Commit Graph

1499 Commits

Author SHA1 Message Date
Willy Tarreau
1c47f85292 [MEDIUM] implemented the 'monitor-uri' keyword.
It is used to test haproxy's status with an HTTP request to which
it will reply with HTTP/1.0 200 OK.
2006-07-09 17:01:40 +02:00
Willy Tarreau
f3c692090e [MEDIUM] implement 'option ssl-hello-chk' to use CLIENT HELLO health checks.
This makes it possible to relay SSL connections in pure TCP instances while
ensuring the remote end really receives our data eventhough intermediate
agents (firewalls, proxies, ...) might acknowledge the connection.
2006-07-09 16:42:34 +02:00
Willy Tarreau
baaee00406 [BIGMOVE] exploded the monolithic haproxy.c file into multiple files.
The files are now stored under :
  - include/haproxy for the generic includes
  - include/types.h for the structures needed within prototypes
  - include/proto.h for function prototypes and inline functions
  - src/*.c for the C files

Most include files are now covered by LGPL. A last move still needs
to be done to put inline functions under GPL and not LGPL.

Version has been set to 1.3.0 in the code but some control still
needs to be done before releasing.
2006-06-26 02:48:02 +02:00
Willy TARREAU
3dc0644167 [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
Willy Tarreau
94b4591f20 [DOC] renamed 'haproxy' instead of 'ha-proxy' or 'h a p r o x y'
File indexation systems (including search engines) did not read
'haproxy' when needed, which made it more difficult to find the
doc on the net.
2006-05-31 06:40:15 +02:00
willy tarreau
7e6328df2a [RELEASE] released 1.2.14
Released 1.2.14 with the following changes :

   - new HTML status report with the 'stats' keyword.
   - added the 'abortonclose' option to better resist traffic surges
   - implemented dynamic traffic regulation with the 'minconn' option
   - show request time on denied requests
   - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
   - now a proxy instance is allowed to run without servers, which is
     useful to dedicate one instance to stats
   - added lots of error counters
   - a missing parenthesis preventd matching of cacheable cookies
   - a missing parenthesis in poll_loop() might have caused missed events.
2006-05-21 23:26:20 +02:00
willy tarreau
8f635a4feb [DOC] french doc update 2006-05-21 23:05:54 +02:00
willy tarreau
d4ba08d7ca [DOC] add some informations about 'stats' and 'option httpclose'. 2006-05-21 21:54:14 +02:00
willy tarreau
052c15dbe6 Merge branch 'abort-close' into merge 2006-05-21 21:43:58 +02:00
willy tarreau
481132e07c [DOC] documented the 'stats' parameter. 2006-05-21 21:43:10 +02:00
willy tarreau
12e0212448 Merge branch 'minconn' into abort-close 2006-05-21 21:11:03 +02:00
willy tarreau
f76e6cad83 [MAJOR] implemented the 'minconn' server parameter for dynamic load regulation
When 'minconn' is set, the number of simultaneous sessions sent to the server
will be limited by a dynamic value depending on the global load on the
instance itself. The principle is to fix the maximal concurrency on the server
proportionnally to the instance's usage relative to its maxconn, with a minimum
fixed to <minconn>. The formula for the number of simultaneous sessions sent
to the server is then max(srv_minconn, srv_maxconn*px_conn/px_maxconn). This
helps unloading the servers when the load is very low.
2006-05-21 21:09:55 +02:00
willy tarreau
e0bdd62128 [DOC] documented the 'abortonclose' option 2006-05-21 20:51:54 +02:00
willy tarreau
532bb554aa [DOC] update documentation to explain the server's maxconn 2006-05-13 18:40:37 +02:00
willy tarreau
078c79a009 [MINOR] make logs more accurate about expiration and close during queue. 2006-05-13 12:23:58 +02:00
willy tarreau
34f4530c3a [doc] updated english and french docs with source and weight options. 2006-04-15 21:37:14 +02:00
Willy TARREAU
767ba71444 * the default 'httpclose' option only sets the 'Connection:' headers
to 'close', but does not actually close any connection. The problem
  is, there are some servers which don't close the connection even if
  the proxy tells them 'Connection: close'. A workaround was added by
  the way of a new option 'forceclose' (which implies 'httpclose'),
  and which makes the proxy close the outgoing channel to the server
  once it has sent all its headers. Just don't use this with the
  'CONNECT' method of course !
2006-03-01 22:40:50 +01:00
Willy TARREAU
3481c46368 * there was a bug in the way the backup servers were handled. They
were erroneously load-balanced while the doc said the opposite.
