HAProxy基礎配置-配置haproxy的日志
作者:尹正傑
版權聲明:原創作品,謝絕轉載!否則將追究法律責任。
生產環境中我們很少使用haproxy服務器來記錄日志,我們知道日志記錄那必須得落地,一旦haproxy記錄日志這意味着該節點會進行大量的磁盤I/O操作,這無疑會降低效率。如果不記錄日志會減少Haproxy的壓力,無形中提示了HAProxy的性能。
大家都知道HAProxy只是負載均衡器,它一般只是公司的訪問入口,真正提供服務的是后端的服務器,因此日志記錄應該在后端的web服務器來記錄喲,而且HAProxy對日志的支持功能並不是很友好。
一.配置rsyslog支持haproxy日志
1>.查看rsyslog服務的默認的配置文件
[root@node102.yinzhengjie.org.cn ~]# egrep -v "^#|^$" /etc/rsyslog.conf $ModLoad imuxsock # provides support for local system logging (e.g. via logger command) $ModLoad imjournal # provides access to the systemd journal $WorkDirectory /var/lib/rsyslog $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $IncludeConfig /etc/rsyslog.d/*.conf $OmitLocalLogging on $IMJournalStateFile imjournal.state *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg :omusrmsg:* uucp,news.crit /var/log/spooler local7.* /var/log/boot.log [root@node102.yinzhengjie.org.cn ~]#
2>.編輯rsyslog服務的配置文件
[root@node102.yinzhengjie.org.cn ~]# vim /etc/rsyslog.conf [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# egrep -v "^#|^$" /etc/rsyslog.conf $ModLoad imuxsock # provides support for local system logging (e.g. via logger command) $ModLoad imjournal # provides access to the systemd journal $ModLoad imudp #由於haproxy是基於udp方式發送日志消息的,因此我們需要加載支持udp協議的模塊 $UDPServerRun 514 #rsyslog的udp服務器默認端口是514 $WorkDirectory /var/lib/rsyslog $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $IncludeConfig /etc/rsyslog.d/*.conf $OmitLocalLogging on $IMJournalStateFile imjournal.state *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg :omusrmsg:* uucp,news.crit /var/log/spooler local7.* /var/log/boot.log local5.* /var/log/haproxy.log #這里就是定義haproxy日志存放的路徑 [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]#
3>.重啟rsyslog服務
[root@node102.yinzhengjie.org.cn ~]# systemctl restart rsyslog [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# netstat -untalp | grep rsyslog udp 0 0 0.0.0.0:514 0.0.0.0:* 13310/rsyslogd udp6 0 0 :::514 :::* 13310/rsyslogd [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]#
二.haproxy服務器配置
1>.編輯haproxy的配置文件支持日志功能
[root@node102.yinzhengjie.org.cn ~]# cat /etc/haproxy/haproxy.cfg global maxconn 100000 chroot /yinzhengjie/softwares/haproxy stats socket /yinzhengjie/softwares/haproxy/haproxy.sock mode 600 level admin user haproxy group haproxy daemon nbproc 2 cpu-map 1 0 cpu-map 2 1 nbthread 2 pidfile /yinzhengjie/softwares/haproxy/haproxy.pid #將haproxy對應info級別的日志發送給本機的默認rsyslog日志服務對應的自定義服務"local5"類別上。 log 127.0.0.1 local5 info defaults option http-keep-alive option forwardfor option redispatch option abortonclose maxconn 100000 mode http timeout connect 300000ms timeout client 300000ms timeout server 300000ms listen status_page bind 172.30.1.102:8888 stats enable stats uri /haproxy-status stats auth admin:yinzhengjie stats realm "Welcome to the haproxy load balancer status page of YinZhengjie" stats hide-version stats admin if TRUE stats refresh 5s listen WEB_PORT_80 bind 172.30.1.102:80 #捕捉請求報文中頭部信息的"Host"字段長度為256(遺憾的是HAProxy 1.8版本不生效) capture request header Host len 256 #捕捉請求報文中頭部信息的"User-Agent"字段長度為512(遺憾的是HAProxy 1.8版本不生效) capture request header User-Agent len 512 log global mode http option tcplog balance roundrobin cookie HAPROXY-COOKIE insert indirect nocache server web01 172.30.1.106:80 cookie httpd-106 check inter 3000 fall 3 rise 5 server web02 172.30.1.107:80 cookie httpd-107 check inter 3000 fall 3 rise 5 server web03 172.30.1.108:80 cookie httpd-107 check inter 3000 fall 3 rise 5 backup [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# systemctl restart haproxy [root@node102.yinzhengjie.org.cn ~]#
2>.瀏覽器訪問haproxy的地址"http://node102.yinzhengjie.org.cn/"
3>.查看haproxy的訪問日志
