I am unable to add a backend server because the health check fails with log message
Health check for server mule/muleapp failed, reason: Layer4 connection problem, info: "General socket error (Permission denied)", check duration: 0ms, status: 0/2 DOWN.
I am however able to telnet into the same IP and host. And adding other backends works. I do not see what permission issue is. My configuration is very simplistic
backend mule
balance roundrobin
server muleapp x.x.x.x:64006 check
(substitute x with any number). I am running in HTTP mode. It should be noted that connecting to a local TCPMon port also does not work - but then there is not health check log statements.
The problem is SELinux only allowing the web server to make outbound connections to a limited set of ports.
Fixed by doing:
semanage port --add --type http_port_t --proto tcp 8001
after installing semanage with
yum install policycoreutils-python
Reference: https://serverfault.com/questions/654599/weird-interaction-with-systemctl-with-haproxy-on-centos-7