diff --git a/doc/management.txt b/doc/management.txt index ec9e1164d..f83afbe03 100644 --- a/doc/management.txt +++ b/doc/management.txt @@ -2130,10 +2130,12 @@ del backend This operation is only possible for TCP or HTTP proxies. To succeed, the backend instance must have been first unpublished. - There is also additional restrictions which prevent backend removal. - Currently, this is the case when deprecated dispatch or option transparent - are used. Also, a backend cannot be removed if there is a stick-table - declared in it. + There is additional restrictions which prevent backend removal. First, a + backend cannot be removed if it is explicitely referenced by config elements, + for example via a use_backend rule or in sample expressions. Some proxies + options are also incompatible with runtime deletion. Currently, this is the + case when deprecated dispatch or option transparent are used. Also, a backend + cannot be removed if there is a stick-table declared in it. This command is restricted and can only be issued on sockets configured for level "admin". Moreover, this feature is still considered in development so it diff --git a/include/haproxy/proxy-t.h b/include/haproxy/proxy-t.h index b865ba2bd..833c55147 100644 --- a/include/haproxy/proxy-t.h +++ b/include/haproxy/proxy-t.h @@ -248,6 +248,7 @@ enum PR_SRV_STATE_FILE { #define PR_FL_CHECKED 0x00000040 /* The proxy configuration was fully checked (including postparsing checks) */ #define PR_FL_BE_UNPUBLISHED 0x00000080 /* The proxy cannot be targetted by content switching rules */ #define PR_FL_DELETED 0x00000100 /* Proxy has been deleted and must be manipulated with care */ +#define PR_FL_NON_PURGEABLE 0x00000200 /* Proxy referenced by config elements which prevent its runtime removal. */ struct stream; diff --git a/src/proxy.c b/src/proxy.c index 7dde62887..1e5a168b2 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -1982,6 +1982,8 @@ int proxy_finalize(struct proxy *px, int *err_code) */ px->options |= PR_O_HTTP_UPG; } + + target->flags |= PR_FL_NON_PURGEABLE; } } @@ -2058,6 +2060,8 @@ int proxy_finalize(struct proxy *px, int *err_code) */ px->options |= PR_O_HTTP_UPG; } + + target->flags |= PR_FL_NON_PURGEABLE; } *err_code |= warnif_tcp_http_cond(px, rule->cond); } @@ -5014,6 +5018,11 @@ int be_check_for_deletion(const char *bename, struct proxy **pb, const char **pm goto out; } + if (be->cap & PR_CAP_FE) { + msg = "Cannot delete a listen section."; + goto out; + } + if (be->options & (PR_O_DISPATCH|PR_O_TRANSP)) { msg = "Deletion of backend with deprecated dispatch/transparent options is not supported."; goto out; @@ -5024,8 +5033,8 @@ int be_check_for_deletion(const char *bename, struct proxy **pb, const char **pm goto out; } - if (be->cap & PR_CAP_FE) { - msg = "Cannot delete a listen section."; + if (be->flags & PR_FL_NON_PURGEABLE) { + msg = "This proxy cannot be removed at runtime due to other configuration elements pointing to it."; goto out; } diff --git a/src/sample.c b/src/sample.c index 18f7f1c26..7e3d195dc 100644 --- a/src/sample.c +++ b/src/sample.c @@ -1512,6 +1512,7 @@ int smp_resolve_args(struct proxy *p, char **err) break; } + /* TODO CLI set-var should not prevent server deletion as var value is instantly resolved. */ srv->flags |= SRV_F_NON_PURGEABLE; chunk_destroy(&arg->data.str); @@ -1541,6 +1542,9 @@ int smp_resolve_args(struct proxy *p, char **err) break; } + /* TODO CLI set-var should not prevent proxy deletion as var value is instantly resolved. */ + px->flags |= PR_FL_NON_PURGEABLE; + chunk_destroy(&arg->data.str); arg->unresolved = 0; arg->data.prx = px; @@ -1568,6 +1572,9 @@ int smp_resolve_args(struct proxy *p, char **err) break; } + /* TODO CLI set-var should not prevent proxy deletion as var value is instantly resolved. */ + px->flags |= PR_FL_NON_PURGEABLE; + chunk_destroy(&arg->data.str); arg->unresolved = 0; arg->data.prx = px;