即使在拥有rsyslog配置之后,日志也不会进入日志文件。
即使在拥有rsyslog配置之后,日志也不会进入日志文件。
提问于 2021-10-29 07:06:30
我正面临着问题。我有两个不同的harpxoy linux服务器(在diff网络范围内)。在一个服务器中,我可以看到日志是在日志文件中生成的,而在另一个服务器上,日志不是在日志文件中生成的。
我已经比较了来自两个服务器的几乎所有可能的配置文件,它们看起来是相同的,但仍然找不到问题所在的线索。
Working服务器-
[root@ ~]# tail -f /var/log/haproxy*.log
==> /var/log/haproxy.log <==
==> /var/log/haproxy-status.log <==
==> /var/log/haproxy-traffic.log <==
Oct 28 20:32:48 localhost haproxy[1347]: source_ip:52675 [28/Oct/2021:20:32:46.269] ssl~ logs/es_server1 98/0/1/1391/1950 200 103475 - - --VN 43/0/0/0/0 0/0 "POST /api/telemetry/v2/clusters/_stats HTTP/1.1"
Oct 28 20:33:47 localhost haproxy[1347]: source_ip:52709 [28/Oct/2021:20:33:46.294] ssl~ logs/es_server1 125/0/0/1426/1589 200 103369 - - --VN 43/0/0/0/0 0/0 "POST /api/telemetry/v2/clusters/_stats HTTP/1.1"档案所有权
-rw------- 1 root root 0 Jan 19 2020 /var/log/haproxy-status.log
-rw------- 1 root root 1980957 Oct 28 20:45 /var/log/haproxy-traffic.log
[root@ ~]#ls -l /etc/rsyslog.d/haproxy.conf
-rw-r--r-- 1 root root 265 Jan 14 2020 /etc/rsyslog.d/haproxy.conf/etc/rsyslog.d/haproxy.conf
# Collect log with UDP
$ModLoad imudp
$UDPServerAddress 127.0.0.1
$UDPServerRun 514
# Creating separate log files based on the severity
local0.* /var/log/haproxy-traffic.log
local0.notice /var/log/haproxy-admin.log
# don't put anything in /var/log/messages
& stoprsyslog.conf文件-
[root@ ~]# cat /etc/rsyslog.conf |grep -v '#'
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$IncludeConfig /etc/rsyslog.d/*.conf
$OmitLocalLogging on
$IMJournalStateFile imjournal.state
*.info;mail.none;authpriv.none;cron.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
*.emerg :omusrmsg:*
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
local6.*,auth.*,authpriv.* @10.1.x.x/etc/haproxy/haproxy.cfg文件-
global
user haproxy
group haproxy
daemon
stats socket 127.0.0.1:14567
log 127.0.0.1:514 local0 debug
defaults
mode http
log /dev/log local1 notice
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
option httpclose
option forwardfor except 127.0.0.0/8
option redispatch
option abortonclose
option httplog
option dontlognull
.
.haproxy配置中提到的两个端口都打开了。
[root@ ~]# netstat -tulnp |grep 514
udp 0 0 127.0.0.1:514 0.0.0.0:* 1309/rsyslogd
[root@ ~]#
[root@ ~]# netstat -antp |grep 14567
tcp 0 0 127.0.0.1:14567 0.0.0.0:* LISTEN 1347/haproxy
[root@ ~]#logs -
journalctl -fu rsyslog
Oct 28 15:00:10 rsyslogd[1309]: imjournal: journal reloaded... [v8.24.0-57.el7_9.1 try http://www.rsyslog.com/e/0 ]
Oct 28 20:40:54 rsyslogd[1309]: imjournal: journal reloaded... [v8.24.0-57.el7_9.1 try http://www.rsyslog.com/e/0 ][root@ ~]# journalctl -fu haproxy
-- Logs begin at Wed 2021-10-27 02:30:13 +03. --
Oct 27 20:28:29 haproxy[1347]: Server tomcat-apps/App_server1 is DOWN, reason: Layer7 timeout, check duration: 2001ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.访问日志也出现在message日志中。
cat /var/log/messages | grep haproxy
Oct 28 21:27:47 localhost haproxy[1347]: source_ip:54604 [28/Oct/2021:21:27:46.309] ssl~ logs/es_server1 98/0/1/1364/1550 200 103362 - - --VN 43/0/0/0/0 0/0 "POST /api/telemetry/v2/clusters/_stats HTTP/1.1"
Oct 28 21:28:47 localhost haproxy[1347]: source_ip:54635 [28/Oct/2021:21:28:46.307] ssl~ logs/es_server1 151/0/0/1397/1647 200 103361 - - --VN 43/0/0/0/0 0/0 "POST /api/telemetry/v2/clusters/_stats HTTP/1.1"Non-working服务器-
以下文件没有登录
[root@ ~]# tail -f /var/log/haproxy*.log
==> /var/log/haproxy.log <==
==> /var/log/haproxy-status.log <==
==> /var/log/haproxy-traffic.log <==所有权与上述相同
[root@ ~]# ls -l /var/log/haproxy*.log
-rw------- 1 root root 0 Sep 4 2020 /var/log/haproxy.log
-rw------- 1 root root 0 Sep 4 2020 /var/log/haproxy-status.log