  Since load-balanced backup servers is one of the features some
  people have been asking for, the problem was fixed to reflect the
  documented behaviour and a new option 'allbackups' was introduced
  to provide the feature to those who need it.
2006-03-01 22:37:57 +01:00
willy tarreau
065f1c0798 * bumped version to 1.2.8 and updated CHANGELOG accordingly 2006-01-29 22:10:07 +01:00
willy tarreau
39df2dc8fc * fixed version references in documentation 2006-01-29 21:56:05 +01:00
willy tarreau
22739efb4a * Documentation about the hot-reconfiguration mechanism. 2006-01-29 21:40:41 +01:00
willy tarreau
b952e1db84 * released 1.2.7rc (1.1.33rc)
* second batch of socklen_t changes.
* clean-ups from Cameron Simpson.
* because tv_remain() does not know about eternity, using no timeout can
  make select() spin around a null time-out. Bug reported by Cameron Simpson.
* client read timeout was not properly set to eternity initialized after an
  accept() if it was not set in the config. It remained undetected so long
  because eternity is 0 and newly allocated pages are zeroed by the system.
* do not call get_original_dst() when not in transparent mode.
* implemented a workaround for a bug in certain epoll() implementations on
  linux-2.4 kernels (epoll-lt <= 0.21).
* implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
2005-12-18 01:31:20 +01:00
willy tarreau
c5f73ed21c * released 1.2.6
* clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
2005-12-18 01:26:38 +01:00
willy tarreau
64a3cc3660 * released 1.2.5 (1.1.31)
* changed the runtime argument to disable epoll() to '-de'
* changed the runtime argument to disable poll() to '-dp'
* added global options 'nopoll' and 'noepoll' to do the same at the
  configuration level.
* added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
  support epoll().
* changed default FD_SETSIZE to 65536 on Solaris (default=1024)
* conditionned signals redirection to #ifdef DEBUG_MEMORY
2005-12-18 01:13:11 +01:00
willy tarreau
c1f4753d60 * released 1.2.5-pre2
* implemented the HTTP 303 code for error redirection. This forces the
  browser to fetch the given URI with a GET request. The new keyword for
  this is 'errorloc303', and a new 'errorloc302' keyword has been created
  to make them easily distinguishable.
* added more controls in the parser for valid use of '\x' sequence.
* few fixes from Alex & Klaus
* fixed a few errors in the documentation
* do not pre-initialize unused file-descriptors before select() anymore.
2005-12-18 01:08:26 +01:00
willy tarreau
598da41537 * released 1.2.5-pre1
* build fixes for appsession
* documentation for appsession
2005-12-18 01:07:29 +01:00
willy tarreau
0174f319a2 * released 1.2.3 (1.1.30)
* add an architecture guide to the documentation
* released without any changes
* increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
  compatible with Apache. This limit can be configured in the makefile now.
  Thanks to Eric Fehr for the checks.
* added a per-server "source" option which now makes it possible to bind to
  a different source for each (potentially identical) server.
* changed cookie-based server selection slightly to allow several servers to
  share a same cookie, thus making it possible to associate backup servers to
  live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
* added the cookie 'prefix' mode which makes it possible to use persistence
  with thin clients which support only one cookie. The server name is prefixed
  before the application cookie, and restore back.
* fixed the order of servers within an instance to match documentation. Now
  the servers are *really* used in the order of their declaration. This is
  particularly important when multiple backup servers are in use.
2005-12-18 01:02:42 +01:00
willy tarreau
4302f49525 * released 1.2.2 (1.1.29)
* fixed a bug where a TCP connection would be logged twice if the 'logasap'
  option was enabled without the 'tcplog' option.
* encode_string() would use hdr_encode_map instead of the map argument.
* the logged request is now encoded with '#XX' for unprintable characters
* new keywords 'capture request header' and 'capture response header' enable
  logging of arbitrary HTTP headers in requests and responses
* removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
2005-12-18 01:00:37 +01:00
willy tarreau
982249e9e7 * released 1.2.1 (1.1.28)
* added the '-V' command line option to verbosely report errors even though
  the -q or 'quiet' options are specified. This is useful with '-c'.
* added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
* added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
  information leak from servers.
* more examples added into the configuration
2005-12-18 00:57:06 +01:00
willy tarreau
fe2c5c147b * released 1.1.27
* the configurable HTTP health check introduced in 1.1.23 revealed a shameful
  bug : the code still assumed that HTTP requests were the same size as the
  original ones (22 bytes), and failed if they were not.
* added support for pidfiles.
2005-12-17 14:14:34 +01:00
willy tarreau
c1cae63922 * released 1.1.25
* added the 'tcplog' option, which provides enhanced, HTTP-like logs for
  generic TCP proxies, or lighter logs for HTTP proxies.
