mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-22 14:21:25 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: checks: Support mux protocol definition for tcp and http health checks

Browse Source 
It is now possible to force the mux protocol for a tcp-check based health check
using the server keyword "check-proto". If set, this parameter overwrites the
server one.

In the same way, a "proto" parameter has been added for tcp-check and http-check
connect rules. If set, this mux protocol overwrites all others for the current
connection.
This commit is contained in:
Christopher Faulet 2020-04-23 16:27:59 +02:00
parent 12882cfaf8
commit edc6ed9778
2 changed files with 61 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
doc/configuration.txt
View File

@ -4411,7 +4411,7 @@ http-check comment <string>
http-check connect [default] [port <expr>] [addr <ip>] [send-proxy] http-check connect [default] [port <expr>] [addr <ip>] [send-proxy]
[via-socks4] [ssl] [sni <sni>] [alpn <alpn>] [linger] [via-socks4] [ssl] [sni <sni>] [alpn <alpn>] [linger]
[comment <msg>] [proto <name>] [comment <msg>]
Opens a new connection to perform an HTTP health check Opens a new connection to perform an HTTP health check
May be used in sections : defaults | frontend | listen | backend May be used in sections : defaults | frontend | listen | backend
yes | no | yes | yes yes | no | yes | yes
@ -4442,6 +4442,11 @@ http-check connect [default] [port <expr>] [addr <ip>] [send-proxy]
for instance: "h2,http/1.1". If it is not set, the server ALPN for instance: "h2,http/1.1". If it is not set, the server ALPN
is used. is used.
proto <name> forces the multiplexer's protocol to use for this connection.
It must be an HTTP mux protocol and it must be usable on the
backend side. The list of available protocols is reported in
haproxy -vv.
linger cleanly close the connection instead of using a single RST. linger cleanly close the connection instead of using a single RST.
Just like tcp-check health checks, it is possible to configure the connection Just like tcp-check health checks, it is possible to configure the connection
@ -10029,7 +10034,7 @@ tcp-check comment <string>
tcp-check connect [default] [port <expr>] [addr <ip>] [send-proxy] [via-socks4] tcp-check connect [default] [port <expr>] [addr <ip>] [send-proxy] [via-socks4]
[ssl] [sni <sni>] [alpn <alpn>] [linger] [ssl] [sni <sni>] [alpn <alpn>] [linger]
[comment <msg>] [proto <name>] [comment <msg>]
Opens a new connection Opens a new connection
May be used in sections: defaults | frontend | listen | backend May be used in sections: defaults | frontend | listen | backend
yes | no | yes | yes yes | no | yes | yes
@ -10060,6 +10065,11 @@ tcp-check connect [default] [port <expr>] [addr <ip>] [send-proxy] [via-socks4]
for instance: "http/1.1,http/1.0" (without quotes). for instance: "http/1.1,http/1.0" (without quotes).
If it is not set, the server ALPN is used. If it is not set, the server ALPN is used.
proto <name> forces the multiplexer's protocol to use for this connection.
It must be a TCP mux protocol and it must be usable on the
backend side. The list of available protocols is reported in
haproxy -vv.
linger cleanly close the connection instead of using a single RST. linger cleanly close the connection instead of using a single RST.
When an application lies on more than a single TCP port or when HAProxy When an application lies on more than a single TCP port or when HAProxy
@ -12535,6 +12545,15 @@ check-alpn <protocols>
a comma-delimited list of protocol names, for instance: "http/1.1,http/1.0" a comma-delimited list of protocol names, for instance: "http/1.1,http/1.0"
(without quotes). If it is not set, the server ALPN is used. (without quotes). If it is not set, the server ALPN is used.
check-proto <name>
Forces the multiplexer's protocol to use for the server's health-check
connections. It must be compatible with the health-check type (TCP or
HTTP). It must also be usable on the backend side. The list of available
protocols is reported in haproxy -vv.
Idea behind this optipon is to bypass the selection of the best multiplexer's
protocol for health-check connections established to this server.
If not defined, the server one will be used, if set.
check-sni <sni> check-sni <sni>
This option allows you to specify the SNI to be used when doing health checks This option allows you to specify the SNI to be used when doing health checks
over SSL. It is only possible to use a string to set <sni>. If you want to over SSL. It is only possible to use a string to set <sni>. If you want to
@ -12990,7 +13009,6 @@ port <port>
set. See also the "addr" parameter. set. See also the "addr" parameter.
proto <name> proto <name>
Forces the multiplexer's protocol to use for the outgoing connections to this Forces the multiplexer's protocol to use for the outgoing connections to this
server. It must be compatible with the mode of the backend (TCP or HTTP). It server. It must be compatible with the mode of the backend (TCP or HTTP). It
must also be usable on the backend side. The list of available protocols is must also be usable on the backend side. The list of available protocols is

