您好,我们使用haproxy 卸载tls并代理emqx,大概代理了24w连接,在前期运行的很好,不过在大概10天左右,会出现以下问题:
- 健康检测time out;
- 设备部分掉线,重连时无法新建立连接;
在此时直连是正常的。
haproxy配置如下:
global
maxconn 130000
log 127.0.0.1 local0 debug
#log 127.0.0.1
#log loghost local0 info
uid 995
gid 993
#daemon
#cpu-map 1-4 0-3
nbthread 2
#debug
#quiet
chroot /usr/local/haproxy
stats socket /run/haproxy-master.sock mode 600 level admin
maxsslrate 169
#profiling.tasks auto
#tune.runqueue-depth 2000
spread-checks 5
These parameter can be used for frontend, backend and listen:
defaults
log global
mode tcp
retries 3
# maxconn 520000
balance roundrobin
balance source
balance leastconn
option clitcpka
frontend stats
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
stats enable
stats uri /stats
stats refresh 10s
listen admin_stats # The name of the Stats page reporting information from frontend and backend. You can customize the name according to your needs.
bind 0.0.0.0:8080 # The listening port.
mode http # The monitoring mode.
option httplog # Enables HTTP logging.
maxconn 10 # The maximum number of concurrent connections.
stats refresh 30s # Automatically refreshes the Stats page every 30 seconds.
stats uri /haproxy # The URL of the Stats page.
stats realm HAProxy # The authentication realm of the Stats page.
stats auth admin:xxxxx # User name and password in the Stats page. You can have multiple user names.
stats hide-version # Hides the version information of HAProxy on the Stats page.
stats admin if TRUE # Manually enables or disables the backend server (supported in HAProxy 1.4.9 or later versions).
frontend frontend_emqx_ssl
bind *:1883 ssl crt-list /etc/haproxy/certs_list.txt no-sslv3
option tcplog
timeout client 200s
mode tcp
default_backend backend_emqx_ssl
backend backend_emqx_ssl
mode tcp
timeout server 200s
balance leastconn
server emqx_10.2.2.xx_1 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x15:2048-60999
server emqx_10.2.2.xx_2 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x7:2048-60999
server emqx_10.2.2.xx_3 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x19:2048-60999
server emqx_10.2.2.xx_4 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x43:2048-60999
server emqx_10.2.2.xx_5 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x4:2048-60999
server emqx_10.2.3.xx_1 10.2.3.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x15:2048-60999
server emqx_10.2.3.xx_2 10.2.3.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x7:2048-60999
server emqx_10.2.3.xx_3 10.2.3.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x19:2048-60999
server emqx_10.2.3.xx_4 10.2.3.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x43:2048-60999
server emqx_10.2.3.xx_5 10.2.3.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x4:2048-60999
server emqx_10.2.2.xx_1 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x15:2048-60999
server emqx_10.2.2.xx_2 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x7:2048-60999
server emqx_10.2.2.xx_3 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x19:2048-60999
server emqx_10.2.2.xx_4 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x43:2048-60999
server emqx_10.2.2.xx_5 10.2.2.xx:1883 send-proxy-v2 check port 38080 inter 10s fall 6 rise 1 source 10.2.xx.x4:2048-60999
官方推荐使用haproxy代理,请问那个版本的haproxy比较稳定?