haproxy 日志在容器中

tag-icon tag-icon logging haproxy kubernetes containers
haproxy 日志在容器中

当我在容器内运行 haproxy 时,我很难从它获取访问和健康检查日志,因此我按照文档中的说明进行操作(使用 Docker | HAProxy Enterprise 2.2r1 设置日志),我的配置如下所示:

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    daemon
    log stdout format raw local0
    maxconn     4000
    nbproc 1
    nbthread 12
    # turn on stats unix socket
    # stats socket /var/lib/haproxy/stats

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
      timeout connect         10s
      timeout check           10s
      timeout client          60s
     timeout server          60s
     timeout queue           60s
     timeout http-keep-alive 10s
     maxconn                 3000
    log global
    retries                 3
frontend http_in
    mode    http
    timeout http-request    10s
   option http-keep-alive
   option forwardfor
   bind 192.16.1.103:80
   use_backend http_be

backend http_be
   mode    http
   option http-keep-alive
   option forwardfor
   option redispatch
   balance roundrobin
   server 192.16.1.6 192.16.1.6:80
   server 192.16.1.5 192.16.1.5:

80

但是我在 kubernetes 日志中看到的唯一日志是 haproxy 启动时:

kubectl logs vcn1-lb1-78c4c86676-w4q2p
Proxy http_in started.
Proxy http_be started.

我试过了:

log stdout format raw local0 debug
log stderr format raw local0 debug
log stderr format raw local0

但是什么都不能让我访问或检查健康日志数据?我想要的日志类型是在容器中不运行 haproxy 时看到的类型:

我正在寻找的日志类型是在容器外运行时获得的标准日志:

Jan 23 10:29:00 ca-rain03 haproxy[5789]: Health check for server admin_be/ca-rain03 succeeded, reason: Layer7 check passed, code: 200, check duration: 1ms, status: 3/3 UP. 
Jan 23 10:30:52 ca-rain03 haproxy[5789]: 253.255.0.35:44932 [23/Jan/2021:10:30:52.270] http_in admin_be/ca-rain01 0/0/0/1/1 200 219 - - ---- 1/1/0/0/0 0/0 "GET / HTTP/1.1"

至于监听端口 1024 的建议,容器中或 pod 节点上都没有任何内容监听该端口:

netstat -ntpl 
   Local Address Foreign Address State PID/Program name 
   tcp 0 0 192.16.1.103:80 0.0.0.0:* LISTEN 12/haproxy 
   tcp 0 0 192.16.1.103:22 0.0.0.0:* LISTEN 12/haproxy

或者在 pod 节点外部:

netstat -ntpl | grep :1024 
tcp 0 0 127.0.0.1:10248 0.0.0.0:* LISTEN 21586/kubelet 
tcp 0 0 127.0.0.1:10249 0.0.0.0:* LISTEN – Br

相关内容