40
src/checks.c
View File

@ -3439,6 +3439,7 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st
struct sockaddr_storage *sk = NULL; struct sockaddr_storage *sk = NULL;
char *comment = NULL, *sni = NULL, *alpn = NULL; char *comment = NULL, *sni = NULL, *alpn = NULL;
struct sample_expr *port_expr = NULL; struct sample_expr *port_expr = NULL;
const struct mux_proto_list *mux_proto = NULL;
unsigned short conn_opts = 0; unsigned short conn_opts = 0;
long port = 0; long port = 0;
int alpn_len = 0; int alpn_len = 0;
@ -3530,6 +3531,18 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st
goto error; goto error;
} }
} }
else if (strcmp(args[cur_arg], "proto") == 0) {
if (!*(args[cur_arg+1])) {
memprintf(errmsg, "'%s' expects a MUX protocol as argument.", args[cur_arg]);
goto error;
}
mux_proto = get_mux_proto(ist2(args[cur_arg+1], strlen(args[cur_arg+1])));
if (!mux_proto) {
memprintf(errmsg, "'%s' : unknown MUX protocol '%s'.", args[cur_arg], args[cur_arg+1]);
goto error;
}
cur_arg++;
}
else if (strcmp(args[cur_arg], "comment") == 0) { else if (strcmp(args[cur_arg], "comment") == 0) {
if (!*(args[cur_arg+1])) { if (!*(args[cur_arg+1])) {
memprintf(errmsg, "'%s' expects a string as argument.", args[cur_arg]); memprintf(errmsg, "'%s' expects a string as argument.", args[cur_arg]);
@ -3607,6 +3620,7 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st
chk->connect.alpn = alpn; chk->connect.alpn = alpn;
chk->connect.alpn_len= alpn_len; chk->connect.alpn_len= alpn_len;
chk->connect.port_expr= port_expr; chk->connect.port_expr= port_expr;
chk->connect.mux_proto= mux_proto;
if (sk) if (sk)
chk->connect.addr = *sk; chk->connect.addr = *sk;
return chk; return chk;
@ -7117,6 +7131,31 @@ static int srv_parse_no_check_send_proxy(char **args, int *cur_arg, struct proxy
return 0; return 0;
} }
/* parse the "check-proto" server keyword */
static int srv_parse_check_proto(char **args, int *cur_arg,
struct proxy *px, struct server *newsrv, char **err)
{
int err_code = 0;
if (!*args[*cur_arg + 1]) {
memprintf(err, "'%s' : missing value", args[*cur_arg]);
goto error;
}
newsrv->check.mux_proto = get_mux_proto(ist2(args[*cur_arg + 1], strlen(args[*cur_arg + 1])));
if (!newsrv->check.mux_proto) {
memprintf(err, "'%s' : unknown MUX protocol '%s'", args[*cur_arg], args[*cur_arg+1]);
goto error;
}
out:
return err_code;
error:
err_code |= ERR_ALERT | ERR_FATAL;
goto out;
}
/* Parse the "rise" server keyword */ /* Parse the "rise" server keyword */
static int srv_parse_check_rise(char **args, int *cur_arg, struct proxy *curpx, struct server *srv, static int srv_parse_check_rise(char **args, int *cur_arg, struct proxy *curpx, struct server *srv,
char **errmsg) char **errmsg)
@ -7346,6 +7385,7 @@ static struct srv_kw_list srv_kws = { "CHK", { }, {
{ "agent-port", srv_parse_agent_port, 1, 1 }, /* Set the TCP port used for agent checks. */ { "agent-port", srv_parse_agent_port, 1, 1 }, /* Set the TCP port used for agent checks. */
{ "agent-send", srv_parse_agent_send, 1, 1 }, /* Set string to send to agent. */ { "agent-send", srv_parse_agent_send, 1, 1 }, /* Set string to send to agent. */
{ "check", srv_parse_check, 0, 1 }, /* Enable health checks */ { "check", srv_parse_check, 0, 1 }, /* Enable health checks */
{ "check-proto", srv_parse_check_proto, 1, 1 }, /* Set the mux protocol for health checks */
{ "check-send-proxy", srv_parse_check_send_proxy, 0, 1 }, /* Enable PROXY protocol for health checks */ { "check-send-proxy", srv_parse_check_send_proxy, 0, 1 }, /* Enable PROXY protocol for health checks */
{ "check-via-socks4", srv_parse_check_via_socks4, 0, 1 }, /* Enable socks4 proxy for health checks */ { "check-via-socks4", srv_parse_check_via_socks4, 0, 1 }, /* Enable socks4 proxy for health checks */
{ "no-agent-check", srv_parse_no_agent_check, 0, 1 }, /* Do not enable any auxiliary agent check */ { "no-agent-check", srv_parse_no_agent_check, 0, 1 }, /* Do not enable any auxiliary agent check */