Haproxy
在logstash破管前的HAProxy
我正在使用負載平衡設置 ELK 堆棧。Haproxy 適用於 ES 和 Kibana,但我在使用 Logstash 時遇到問題。
這是 haproxy 配置:
frontend logstash bind 0.0.0.0:5000 mode tcp option tcpka option tcplog log global acl epa hdr_beg(host) -i epa-log acl tgops hdr_beg(host) -i tgops-log use_backend epa_log if epa use_backend tgops_log if tgops backend epa_log mode tcp server elk01 elk01.example.org:5001 check server elk02 elk02.example.org:5001 check server elk03 elk03.example.org:5001 check backend tgops_log mode tcp server elk01 elk01.example.org:5002 check server elk02 elk02.example.org:5002 check server elk03 elk03.example.org:5002 check如您所見,我試圖讓 1 個前端服務於埠 5000 並根據源的 url 重定向到不同的埠。
如果我直接對伺服器執行 netcat,它會完美執行
nc elk01 5001 -vv < /var/log/httpd/error_log但是如果我使用 haproxy 前端,它會因管道錯誤而失敗。
nc tgops-log 5000 -vv < /var/log/httpd/error_log Ncat: Version 6.40 ( http://nmap.org/ncat ) libnsock nsi_new2(): nsi_new (IOD #1) libnsock nsock_connect_tcp(): TCP connection requested to 10.129.10.2:5000 (IOD #1) EID 8 libnsock nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [10.129.10.2:5000] Ncat: Connected to 10.129.10.2:5000. libnsock nsi_new2(): nsi_new (IOD #2) libnsock nsock_read(): Read request from IOD #1 [10.129.10.2:5000] (timeout: -1ms) EID 18 libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 26 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 26 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 35 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 42 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 42 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 51 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 58 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 58 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 67 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 74 libnsock nsock_trace_handler_callback(): Callback: READ EOF for EID 18 [10.129.10.2:5000] libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 74 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 83 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 90 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 90 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 99 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 106 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 106 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 115 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 122 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 122 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 131 [10.129.10.2:5000] libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 138 libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 138 [peer unspecified] (8192 bytes) libnsock nsock_trace_handler_callback(): Callback: WRITE ERROR [Broken pipe (32)] for EID 147 [10.129.10.2:5000] Ncat: Broken pipe.如果我檢查 TCP 日誌,我發現它以某種方式無法到達後端,拋出 NOSRV
logstash logstash/<NOSRV> -1/-1/0 0 SC 15/0/0/0/0 0/0n 10.129.10.82:50724我嘗試了不同的 HAProxy 選項,例如
clitcpka平衡源,僅使用 1 個後端等等,但沒有一個可以解決這個問題。
您不能使用
mode tcp和匹配標題。mode tcp意味著不要將連接視為 HTTP,而只是傳遞原始字節。