Commit Graph

53 Commits

Author SHA1 Message Date
Willy Tarreau
be6008f322 [DOC] point to 1.4 doc, not 1.3
The links were wrong.
2009-10-14 22:22:03 +02:00
Willy Tarreau
a080eca533 [DOC] add a reminder about obsolete documents
haproxy-en.txt and haproxy-fr.txt are outdated but people still refer to
them quite often, generally causing a useless waste of time.
2009-10-14 20:39:14 +02:00
Willy Tarreau
7b4c5aee55 [RELEASE] Released version 1.3.15
Released version 1.3.15 with the following main changes :
    - [BUILD] Added support for 'make install'
    - [BUILD] Added 'install-man' make target for installing the man page
    - [BUILD] Added 'install-bin' make target
    - [BUILD] Added 'install-doc' make target
    - [BUILD] Removed "/" after '$(DESTDIR)' in install targets
    - [BUILD] Changed 'install' target to install the binaries first
    - [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
    - [MEDIUM]: Inversion for options
    - [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
    - [BUG]: Restore clearing t->logs.bytes
    - [MEDIUM]: rework checks handling
    - [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
    - [MEDIUM] Implement "track [<backend>/]<server>"
    - [MINOR] Implement persistent id for proxies and servers
    - [BUG] Don't increment server connections too much + fix retries
    - [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
    - [MAJOR] proto_uxst rework -> SNMP support
    - [BUG] appsession lookup in URL does not work
    - [BUG] transparent proxy address was ignored in backend
    - [BUG] hot reconfiguration failed because of a wrong error check
    - [DOC] big update to the configuration manual
    - [DOC] large update to the configuration manual
    - [DOC] document more options
    - [BUILD] major rework of the GNU Makefile
    - [STATS] add support for "show info" on the unix socket
    - [DOC] document options forwardfor to logasap
    - [MINOR] add support for the "backlog" parameter
    - [OPTIM] introduce global parameter "tune.maxaccept"
    - [MEDIUM] introduce "timeout http-request" in frontends
    - [MINOR] tarpit timeout is also allowed in backends
    - [BUG] increment server connections for each connect()
    - [MEDIUM] add a turn-around state of one second after a connection failure
    - [BUG] fix typo in redispatched connection
    - [DOC] document options nolinger to ssl-hello-chk
    - [DOC] added documentation for "option tcplog" to "use_backend"
    - [BUG] connect_server: server might not exist when sending error report
    - [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
    - [MEDIUM] add non-local bind to connect() on Linux
    - [MINOR] add transparent proxy support for balabit's Tproxy v4
    - [BUG] use backend's source and not server's source with tproxy
    - [BUG] fix overlapping server flags
    - [MEDIUM] fix server health checks source address selection
    - [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
    - [DOC] added "server", "source" and "stats" keywords
    - [DOC] all server parameters have been documented
    - [DOC] document all req* and rsp* keywords.
    - [DOC] added documentation about HTTP header manipulations
    - [BUG] log response byte count, not request
    - [BUILD] code did not build in full debug mode
    - [BUG] fix truncated responses with sepoll
    - [MINOR] use s->frt_addr as the server's address in transparent proxy
    - [MINOR] fix configuration hint about timeouts
    - [DOC] minor cleanup of the doc and notice to contributors
    - [MINOR] report correct section type for unknown keywords.
    - [BUILD] update MacOS Makefile to build on newer versions
    - [DOC] fix erroneous "useallbackups" option in the doc
    - [DOC] applied small fixes from early readers
    - [MINOR] add configuration support for "redir" server keyword
    - [MEDIUM] completely implement the server redirection method
    - [TESTS] add a test case for the server redirection mechanism
    - [DOC] add a configuration entry for "server ... redir <prefix>"
    - [BUILD] backend.c and checks.c did not build without tproxy !
    - Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
    - [BUILD] backend.c and checks.c did not build without tproxy !
    - [OPTIM] used unsigned ints for HTTP state and message offsets
    - [OPTIM] GCC4's builtin_expect() is suboptimal
    - [BUG] failed conns were sometimes incremented in the frontend!
    - [BUG] timeout.check was not pre-set to eternity
    - [TESTS] add test-pollers.cfg to easily report pollers in use
    - [BUG] do not apply timeout.connect in checks if unset
    - [BUILD] ensure that makefile understands USE_DLMALLOC=1
    - [MINOR] silent gcc for a wrong warning
    - [CLEANUP] update .gitignore to ignore more temporary files
    - [CLEANUP] report dlmalloc's source path only if explictly specified
    - [BUG] str2sun could leak a small buffer in case of error during parsing
    - [BUG] option allbackups was not working anymore in roundrobin mode
    - [MAJOR] implementation of the "leastconn" load balancing algorithm
    - [BUILD] ensure that users don't build without setting the target anymore.
    - [DOC] document the leastconn LB algo
    - [MEDIUM] fix stats socket limitation to 16 kB
    - [DOC] fix unescaped space in httpchk example.
    - [BUG] fix double-decrement of server connections
    - [TESTS] add a test case for port mapping
    - [TESTS] add a benchmark for integer hashing
    - [TESTS] add new methods in ip-hash test file
    - [MAJOR] implement parameter hashing for POST requests
2008-04-19 21:25:12 +02:00
matt.farnsworth@nokia.com
1c2ab96be5 [MAJOR] implement parameter hashing for POST requests
This patch extends the "url_param" load balancing method by introducing
the "check_post" option. Using this option enables analysis of the beginning
of POST requests to search for the specified URL parameter.

