0

I have just compiled the latest Haproxy. 

[root@proxy system]# haproxy -v
HA-Proxy version 1.8.8 2018/04/19
Copyright 2000-2018 Willy Tarreau <willy@haproxy.org>

My service file looks as follows 

[Unit]
Description=HAProxy Load Balancer
After=network.target

[Service]
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid"
ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q
ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE
ExecReload=/usr/sbin/haproxy -f $CONFIG -c -q
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
Restart=always
Type=notify

# The following lines leverage SystemD's sandboxing options to provide
# defense in depth protection at the expense of restricting some flexibility
# in your setup (e.g. placement of your configuration files) or possibly
# reduced performance. See systemd.service(5) and systemd.exec(5) for further
# information.

# NoNewPrivileges=true
# ProtectHome=true
# If you want to use 'ProtectSystem=strict' you should whitelist the PIDFILE,
# any state files and any other files written using 'ReadWritePaths' or
# 'RuntimeDirectory'.
# ProtectSystem=true
# ProtectKernelTunables=true
# ProtectKernelModules=true
# ProtectControlGroups=true
# If your SystemD version supports them, you can add: @reboot, @swap, @sync
# SystemCallFilter=~@cpu-emulation @keyring @module @obsolete @raw-io

[Install]
WantedBy=multi-user.target

But when I start service it creates two process like that 

[root@proxy system]# systemctl status haproxy
● haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/etc/systemd/system/haproxy.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2018-05-09 14:17:59 EDT; 2min 25s ago
  Process: 1350 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q (code=exited, status=0/SUCCESS)
 Main PID: 1352 (haproxy)
   CGroup: /system.slice/haproxy.service
           ├─1352 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
           └─1354 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid

May 09 14:17:59 proxy.loadbalancer systemd[1]: Starting HAProxy Load Balancer...
May 09 14:17:59 proxy.loadbalancer systemd[1]: Started HAProxy Load Balancer.

Should it work this way or I have invalid configuration?

Thanks

cyeostoragrn
  • 19
  • 4
  • 11

1 Answers1

1

two processes are created by systemd

This is not correct. systemd creates one process and then haproxy forks (thereby creating another process). This is normal. One reason it is done is for security. haproxy starts as root and does the minimal setup work needed (bind to port 80, for example). It then forks and drops privileges by running as the user haproxy.

Mark Wagner
  • 18,019
  • 2
  • 32
  • 47
  • Thanks for the explanation, I have described the matter incorrectly. I have also noticed that one process is started by the root user and the other one by haproxy user – cyeostoragrn May 09 '18 at 19:51
  • @Mark Wagner two questions - (1) do you know if HAProxy forks share memory or not? Where might I be able to verify the answer to that question? Trying to learn :) And (2) do you know what triggers HAProxy to fork? I imagine things like configuration file changes, but what about load/load balancing requirements? – mecampbellsoup May 19 '22 at 21:55