RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-02-22 21:56:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
82569f9158
haproxy/doc
History
Willy Tarreau 82569f9158 MEDIUM: monitor: simplify handling of monitor-net and mode health 
We were having several different behaviours with monitor-net and
"mode health" :
  - monitor-net on TCP connections was evaluated just after accept(),
    did not count a connection on the frontend and were not subject
    to tcp-request connection rules, and caused an immediate close().

  - monitor-net in HTTP mode was evaluated once the session was
    accepted (eg: on top of SSL), returned "HTTP/1.0 200 OK\r\n\r\n"
    over the connection's data layer and instanciated a session which
    was responsible for closing this connection. A connection AND a
    session were counted for the frontend ;

  - "mode health" with "option httpchk" would do exactly the same as
    monitor-net in HTTP mode ;

  - "mode health" without "option httpchk" would do the same as above
    except that "OK" was returned instead of "HTTP/1.0 200 OK\r\n\r\n".

None of them took care of cleaning the input buffer, sometimes resulting
in a TCP reset to be emitted after the last packet if a request was received
over the connection.

Given the inconsistencies and the complexity in keeping all these features
handled at the right position, we now slightly changed the way they are
handled :

  - all of them are handled just after the "tcp-request connection" rules,
    so that all of them may be blocked using such rules, offering more
    flexibility and consistency ;

  - no connection handshake is performed anymore for non-TCP modes

  - all of them send the response as raw data over the socket, there is no
    more difference between TCP and HTTP mode for example (these rules were
    never meant to be served over SSL connections and were never documented
    as able to do that).

  - any possible pending data on the incoming socket is drained before the
    response is sent, in order to avoid the risk of a reset.

  - none of them exactly did what was documented !

This results in more consistent, more flexible and more accurate handling of
monitor rules, with smaller and more robust code.
2012-09-28 00:01:22 +02:00
..
design-thoughts DOC: add a diagram to explain how circular buffers work 2012-04-30 11:57:00 +02:00
internals DOC: add a diagram to explain how circular buffers work 2012-04-30 11:57:00 +02:00
acl.fig [DOC] add diagrams of queuing and future ACL design 2009-02-22 16:46:38 +01:00
architecture.txt MINOR: patch for minor typo (ressources/resources) 2012-03-21 07:54:41 +01:00
close-options.txt [DOC] add a few old and uncommitted docs 2011-09-05 01:04:44 +02:00
coding-style.txt DOC: add a coding-style file 2011-12-30 17:33:27 +01:00
configuration.txt MEDIUM: monitor: simplify handling of monitor-net and mode health 2012-09-28 00:01:22 +02:00
cookie-options.txt [DOC] add a few old and uncommitted docs 2011-09-05 01:04:44 +02:00
gpl.txt [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
haproxy-en.txt DOC: fix name for "option independant-streams" 2012-09-02 21:51:07 +02:00
haproxy-fr.txt [DOC] point to 1.4 doc, not 1.3 2009-10-14 22:22:03 +02:00
haproxy.1 [DOC] trivial fix for man page 2009-10-14 21:12:39 +02:00
lgpl.txt [LICENSE] licensing clarifications 2006-06-15 21:48:13 +02:00
proxy-protocol.txt [DOC] update the spec on the proxy protocol 2011-03-20 11:53:50 +01:00
queuing.fig [DOC] add diagrams of queuing and future ACL design 2009-02-22 16:46:38 +01:00