I have the following config, which is sending a TCP healthcheck to my application (because of the check on the last line):
backend bk_my-service-9801 mode tcp balance leastconn server kube_my-service-0 myhost:31801 check ca-file cicada_CA_renew20220113.pem sslBut these TCP healthchecks are causing 400 entries in my access log:
192.123.4.5 - - [21/Feb/2024:10:13:27 +0000] "-" 400 -So I want to update this to send a HTTP HEAD request to / instead of the TCP request (but still using tcp-check instead of httpchk). I have added this using the example at https://docs.haproxy.org/2.8/configuration.html#4-option%20tcp-check:
backend bk_my-service-9801 option tcp-check tcp-check connect tcp-check send HEAD\ /\ HTTP/1.1\r\n tcp-check send User-Agent:\ HAProxy\ tcpcheck\r\n tcp-check send \r\n tcp-check expect rstring HTTP/1\..\ (2..|3..) comment check\ HTTP\ response mode tcp balance leastconn server kube_my-service-0 myhost:31801 check ca-file cicada_CA_renew20220113.pem sslbut am getting this error:
Layer7 invalid response, info: "TCPCHK did not match content (regex) at step 5 comment: check HTTP response", check duration: 0ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.And am still seeing the same 400 entries in the logs even with this added.
Any ideas what I am doing wrong?