By default, HAProxy resolves all DNS records (e.g. for backends) at startup/reload. These resolved DNS records are then saved in HAProxy’s own DNS cache for the duration of the program run. So you would have to reload HAProxy to renew the DNS cache.
The problem with caching is that ELB’s(Elastic Load Balancer) IPs are changed all the time.
frontend app-api bind *:9000 mode tcp default_backend nlb_a resolvers aws_resolver nameserver dns 169.254.169.253:53 resolve_retries 3 timeout retry 2s hold valid 60s backend nlb_a mode tcp server-template nlb-a 3 nlb-12345-67890.elb.eu-west-1.elb.amazonaws.com check inter 2s resolvers aws_resolver
By setting the internal “hold” cache to 60 seconds, you can limit the number of DNS lookups until the cache expires; latest after 62 seconds a new DNS lookup should therefore happen.
With resolvers and server-template configuration, it will create 3 servers in a backend with the IP addresses from ELB, and they will be resolved every 30s.
NB: The following configuration above will derive 3 IPs from the DNS name provided, even if it resolves it to just 2 IPs, a third entry will be created in HAProxy. Also, this will work only in HAProxy version 1.6 or above.
In order to enable the Amazon-provided DNS server (22.214.171.124:53) inside your VPC, you will need to enable VPC DNS Support. If you are running HAProxy inside Classic-EC2 instance, the DNS resolver is provided by DHCP, and never be changed. You need to use 172.16.0.23:53 instead.
Starting with HAProxy version 1.8 there is even an advanced possibility called “Service Discovery over DNS” which uses DNS SRV Records. These records contain multiple response fields such as priorities, weights, etc. which can be parsed by HAProxy and update the backends accordingly.