我正在通过以下命令重新启动 HAproxy
haproxy -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)
但我收到以下消息
[ALERT] 183/225022 (9278) : Starting proxy appli1-rewrite: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli2-insert: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli3-relais: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli4-backup: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy ssl-relay: cannot bind socket
[ALERT] 183/225022 (9278) : Starting proxy appli5-backup: cannot bind socket
我的 haproxy.cfg 文件如下所示
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy
user haproxy
group haproxy
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen appli1-rewrite 0.0.0.0:10001
cookie SERVERID rewrite
balance roundrobin
server app1_1 192.168.34.23:8080 cookie app1inst1 check inter 2000 rise 2 fall 5
server app1_2 192.168.34.32:8080 cookie app1inst2 check inter 2000 rise 2 fall 5
server app1_3 192.168.34.27:8080 cookie app1inst3 check inter 2000 rise 2 fall 5
server app1_4 192.168.34.42:8080 cookie app1inst4 check inter 2000 rise 2 fall 5
listen appli2-insert 0.0.0.0:10002
option httpchk
balance roundrobin
cookie SERVERID insert indirect nocache
server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
capture cookie vgnvisitor= len 32
option httpclose # disable keep-alive
rspidel ^Set-cookie:\ IP= # do not let this cookie tell our internal IP address
listen appli3-relais 0.0.0.0:10003
dispatch 192.168.135.17:80
listen appli4-backup 0.0.0.0:10004
option httpchk /index.html
option persist
balance roundrobin
server inst1 192.168.114.56:80 check inter 2000 fall 3
server inst2 192.168.114.56:81 check inter 2000 fall 3 backup
listen ssl-relay 0.0.0.0:8443
option ssl-hello-chk
balance source
server inst1 192.168.110.56:443 check inter 2000 fall 3
server inst2 192.168.110.57:443 check inter 2000 fall 3
server back1 192.168.120.58:443 backup
listen appli5-backup 0.0.0.0:10005
option httpchk *
balance roundrobin
cookie SERVERID insert indirect nocache
server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
server inst3 192.168.114.57:80 backup check inter 2000 fall 3
capture cookie ASPSESSION len 32
srvtimeout 20000
option httpclose # disable keep-alive
option checkcache # block response if set-cookie & cacheable
rspidel ^Set-cookie:\ IP= # do not let this cookie tell our internal IP address
#errorloc 502 http://192.168.114.58/error502.html
#errorfile 503 /etc/haproxy/errors/503.http
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
我的做法有什么问题
答案1
两个选项:
- 您没有以 root 身份运行;
sudo如果您没有以 root 身份运行,则可能需要在命令前面加上一个来在命令行上启动它(请使用 检查whoami)。 - 另一个进程(可能是 HAProxy 的另一个实例)已绑定到这些端口。请使用 检查
netstat -apn。
答案2
在启用了 SELinux 的 RedHat Linux 上(应该启用),只需启用haproxy_connect_any布尔值,允许 haproxy 将套接字连接到任意端口:
setsebool -P haproxy_connect_any on
答案3
也许是因为 selinux 我输入
setenforce 0
并解决问题。该命令是将 selinux 设置为 premissive 模式。设置不当的 selinux 可能会阻止许多服务或连接。
答案4
问题似乎出在您的 IO 地址或端口上。请验证您的公共 IP 是否配置正确。您可以通过运行以下命令进行检查:
ifconfig
ip addr