The patch also fixes a few minor typos in comments that were discovered
during code review.
2008-04-15 15:30:41 +02:00
Krzysztof Piotr Oledzki
25b501a6b1 [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
This patch extends a little previously added functionality to also
count retries and redispatches for servers. Now it is possible to know
which server causes redispatches as it is not always the same that takes
most retries.

While working with the code I found that redistribute_pending() does not increment
srv->redispatches && be->redispatches. I don't know how to test it but
I think the fix is correct. If not I can withdraw it.

I also extended logs to show how many retries were done and if redispatching
was necessary ('+'). I'm using an additional session flag SN_REDISP to match
redispatched connections. I had to rearrange all defines in session.h to make
more room for it.

The documentation about logs was also fixed a little (sorry, english only),
as current version uses totally different format. BTW: examples are still
outdated, maybe next time...

Finally, I changed %d -> %u for retries/redispatches as those variables
are declared as unsigned.
2008-01-06 16:43:05 +01:00
Willy Tarreau
befdff11aa [DOC] add a bit of documentation about timers 2007-12-02 22:27:38 +01:00
Willy Tarreau
0173280bfa [MEDIUM] introduce the "url_param" balance method
Some applications do not have a strict persistence requirement, yet
it is still desirable for performance considerations, due to local
caches on the servers. For some reasons, there are some applications
which cannot rely on cookies, and for which the last resort is to use
a parameter passed in the URL.

The new 'url_param' balance method is there to solve this issue. It
accepts a parameter name which is looked up from the URL and which
is then hashed to select a server. If the parameter is not found,
then the round robin algorithm is used in order to provide a normal
load balancing across the servers for the first requests. It would
have been possible to use a source IP hash instead, but since such
applications are generally buried behind multiple levels of
reverse-proxies, it would not provide a good balance.

The doc has been updated, and two regression testing configurations
have been added.
2007-11-01 23:05:09 +01:00
Elijah Epifanov
acafc5f88c [MEDIUM] add support for "maxqueue" to limit server queue overload
This patch adds the "maxqueue" parameter to the server. This allows new
sessions to be immediately rebalanced when the server's queue is filled.
It's useful when session stickiness is just a performance boost (even a
huge one) but not a requirement.

This should only be used if session affinity isn't a hard functional
requirement but provides performance boost by keeping server-local
caches hot and compact).

Absence of 'maxqueue' option means unlimited queue. When queue gets filled
up to 'maxqueue' client session is moved from server-local queue to a global
one.
2007-10-25 20:15:38 +02:00
Alexandre Cassen
87ea548313 [MINOR] add the "nolinger" option to disable data lingering
The following patch will give the ability to tweak socket linger mode.
You can use this option with "option nolinger" inside fronted or backend
configuration declaration.

