1 /* 2 * include/haproxy/server-t.h 3 * This file defines everything related to servers. 4 * 5 * Copyright (C) 2000-2012 Willy Tarreau - w@1wt.eu 6 * 7 * This library is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU Lesser General Public 9 * License as published by the Free Software Foundation, version 2.1 10 * exclusively. 11 * 12 * This library is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15 * Lesser General Public License for more details. 16 * 17 * You should have received a copy of the GNU Lesser General Public 18 * License along with this library; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 20 */ 21 22 #ifndef _HAPROXY_SERVER_T_H 23 #define _HAPROXY_SERVER_T_H 24 25 #include <netinet/in.h> 26 #include <arpa/inet.h> 27 28 #include <import/eb32tree.h> 29 #include <import/ebmbtree.h> 30 31 #include <haproxy/api-t.h> 32 #include <haproxy/check-t.h> 33 #include <haproxy/connection-t.h> 34 #include <haproxy/counters-t.h> 35 #include <haproxy/dns-t.h> 36 #include <haproxy/freq_ctr-t.h> 37 #include <haproxy/listener-t.h> 38 #include <haproxy/obj_type-t.h> 39 #include <haproxy/openssl-compat.h> 40 #include <haproxy/ssl_sock-t.h> 41 #include <haproxy/stats-t.h> 42 #include <haproxy/task-t.h> 43 #include <haproxy/thread-t.h> 44 45 46 /* server states. Only SRV_ST_STOPPED indicates a down server. */ 47 enum srv_state { 48 SRV_ST_STOPPED = 0, /* the server is down. Please keep set to zero. */ 49 SRV_ST_STARTING, /* the server is warming up (up but throttled) */ 50 SRV_ST_RUNNING, /* the server is fully up */ 51 SRV_ST_STOPPING, /* the server is up but soft-stopping (eg: 404) */ 52 } __attribute__((packed)); 53 54 /* Administrative status : a server runs in one of these 3 stats : 55 * - READY : normal mode 56 * - DRAIN : takes no new visitor, equivalent to weight == 0 57 * - MAINT : maintenance mode, no more traffic nor health checks. 58 * 59 * Each server may be in maintenance by itself or may inherit this status from 60 * another server it tracks. It can also be in drain mode by itself or inherit 61 * it from another server. Let's store these origins here as flags. These flags 62 * are combined this way : 63 * 64 * FMAINT IMAINT FDRAIN IDRAIN Resulting state 65 * 0 0 0 0 READY 66 * 0 0 0 1 DRAIN 67 * 0 0 1 x DRAIN 68 * 0 1 x x MAINT 69 * 1 x x x MAINT 70 * 71 * This can be simplified this way : 72 * 73 * state_str = (state & MAINT) ? "MAINT" : (state & DRAIN) : "DRAIN" : "READY" 74 */ 75 enum srv_admin { 76 SRV_ADMF_FMAINT = 0x01, /* the server was explicitly forced into maintenance */ 77 SRV_ADMF_IMAINT = 0x02, /* the server has inherited the maintenance status from a tracked server */ 78 SRV_ADMF_MAINT = 0x23, /* mask to check if any maintenance flag is present */ 79 SRV_ADMF_CMAINT = 0x04, /* the server is in maintenance because of the configuration */ 80 SRV_ADMF_FDRAIN = 0x08, /* the server was explicitly forced into drain state */ 81 SRV_ADMF_IDRAIN = 0x10, /* the server has inherited the drain status from a tracked server */ 82 SRV_ADMF_DRAIN = 0x18, /* mask to check if any drain flag is present */ 83 SRV_ADMF_RMAINT = 0x20, /* the server is down because of an IP address resolution failure */ 84 SRV_ADMF_HMAINT = 0x40, /* the server FQDN has been set from socket stats */ 85 } __attribute__((packed)); 86 87 /* options for servers' "init-addr" parameter 88 * this parameter may be used to drive HAProxy's behavior when parsing a server 89 * address at start up time. 90 * These values are stored as a list into an integer ordered from first to last 91 * starting with the lowest to highest bits. SRV_IADDR_END (0) is used to 92 * indicate the end of the list. 3 bits are enough to store each value. 