操作系统:软呢帽
journalctl -u haproxy.service --since today --no-pager
显示的错误是:
Dec 01 15:17:13 fedora systemd[1]: Starting haproxy.service - HAProxy Load Balancer...
Dec 01 15:17:13 fedora systemd[1]: haproxy.service: Control process exited, code=exited, status=1/FAILURE
Dec 01 15:17:13 fedora systemd[1]: haproxy.service: Failed with result 'exit-code'.
Dec 01 15:17:13 fedora systemd[1]: Failed to start haproxy.service - HAProxy Load Balancer.
SSL 密钥是在
/SSL
目录中生成的:
openssl req -x509 -newkey rsa:4096 -keyout certificate.pem.key -out certificate.pem -sha256 -days 20000 -nodes -subj "/C=/ST=/L=/O=/OU=/CN="
这是配置:
它报告为有效
haproxy -V -f /etc/haproxy/haproxy.cfg
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend www
mode http
bind :80
#
# without this line, systemctl can start haproxy.service
#
# The private key is at "/SSL/certificate.pem.key"
#
bind :443 ssl crt "/SSL/certificate.pem"
default_backend sites
backend sites
balance leastconn
server server1 0.0.0.0:8000 check
server server2 0.0.0.0:8001 check
之后:
systemctl start haproxy
systemctl status haproxy -l --no-pager
显示此错误:
× haproxy.service - HAProxy Load Balancer
Loaded: loaded (/usr/lib/systemd/system/haproxy.service; disabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: failed (Result: exit-code) since Fri 2023-12-01 15:06:29 PST; 16ms ago
Duration: 1min 15.417s
Process: 65885 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS (code=exited, status=1/FAILURE)
CPU: 5ms
Dec 01 15:06:29 fedora systemd[1]: Starting haproxy.service - HAProxy Load Balancer...
Dec 01 15:06:29 fedora systemd[1]: haproxy.service: Control process exited, code=exited, status=1/FAILURE
Dec 01 15:06:29 fedora systemd[1]: haproxy.service: Failed with result 'exit-code'.
Dec 01 15:06:29 fedora systemd[1]: Failed to start haproxy.service - HAProxy Load Balancer
但是,systemctl 运行的这个命令可以使用相同的配置启动代理而不会出现错误:
/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf.d -p /run/haproxy.pid
如有任何帮助,我们将不胜感激,谢谢。
抱歉,我知道了:
兰
systemctl cat haproxy.service
获取 haproxy.service 命令的位置。
编辑了
-q
中的 ExecStartPre
:
/usr/lib/systemd/system/haproxy.service
编辑版本:
[Unit]
Description=HAProxy Load Balancer
After=network-online.target
Wants=network-online.target
[Service]
EnvironmentFile=-/etc/sysconfig/haproxy
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "CFGDIR=/etc/haproxy/conf.d"
ExecStartPre=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c
# ExecStartPre=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS
ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -f $CFGDIR -p $PIDFILE $OPTIONS
ExecReload=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
SuccessExitStatus=143
Type=notify
[Install]
WantedBy=multi-user.target
然后重新加载守护进程。
systemctl daemon-reload
错误是:
Dec 01 16:03:43 fedora haproxy[69507]: [ALERT] (69507) : config : parsing [/etc/haproxy/haproxy.cfg:30] : 'bind :443' in section 'frontend' : unable to stat SSL certificate from file '/SSL/certificate.pem' : No such file or directory.
所以我搬家了
`/SSL/certificate.pem` to `/etc/haproxy/SSL/certificate.pem`
`/SSL/certificate.pem.key` to `/etc/haproxy/SSL/certificate.pem.key`
错误消失了。