1
Bir stick_table (HA-Proxy sürüm 1.5.14 2015/07/02 kullanarak) paylaşan iki eş kurulum oluşturmaya çalışıyordum. Ben (sadece bu çalışan anlamına gelir) elle HAProxy başladığında Her şey iyi görünüyordu:Haproxy sunucuları, diğer eşler ile stick_table eşzamanlamıyor
/usr/sbin/haproxy-systemd-wrapper -L haproxy1 -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
Ben systemd aracılığıyla çalıştırmak hâle getirmek veya stick_tables arasındaki senkronizasyon durmuş gibi görünüyor supervisord çalışınca. Giden paketleri her bir sunucudan diğer eş bağlantı noktasına (tcpdump kullanarak) kontrol ettim ve hatta iletişim kurmayı denemediklerini gördüm (eşler arası bağlantıyı dinlerler ve ön yüzlere erişilebilirler).
(systemd dosyası) haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -L haproxy1 -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
Restart=always
[Install]
WantedBy=multi-user.target
haproxy.cfg (bazı ip adresleri be-ip ile değiştirilmiştir)
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# peers of ha-proxy cluster
#---------------------------------------------------------------------
peers mypeers enable
peer haproxy1 10.240.0.4:32768
peer haproxy2 10.240.0.7:32768
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend localhost
bind *:80
bind *:443 ssl crt /etc/haproxy/ssl/a/real.pem
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js .svg .html
acl health_check path_beg -i /isAlive
redirect scheme https if !{ ssl_fc } ! health_check
mode http
#reqadd X-Forwarded-Proto:\ https
use_backend static if url_static
default_backend app
frontend dal
bind *:8080 ssl crt /etc/haproxy/ssl/a/real.pem
default_backend dal
#frontend peerlist
# bind *:32769
#---------------------------------------------------------------------
# peer listen listen
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# statistics listen
#---------------------------------------------------------------------
listen stats :9000 #Listen on localhost port 9000
mode http
stats enable #Enable statistics
stats hide-version #Hide HAPRoxy version, a necessity for any public-facing site
stats realm Haproxy\ Statistics #Show this text in authentication popup (escape space characters with backslash)
stats uri /haproxy_stats #The URI of the stats page, in this case localhost:9000/haproxy_stats
stats auth Username:Password #Set a username and password
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
#server static 127.0.0.1:4331 check
server app1 app.cooladata.com:443 check ssl verify none
server app2 app.cooladata.com:443 check ssl verify none
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
#mode tcp
balance roundrobin
option httpchk GET /isAlive
http-check expect string true
#cookie SRVNAME insert
#appsession SRVNAME len 64 timeout 30 request-learn
#appsession SRVNAME len 64 timeout 30
#server app1 <ip>:80 cookie S1 check
#server app2 <ip>:80 cookie S2 check
stick-table type string len 64 size 100k peers mypeers
stick on req.cook(JSESSIONID)
stick store-response res.cook(JSESSIONID)
server app1 <be1-ip>:443 check ssl verify none
server app2 <be2-ip>:443 check ssl verify none
#server app3 127.0.0.1:5003 check
#server app4 127.0.0.1:5004 check
backend dal
balance roundrobin
option httpchk GET /health
http-check expect string Ok
server dm1 <be-ip>:<port> check inter 2000
server dm2 <be2-ip>:<port> check inter 2000