haproxy/doc/peers.txt

460 lines
19 KiB
Plaintext

+--------------------+
| Peers protocol 2.1 |
+--------------------+
Peers protocol has been implemented over TCP. Its aim is to transmit
stick-table entries information between several haproxy processes.
This protocol is symmetrical. This means that at any time, each peer
may connect to other peers they have been configured for, so that to send
their last stick-table updates. There is no role of client or server in this
protocol. As peers may connect to each others at the same time, the protocol
ensures that only one peer session may stay opened between a couple of peers
before they start sending their stick-table information, possibly in both
directions (or not).
Handshake
+++++++++
Just after having connected to another one, a peer must identified itself
and identify the remote peer, sending a "hello" message. The remote peer
replies with a "status" message.
A "hello" message is made of three lines terminated by a line feed character
as follows:
<protocol identifier> <version>\n
<remote peer identifier>\n
<local peer identifier> <process ID> <relative process ID>\n
protocol identifier : HAProxyS
version : 2.1
remote peer identifier: the peer name this "hello" message is sent to.
local peer identifier : the name of the peer which sends this "hello" message.
process ID : the ID of the process handling this peer session.
relative process ID : the haproxy's relative process ID (0 if nbproc == 1).
The "status" message is made of a unique line terminated by a line feed
character as follows:
<status code>\n
with these values as status code (a three-digit number):
+-------------+---------------------------------+
| status code | signification |
+-------------+---------------------------------+
| 200 | Handshake succeeded |
+-------------+---------------------------------+
| 300 | Try again later |
+-------------+---------------------------------+
| 501 | Protocol error |
+-------------+---------------------------------+
| 502 | Bad version |
+-------------+---------------------------------+
| 503 | Local peer identifier mismatch |
+-------------+---------------------------------+
| 504 | Remote peer identifier mismatch |
+-------------+---------------------------------+
As the protocol is symmetrical, some peers may connect to each others at the
same time. For efficiency reasons, the protocol ensures there may be only
one TCP session opened after the handshake succeeded and before transmitting
any stick-table data information. In fact for each couple of peer, this is
the last connected peer which wins. Each time a peer A receives a "hello"
message from a peer B, peer A checks if it already managed to open a peer
session with peer B, so with a successful handshake. If it is the case,
peer A closes its peer session. So, this is the peer session opened by B
which stays opened.
Peer A Peer B
hello
---------------------->
status 200
<----------------------
hello
<++++++++++++++++++++++
TCP/FIN-ACK
---------------------->
TCP/FIN-ACK
<----------------------
status 200
++++++++++++++++++++++>
data
<++++++++++++++++++++++
data
++++++++++++++++++++++>
data
++++++++++++++++++++++>
data
<++++++++++++++++++++++
.
.
.
As it is still possible that a couple of peers decide to close both their
peer sessions at the same time, the protocol ensures peers will not reconnect
at the same time, adding a random delay (50 up to 2050 ms) before any
reconnection.
Encoding
++++++++
As some TCP data may be corrupted, for integrity reason, some data fields
are encoded at peer session level.
The following algorithms explain how to encode/decode the data.
encode:
input : val (64bits integer)
output: bitf (variable-length bitfield)
if val has no bit set above bit 4 (or if val is less than 0xf0)
set the next byte of bitf to the value of val
return bitf
set the next byte of bitf to the value of val OR'ed with 0xf0
subtract 0xf0 from val
right shift val by 4
while val bit 7 is set (or if val is greater or equal to 0x80):
set the next byte of bitf to the value of the byte made of the last
7 bits of val OR'ed with 0x80
subtract 0x80 from val
right shift val by 7
set the next byte of bitf to the value of val
return bitf
decode:
input : bitf (variable-length bitfield)
output: val (64bits integer)
set val to the value of the first byte of bitf
if bit 4 up to 7 of val are not set
return val
set loop to 0
do
add to val the value of the next byte of bitf left shifted by (4 + 7*loop)
set loop to (loop + 1)
while the bit 7 of the next byte of bitf is set
return val
Example:
let's say that we must encode 0x1234.
