Bug 1533346 - haproxy router log shows warning message: 'option httplog' not usable with frontend 'public_ssl' if set ROUTER_SYSLOG_ADDRESS
Summary: haproxy router log shows warning message: 'option httplog' not usable with fr...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.9.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 3.10.0
Assignee: Jacob Tanenbaum
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-01-11 06:19 UTC by Hongan Li
Modified: 2022-08-04 22:20 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Upgrading the haproxy docker image Consequence: the usage of the log options changed in the upgraded version of haproxy Fix: remove the 'option httplog' from the backend sections of the router template Result: the logging happens correctly and does not print the warning message
Clone Of:
Environment:
Last Closed: 2018-07-30 19:09:00 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Origin (Github) 19510 0 None None None 2018-04-25 17:30:38 UTC
Red Hat Product Errata RHBA-2018:1816 0 None None None 2018-07-30 19:09:46 UTC

Description Hongan Li 2018-01-11 06:19:08 UTC 
Description of problem:
If set env ROUTER_SYSLOG_ADDRESS=127.0.0.1 for haproxy router, then find below warning message in haproxy log:
[WARNING] 010/021149 (26) : parsing [/var/lib/haproxy/conf/haproxy.config:31] : 'option httplog' not usable with frontend 'public_ssl' (needs 'mode http'). Falling back to 'option tcplog'.

Looks it's harmless since it shows "Falling back to 'option tcplog'", but better to dismiss it by updating haproxy-config.template. 

Version-Release number of selected component (if applicable):
openshift v3.9.0-0.16.0
kubernetes v1.9.0-beta1

How reproducible:
always

Steps to Reproduce:
1. oc env dc/router ROUTER_SYSLOG_ADDRESS=127.0.0.1
2. oc logs router-x-xxxxx
3.

Actual results:
[WARNING] 010/021149 (26) : parsing [/var/lib/haproxy/conf/haproxy.config:31] : 'option httplog' not usable with frontend 'public_ssl' (needs 'mode http'). Falling back to 'option tcplog'.

Expected results:
should not show the warning message

Additional info:
update the haproxy-config.template as below, no warning message.
<---snip--->
frontend public_ssl
{{- if ne (env "ROUTER_SYSLOG_ADDRESS") ""}}
  option tcplog
{{- end }}
<---snip--->
Comment 1 Ben Bennett 2018-04-11 13:22:02 UTC 
Jake: Can you take a look at this please?  I suspect that it no longer applies.

If it does, PR https://github.com/openshift/origin/pull/18057 may address it.
Comment 2 Jacob Tanenbaum 2018-04-25 17:30:39 UTC 
https://github.com/openshift/origin/pull/19510
Comment 3 Joel Rosental R. 2018-04-28 15:45:31 UTC 
Hi,

Can anyone please elaborate on why this occurs at all?
Comment 4 Ben Bennett 2018-04-30 13:58:55 UTC 
Joel:  option tcplog and option httplog just control what information gets logged when there is a request.  Unless you set the syslog env, no logging of requests occurs.  But when logging is requested, the more verbose httplog can not be used with tcp-only connections (i.e. passthrough) so haproxy warns you and falls back to tcplog information only.

This is completely harmless.
Comment 6 Hongan Li 2018-05-17 08:43:52 UTC 
verified in atomic-openshift-3.10.0-0.47.0.git.0.2fffa04.el7 and issue has been fxied.

OS: Red Hat Enterprise Linux Server release 7.5 (Maipo)
kernel: Linux ip-172-18-5-139.ec2.internal 3.10.0-862.el7.x86_64 #1 SMP Wed Mar 21 18:14:51 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux
Comment 8 errata-xmlrpc 2018-07-30 19:09:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1816
Note You need to log in before you can comment on or make changes to this bug.