* fixed a time-out condition wrongly reported as client time-out in data
  phase if the client timeout was lower than the connect timeout times the
  number of retries.
* doc: added some precisions about the log timers
2005-12-17 14:12:23 +01:00
willy tarreau
197e8ec2c3 * released 1.1.24
* if a client sent a full request then shut its write connection down, then
  the request was aborted. This case was detected only when using haproxy
  both as health-check client and as a server.
* if 'option httpchk' is used in a 'health' mode server, then responses will
  change from 'OK' to 'HTTP/1.0 200 OK'.
* fixed a Linux-only bug in case of HTTP server health-checks, where a single
  server response followed by a close could be ignored, and the server seen
  as failed.
* renamed 'haproxy.txt' to 'haproxy-fr.txt'
* large documentation and examples cleanups
2005-12-17 14:10:59 +01:00
willy tarreau
eedaa9f220 * released 1.1.23
* fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
  'default' sections to keep previous parameters, and not initialize logs
  correctly.
* fixed a second stupid bug introduced in 1.1.22 which caused configurations
  relying on 'dispatch' mode to segfault at the first connection.
* 'option httpchk' now supports method, HTTP version and a few headers.
* now, 'option httpchk', 'cookie' and 'capture' can be specified in
  'defaults' section
* a fresh new english documentation
* large Makefile cleanup for increased portability
* new build script 'build.cfg' for Formilux-0.1.8
* new startup script 'init.haproxy.flx0' for Formilux-0.1.8
2005-12-17 14:08:03 +01:00
willy tarreau
a41a8b4ee6 * released 1.1.22
* 'listen' now supports optionnal address:port-range lists
* 'bind' introduced to add new listen addresses
* fixed a bug which caused a session to be kept established on a server till
  it timed out if the client closed during the DATA phase.
* the port part of each server address can now be empty to make the proxy
  connect to the server on the same port it was connected to, be an absolute
  unsigned number to reflect a single port (as in older versions), or an
  explicitly signed number (+N/-N) to indicate that this offset must be
  applied to the port the proxy was connected to, when connecting to the
  server.
* the 'port' server option allows the user to specify a different
  health-check port than the service one. It is mandatory when only relative
  ports have been specified and check is required. By default, the checks are
  sent to the service port.
* new 'defaults' section which is rather similar to 'listen' except that all
  values are only used as default values for future 'listen' sections, until
  a new 'defaults' resets them. At the moment, server options, regexes,
  cookie names and captures cannot be set in the 'defaults' section.
* Makefile now optimizes for Ultrasparc by default on Solaris/Sparc
* large documentation updates and fixes
* new 'tests' directory with some debug files
2005-12-17 14:02:24 +01:00
willy tarreau
2f6ba6579f * released 1.1.21
* changed the debug output format so that it now includes the session unique
  ID followed by the instance name at the beginning of each line.
* in debug mode, accept now shows the client's IP and port.
* added one 3 small debugging scripts to search and pretty print debug output
* changed the default health check request to "OPTIONS /" instead of
  "OPTIONS *" since not all servers implement the later one.
* "option httpchk" now accepts an optional parameter allowing the user to
  specify and URI other than '/' during health-checks.
* made Makefile more robust to pcre-config errors
* added 3 new pretty-print scripts : debug2ansi, debug2html and debugfind
* upgraded Formilux package to haproxy-1.1.21-flx.1.pkg
* removed the now obsolete haproxy2html.sh
2005-12-17 13:57:42 +01:00
willy tarreau
036e1cef51 * released 1.1.18
* Haproxy can be compiled with PCRE regex instead of libc regex, by setting
  REGEX=pcre on the make command line.
* HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
* when explicit source address binding is required, it is now also used for
  health-checks.
* added 'reqpass' and 'reqipass' to allow certain headers but not the request
  itself.
* factored several strings to reduce binary size by about 2 kB.
* replaced setreuid() and setregid() with more standard setuid() and setgid().
* added 4 status flags to the log line indicating who ended the connection
  first, the sessions state, the validity of the cookie, and action taken on
  the set-cookie header.
* rearranged the changelog and removed it from haproxy.c
* large documentation updates
2005-12-17 13:46:33 +01:00
willy tarreau
8337c6b7bd * released 1.1.17
* add the notion of "backup" servers, which are used only when all other
  servers are down.
* make Set-Cookie return "" instead of "(null)" when the server has no
  cookie assigned (useful for backup servers).
* "log" now supports an optionnal level name (info, notice, err ...) above
  which nothing is sent.