"set the next byte of bitf to the value of val OR'ed with 0xf0"
=> bitf[0] = (0x1234 | 0xf0) & 0xff = 0xf4
"subtract 0xf0 from val"
=> val = 0x1144
right shift val by 4
=> val = 0x114
"set the next byte of bitf to the value of the byte made of the last
7 bits of val OR'ed with 0x80"
=> bitf[1] = (0x114 | 0x80) & 0xff = 0x94
"subtract 0x80 from val"
=> val= 0x94
"right shift val by 7"
=> val = 0x1
=> bitf[2] = 0x1
So, the encoded value of 0x1234 is 0xf49401.
To decode this value:
"set val to the value of the first byte of bitf"
=> val = 0xf4
"add to val the value of the next byte of bitf left shifted by 4"
=> val = 0xf4 + (0x94 << 4) = 0xf4 + 0x940 = 0xa34
"add to val the value of the next byte of bitf left shifted by (4 + 7)"
=> val = 0xa34 + (0x01 << 11) = 0xa34 + 0x800 = 0x1234
Messages
++++++++
*** General ***
After the handshake has successfully completed, peers are authorized to send
some messages to each others, possibly in both direction.
All the messages are made at least of a two bytes length header.
The first byte of this header identifies the class of the message. The next
byte identifies the type of message in the class.
Some of these messages are variable-length. Others have a fixed size.
Variable-length messages are identified by the value of the message type
byte. For such messages, it is greater than or equal to 128.
All variable-length message headers must be followed by the encoded length
of the remaining bytes (so the encoded length of the message minus 2 bytes
for the header and minus the length of the encoded length).
There exist four classes of messages:
+------------+---------------------+--------------+
| class byte | signification | message size |
+------------+---------------------+--------------+
| 0 | control | fixed (2) |
+------------+---------------------+--------------|
| 1 | error | fixed (2) |
+------------+---------------------+--------------|
| 10 | stick-table updates | variable |
+------------+---------------------+--------------|
| 255 | reserved | |
+------------+---------------------+--------------+
At this time of this writing, only control and error messages have a fixed
size of two bytes (header only). The stick-table updates messages are all
variable-length (their message type bytes are greater than 128).
*** Control message class ***
At this time of writing, control messages are fixed-length messages used
only to control the synchonrizations between local and/or remote processes.
There exist four types of such control messages:
+------------+--------------------------------------------------------+
| type byte | signification |
+------------+--------------------------------------------------------+
| 0 | synchronisation request: ask a remote peer for a full |
| | synchronization |
+------------+--------------------------------------------------------+
| 1 | synchronization finished: signal a remote peer that |
| | local updates have been pushed and local is considered |
| | up to date. |
+------------+--------------------------------------------------------+
| 2 | synchronization partial: signal a remote peer that |
| | local updates have been pushed and local is not |
| | considered up to date. |
+------------+--------------------------------------------------------+
| 3 | synchronization confirmed: acknowledge a finished or |
| | partial synchronization message. |
+------------+--------------------------------------------------------+
*** Error message class ***
There exits two types of such error messages:
+-----------+------------------+
| type byte | signification |
+-----------+------------------+
| 0 | protocol error |
+-----------+------------------+
| 1 | size limit error |
+-----------+------------------+
*** Stick-table update message class ***
This class is the more important one because it is in relation with the
stick-table entries handling between peers which is at the core of peers
protocol.
All the messages of this class are variable-length. Their type bytes are
all greater than or equal to 128.
There exits five types of such stick-table update messages:
+-----------+--------------------------------+
| type byte | signification |
+-----------+--------------------------------+
| 128 | Entry update |
+-----------+--------------------------------+
| 129 | Incremental entry update |
+-----------+--------------------------------+
| 130 | Stick-table definition |
+-----------+--------------------------------+
| 131 | Stick-table switch (unused) |
+-----------+--------------------------------+
| 133 | Update message acknowledgement |
+-----------+--------------------------------+
Note that entry update messages may be multiplexed. This means that different
entry update messages for different stick-tables may be sent over the same
peer session.
To do so, each time entry update messages have to sent, they must be preceded
by a stick-table definition message. This remains true for incremental entry
update messages.