This will help in environments where lots of FIN_WAIT sockets are
encountered.
2007-10-15 09:33:06 +02:00
Willy Tarreau
10806d50da [DOC] fixed 2 typos in haproxy-en/fr
-st was indicated instead of -sf, and the pidfile was wrong.
2007-09-09 23:49:18 +02:00
Willy Tarreau
3f49b30284 [MEDIUM] errorfile: use a local file to feed error messages
It is now possible to read error messages from local files,
using the 'errorfile' keyword. Those files are read during
parsing, so there's no I/O involved. They make it possible
to return custom error messages with custom status and headers.
2007-06-11 00:29:26 +02:00
Willy Tarreau
ae8b796722 [MEDIUM] smarter integer comparison support in ACLs
ACLs now support operators such as 'eq', 'le', 'lt', 'ge' and 'gt'
in order to give more flexibility to the language. Because of this
change, the 'dst_limit' keyword changed to 'dst_conn' and now requires
either a range or a test such as 'dst_conn lt 1000' which is more
understandable.
2007-06-09 23:10:04 +02:00
Willy Tarreau
1db37710dc [MEDIUM] limit the number of events returned by *poll*
By default, epoll/kqueue used to return as many events as possible.
This could sometimes cause huge latencies (latencies of up to 400 ms
have been observed with many thousands of fds at once). Limiting the
number of events returned also reduces the latency by avoiding too
many blind processing. The value is set to 200 by default and can be
changed in the global section using the tune.maxpollevents parameter.
2007-06-03 17:16:49 +02:00
Willy Tarreau
726c2bf645 [DOC] add some documentation about ACLs
Minimal documentation about ACLs
2007-05-09 01:31:45 +02:00
Willy Tarreau
23677908dd [MEDIUM] implement SMTP health checks
Peter van Dijk contributed this patch which implements the "smtpchk"
option, which is to SMTP what "httpchk" is to HTTP. By default, it sends
"HELO localhost" to the servers, and waits for the 250 message, but it
can also send a specific request.
2007-05-08 23:50:35 +02:00
Willy Tarreau
2fcb500481 [MEDIUM] implement the URI hash algorithm
Guillaume Dallaire contributed the URI hashing algorithm for
use with proxy-caches. It provides the advantage of optimizing
the cache hit rate.
2007-05-08 14:05:27 +02:00
Willy Tarreau
de99e99ecf [MAJOR] introduced speculative I/O with epoll()
The principle behind speculative I/O is to speculatively try to
perform I/O before registering the events in the system. This
considerably reduces the number of calls to epoll_ctl() and
sometimes even epoll_wait(), and manages to increase overall
performance by about 10%.

The new poller has been called "sepoll". It is used by default
on Linux when it works. A corresponding option "nosepoll" and
the command line argument "-ds" allow to disable it.
2007-04-16 00:53:59 +02:00
Willy Tarreau
2ea3abb7bf [MEDIUM] add support for health-checks on other addresses
Patch from Fabrice Dulaunoy. Explanation below, and script
merged in examples/.

This patch allow to put a different address in the check part for each
server (and not only a specific port)

I need this feature because I've a complex settings where, when a specific
farm goes down, I need to switch a set of other farm either if these other
farm behave perfectly well.

For that purpose, I've made a small PERL daemon with some REGEX or PORT
test which allow me to test a bunch of thing.
2007-03-25 16:45:16 +02:00
Willy Tarreau
7ac51f61f5 [MEDIUM] add the "except" keyword to the "forwardfor" option
Patch from Bryan Germann for 1.2.17.
In some circumstances, it is useful not to add the X-Forwarded-For
header, for instance when the client is another reverse-proxy or
stunnel running on the same machine and which already adds it. This
patch adds the "except" keyword to the "forwardfor" option, allowing
to specify an address or network which will not be added to this
header.
2007-03-25 16:00:04 +02:00
Willy Tarreau
95c20aca35 [MEDIUM] add user/groupname support
Patch from Marcus Rueckert for 1.2.17 :
 "I added the attached patch to haproxy. I don't have a static uid/gid for
  haproxy so i need to specify the username/groupname to run it as non
  root user."
2007-03-25 15:39:23 +02:00
Willy Tarreau
08fa2e37fd [MINOR] tarpit: close the connection if the client closes.
There's no point at maintaining an open tarpitted connection
if the client has left.
2006-09-03 10:47:37 +02:00
Willy Tarreau
2272dc14bb [DOC] add docs and examples of tarpit configuration 2006-09-03 10:19:38 +02:00
Willy Tarreau
8f2b855ab2 [RELEASE] released 1.3.1 after resyncing with 1.2.15
Released 1.3.1 with the following changes from 1.2.15 :
   - now, haproxy warns about missing timeout during startup to try to
     eliminate all those buggy configurations.
   - added "Content-Type: text/html" in responses wherever appropriate, as
     suggested by Cameron Simpson.
   - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
     test server's health
   - implemented "monitor-uri" so that haproxy can reply to a specific URI with
     an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
     at once.
2006-07-09 17:11:39 +02:00
Willy Tarreau
1c47f85292 [MEDIUM] implemented the 'monitor-uri' keyword.
It is used to test haproxy's status with an HTTP request to which
it will reply with HTTP/1.0 200 OK.
2006-07-09 17:01:40 +02:00
Willy Tarreau
f3c692090e [MEDIUM] implement 'option ssl-hello-chk' to use CLIENT HELLO health checks.
This makes it possible to relay SSL connections in pure TCP instances while
ensuring the remote end really receives our data eventhough intermediate
agents (firewalls, proxies, ...) might acknowledge the connection.
2006-07-09 16:42:34 +02:00
Willy Tarreau
94b4591f20 [DOC] renamed 'haproxy' instead of 'ha-proxy' or 'h a p r o x y'
File indexation systems (including search engines) did not read
'haproxy' when needed, which made it more difficult to find the
doc on the net.
2006-05-31 06:40:15 +02:00
willy tarreau
7e6328df2a [RELEASE] released 1.2.14
Released 1.2.14 with the following changes :

