haproxy 503 服务因 NOSRV 不可用

tag-icon tag-icon haproxy
haproxy 503 服务因 NOSRV 不可用

我正在运行 HAProxy,并使用 3 个 Apache 服务器作为后端服务器。问题是每 2 或 3 个请求就会出现 503 服务不可用错误,并且在日志文件中我有此消息:

 Oct 19 14:46:57 HAProxy1-www haproxy[31107]: 172.20.30.176:39050 [19/Oct/2015:14:46:57.501] http-in http-in/<NOSRV> -1/-1/-1/-1/0 503 213 - - SC-- 0/0/0/0/0 0/0 "GET / HTTP/1.1"

我检查了谷歌、邮件列表和 irc,发现 SC 标志是 haproxy 和后端服务器之间拒绝连接的情况,我没有防火墙,所有服务器都在同一个子网中。我在 haproxy.conf 中使用此选项

    global
        log /dev/log    local0 err
        log /dev/log    local1 err
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        # Default ciphers to use on SSL-enabled listening sockets.
        # For more information, see ciphers(1SSL). This list is from:
        #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
        ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
        ssl-default-bind-options no-sslv3

defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        option  forwardfor
        option  http-server-close
        option  redispatch
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        retries 3
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http
frontend http-in
        bind 172.18.0.250:80
        mode http
        # default_backend host_httpd-in
        acl host_http-in hdr_sub(host) -i domain.ir
        use_backend host_httpd-in if host_http-in
backend host_httpd-in
        mode http
        balance roundrobin
        # balance leastconn
        option httpclose
        option forwardfor
        # option forwardfor header X-Forwarded-For
        # reqidel ^X-Real-IP
        #cookie JSESSIONID prefix
        #cookie SERVERID insert indirect
        # option httpchk HEAD /index.html HTTP/1.0
        server www1      172.18.0.13:80       check
        server www2      172.18.0.14:80       check
        server www3      172.18.0.15:80       check
userlist stats-auth
    group admin    users arash
    user  arash    insecure-password arash123
    group readonly users system
    user  system  insecure-password haproxy

listen stats
    bind 0.0.0.0:4444
    use_backend stats_auth
backend stats_auth
    stats enable
    stats hide-version
    stats uri /stats
    acl AUTH       http_auth(stats-auth)
    acl AUTH_ADMIN http_auth_group(stats-auth) admin
    stats http-request auth unless AUTH
    stats admin if AUTH_ADMIN

有什么建议给我吗?

答案1

尝试使用

bind *:80

代替

bind 172.18.0.250:80

相关内容