93 */ 94 enum srv_initaddr { 95 SRV_IADDR_END = 0, /* end of the list */ 96 SRV_IADDR_NONE = 1, /* the server won't have any address at start up */ 97 SRV_IADDR_LIBC = 2, /* address set using the libc DNS resolver */ 98 SRV_IADDR_LAST = 3, /* we set the IP address found in state-file for this server */ 99 SRV_IADDR_IP = 4, /* we set an arbitrary IP address to the server */ 100 } __attribute__((packed)); 101 102 /* server-state-file version */ 103 #define SRV_STATE_FILE_VERSION 1 104 #define SRV_STATE_FILE_VERSION_MIN 1 105 #define SRV_STATE_FILE_VERSION_MAX 1 106 #define SRV_STATE_FILE_FIELD_NAMES \ 107 "be_id " \ 108 "be_name " \ 109 "srv_id " \ 110 "srv_name " \ 111 "srv_addr " \ 112 "srv_op_state " \ 113 "srv_admin_state " \ 114 "srv_uweight " \ 115 "srv_iweight " \ 116 "srv_time_since_last_change " \ 117 "srv_check_status " \ 118 "srv_check_result " \ 119 "srv_check_health " \ 120 "srv_check_state " \ 121 "srv_agent_state " \ 122 "bk_f_forced_id " \ 123 "srv_f_forced_id " \ 124 "srv_fqdn " \ 125 "srv_port " \ 126 "srvrecord" 127 128 #define SRV_STATE_FILE_MAX_FIELDS 20 129 #define SRV_STATE_FILE_NB_FIELDS_VERSION_1 20 130 #define SRV_STATE_LINE_MAXLEN 512 131 132 /* server flags -- 32 bits */ 133 #define SRV_F_BACKUP 0x0001 /* this server is a backup server */ 134 #define SRV_F_MAPPORTS 0x0002 /* this server uses mapped ports */ 135 #define SRV_F_NON_STICK 0x0004 /* never add connections allocated to this server to a stick table */ 136 #define SRV_F_USE_NS_FROM_PP 0x0008 /* use namespace associated with connection if present */ 137 #define SRV_F_FORCED_ID 0x0010 /* server's ID was forced in the configuration */ 138 #define SRV_F_CHECKADDR 0x0020 /* this server has a check addr configured */ 139 #define SRV_F_CHECKPORT 0x0040 /* this server has a check port configured */ 140 #define SRV_F_AGENTADDR 0x0080 /* this server has a agent addr configured */ 141 #define SRV_F_COOKIESET 0x0100 /* this server has a cookie configured, so don't generate dynamic cookies */ 142 #define SRV_F_FASTOPEN 0x0200 /* Use TCP Fast Open to connect to server */ 143 #define SRV_F_SOCKS4_PROXY 0x0400 /* this server uses SOCKS4 proxy */ 144 #define SRV_F_NO_RESOLUTION 0x0800 /* disable runtime DNS resolution on this server */ 145 146 /* configured server options for send-proxy (server->pp_opts) */ 147 #define SRV_PP_V1 0x0001 /* proxy protocol version 1 */ 148 #define SRV_PP_V2 0x0002 /* proxy protocol version 2 */ 149 #define SRV_PP_V2_SSL 0x0004 /* proxy protocol version 2 with SSL */ 150 #define SRV_PP_V2_SSL_CN 0x0008 /* proxy protocol version 2 with CN */ 151 #define SRV_PP_V2_SSL_KEY_ALG 0x0010 /* proxy protocol version 2 with cert key algorithm */ 152 #define SRV_PP_V2_SSL_SIG_ALG 0x0020 /* proxy protocol version 2 with cert signature algorithm */ 153 #define SRV_PP_V2_SSL_CIPHER 0x0040 /* proxy protocol version 2 with cipher used */ 154 #define SRV_PP_V2_AUTHORITY 0x0080 /* proxy protocol version 2 with authority */ 155 #define SRV_PP_V2_CRC32C 0x0100 /* proxy protocol version 2 with crc32c */ 156 #define SRV_PP_V2_UNIQUE_ID 0x0200 /* proxy protocol version 2 with unique ID */ 157 158 /* function which act on servers need to return various errors */ 159 #define SRV_STATUS_OK 0 /* everything is OK. */ 160 #define SRV_STATUS_INTERNAL 1 /* other unrecoverable errors. */ 161 #define SRV_STATUS_NOSRV 2 /* no server is available */ 162 #define SRV_STATUS_FULL 3 /* the/all server(s) are saturated */ 163 #define SRV_STATUS_QUEUED 4 /* the/all server(s) are saturated but the connection was queued */ 164 165 /* various constants */ 166 #define SRV_UWGHT_RANGE 256 167 #define SRV_UWGHT_MAX (SRV_UWGHT_RANGE) 168 #define SRV_EWGHT_RANGE (SRV_UWGHT_RANGE * BE_WEIGHT_SCALE) 169 #define SRV_EWGHT_MAX (SRV_UWGHT_MAX * BE_WEIGHT_SCALE) 170 171 /* server ssl options */ 172 #define SRV_SSL_O_NONE 0x0000 173 #define SRV_SSL_O_NO_TLS_TICKETS 0x0100 /* disable session resumption tickets */ 174 #define SRV_SSL_O_NO_REUSE 0x200 /* disable session reuse */ 175 #define SRV_SSL_O_EARLY_DATA 0x400 /* Allow using early data */ 176 177 /* log servers ring's protocols options */ 178 enum srv_log_proto { 179 SRV_LOG_PROTO_LEGACY, // messages on TCP separated by LF 180 SRV_LOG_PROTO_OCTET_COUNTING, // TCP frames: MSGLEN SP MSG 181 }; 182 183 struct pid_list { 184 struct list list; 185 pid_t pid; 186 struct task *t; 187 int status; 188 int exited; 189 }; 190 191 /* A tree occurrence is a descriptor of a place in a tree, with a pointer back 192 * to the server itself. 