Nginx HAProxy 503服务不可用(启用Iptables),nginx,haproxy,Nginx,Haproxy,在使用一个负载平衡器节点和两个nginx节点配置了一个三节点设置之后,我无法在节点之间建立连接,也无法使haproxy正常工作。 节点可以在彼此之间ping,但是HAProxy呈现服务不可用错误501错误 我设置了至少三个节点的群集: 节点1(haproxy): 操作系统:CentOS7: IP: 节点2(nginx1): OS:CentOS7 IP: 节点3(nginx2): OS:CentOS7 IP:

在使用一个负载平衡器节点和两个nginx节点配置了一个三节点设置之后,我无法在节点之间建立连接,也无法使haproxy正常工作。 节点可以在彼此之间ping,但是HAProxy呈现服务不可用错误501错误


节点1(haproxy): 操作系统:CentOS7: IP:

节点2(nginx1): OS:CentOS7 IP:

节点3(nginx2): OS:CentOS7 IP:



# Example configuration for a possible web application.  See the
# full configuration options online.

# Global settings
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #    local2.*                       /var/log/haproxy.log
    log local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/
    maxconn     4000
    user        haproxy
    group       haproxy
    log /dev/log/ local0
    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

# HAProxy Monitoring Config
listen haproxy3-monitoring *:8080
   mode http
   option forwardfor
   option httpclose
   stats enable
   stats show-legends
   stats refresh 5s
   stats uri /stats
   stats realm Haproxy\ Statistics
   stats auth howtoforge:howtoforge
   stats admin if TRUE
   default_backend app

# main frontend which proxys to the backends
frontend  main
    bind *:80
    option http-server-close
    option forwardfor
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .jpg .gif .png .css .js

    use_backend static          if url_static
    default_backend             app

# static backend for serving up images, stylesheets and such
backend static
    balance     roundrobin
    server      static check

# round robin balancing between the various backends
backend app
    balance     roundrobin
    server nginx1 check
    server nginx2 check


# For more information on configuration, see:
#   * Official English Documentation:
#   * Official Russian Documentation:

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {

        error_page 404 /404.html;
            location = /40x.html {

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
# Settings for a TLS enabled server.
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#        location / {
#        }
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }



[root@localhost haproxy]# curl
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.



//要在loadbalancer上添加的命令 iptables-I输出-d192.168.233.136-ptcp-dport80-j接受 iptables-I输出-d192.168.233.137-ptcp-dport80-j接受

//nginx1上的命令 iptables-I输入-s tcp-j接受

iptables-I INPUT-s tcp-j ACCEPT

启用状态页它将显示每个节点的故障代码尝试添加监控部分,并按照建议指定不同的ip:`listen stats stats enable stats hide version stats refresh 30s stats show node stats authadmin:password stats uri/haproxy?stats`现在我收到一个关于套接字绑定的错误:`无法绑定套接字[]`