* replaced some strncmp() with memcmp() for better efficiency.
* added "capture cookie" option which logs client and/or server cookies
* cleaned up/down messages and dump servers states upon SIGHUP
* added a redirection feature for errors : "errorloc <errnum> <url>"
* now we won't insist on connecting to a dead server, even with a cookie,
  unless option "persist" is specified.
* added HTTP/408 response for client request time-out and HTTP/50[234] for
  server reply time-out or errors.
* updates to the examples files
* added a 'do_status' command to the Formilux init script
2005-12-17 13:41:01 +01:00
willy tarreau
bc4e1fb68a * released 1.1.16
* implement HTTP health checks when option "httpchk" is specified.
* put the changelog into a new CHANGELOG file
* updated the Formilux init script
2005-12-17 13:32:07 +01:00
willy tarreau
cd87894af0 * released 1.1.14
* added "postonly" cookie mode
2005-12-17 13:27:43 +01:00
willy tarreau
240afa6d23 * released 1.1.11
* fixed multi-cookie handling in client request to allow clean deletion
  in insert+indirect mode. Now, only the server cookie is deleted and not
  all the header. Should now be compliant to RFC2109.
* added a "nocache" option to "cookie" to specify that we explicitly want
  to add a "cache-control" header when we add a cookie.
  It is also possible to add an "Expires: <old-date>" to keep compatibility
  with old/broken caches.
* some doc and examples cleanups
2005-12-17 13:14:35 +01:00
willy tarreau
96d4037194 * released 1.1.10
* if a cookie is used in insert+indirect mode, it's desirable that the
  the servers don't see it. It was not possible to remove it correctly
  with regexps, so now it's removed automatically.
2005-12-17 13:11:56 +01:00
willy tarreau
c29948c439 * released 1.1.9 : SECURITY FIX
* don't use snprintf()'s return value as an end of message since it may
  be larger. This caused bus errors and segfaults in internal libc's
  getenv() during localtime() in send_log().
* removed dead insecure send_syslog() function and all references to it.
* fixed warnings on Solaris due to buggy implementation of isXXXX().
2005-12-17 13:10:27 +01:00
willy tarreau
a159808bf2 * released 1.1.8
* option "dontlognull"
* fixed "double space" bug in config parser
* fixed an uninitialized server field in case of dispatch
  with no existing server which could cause a segfault during
  logging.
* the pid logged was always the father's, which was wrong for daemons.
* fixed wrong level "LOG_INFO" for message "proxy started".
* http logging is now complete :
  - ip:port, date, proxy, server
  - req_time, conn_time, hdr_time, tot_time
  - status, size, request
* source address binding
2005-12-17 13:08:06 +01:00
willy tarreau
535ae7aee2 * released 1.1.5
* connection logging displayed incorrect source address.
* added proxy start/stop and server up/down log events.
* replaced log message short buffers with larger trash.
* enlarged buffer to 8 kB and replace buffer to 4 kB.
* added a config.rc example for Formilux
* added a build script for Formilux
2005-12-17 12:58:00 +01:00
willy tarreau
e47c8d7279 * released 1.1.4
* made rise/fall/interval time configurable
2005-12-17 12:55:52 +01:00
willy tarreau
b719f009c6 * released 1.1.3
* added a script to tune the network stack
* fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
  which could lead to loops.
2005-12-17 12:55:07 +01:00
willy tarreau
efae1847c3 * released 1.1.1
* fixed a bug in total failure handling
* fixed a bug in timestamp comparison within same second (tv_cmp_ms)
2005-12-17 12:51:03 +01:00
willy tarreau
5cbea6fd41 * released 1.1.0
* added OpenBSD, Linux-2.2 and Linux-2.4 targets to the Makefile
* added a Formilux init script
* fixed a few timeout bugs
* rearranged the task scheduler subsystem to improve performance,
  add new tasks, and make it easier to later port to librt ;
* allow multiple accept() for one select() wake up ;
* implemented internal load balancing with basic health-check ;
* cookie insertion and header add/replace/delete, with better strings
  support.
* reworked buffer handling to fix a few rewrite bugs, and
  improve overall performance.
* implement the "purge" option to delete server cookies in direct mode.
* fixed some error cases where the maxfd was not decreased.
* now supports transparent proxying, at least on linux 2.4.
* soft stop works again (fixed select timeout computation).
* it seems that TCP proxies sometimes cannot timeout.
* added a "quiet" mode.
* enforce file descriptor limitation on socket() and accept().
2005-12-17 12:48:26 +01:00
willy tarreau
0f7af91265 * initial commit of version 1.0.0 2005-12-17 12:21:26 +01:00