Haproxy

HAProxy 在 syslog 中記錄 TCP 流量

  • February 27, 2020

我正在嘗試配置我的 HAProxy 以記錄更多資訊,而不僅僅是說“代理後端_xx 已啟動”,看起來我無法理解它是如何工作的。

我的 HAProxy 是一個純 TCP LB(只是將請求從前端轉發到後端,純 L4)。

我想在這裡的 HAProxy 文件中提到日誌https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#8.2.2

這是我目前的配置和問題,在“全域/預設部分”中,我有:

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
   daemon
   user                haproxy
   group               haproxy
   log                 /dev/log local6 debug
   maxconn             50000
   chroot              /var/lib/haproxy
   pidfile             /var/run/haproxy.pid

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
   mode                 tcp
   option               tcplog
   log                  global
   option               dontlognull
   timeout connect      5000
   timeout client       50000
   timeout server       50000

我的前端下也有這個選項:

frontend main_https_listen
   bind xxxxxxxxxxxxxx:443
   mode                tcp
   option              tcplog
   xxxxxxx

我在我的 rsyslog.d 中配置了一個文件:

[root@xxxxxxx ~]# cat /etc/rsyslog.d/haproxy.conf
# -----------------------------------------------
# Haproxy specific logging configuration
# -----------------------------------------------
local6.debug             /var/log/haproxy-traffic.log
local6.notice            /var/log/haproxy-admin.log
[root@xxxxxxx ~]#

不幸的是,這兩個文件都包含相同的資訊,例如:

[root@xxxxxxx ~]# tail -11 /var/log/haproxy-admin.log
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy stats started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy main_https_listen started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT35073 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT34305 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT28548 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT28756 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT36702 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_UAT_AT28546 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_PRD_AT28547 started.

[root@xxxxxxx ~]# tail -11 /var/log/haproxy-traffic.log
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy stats started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy main_https_listen started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT35073 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT34305 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT28548 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT28756 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_SIT_AT36702 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_UAT_AT28546 started.
Feb 25 18:05:30 xxxxxxx haproxy[838761]: Proxy backend_PRD_AT28547 started.

雖然我希望流量日誌能夠生成文件中的內容,例如:

Feb  6 12:12:56 localhost \
 haproxy[14387]: 10.0.1.2:33313 [06/Feb/2009:12:12:51.443] fnt \
 bck/srv1 0/0/5007 212 -- 0/0/0/0/3 0/0

對我的配置有什麼問題有任何想法嗎?

再次感謝

問候

我發現了這個問題。我必須在“前端”塊下添加一個“全域日誌”來告訴前端在那裡記錄:

frontend main_https_listen
   bind xxxxxx:443
   mode                tcp
   option              tcplog
   log                 global

就如此容易。我現在可以看到日誌,例如:

Feb 27 18:05:20 xxxxx haproxy[1392050]: xxxxx:61767 [27/Feb/2020:18:05:14.532] main_https_listen backend_PRD_AT28779/server_PRD_AT28779_1 3/1/6315 4031 -- 0/0/0/0/0 0/0
Feb 27 18:05:20 xxxxx haproxy[1392050]: xxxxx:61767 [27/Feb/2020:18:05:14.532] main_https_listen backend_PRD_AT28779/server_PRD_AT28779_1 3/1/6315 4031 -- 0/0/0/0/0 0/0

引用自:https://serverfault.com/questions/1004671