一、HAProxy 配置
HAProxy 日志采用默认配置:
cat /etc/haproxy/haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
注意:
- 如果后台服务不是 http,而是 redis 等,则对应的 listen 需要覆盖指定:option tcplog。
- 日志的 level:local0~local7,16~23保留为本地使用,其中:
- 0:emerg,系统不可用;
- 1:alert,必须马上采取行动的事件;
- 2:crit,关键的事件;
- 3:err,错误事件;
- 4:warning,警告事件;
- 5:notice,普通但重要的事件;
- 6:info,有用的信息;
- 7:debug,调试信息。
二、修改 /etc/rsyslog.d/49-haproxy.conf
原文件如下:
注释红线部分,并在其下面添加:
$ModLoad imudp
$UDPServerRun 514
$template haproxylog,"/root/haproxy/logs/haproxy-%$year%-%$month%-%$day%.log"
#template(name="haproxylog" type="string" string="/root/haproxy/logs/haproxy-%$year%-%$month%-%$day%.log")
$template logformat,"%TIMESTAMP:8:15%.%timestamp:::date-subseconds% %syslogtag% %msg%\n"
if $programname startswith 'haproxy' then ?haproxylog; logformat
&~
注意:
-
文件名不一定是 49-haproxy.conf,不过都没关系,只要文件后缀是“.conf”,并且文件位于目录:/etc/rsyslog.d/ 就可以。这是因为服务 rsyslog 的配置文件:/etc/rsyslog.conf 中有一句话:
$IncludeConfig /etc/rsyslog.d/*.conf
所以,如果我们要自定义某个服务的日志,最好在 /etc/rsyslog.d/ 目录下创建相应的文件,而不是直接修改 /etc/rsyslog.conf。
-
由于 HAProxy 的日志是采用 UDP 传输,所以需启用 rsyslog 的 udp监听。
-
两种定义 template 路径的语句都是正确的,但无论使用哪一种格式,在引用 template 路径时,必须在 template 名称前加一个 “?”。
-
最后一行:&~,如果不加这条的配置,则除了将日志写入自定义文件之外,同时会写入 /var/log/messages。
重启 rsyslog 与 HAProxy:
systemctl restart rsyslog
systemctl restart haproxy
查看日志文件:
三、设置日志内容格式
HAProxy 默认日志比较杂乱,字段含义也比较难懂。
可使用 log-format,对格式进行自定义:
listen proxy_tw
bind :16001
option tcplog
mode tcp
balance roundrobin
server tw_proxy_1 192.168.255.128:22121 check inter 10s
server tw_proxy_2 192.168.177.128:22121 check inter 10s
log global
option logasap
log-format client:%ci:%cp\ frontend:%fi:%fp(%f)\ backend:%bi:%bp(%b)\ real_server:%si:%sp(%s)\ status_code:%ST\ retries:%rc\ termination_state:%ts
listen proxy_web
bind :16002
mode http
balance roundrobin
#option forwardfor
timeout server 15s
timeout connect 15s
#option httpclose
option redispatch
log global
option logasap
log-format client:%ci:%cp\ URI:/%HU\ frontend:%fi:%fp(%f)\ backend:%bi:%bp(%b)\ real_server:%si:%sp(%s)\ status_code:%ST\ http_request:%r\ retries:%rc\ termination_state:%ts
server web_proxy_1 192.168.255.128:8571 check inter 10s
server web_proxy_2 192.168.255.128:8572 check inter 10s
server web_proxy_3 192.168.177.128:8571 check inter 10s
server web_proxy_4 192.168.177.128:8572 check inter 10s
注意:
-
tcplog 与 httplog 模式下,某些字段不通用,注意区分,否则 HAProxy 可能无法启动;
-
若某个后端不想写日志,比如 HAProxy web 管理平台,每次刷新会写两条记录,可以将“log global”只放到需要写日志的后端配置下;
-
默认情况下,tcplog 与 httplog 模式只会在连接中断后写日志,以便能够在日志中记录时间和字节等信息。这样可能导致,tcp 连接只要不关闭,永远不会写日志。解决方法:option logasap,表示只要服务发送了完整的 header,就马上写日志。缺点:
- 日志中可能缺少某些数据;
- 连接关闭时,不会写日志;
-
日志格式:
HAProxy 配置手册R var field name (8.2.2 and 8.2.3 for description) type %o special variable, apply flags on all next var %B bytes_read (from server to client) numeric H %CC captured_request_cookie string H %CS captured_response_cookie string %H hostname string H %HM HTTP method (ex: POST) string H %HP HTTP request URI without query string (path) string H %HQ HTTP request URI query string (ex: ?bar=baz) string H %HU HTTP request URI (ex: /foo?bar=baz) string H %HV HTTP version (ex: HTTP/1.0) string %ID unique-id string %ST status_code numeric %T gmt_date_time date %Tc Tc numeric %Td Td = Tt - (Tq + Tw + Tc + Tr) numeric %Tl local_date_time date H %Tq Tq numeric H %Tr Tr numeric %Ts timestamp numeric %Tt Tt numeric %Tw Tw numeric %U bytes_uploaded (from client to server) numeric %ac actconn numeric %b backend_name string %bc beconn (backend concurrent connections) numeric %bi backend_source_ip (connecting address) IP %bp backend_source_port (connecting address) numeric %bq backend_queue numeric %ci client_ip (accepted address) IP %cp client_port (accepted address) numeric %f frontend_name string %fc feconn (frontend concurrent connections) numeric %fi frontend_ip (accepting address) IP %fp frontend_port (accepting address) numeric %ft frontend_name_transport (’~’ suffix for SSL) string %lc frontend_log_counter numeric %hr captured_request_headers default style string %hrl captured_request_headers CLF style string list %hs captured_response_headers default style string %hsl captured_response_headers CLF style string list %ms accept date milliseconds (left-padded with 0) numeric %pid PID numeric H %r http_request string %rc retries numeric %rt request_counter (HTTP req or TCP session) numeric %s server_name string %sc srv_conn (server concurrent connections) numeric %si server_IP (target address) IP %sp server_port (target address) numeric %sq srv_queue numeric S %sslc ssl_ciphers (ex: AES-SHA) string S %sslv ssl_version (ex: TLSv1) string %t date_time (with millisecond resolution) date %ts termination_state string H %tsc termination_state with cookie status string
