entries.

Rsyslogd Welcomes HAProxy

Most google hits I found on logging with HAProxy told me to change the /etc/default/rsyslog file, but that's completely ignored with the new upstart system. And even if you make it adhere the defaults file (yep, I tried), it will make rsyslogd go down in compatibility mode. Which is not only a shame, but also unnecessary as it turns out.

Using these config lines:

$ModLoad imudp
$UDPServerAddress 127.0.0.1
$UDPServerRun 514
# Thanks Joeri Blokhuis of DongIT, pointing out that UDPServerAddress needs to
# go before UDPServerRun, or the server will run on 0.0.0.0

rsyslogd will open up its UDP port.

Where to put these lines you say? Well, if HAProxy is the only service you need the UDP syslog port for, you could put/uncomment the lot in just one /etc/rsyslog.d/49-haproxy.conf file (Thanks to Gilles for the '49-' prefix):

# .. otherwise consider putting these two in /etc/rsyslog.conf instead:
$ModLoad imudp
$UDPServerAddress 127.0.0.1
$UDPServerRun 514

# ..and in any case, put these two in /etc/rsyslog.d/49-haproxy.conf:
local1.* -/var/log/haproxy_1.log
& ~
# & ~ means not to put what matched in the above line anywhere else for the rest of the rules
# https://serverfault.com/questions/214312/how-to-keep-haproxy-log-messages-out-of-var-log-syslog

Now do a quick:

$ restart rsyslog

And you're done. Check for HAProxy logs in:

$ tail -f /var/log/haproxy*.log

Don't forget to tweak the debug level in /etc/haproxy/haproxy.cfg, and maybe set up a logrotate right away in /etc/logrotate.d/haproxy:

/var/log/haproxy*.log
{
    rotate 4
    weekly
    missingok
    notifempty
    compress
    delaycompress
    sharedscripts
    postrotate
        reload rsyslog >/dev/null 2>&1 || true
    endscript
}

Happy logging!