193 */ 194 struct server; 195 struct tree_occ { 196 struct server *server; 197 struct eb32_node node; 198 }; 199 200 struct proxy; 201 struct server { 202 enum obj_type obj_type; /* object type == OBJ_TYPE_SERVER */ 203 enum srv_state next_state, cur_state; /* server state among SRV_ST_* */ 204 enum srv_admin next_admin, cur_admin; /* server maintenance status : SRV_ADMF_* */ 205 signed char use_ssl; /* ssl enabled (1: on, 0: disabled, -1 forced off) */ 206 unsigned int pp_opts; /* proxy protocol options (SRV_PP_*) */ 207 struct server *next; 208 int cklen; /* the len of the cookie, to speed up checks */ 209 int rdr_len; /* the length of the redirection prefix */ 210 char *cookie; /* the id set in the cookie */ 211 char *rdr_pfx; /* the redirection prefix */ 212 213 struct proxy *proxy; /* the proxy this server belongs to */ 214 const struct mux_proto_list *mux_proto; /* the mux to use for all outgoing connections (specified by the "proto" keyword) */ 215 int served; /* # of active sessions currently being served (ie not pending) */ 216 int cur_sess; /* number of currently active sessions (including syn_sent) */ 217 unsigned maxconn, minconn; /* max # of active sessions (0 = unlimited), min# for dynamic limit. */ 218 int nbpend; /* number of pending connections */ 219 unsigned int queue_idx; /* count of pending connections which have been de-queued */ 220 int maxqueue; /* maximum number of pending connections allowed */ 221 struct freq_ctr sess_per_sec; /* sessions per second on this server */ 222 struct be_counters counters; /* statistics counters */ 223 224 struct eb_root pendconns; /* pending connections */ 225 struct mt_list actconns[MAX_THREADS]; /* active connections (used by "shutdown server sessions") */ 226 struct mt_list *idle_conns; /* shareable idle connections*/ 227 struct mt_list *safe_conns; /* safe idle connections */ 228 struct list *available_conns; /* Connection in used, but with still new streams available */ 229 unsigned int pool_purge_delay; /* Delay before starting to purge the idle conns pool */ 230 unsigned int low_idle_conns; /* min idle connection count to start picking from other threads */ 231 unsigned int max_idle_conns; /* Max number of connection allowed in the orphan connections list */ 232 unsigned int curr_idle_conns; /* Current number of orphan idling connections, both the idle and the safe lists */ 233 unsigned int curr_idle_nb; /* Current number of connections in the idle list */ 234 unsigned int curr_safe_nb; /* Current number of connections in the safe list */ 235 unsigned int curr_used_conns; /* Current number of used connections */ 236 unsigned int max_used_conns; /* Max number of used connections (the counter is reset at each connection purges */ 237 unsigned int est_need_conns; /* Estimate on the number of needed connections (max of curr and previous max_used) */ 238 unsigned int next_takeover; /* thread ID to try to steal connections from next time */ 239 unsigned int *curr_idle_thr; /* Current number of orphan idling connections per thread */ 240 int max_reuse; /* Max number of requests on a same connection */ 241 __decl_thread(HA_SPINLOCK_T lock); /* may enclose the proxy's lock, must not be taken under */ 242 struct eb32_node idle_node; /* When to next do cleanup in the idle connections */ 243 struct task *warmup; /* the task dedicated to the warmup when slowstart is set */ 244 245 struct conn_src conn_src; /* connection source settings */ 246 247 struct server *track; /* the server we're currently tracking, if any */ 248 struct server *trackers; /* the list of servers tracking us, if any */ 249 struct server *tracknext; /* next server tracking <track> in <track>'s trackers list */ 250 char *trackit; /* temporary variable to make assignment deferrable */ 251 int consecutive_errors; /* current number of consecutive errors */ 252 int consecutive_errors_limit; /* number of consecutive errors that triggers an event */ 253 short observe, onerror; /* observing mode: one of HANA_OBS_*; what to do on error: on of ANA_ONERR_* */ 254 short onmarkeddown; /* what to do when marked down: one of HANA_ONMARKEDDOWN_* */ 255 short onmarkedup; /* what to do when marked up: one of HANA_ONMARKEDUP_* */ 256 unsigned int flags; /* server flags (SRV_F_*) */ 257 int slowstart; /* slowstart time in seconds (ms in the conf) */ 258 259 char *id; /* just for identification */ 260 unsigned iweight,uweight, cur_eweight; /* initial weight, user-specified weight, and effective weight */ 261 unsigned wscore; /* weight score, used during srv map computation */ 262 unsigned next_eweight; /* next pending eweight to commit */ 263 unsigned rweight; /* remainer of weight in the current LB tree */ 264 unsigned cumulative_weight; /* weight of servers prior to this one in the same group, for chash balancing */ 265 unsigned npos, lpos; /* next and last positions in the LB tree */ 266 struct eb32_node lb_node; /* node used for tree-based load balancing */ 267 struct eb_root *lb_tree; /* we want to know in what tree the server is */ 268 struct server *next_full; /* next server in the temporary full list */ 269 unsigned lb_nodes_tot; /* number of allocated lb_nodes (C-HASH) */ 270 unsigned lb_nodes_now; /* number of lb_nodes placed in the tree (C-HASH) */ 271 struct tree_occ *lb_nodes; /* lb_nodes_tot * struct tree_occ */ 272 273 const struct netns_entry *netns; /* contains network namespace name or NULL. Network namespace comes from configuration */ 274 /* warning, these structs are huge, keep them at the bottom */ 275 struct sockaddr_storage addr; /* the address to connect to, doesn't include the port */ 276 struct xprt_ops *xprt; /* transport-layer operations */ 277 unsigned int svc_port; /* the port to connect to (for relevant families) */ 278 unsigned down_time; /* total time the server was down */ 279 time_t last_change; /* last time, when the state was changed */ 280 281 int puid; /* proxy-unique server ID, used for SNMP, and "first" LB algo */ 282 int tcp_ut; /* for TCP, user timeout */ 283 284 int do_check; /* temporary variable used during parsing to denote if health checks must be enabled */ 285 int do_agent; /* temporary variable used during parsing to denote if an auxiliary agent check must be enabled */ 286 struct check check; /* health-check specific configuration */ 287 struct check agent; /* agent specific configuration */ 288 289 struct dns_requester *dns_requester; /* used to link a server to its DNS resolution */ 290 char *resolvers_id; /* resolvers section used by this server */ 291 struct dns_resolvers *resolvers; /* pointer to the resolvers structure used by this server */ 292 char *lastaddr; /* the address string provided by the server-state file */ 293 struct dns_options dns_opts; 294 int hostname_dn_len; /* string length of the server hostname in Domain Name format */ 295 char *hostname_dn; /* server hostname in Domain Name format */ 296 char *hostname; /* server hostname */ 297 struct sockaddr_storage init_addr; /* plain IP address specified on the init-addr line */ 298 unsigned int init_addr_methods; /* initial address setting, 3-bit per method, ends at 0, enough to store 10 entries */ 299 enum srv_log_proto log_proto; /* used proto to emit messages on server lines from ring section */ 300 301 #ifdef USE_OPENSSL 302 char *sni_expr; /* Temporary variable to store a sample expression for SNI */ 303 struct { 304 SSL_CTX *ctx; 305 struct { 306 unsigned char *ptr; 307 int size; 308 int allocated_size; 309 char *sni; /* SNI used for the session */ 310 } * reused_sess; 311 char *ciphers; /* cipher