   - new HTML status report with the 'stats' keyword.
   - added the 'abortonclose' option to better resist traffic surges
   - implemented dynamic traffic regulation with the 'minconn' option
   - show request time on denied requests
   - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
   - now a proxy instance is allowed to run without servers, which is
     useful to dedicate one instance to stats
   - added lots of error counters
   - a missing parenthesis preventd matching of cacheable cookies
   - a missing parenthesis in poll_loop() might have caused missed events.
2006-05-21 23:26:20 +02:00
willy tarreau
d4ba08d7ca [DOC] add some informations about 'stats' and 'option httpclose'. 2006-05-21 21:54:14 +02:00
willy tarreau
052c15dbe6 Merge branch 'abort-close' into merge 2006-05-21 21:43:58 +02:00
willy tarreau
481132e07c [DOC] documented the 'stats' parameter. 2006-05-21 21:43:10 +02:00
willy tarreau
12e0212448 Merge branch 'minconn' into abort-close 2006-05-21 21:11:03 +02:00
willy tarreau
f76e6cad83 [MAJOR] implemented the 'minconn' server parameter for dynamic load regulation
When 'minconn' is set, the number of simultaneous sessions sent to the server
will be limited by a dynamic value depending on the global load on the
instance itself. The principle is to fix the maximal concurrency on the server
proportionnally to the instance's usage relative to its maxconn, with a minimum
fixed to <minconn>. The formula for the number of simultaneous sessions sent
to the server is then max(srv_minconn, srv_maxconn*px_conn/px_maxconn). This
helps unloading the servers when the load is very low.
2006-05-21 21:09:55 +02:00
willy tarreau
e0bdd62128 [DOC] documented the 'abortonclose' option 2006-05-21 20:51:54 +02:00
willy tarreau
532bb554aa [DOC] update documentation to explain the server's maxconn 2006-05-13 18:40:37 +02:00
willy tarreau
078c79a009 [MINOR] make logs more accurate about expiration and close during queue. 2006-05-13 12:23:58 +02:00
willy tarreau
34f4530c3a [doc] updated english and french docs with source and weight options. 2006-04-15 21:37:14 +02:00
Willy TARREAU
767ba71444 * the default 'httpclose' option only sets the 'Connection:' headers
to 'close', but does not actually close any connection. The problem
  is, there are some servers which don't close the connection even if
  the proxy tells them 'Connection: close'. A workaround was added by
  the way of a new option 'forceclose' (which implies 'httpclose'),
  and which makes the proxy close the outgoing channel to the server
  once it has sent all its headers. Just don't use this with the
  'CONNECT' method of course !
2006-03-01 22:40:50 +01:00
Willy TARREAU
3481c46368 * there was a bug in the way the backup servers were handled. They
were erroneously load-balanced while the doc said the opposite.
  Since load-balanced backup servers is one of the features some
  people have been asking for, the problem was fixed to reflect the
  documented behaviour and a new option 'allbackups' was introduced
  to provide the feature to those who need it.
2006-03-01 22:37:57 +01:00
willy tarreau
065f1c0798 * bumped version to 1.2.8 and updated CHANGELOG accordingly 2006-01-29 22:10:07 +01:00
willy tarreau
39df2dc8fc * fixed version references in documentation 2006-01-29 21:56:05 +01:00
willy tarreau
22739efb4a * Documentation about the hot-reconfiguration mechanism. 2006-01-29 21:40:41 +01:00
willy tarreau
b952e1db84 * released 1.2.7rc (1.1.33rc)
* second batch of socklen_t changes.
* clean-ups from Cameron Simpson.
* because tv_remain() does not know about eternity, using no timeout can
  make select() spin around a null time-out. Bug reported by Cameron Simpson.
* client read timeout was not properly set to eternity initialized after an
  accept() if it was not set in the config. It remained undetected so long
  because eternity is 0 and newly allocated pages are zeroed by the system.