As its name indicate, "Update message acknowledgement" messages are used to
acknowledge the entry update messages.
In this following paragraph, we give some information about the format of
each stick-table update messages. This very simple following legend will
contribute in understanding it. The unit used is the octet.
XX
+-----------+
| foo | Unique fixed sized "foo" field, made of XX octets.
+-----------+
+===========+
| foo | Variable-length "foo" field.
+===========+
+xxxxxxxxxxx+
| foo | Encoded variable-length "foo" field.
+xxxxxxxxxxx+
+###########+
| foo | hereunder described "foo" field.
+###########+
With this legend, all the stick-table update messages have such a header:
1 1
+--------------------+------------------------+xxxxxxxxxxxxxxxx+
| Message Class (10) | Message type (128-133) | Message length |
+--------------------+------------------------+xxxxxxxxxxxxxxxx+
Note that to help in making communicate different versions of peers protocol,
such stick-table update messages may be extended adding non mandatory
fields at the end of such messages, announcing a total message length
which is greater than the message length of the previous versions of
peers protocol. After having parsed such messages, the remaining ones
will be skipped to parse the next message.
- Definition message format:
Before sending entry update messages, a peer must announce the configuration
of the stick-table in relation with these messages thanks to a
"Stick-table definition" message with such a following format:
+xxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxx+==================+
| Stick-table ID | Stick-table name length | Stick-table name |
+xxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxx+==================+
+xxxxxxxxxxxx+xxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxx+
| Key type | Key length | Data types bitfield | Expiry |
+xxxxxxxxxxxx+xxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxx+
+xxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+
| Frequency counter #1 | Frequency counter #1 period |
+xxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+
+xxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+
| Frequency counter #2 | Frequency counter #2 period |
+xxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+
.
.
.
Note that "Stick-table ID" field is an encoded integer which is used to
identify the stick-table without using its name (or "Stick-table name"
field). It is local to the process handling the stick-table. So we can have
two peers attached to processes which generate stick-table updates for
the same stick-table (same name) but with different stick-table IDs.
Also note that the list of "Frequency counter #X" and their associated
periods fields exists only if their underlying types are already defined
in "Data types bitfield" field.
"Expiry" field and the remaining ones are not used by all the existing
version of haproxy peers. But they are MANDATORY, so that to make a
stick-table aggregator peer be able to autoconfigure itself.
- Entry update message format:
4
+-----------------+###########+############+
| Local update ID | Key | Data |
+-----------------+###########+############+
with "Key" described as follows:
+xxxxxxxxxxx+=======+
| length | value | if key type is (non null terminated) "string",
+xxxxxxxxxxx+=======+
4
+-------+
| value | if key type is "integer",
+-------+
+=======+
| value | for other key types: the size is announced in
+=======+ the previous stick-table definition message.
"Data" field is basically a list of encoded values for each type announced
by the "Data types bitfield" field of the previous "Stick-table definition"
message:
+xxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxx+ +xxxxxxxxxxxxxxxxxxxx+
| Data type #1 value | Data type #2 value | .... | Data type #n value |
+xxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxx+ +xxxxxxxxxxxxxxxxxxxx+
- Update message acknowledgement format:
These messages are responses to "Entry update" messages only.
Its format is very basic for efficiency reasons:
4
+xxxxxxxxxxxxxxxx+-----------+
| Stick-table ID | Update ID |
+xxxxxxxxxxxxxxxx+-----------+
Note that the "Stick-table ID" field value is in relation with the one which
has been previously announce by a "Stick-table definition" message.
The following schema may help in understanding how to handle a stream of
stick-table update messages. The handshake step is not represented.
Stick-table IDs are preceded by a '#' character.
Peer A Peer B
stkt def. #1
---------------------->
updates (1-5)
---------------------->
stkt def. #3
---------------------->
updates (1000-1005)
---------------------->
stkt def. #2
<----------------------
updates (10-15)
<----------------------
ack 5 for #1
<----------------------
ack 1005 for #3
<----------------------
stkt def. #4
<----------------------
updates (100-105)
<----------------------
ack 10 for #2
---------------------->
ack 105 for #4
---------------------->
(from here, on both sides, all stick-table updates
are considered as received)