如何监听非本地IP
做HA的时候,如果每个机器上同时需要监听多个IP的同一个端口。那么肯定是需要写死监听的IP和端口。
比如在haproxy里面:
- frontend free
- bind 10.17.10.4:80
- default_backend test1
- frontend free
- bind 10.17.10.5:80
- default_backend test2
backend test1
mode http
balance leastconn
option httpchk
cookie SERVERID insert indirect nocache maxidle 10m maxlife 8h
option forwardfor header ORIG_CLIENT_IP
option httpclose
server free174 10.253.4.16:8080 weight 10 rise 3 fall 5 check inter 2000 cookie apm1174
server free173 10.253.4.15:8080 weight 10 rise 3 fall 5 check inter 2000 cookie apm1173
backend test2
mode http
balance leastconn
option httpchk
cookie SERVERID insert indirect nocache maxidle 10m maxlife 8h
option forwardfor header ORIG_CLIENT_IP
option httpclose
server free174 10.253.3.16:8080 weight 10 rise 3 fall 5 check inter 2000 cookie apm1174
server free173 10.253.3.15:8080 weight 10 rise 3 fall 5 check inter 2000 cookie apm1173
主机和备机都要同时先启动好haproxy,但是备机在未获得这个IP前是无法启动haproxy的。这时可以通过修改内核参数来绑定非本地地址
- echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind