Proxy
haproxy兩個程序都是systemd創建的
我剛剛編譯了最新的
Haproxy
.[root@proxy system]# haproxy -v HA-Proxy version 1.8.8 2018/04/19 Copyright 2000-2018 Willy Tarreau <willy@haproxy.org>
我的服務文件如下所示
[Unit] Description=HAProxy Load Balancer After=network.target [Service] Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE ExecReload=/usr/sbin/haproxy -f $CONFIG -c -q ExecReload=/bin/kill -USR2 $MAINPID KillMode=mixed Restart=always Type=notify # The following lines leverage SystemD's sandboxing options to provide # defense in depth protection at the expense of restricting some flexibility # in your setup (e.g. placement of your configuration files) or possibly # reduced performance. See systemd.service(5) and systemd.exec(5) for further # information. # NoNewPrivileges=true # ProtectHome=true # If you want to use 'ProtectSystem=strict' you should whitelist the PIDFILE, # any state files and any other files written using 'ReadWritePaths' or # 'RuntimeDirectory'. # ProtectSystem=true # ProtectKernelTunables=true # ProtectKernelModules=true # ProtectControlGroups=true # If your SystemD version supports them, you can add: @reboot, @swap, @sync # SystemCallFilter=~@cpu-emulation @keyring @module @obsolete @raw-io [Install] WantedBy=multi-user.target
但是當我開始服務時,它會創建兩個這樣的程序
[root@proxy system]# systemctl status haproxy ● haproxy.service - HAProxy Load Balancer Loaded: loaded (/etc/systemd/system/haproxy.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2018-05-09 14:17:59 EDT; 2min 25s ago Process: 1350 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q (code=exited, status=0/SUCCESS) Main PID: 1352 (haproxy) CGroup: /system.slice/haproxy.service ├─1352 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid └─1354 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid May 09 14:17:59 proxy.loadbalancer systemd[1]: Starting HAProxy Load Balancer... May 09 14:17:59 proxy.loadbalancer systemd[1]: Started HAProxy Load Balancer.
它應該以這種方式工作還是我的配置無效?
謝謝
systemd 創建了兩個程序
這是不正確的。
systemd
創建一個程序,然後創建 haproxy 分叉(從而創建另一個程序)。這很正常。這樣做的一個原因是為了安全。haproxy 以 root 身份啟動並執行所需的最少設置工作(例如,綁定到埠 80)。然後它通過以使用者身份執行來分叉和刪除特權haproxy
。