* do not call get_original_dst() when not in transparent mode.
* implemented a workaround for a bug in certain epoll() implementations on
  linux-2.4 kernels (epoll-lt <= 0.21).
* implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
2005-12-18 01:31:20 +01:00
willy tarreau
c5f73ed21c * released 1.2.6
* clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
2005-12-18 01:26:38 +01:00
willy tarreau
64a3cc3660 * released 1.2.5 (1.1.31)
* changed the runtime argument to disable epoll() to '-de'
* changed the runtime argument to disable poll() to '-dp'
* added global options 'nopoll' and 'noepoll' to do the same at the
  configuration level.
* added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
  support epoll().
* changed default FD_SETSIZE to 65536 on Solaris (default=1024)
* conditionned signals redirection to #ifdef DEBUG_MEMORY
2005-12-18 01:13:11 +01:00
willy tarreau
c1f4753d60 * released 1.2.5-pre2
* implemented the HTTP 303 code for error redirection. This forces the
  browser to fetch the given URI with a GET request. The new keyword for
  this is 'errorloc303', and a new 'errorloc302' keyword has been created
  to make them easily distinguishable.
* added more controls in the parser for valid use of '\x' sequence.
* few fixes from Alex & Klaus
* fixed a few errors in the documentation
* do not pre-initialize unused file-descriptors before select() anymore.
2005-12-18 01:08:26 +01:00
willy tarreau
598da41537 * released 1.2.5-pre1
* build fixes for appsession
* documentation for appsession
2005-12-18 01:07:29 +01:00
willy tarreau
0174f319a2 * released 1.2.3 (1.1.30)
* add an architecture guide to the documentation
* released without any changes
* increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
  compatible with Apache. This limit can be configured in the makefile now.
  Thanks to Eric Fehr for the checks.
* added a per-server "source" option which now makes it possible to bind to
  a different source for each (potentially identical) server.
* changed cookie-based server selection slightly to allow several servers to
  share a same cookie, thus making it possible to associate backup servers to
  live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
* added the cookie 'prefix' mode which makes it possible to use persistence
  with thin clients which support only one cookie. The server name is prefixed
  before the application cookie, and restore back.
* fixed the order of servers within an instance to match documentation. Now
  the servers are *really* used in the order of their declaration. This is
  particularly important when multiple backup servers are in use.
2005-12-18 01:02:42 +01:00
willy tarreau
4302f49525 * released 1.2.2 (1.1.29)
* fixed a bug where a TCP connection would be logged twice if the 'logasap'
  option was enabled without the 'tcplog' option.
* encode_string() would use hdr_encode_map instead of the map argument.
* the logged request is now encoded with '#XX' for unprintable characters
* new keywords 'capture request header' and 'capture response header' enable
  logging of arbitrary HTTP headers in requests and responses
* removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
2005-12-18 01:00:37 +01:00
willy tarreau
982249e9e7 * released 1.2.1 (1.1.28)
* added the '-V' command line option to verbosely report errors even though
  the -q or 'quiet' options are specified. This is useful with '-c'.
* added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
* added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
  information leak from servers.
* more examples added into the configuration
2005-12-18 00:57:06 +01:00
willy tarreau
fe2c5c147b * released 1.1.27
* the configurable HTTP health check introduced in 1.1.23 revealed a shameful
  bug : the code still assumed that HTTP requests were the same size as the
  original ones (22 bytes), and failed if they were not.
* added support for pidfiles.
2005-12-17 14:14:34 +01:00