Proxy

haproxy兩個程序都是systemd創建的

  • May 9, 2018

我剛剛編譯了最新的Haproxy.

[root@proxy system]# haproxy -v
HA-Proxy version 1.8.8 2018/04/19
Copyright 2000-2018 Willy Tarreau <willy@haproxy.org>

我的服務文件如下所示

[Unit]
Description=HAProxy Load Balancer
After=network.target

[Service]
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid"
ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q
ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE
ExecReload=/usr/sbin/haproxy -f $CONFIG -c -q
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
Restart=always
Type=notify

# The following lines leverage SystemD's sandboxing options to provide
# defense in depth protection at the expense of restricting some flexibility
# in your setup (e.g. placement of your configuration files) or possibly
# reduced performance. See systemd.service(5) and systemd.exec(5) for further
# information.

# NoNewPrivileges=true
# ProtectHome=true
# If you want to use 'ProtectSystem=strict' you should whitelist the PIDFILE,
# any state files and any other files written using 'ReadWritePaths' or
# 'RuntimeDirectory'.
# ProtectSystem=true
# ProtectKernelTunables=true
# ProtectKernelModules=true
# ProtectControlGroups=true
# If your SystemD version supports them, you can add: @reboot, @swap, @sync
# SystemCallFilter=~@cpu-emulation @keyring @module @obsolete @raw-io

[Install]
WantedBy=multi-user.target

但是當我開始服務時,它會創建兩個這樣的程序

[root@proxy system]# systemctl status haproxy
● haproxy.service - HAProxy Load Balancer
  Loaded: loaded (/etc/systemd/system/haproxy.service; enabled; vendor preset: disabled)
  Active: active (running) since Wed 2018-05-09 14:17:59 EDT; 2min 25s ago
 Process: 1350 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -c -q (code=exited, status=0/SUCCESS)
Main PID: 1352 (haproxy)
  CGroup: /system.slice/haproxy.service
          ├─1352 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
          └─1354 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid

May 09 14:17:59 proxy.loadbalancer systemd[1]: Starting HAProxy Load Balancer...
May 09 14:17:59 proxy.loadbalancer systemd[1]: Started HAProxy Load Balancer.

它應該以這種方式工作還是我的配置無效?

謝謝

systemd 創建了兩個程序

這是不正確的。systemd創建一個程序,然後創建 haproxy 分叉(從而創建另一個程序)。這很正常。這樣做的一個原因是為了安全。haproxy 以 root 身份啟動並執行所需的最少設置工作(例如,綁定到埠 80)。然後它通過以使用者身份執行來分叉和刪除特權haproxy

引用自:https://serverfault.com/questions/911514