Haproxy

在logstash破管前的HAProxy

  • June 3, 2017

我正在使用負載平衡設置 ELK 堆棧。Haproxy 適用於 ES 和 Kibana,但我在使用 Logstash 時遇到問題。

這是 haproxy 配置:

frontend logstash
  bind 0.0.0.0:5000
  mode tcp
  option tcpka
  option tcplog
  log global
  acl epa hdr_beg(host) -i epa-log
  acl tgops hdr_beg(host) -i tgops-log
  use_backend epa_log if epa
  use_backend tgops_log if tgops

backend epa_log
  mode tcp
  server elk01 elk01.example.org:5001 check
  server elk02 elk02.example.org:5001 check
  server elk03 elk03.example.org:5001 check

backend tgops_log
  mode tcp
  server elk01 elk01.example.org:5002 check
  server elk02 elk02.example.org:5002 check
  server elk03 elk03.example.org:5002 check

如您所見,我試圖讓 1 個前端服務於埠 5000 並根據源的 url 重定向到不同的埠。

如果我直接對伺服器執行 netcat,它會完美執行

nc elk01 5001 -vv < /var/log/httpd/error_log

但是如果我使用 haproxy 前端,它會因管道錯誤而失敗。

nc tgops-log 5000 -vv < /var/log/httpd/error_log
Ncat: Version 6.40 ( http://nmap.org/ncat )
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock nsock_connect_tcp(): TCP connection requested to 10.129.10.2:5000 (IOD #1) EID 8
libnsock nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [10.129.10.2:5000]
Ncat: Connected to 10.129.10.2:5000.
libnsock nsi_new2(): nsi_new (IOD #2)
libnsock nsock_read(): Read request from IOD #1 [10.129.10.2:5000] (timeout: -1ms) EID 18
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 26
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 26 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 35 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 42
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 42 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 51 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 58
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 58 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 67 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 74
libnsock nsock_trace_handler_callback(): Callback: READ EOF for EID 18 [10.129.10.2:5000]
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 74 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 83 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 90
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 90 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 99 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 106
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 106 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 115 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 122
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 122 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 131 [10.129.10.2:5000]
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 138
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 138 [peer unspecified] (8192 bytes)
libnsock nsock_trace_handler_callback(): Callback: WRITE ERROR [Broken pipe (32)] for EID 147 [10.129.10.2:5000]
Ncat: Broken pipe.

如果我檢查 TCP 日誌,我發現它以某種方式無法到達後端,拋出 NOSRV

logstash logstash/<NOSRV> -1/-1/0 0 SC 15/0/0/0/0 0/0n 10.129.10.82:50724

我嘗試了不同的 HAProxy 選項,例如clitcpka平衡源,僅使用 1 個後端等等,但沒有一個可以解決這個問題。

您不能使用mode tcp和匹配標題。mode tcp意味著不要將連接視為 HTTP,而只是傳遞原始字節。

引用自:https://serverfault.com/questions/853235