服务器崩溃并导致以下非脚本消息:
root@haproxy:~# /usr/sbin/haproxy -V -d -Ws -f /etc/haproxy/haproxy.cfg
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available filters :
[SPOE] spoe
[COMP] compression
[CACHE] cache
[TRACE] trace
Using epoll() as the polling mechanism.
[NOTICE] 005/094332 (1191) : New worker #1 (1192) forked
00000000:www-https.accept(0009)=0015 from [xx.xx.xx.xx:yyyyy] ALPN=<none>
00000000:www-https.clireq[0015:ffffffff]: GET /login/ HTTP/1.1
00000000:www-https.clihdr[0015:ffffffff]: user-agent: Wget/1.20.3 (linux-gnu)
00000000:www-https.clihdr[0015:ffffffff]: accept: */*
00000000:www-https.clihdr[0015:ffffffff]: accept-encoding: identity
00000000:www-https.clihdr[0015:ffffffff]: host: app1.domain
[ALERT] 005/094335 (1191) : Current worker #1 (1192) exited with code 135 (Bus error)
[ALERT] 005/094335 (1191) : exit-on-failure: killing every processes with SIGTERM
[WARNING] 005/094335 (1191) : All workers exited. Exiting... (135)
配置有效。
root@haproxy:~# /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -c
Configuration file is valid
使用相当标准的HAProxy配置(SSL终止和基于主机的ACL(,例如:
global
... <from installation>
default
... <from installation>
frontend https
bind *:443 ssl crt /etc/haproxy/certs/my.cert.pem
acl a1 hdr_dom(host) -i app1.domain
acl a2 hdr_dom(host) -i app2.domain
use_backend b1 if a1
use_backend b2 if a2
backend b1
server s1 zz.zz.zz.zz:8000 check
backend b2
server s2 qq.qq.qq.qq:80 check
这里的解决方案是升级HAProxy。
来自Ubuntu 20.04.1 TLS与haproxy=2.0.13-2ubuntu0.1,我使用https://haproxy.debian.net/以检查正确的PPA。
同样的配置也可以。
TL;DR
add-apt-repository ppa:vbernat/haproxy-2.2
apt-get upgrade haproxy
除此之外https://github.com/haproxy/haproxy/issues非常有帮助。