HAProxy + CARP VIPs
-
Hi all,
Since upgrading to 2.3, I've been having some trouble with getting HAProxy to work with CARP VIPs. The first CARP pair I upgraded works fine, however another pair has got me stumped. Prior to upgrading the CARP secondary appliance, I uninstalled the HAProxy package, and removed the HAProxy inc files as recommended here:
https://forum.pfsense.org/index.php?topic=109920.0
Following the upgrade, I reinstalled HAProxy, however frontend configurations no longer have IP addresses assigned to them. Furthermore, when I try to manually assign the CARP VIPs, only one VIP appears in the list. I've attached some screenshots showing this.
The VIPs and HAProxy config appear to have synced correctly from the primary, and the virtualip section in the config.xml files is the same in both files.
The behaviour persists even after uninstalling and reinstalling the HAProxy package, both the stable and devel packages. I've also tried disabling CARP sync for HAProxy, removing the haproxy and haproxy_temp config folders, removing the haproxy and haproxy_sync sections from the config.xml file and reinstalling the package, and this gives me a clean HAProxy install, however the issue persists. If I manually add a new VIP, it will appear in the list as expected, however removing an existing VIP and re-adding it has no effect. Following this discovery, I removed all VIPs and re-added them all, however only the last one appears.
I haven't yet upgraded the CARP primary, however this wasn't necessary on the other CARP pairs, and hasn't been necessary for minor upgrades (e.g. 2.2.3 > 2.2.6). Any suggestions on what to try next would be much appreciated!
-
Hi,
i'am having exact the same problem as you.
Any suggestions how to solve the problem?
Greets
Kilian -
I just noticed that the problem occured after i did force a "High Avail. Sync" from my Carp-Master. Before, everything was OK.
-
If you have an old enough version on the primary that it doesn't abort config sync when the config versions are different, you'll end up breaking the CARP VIPs on the secondary when the primary overwrites it because it blows away the uniqid that's required on 2.3. When you upgrade the primary, and config sync afterwards, it'll fix.
-
@cmb:
If you have an old enough version on the primary that it doesn't abort config sync when the config versions are different, you'll end up breaking the CARP VIPs on the secondary when the primary overwrites it because it blows away the uniqid that's required on 2.3. When you upgrade the primary, and config sync afterwards, it'll fix.
Thanks, after updating node1 everything is working again.