我们在 OpenStack 控制器上有一个 haproxy 设置。
OpenStack 控制器在其各自的 LXC 容器中维护所有 OpenStack 服务。
我们控制器上的 Ulimit 是 3095554
我的配置文件如下所示。我面临的问题是Tq
我在 haproxy 日志中看到的时间非常长(5 - 20 秒)。有人可以帮我吗?
Tq
从客户端服务器到 haproxy 的请求值非常高,这会改变tr
从后端 keystone 响应到客户端服务器的响应。
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
maxconn 32768
tune.bufsize 384000
nbproc 16
tune.chksize 16384
tune.comp.maxlevel 1
tune.http.maxhdr 101
tune.maxaccept 64
tune.ssl.cachesize 20000
tune.ssl.lifetime 300
tune.ssl.default-dh-param 2048
defaults
log global
option dontlognull
option redispatch
retries 3
timeout client 50s
timeout connect 10s
timeout http-request 5s
timeout server 50s
maxconn 32768
frontend keystone_admin-front-1
bind ******:Port ssl crt /etc/ssl/private/haproxy.pem ciphers
option httplog
option forwardfor except ****/*
option http-server-close
acl white_list src. ******/*. *******/*
tcp-request content accept if white_list
tcp-request content reject
reqadd X-Forwarded-Proto:\ https
mode http
default_backend keystone_admin-back
frontend keystone_admin-front-2
bind ****/* ssl crt /etc/ssl/private/haproxy.pem ciphers
option httplog
option forwardfor except ****/*
option http-server-close
acl white_list src ****/*. ****/*
tcp-request content accept if white_list
tcp-request content reject
reqadd X-Forwarded-Proto:\ https
mode http
default_backend keystone_admin-back
backend keystone_admin-back
mode http
balance leastconn
stick store-request src
stick-table type ip size 256k expire 30m
option forwardfor
option httplog
option httpchk HEAD /
frontend keystone_service-front-1
bind ****/* ssl crt /etc/ssl/private/haproxy.pem ciphers
option httplog
option forwardfor except ****/*
option http-server-close
reqadd X-Forwarded-Proto:\ https
mode http
default_backend keystone_service-back
frontend keystone_service-front-2
bind ****/* ssl crt /etc/ssl/private/haproxy.pem ciphers
option httplog
option forwardfor except ****/*
option http-server-close
reqadd X-Forwarded-Proto:\ https
mode http
default_backend keystone_service-back
backend keystone_service-back
mode http
balance leastconn
stick store-request src
stick-table type ip size 256k expire 30m
option forwardfor
option httplog
option httpchk HEAD /