-rw------- 1 root root 0 Oct 28 20:23 /var/log/haproxy-traffic.log
[root@ ~]#ls -l /etc/rsyslog.d/haproxy.conf
-rw-r--r-- 1 root root 265 Aug 4 20:15 /etc/rsyslog.d/haproxy.conf/etc/rsyslog.d/haproxy.conf
# Collect log with UDP
$ModLoad imudp
$UDPServerAddress 127.0.0.1
$UDPServerRun 514
# Creating separate log files based on the severity
local0.* /var/log/haproxy-traffic.log
local0.notice /var/log/haproxy-admin.log
# don't put anything in /var/log/messages
& stopcat /etc/rsyslog.conf |grep -v '#'
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$IncludeConfig /etc/rsyslog.d/*.conf
$OmitLocalLogging on
$IMJournalStateFile imjournal.state
*.info;mail.none;authpriv.none;cron.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
*.emerg :omusrmsg:*
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
local6.* @@10.1.x.x/etc/haproxy/haproxy.cfg文件
global
user haproxy
group haproxy
daemon
stats socket 127.0.0.1:14567
log 127.0.0.1:514 local0 debug
defaults
mode http
log /dev/log local1 notice
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
option httpclose
option forwardfor except 127.0.0.0/8
option redispatch
option abortonclose
option httplog
option dontlognullports -在这里,某些连接处于TIME_WAIT状态,用于端口14567
[root@ ~]# netstat -tulnp |grep 514
udp 0 0 127.0.0.1:514 0.0.0.0:* 21740/rsyslogd
[root@ ~]#
[root@ ~]# netstat -antp |grep 14567
tcp 0 0 127.0.0.1:14567 0.0.0.0:* LISTEN 18749/haproxy
tcp 0 0 127.0.0.1:14567 127.0.0.1:36168 TIME_WAIT -
tcp 0 0 127.0.0.1:14567 127.0.0.1:36170 TIME_WAIT -
tcp 0 0 127.0.0.1:14567 127.0.0.1:36242 TIME_WAIT -
tcp 0 0 127.0.0.1:14567 127.0.0.1:36348 TIME_WAIT -
tcp 0 0 127.0.0.1:14567 127.0.0.1:36332 TIME_WAIT -检查了logs,但没有找到与此问题相关的任何内容。
journalctl -fu rsyslog
Oct 28 21:00:01 rsyslogd[21740]: action 'action 9' resumed (module 'builtin:omfwd') [v8.24.0-57.el7_9.1 try http://www.rsyslog.com/e/2359 ]
Oct 28 21:00:01 rsyslogd[21740]: action 'action 9' resumed (module 'builtin:omfwd') [v8.24.0-57.el7_9.1 try http://www.rsyslog.com/e/2359 ][root@ ~]# journalctl -fu haproxy
-- Logs begin at Thu 2021-10-28 10:23:25 +03. --
Oct 28 16:34:17 haproxy[11346]: Proxy stats started.
Oct 28 19:59:29 systemd[1]: Stopping HAProxy Load Balancer...
Oct 28 19:59:29 haproxy-systemd-wrapper[11345]: haproxy-systemd-wrapper: SIGTERM -> 11347.
Oct 28 19:59:29 haproxy[18748]: Proxy ssl started.
Oct 28 19:59:29 haproxy[18748]: Proxy stats started.在这里,message日志文件有haproxy access日志,但它不属于单独的文件。
cat /var/log/messages | grep haproxy
Oct 28 10:19:52 audispd: node= type=SERVICE_START msg=audit(1635405592.054:45): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=haproxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 28 10:19:52 haproxy[1749]: Proxy ssl-pingaccess started.
Oct 28 10:19:52 haproxy[1749]: Proxy ssl started.
Oct 28 10:19:52 haproxy[1749]: Server ssl-pingaccess/192.168.157.41 is DOWN, reason: Layer4 connection problem, info: "Connection error during SSL handshake (Connection refused) at initial connection step of tcp-check", check duration: 0ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Oct 28 10:19:52 haproxy[1749]: backend ssl-pingaccess has no server available!这些文件在两个服务器上都是相同的。
both are same
/usr/lib/systemd/system/rsyslog.service
/usr/lib/systemd/system/haproxy.service
/etc/sysconfig/haproxy
/etc/sysconfig/rsyslog
/etc/logrotate.d/haproxy两者都有rsyslog-8.24.0-57.el7_9.1.x86_64和haproxy-1.5.18-9.el7_9.1.x86_64包。
两台服务器上的配置几乎相同,但在不工作的服务器上,日志不会进入自己的日志文件。
有人能帮忙吗。
谢谢,
回答 1
Server Fault用户
回答已采纳
发布于 2021-11-09 07:15:03
在前端部分下添加了下面的行后,日志现在正在日志文件中生成。
log 127.0.0.1:514 local0 debug页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/1082063
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号