haproxy从1.5.18升级到2.4.17

问题描述 投票:0回答:1

我一直在CentOs服务器上使用HA-Proxy版本1.5.18,因为CentOS Linux 7将在不久的将来停产,我已经从CentOs升级到Red Hat,现在我的ref hat上的haproxy默认版本是2.4。 17、我将1.5.18版本的haproxy.cfg放在2.4.17版本中,并尝试使用systemctl start haproxy启动haproxy,但它没有启动。下面是我的 1.5.18 版本的 haproxy.cfg,它在 CentOs 上工作正常,但在 RedHat 上不行

global
   
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     5000
    user        haproxy
    group       haproxy
    daemon

tune.maxrewrite 4096
tune.http.maxhdr 202
    
    #tune.ssl.default-dh-param 2048
    tune.ssl.default-dh-param 2048  
    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats
    # utilize system-wide crypto-policies
    ssl-default-bind-ciphers AES256-SHA
    #ssl-default-bind-ciphers PROFILE=SYSTEM
    #ssl-default-server-ciphers PROFILE=SYSTEM

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  forwardfor
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 10
    timeout http-request    40s
    timeout queue           1m
    timeout connect         40s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 60s
    timeout check           50s
    maxconn                 5000

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#frontend  main *:5000

frontend xyzabc 
#frontend localnodes    
 
 bind *:443 ssl crt /home/ssl/kccb-new.pem
    mode http
    option httplog
    capture request header X-Forwarded-For len 20
        capture request header authorization len 80
        capture request header X-Client-Auth len 80
        capture request header User-Agent len 400
        capture request header Host len 150        
        capture request header Accept-Language len 10       
    
    
    log-format "%{+Q}o\client_address=\%{+Q}[capture.req.hdr(0)],client_port=\%cp,server_address=\%si,server_port=\%sp,status=\%ST"
    http-response add-header Access-Control-Allow-Origin *
    http-response add-header X-Forwarded-For %{+Q}[capture.req.hdr(0)]
    rspadd Access-Control-Expose-Headers:\ *
    rspadd Access-Control-Allow-Headers:\ *
    rspadd Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT  if { capture.req.hdr(0) -m found }
    rspadd Access-Control-Allow-Credentials:\ true  if { capture.req.hdr(0) -m found }
    rspadd Access-Control-Allow-Headers:\ Origin,\ Accept,\ X-Requested-With,\ Content-Type,\ Access-Control-Request-Method,\ Access-Control-Request-Headers,\ Authorization  if { capture.req.hdr(0) -m found }

    acl url_kccb_mb path_beg /mb/    
    use_backend kccb_backend if url_kccb_mb
    acl url_sys_ha path_beg /sys/ha/
    use_backend sys_ha if url_sys_ha


backend kccb_backend
    balance roundrobin
    option forwardfor
    
#    http-request set-header X-Client-IP %[src]
    http-request set-header X-Forwarded-For %{+Q}[capture.req.hdr(0)]
    http-request replace-header ^([^\ :]*)\ /mb/(.*) \1\ /mbkccbxt/\2
    server kccb_mb 10.0.101.100:5000 check #maxconn 10000

backend sys_ha
    balance roundrobin
    http-request replace-header ^([^\ :]*)\ /sys/ha/(.*) \1\ /\2
    server sys-ha 127.0.0.1:8936 check

使用“systemctl start haproxy”启动 haproxy 时,出现以下错误

parsing [/etc/haproxy/haproxy.cfg:95] : The 'rspadd' directive is not supported anymore since HAProxy 2.>
 parsing [/etc/haproxy/haproxy.cfg:96] : The 'rspadd' directive is not supported anymore since HAProxy 2.>
 parsing [/etc/haproxy/haproxy.cfg:97] : The 'rspadd' directive is not supported anymore since HAProxy 2.>
 parsing [/etc/haproxy/haproxy.cfg:98] : The 'rspadd' directive is not supported anymore since HAProxy 2.>
 parsing [/etc/haproxy/haproxy.cfg:99] : The 'rspadd' directive is not supported anymore since HAProxy 2.>

我在网上做了一些研究来寻找错误的解决方案,发现自 HAProxy 2.1 以来不再支持“reqrep”指令。并且必须使用“http-request Replace-header”来代替。所以我用“http-request Replace-header”替换“reqrep”并尝试启动 haproxy 出现以下错误:

parsing [/etc/haproxy/haproxy.cfg:95] : error detected in frontend 'xyzabc' while parsing 'http-r>

我不是 haproxy 专业人士,但我必须完成此任务,任何人都可以帮助我解决此错误吗?

haproxy
1个回答
0
投票

我在周末做了一些更多的研究,找到了解决方案,在较新的 HAPROXY 版本(>=2.*)中,不再支持 rspadd 和 reqrep,rspadd 需要替换为“http-response add-header”,并且必须删除反斜杠

来自:

rspadd Access-Control-Expose-Headers:\ *

至:

http-response add-header Access-Control-Expose-Headers *

同样需要将 reqrep 替换为“http-request replacement-path”

来自:

reqrep ^([^\ :]*)\ /sys/ha/(.*) \1\ /\2

致:

http-request replace-path ^([^\ :]*)\ /sys/ha/(.*) \1\ /\2

进行上述更改后,我重新启动了 haproxy,它启动没有任何问题并且按预期工作,这对于将 haproxy 1.* 升级到 haproxy 2.* 的用户会有帮助

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.