diff --git a/doc/configuration.txt b/doc/configuration.txt index 08cbff347..3e4be61cc 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -4411,7 +4411,7 @@ http-check comment http-check connect [default] [port ] [addr ] [send-proxy] [via-socks4] [ssl] [sni ] [alpn ] [linger] - [comment ] + [proto ] [comment ] Opens a new connection to perform an HTTP health check May be used in sections : defaults | frontend | listen | backend yes | no | yes | yes @@ -4442,6 +4442,11 @@ http-check connect [default] [port ] [addr ] [send-proxy] for instance: "h2,http/1.1". If it is not set, the server ALPN is used. + proto forces the multiplexer's protocol to use for this connection. + It must be an HTTP mux protocol and it must be usable on the + backend side. The list of available protocols is reported in + haproxy -vv. + linger cleanly close the connection instead of using a single RST. Just like tcp-check health checks, it is possible to configure the connection @@ -10029,7 +10034,7 @@ tcp-check comment tcp-check connect [default] [port ] [addr ] [send-proxy] [via-socks4] [ssl] [sni ] [alpn ] [linger] - [comment ] + [proto ] [comment ] Opens a new connection May be used in sections: defaults | frontend | listen | backend yes | no | yes | yes @@ -10060,6 +10065,11 @@ tcp-check connect [default] [port ] [addr ] [send-proxy] [via-socks4] for instance: "http/1.1,http/1.0" (without quotes). If it is not set, the server ALPN is used. + proto forces the multiplexer's protocol to use for this connection. + It must be a TCP mux protocol and it must be usable on the + backend side. The list of available protocols is reported in + haproxy -vv. + linger cleanly close the connection instead of using a single RST. When an application lies on more than a single TCP port or when HAProxy @@ -12535,6 +12545,15 @@ check-alpn a comma-delimited list of protocol names, for instance: "http/1.1,http/1.0" (without quotes). If it is not set, the server ALPN is used. +check-proto + Forces the multiplexer's protocol to use for the server's health-check + connections. It must be compatible with the health-check type (TCP or + HTTP). It must also be usable on the backend side. The list of available + protocols is reported in haproxy -vv. + Idea behind this optipon is to bypass the selection of the best multiplexer's + protocol for health-check connections established to this server. + If not defined, the server one will be used, if set. + check-sni This option allows you to specify the SNI to be used when doing health checks over SSL. It is only possible to use a string to set . If you want to @@ -12990,7 +13009,6 @@ port set. See also the "addr" parameter. proto - Forces the multiplexer's protocol to use for the outgoing connections to this server. It must be compatible with the mode of the backend (TCP or HTTP). It must also be usable on the backend side. The list of available protocols is diff --git a/src/checks.c b/src/checks.c index 0bd84c0e9..d2765fe2d 100644 --- a/src/checks.c +++ b/src/checks.c @@ -3439,6 +3439,7 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st struct sockaddr_storage *sk = NULL; char *comment = NULL, *sni = NULL, *alpn = NULL; struct sample_expr *port_expr = NULL; + const struct mux_proto_list *mux_proto = NULL; unsigned short conn_opts = 0; long port = 0; int alpn_len = 0; @@ -3530,6 +3531,18 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st goto error; } } + else if (strcmp(args[cur_arg], "proto") == 0) { + if (!*(args[cur_arg+1])) { + memprintf(errmsg, "'%s' expects a MUX protocol as argument.", args[cur_arg]); + goto error; + } + mux_proto = get_mux_proto(ist2(args[cur_arg+1], strlen(args[cur_arg+1]))); + if (!mux_proto) { + memprintf(errmsg, "'%s' : unknown MUX protocol '%s'.", args[cur_arg], args[cur_arg+1]); + goto error; + } + cur_arg++; + } else if (strcmp(args[cur_arg], "comment") == 0) { if (!*(args[cur_arg+1])) { memprintf(errmsg, "'%s' expects a string as argument.", args[cur_arg]); @@ -3607,6 +3620,7 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st chk->connect.alpn = alpn; chk->connect.alpn_len= alpn_len; chk->connect.port_expr= port_expr; + chk->connect.mux_proto= mux_proto; if (sk) chk->connect.addr = *sk; return chk; @@ -7117,6 +7131,31 @@ static int srv_parse_no_check_send_proxy(char **args, int *cur_arg, struct proxy return 0; } +/* parse the "check-proto" server keyword */ +static int srv_parse_check_proto(char **args, int *cur_arg, + struct proxy *px, struct server *newsrv, char **err) +{ + int err_code = 0; + + if (!*args[*cur_arg + 1]) { + memprintf(err, "'%s' : missing value", args[*cur_arg]); + goto error; + } + newsrv->check.mux_proto = get_mux_proto(ist2(args[*cur_arg + 1], strlen(args[*cur_arg + 1]))); + if (!newsrv->check.mux_proto) { + memprintf(err, "'%s' : unknown MUX protocol '%s'", args[*cur_arg], args[*cur_arg+1]); + goto error; + } + + out: + return err_code; + + error: + err_code |= ERR_ALERT | ERR_FATAL; + goto out; +} + + /* Parse the "rise" server keyword */ static int srv_parse_check_rise(char **args, int *cur_arg, struct proxy *curpx, struct server *srv, char **errmsg) @@ -7346,6 +7385,7 @@ static struct srv_kw_list srv_kws = { "CHK", { }, { { "agent-port", srv_parse_agent_port, 1, 1 }, /* Set the TCP port used for agent checks. */ { "agent-send", srv_parse_agent_send, 1, 1 }, /* Set string to send to agent. */ { "check", srv_parse_check, 0, 1 }, /* Enable health checks */ + { "check-proto", srv_parse_check_proto, 1, 1 }, /* Set the mux protocol for health checks */ { "check-send-proxy", srv_parse_check_send_proxy, 0, 1 }, /* Enable PROXY protocol for health checks */ { "check-via-socks4", srv_parse_check_via_socks4, 0, 1 }, /* Enable socks4 proxy for health checks */ { "no-agent-check", srv_parse_no_agent_check, 0, 1 }, /* Do not enable any auxiliary agent check */