HAProxy基础配置-配置haproxy的日志
作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
生产环境中我们很少使用haproxy服务器来记录日志,我们知道日志记录那必须得落地,一旦haproxy记录日志这意味着该节点会进行大量的磁盘I/O操作,这无疑会降低效率。如果不记录日志会减少Haproxy的压力,无形中提示了HAProxy的性能。
大家都知道HAProxy只是负载均衡器,它一般只是公司的访问入口,真正提供服务的是后端的服务器,因此日志记录应该在后端的web服务器来记录哟,而且HAProxy对日志的支持功能并不是很友好。
一.配置rsyslog支持haproxy日志
1>.查看rsyslog服务的默认的配置文件
[root@node102.yinzhengjie.org.cn ~]# egrep -v "^#|^$" /etc/rsyslog.conf $ModLoad imuxsock # provides support for local system logging (e.g. via logger command) $ModLoad imjournal # provides access to the systemd journal $WorkDirectory /var/lib/rsyslog $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $IncludeConfig /etc/rsyslog.d/*.conf $OmitLocalLogging on $IMJournalStateFile imjournal.state *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg :omusrmsg:* uucp,news.crit /var/log/spooler local7.* /var/log/boot.log [root@node102.yinzhengjie.org.cn ~]#
2>.编辑rsyslog服务的配置文件
[root@node102.yinzhengjie.org.cn ~]# vim /etc/rsyslog.conf [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# egrep -v "^#|^$" /etc/rsyslog.conf $ModLoad imuxsock # provides support for local system logging (e.g. via logger command) $ModLoad imjournal # provides access to the systemd journal $ModLoad imudp #由于haproxy是基于udp方式发送日志消息的,因此我们需要加载支持udp协议的模块 $UDPServerRun 514 #rsyslog的udp服务器默认端口是514 $WorkDirectory /var/lib/rsyslog $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $IncludeConfig /etc/rsyslog.d/*.conf $OmitLocalLogging on $IMJournalStateFile imjournal.state *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg :omusrmsg:* uucp,news.crit /var/log/spooler local7.* /var/log/boot.log local5.* /var/log/haproxy.log #这里就是定义haproxy日志存放的路径 [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]#
3>.重启rsyslog服务
[root@node102.yinzhengjie.org.cn ~]# systemctl restart rsyslog [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# netstat -untalp | grep rsyslog udp 0 0 0.0.0.0:514 0.0.0.0:* 13310/rsyslogd udp6 0 0 :::514 :::* 13310/rsyslogd [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]#
二.haproxy服务器配置
1>.编辑haproxy的配置文件支持日志功能
[root@node102.yinzhengjie.org.cn ~]# cat /etc/haproxy/haproxy.cfg global maxconn 100000 chroot /yinzhengjie/softwares/haproxy stats socket /yinzhengjie/softwares/haproxy/haproxy.sock mode 600 level admin user haproxy group haproxy daemon nbproc 2 cpu-map 1 0 cpu-map 2 1 nbthread 2 pidfile /yinzhengjie/softwares/haproxy/haproxy.pid #将haproxy对应info级别的日志发送给本机的默认rsyslog日志服务对应的自定义服务"local5"类别上。 log 127.0.0.1 local5 info defaults option http-keep-alive option forwardfor option redispatch option abortonclose maxconn 100000 mode http timeout connect 300000ms timeout client 300000ms timeout server 300000ms listen status_page bind 172.30.1.102:8888 stats enable stats uri /haproxy-status stats auth admin:yinzhengjie stats realm "Welcome to the haproxy load balancer status page of YinZhengjie" stats hide-version stats admin if TRUE stats refresh 5s listen WEB_PORT_80 bind 172.30.1.102:80 #捕捉请求报文中头部信息的"Host"字段长度为256(遗憾的是HAProxy 1.8版本不生效) capture request header Host len 256 #捕捉请求报文中头部信息的"User-Agent"字段长度为512(遗憾的是HAProxy 1.8版本不生效) capture request header User-Agent len 512 log global mode http option tcplog balance roundrobin cookie HAPROXY-COOKIE insert indirect nocache server web01 172.30.1.106:80 cookie httpd-106 check inter 3000 fall 3 rise 5 server web02 172.30.1.107:80 cookie httpd-107 check inter 3000 fall 3 rise 5 server web03 172.30.1.108:80 cookie httpd-107 check inter 3000 fall 3 rise 5 backup [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# systemctl restart haproxy [root@node102.yinzhengjie.org.cn ~]#
2>.浏览器访问haproxy的地址"http://node102.yinzhengjie.org.cn/"
3>.查看haproxy的访问日志
