Hey there! Let's break down how to trigger all those HAProxy error scenarios you need to test your custom logs and log-separate-errors config. I'll walk you through each scenario step by step, with concrete actions you can take:

Prep Work First #

Before diving in, double-check your HAProxy config to make sure:

• log-separate-errors is enabled (e.g., log-separate-errors local1 to route errors to a dedicated syslog facility)
• Your custom log format includes relevant fields for debugging, like %ST (HTTP status code), %rc (retry count), %rt (response time), and connection/timeout statuses (e.g., %SC for server connect status)
• Logs are being sent to a location you can easily inspect (syslog files, a local file, or your external logging system)

1. Trigger Basic HTTP Errors (4xx/5xx) #

These are the most straightforward to test:

• 404 Not Found: Send a request to a path that doesn't exist on your backend server (e.g., curl http://your-haproxy-ip/nonexistent-path). Your backend will return 404, and HAProxy will log this with the corresponding status code.
• 403 Forbidden: Add an ACL to block your test IP, then send a request from that IP. Example config snippet:

  acl block_test_ip src 192.168.1.100
  http-request deny if block_test_ip
  

  Use curl http://your-haproxy-ip/ --interface 192.168.1.100 to trigger the 403.
• 500 Internal Server Error: Create a test endpoint on your backend that explicitly returns a 500 (e.g., a simple PHP script with http_response_code(500);), then send a request to it.
• 503 Service Unavailable: Stop all your backend servers, then send a request—HAProxy will return 503 when no healthy backends are available.

2. Trigger Timeout Scenarios #

You'll need to tweak HAProxy timeouts temporarily for testing (remember to revert them afterward!):

• Server Connect Timeout: Set a very short timeout connect for your backend (e.g., timeout connect 100ms), then point the backend to a non-existent IP (e.g., server dead-end 192.168.99.99:80). Send a request, and HAProxy will log a connect timeout (look for SC=TO in your custom logs).
• Server Response Timeout: Set timeout server 200ms for your backend, then create a test endpoint that sleeps for longer than 200ms before responding (e.g., a Python script with time.sleep(0.3)). Send a request, and HAProxy will trigger a server timeout (SR=TO in logs).
• Client Timeout: Set timeout client 100ms, then use curl to send a request extremely slowly:

  curl http://your-haproxy-ip/ -v --limit-rate 1b
  

  HAProxy will cut the connection after the client fails to send data within the timeout window (CC=TO in logs).

3. Trigger Retries & Redispatch #

First, configure HAProxy to allow retries and redispatch in your backend section:

backend my_backend
  server server1 192.168.1.5:80 check
  server server2 192.168.1.6:80 check
  retries 2
  option redispatch

Then:

• Trigger Retries: Stop server1, then send a request. HAProxy will first attempt to connect to server1 (fail), then retry server2. Your custom logs should show %rc=1 (retry count) to confirm.
• Trigger Redispatch: While server1 is stopped, send multiple requests. Then quickly start server1 back up and send another request. HAProxy will redispatch the request to the now-healthy server1 instead of sticking to the failed server (look for logs showing a switch to the recovered server).

4. Trigger SSL Handshake Errors #

If you have an HTTPS listener:

• Send an HTTP request to the HTTPS port (e.g., curl http://your-haproxy-ip:443). HAProxy will log an SSL handshake failure (SH=FD in logs).
• Force a deprecated SSL version that HAProxy doesn't support (e.g., curl --sslv3 https://your-haproxy-ip—most modern HAProxy configs disable SSLv3). This will also trigger a handshake error.

Verify Your Logs #

After triggering each scenario:

• Check that error logs are separated from regular traffic logs (thanks to log-separate-errors). For example, if you routed errors to local1, inspect your syslog's local1 file—you should only see error-related entries here.
• Confirm your custom log format is capturing all the fields you need: retry counts, timeout statuses, HTTP codes, etc.

内容的提问来源于stack exchange，提问作者Mio