suite to use if non-null */ 312 #if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER) 313 char *ciphersuites; /* TLS 1.3 cipher suite to use if non-null */ 314 #endif 315 int options; /* ssl options */ 316 int verify; /* verify method (set of SSL_VERIFY_* flags) */ 317 struct tls_version_filter methods; /* ssl methods */ 318 char *verify_host; /* hostname of certificate must match this host */ 319 char *ca_file; /* CAfile to use on verify */ 320 char *crl_file; /* CRLfile to use on verify */ 321 char *client_crt; /* client certificate to send */ 322 struct sample_expr *sni; /* sample expression for SNI */ 323 #ifdef OPENSSL_NPN_NEGOTIATED 324 char *npn_str; /* NPN protocol string */ 325 int npn_len; /* NPN protocol string length */ 326 #endif 327 #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation 328 char *alpn_str; /* ALPN protocol string */ 329 int alpn_len; /* ALPN protocol string length */ 330 #endif 331 } ssl_ctx; 332 #endif 333 struct dns_srvrq *srvrq; /* Pointer representing the DNS SRV requeest, if any */ 334 struct list srv_rec_item; /* to attach server to a srv record item */ 335 struct list ip_rec_item; /* to attach server to a A or AAAA record item */ 336 struct ebpt_node host_dn; /* hostdn store for srvrq and state file matching*/ 337 struct task *srvrq_check; /* Task testing SRV record expiration date for this server */ 338 struct { 339 const char *file; /* file where the section appears */ 340 struct eb32_node id; /* place in the tree of used IDs */ 341 struct ebpt_node name; /* place in the tree of used names */ 342 int line; /* line where the section appears */ 343 } conf; /* config information */ 344 /* Template information used only for server objects which 345 * serve as template filled at parsing time and used during 346 * server allocations from server templates. 347 */ 348 struct { 349 char *prefix; 350 int nb_low; 351 int nb_high; 352 } tmpl_info; 353 struct { 354 long duration; 355 short status, code; 356 char reason[128]; 357 } op_st_chg; /* operational status change's reason */ 358 char adm_st_chg_cause[48]; /* administrative status change's cause */ 359 360 struct sockaddr_storage socks4_addr; /* the address of the SOCKS4 Proxy, including the port */ 361 362 EXTRA_COUNTERS(extra_counters); 363 }; 364 365 366 /* Storage structure to load server-state lines from a flat file into 367 * an ebtree, for faster processing 368 */ 369 struct state_line { 370 char *line; 371 struct ebmb_node name_name; 372 /* WARNING don't put anything after name_name, it's used by the key */ 373 }; 374 375 376 /* Descriptor for a "server" keyword. The ->parse() function returns 0 in case of 377 * success, or a combination of ERR_* flags if an error is encountered. The 378 * function pointer can be NULL if not implemented. The function also has an 379 * access to the current "server" config line. The ->skip value tells the parser 380 * how many words have to be skipped after the keyword. If the function needs to 381 * parse more keywords, it needs to update cur_arg. 382 */ 383 struct srv_kw { 384 const char *kw; 385 int (*parse)(char **args, int *cur_arg, struct proxy *px, struct server *srv, char **err); 386 int skip; /* nb min of args to skip, for use when kw is not handled */ 387 int default_ok; /* non-zero if kw is supported in default-server section */ 388 }; 389 390 /* 391 * A keyword list. It is a NULL-terminated array of keywords. It embeds a 392 * struct list in order to be linked to other lists, allowing it to easily 393 * be declared where it is needed, and linked without duplicating data nor 394 * allocating memory. It is also possible to indicate a scope for the keywords. 395 */ 396 struct srv_kw_list { 397 const char *scope; 398 struct list list; 399 struct srv_kw kw[VAR_ARRAY]; 400 }; 401 402 #endif /* _HAPROXY_SERVER_T_H */ 403 404 /* 405 * Local variables: 406 * c-indent-level: 8 407 * c-basic-offset: 8 408 * End: 409 */ 410