Hey ,
So today we will continue looking at HAproxy – however this time we will be using Docker to host our load balancer. As far as it is no problem to just download the main image from docker hub and run instantly it does not give out of the box something that I was after …… the logs.
That’s why I went ahead and just created my own version of HAproxy which includes rsyslog. Repository with the image can be found on github.
In order to run the container we just need to execute the following commands:
- To get the most up to date image from my docker hub repo
docker pull rafpe/docker-haproxy-rsyslog
- To start container ( assuming you have config file in current directory )
docker run -it -d -P -v ${PWD}/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg rafpe/docker-haproxy-rsyslog
Once you do this container should be up and running and if you query for current docker containers you should see something similar to output below :

As you can see we are getting logs directly visible after querying with docker logs command.
In one of the future posts we will be investigating logs format customisations as well as features included in HAproxy since 1.6 which is log tags.
If you would have any problems configuring this because of missing config you can use sample below
global
log 127.0.0.1 local2
maxconn 2000
pidfile /var/run/haproxy.pid
tune.ssl.default-dh-param 2048
# SSL ciphers
ssl-default-bind-options no-sslv3 no-tls-tickets
ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
defaults
mode http
option httplog
option dontlognull
option forwardfor
option contstats
option http-server-close
option log-health-checks
retries 3
option redispatch
timeout connect 5000
timeout client 10000
timeout server 10000
# make sure log-format is on a single line
log global
log-format {"type":"haproxy","timestamp":%Ts,"http_status":%ST,"http_request":"%r","remote_addr":"%ci","bytes_read":%B,"upstream_addr":"%si","backend_name":"%b","retries":%rc,"bytes_uploaded":%U,"upstream_response_time":"%Tr","upstream_connect_time":"%Tc","session_duration":"%Tt","termination_state":"%ts"}
frontend http-in
bind *:80
# Default backend to be used
default_backend will-be-back-soon
backend will-be-back-soon
balance roundrobin