Configuring HAProxy

2020-02-05 Thread Akshay Mangla 
Hi HAProxy Team,

I have been trying to install HAProxy on my vm machine and facing some
difficulties in doing so.

Following is the HAProxy config file that we have currently.

#-
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#-

#-
# Global settings
#-
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events.  This is done
#by adding the '-r' option to the SYSLOGD_OPTIONS in
#/etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
#   file. A line like the following can be added to
#   /etc/sysconfig/syslog
#
#local2.*   /var/log/haproxy.log
#
log 127.0.0.1 local2

chroot  /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
userhaproxy
group   haproxy
daemon

# turn on stats unix socket
stats socket /var/lib/haproxy/stats

#-
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#-
defaults
modehttp
log global
option  httplog
option  dontlognull
option http-server-close
option forwardfor   except 127.0.0.0/8
option  redispatch
retries 3
timeout http-request10s
timeout queue   1m
timeout connect 10s
timeout client  1m
timeout server  1m
timeout http-keep-alive 10s
timeout check   10s
maxconn 3000

#-
# main frontend which proxys to the backends
#-
frontend  main *:5000
acl url_static   path_beg   -i /static /images /javascript
/stylesheets
acl url_static   path_end   -i .jpg .gif .png .css .js

use_backend static  if url_static
default_backend app

#-
# static backend for serving up images, stylesheets and such
#-
backend static
balance roundrobin
server  static 127.0.0.1:4331 check

#-
# round robin balancing between the various backends
#-
backend app
balance roundrobin
server  app1 127.0.0.1:5001 check
server  app2 127.0.0.1:5002 check
server  app3 127.0.0.1:5003 check
server  app4 127.0.0.1:5004 check

frontend haproxy_inbound
bind *:7068
default_backend haproxy_httpd

backend haproxy_httpd
balance roundrobin
mode http #(NOT NEEDED IF DEFINED IN DEFAULTS)
option httpchk
server lxapp14058.dc.corp.telstra.com 10.195.77.21:7068 check
server lxapp14059.dc.corp.telstra.com 10.195.77.22:7068 check


I have added the lines at the end which are colored and ran the command
--->  *haproxy -c -f /etc/haproxy/haproxy.cfg* which gave me an output
that *configuration
file is valid*.

When i tried to start it manually (in foreground, to test) with ---> *haproxy
-db -f /etc/haproxy/haproxy.cfg* it started giving me an error
[image: image.png]

Can you help me resolve this issue as I am stuck on this. Any suggestions
would be appreciated.

Do let me know if you need any further information on this.

Regards,
Akshay

Re: [PATCH] CLEANUP: peers: Remove unused static function `free_dcache_tx`

2020-02-05 Thread Willy Tarreau 
On Wed, Feb 05, 2020 at 11:37:15PM +0100, Tim Duesterhus wrote:
> The function was added in commit 6c39198b57566ddfc5368e481d2a7cf8111d,
> but was also used within a single function `free_dcache` which was unused
> itself.

Good point, applied now, thanks Tim.

Willy

[PATCH] CLEANUP: peers: Remove unused static function `free_dcache_tx`

2020-02-05 Thread Tim Duesterhus 
The function was added in commit 6c39198b57566ddfc5368e481d2a7cf8111d,
but was also used within a single function `free_dcache` which was unused
itself.

see issue #301
see commit 10ce0c2f31ba06e52edfb52176dc47986314321b which removed
`free_dcache`
---
 src/peers.c | 7 ---
 1 file changed, 7 deletions(-)

diff --git a/src/peers.c b/src/peers.c
index 52e2a8ba4..659992cff 100644
--- a/src/peers.c
+++ b/src/peers.c
@@ -2851,13 +2851,6 @@ static struct dcache_tx *new_dcache_tx(size_t 
max_entries)
return NULL;
 }
 
-static void free_dcache_tx(struct dcache_tx *dc)
-{
-   free(dc->entries);
-   dc->entries = NULL;
-   free(dc);
-}
-
 /*
  * Allocate a cache of dictionary entries with  as name and 
  * as maximum of entries.
-- 
2.25.0

[PATCH] MINOR: acl: Warn when an ACL is named 'or' or '||'

2020-02-05 Thread Tim Duesterhus 
Willy,

after a user seeked support in IRC and me seeing the error message they were 
facing I just *had to*
try something :-)

<*redacted*> Can anyone tell me if there a way to do multi variable in this 
rspirep line? Seems
 to be a syntax problem with the AND path_subdomain.
 rspirep ^Location:\ (.*) Location:\ /subdomainXYZ/\1 if 
hdr_location AND path_subdomain
[...]
 Also the 'AND' is implicit. Just leave it out.
 That will probably solve your syntax issue.
<*redacted*> Ahhh thanks, it seems that removing the AND was enough to get it 
working
<*redacted*> was admittedly confused when I saw the error 'no such ACL: AND'
 *redacted*, don't make me try out stupid things. Quick poll (answer 
without trying it out!).
   Will this add a 'Foo' header to the response or not?
 acl t always_true
 acl or always_false
 http-response set-header Foo Bar if t or t
<*redacted*> maybe.. no?
<*redacted2*> you're supposed to use || and or for OR, so I'd guess cfgparse 
should fail here, does it not ?
 It does not. I'm just preparing a patch.
<*redacted2*> :-)
<*redacted3*> TimWolla: famoous last words
<*redacted3*> me is unfair

Apply with `git am --scissors` to automatically cut the commit message.

-- >8 --
Subject: [PATCH] MINOR: acl: Warn when an ACL is named 'or' or '||'

Consider a configuration like this:

> acl t always_true
> acl or always_false
>
> http-response set-header Foo Bar if t or t

The 'or' within the condition will be treated as a logical disjunction
and the header will be set, despite the ACL 'or' being falsy.

May be backported to older branches, it should not break anything
and might improve the users' lifes.
---
 src/cfgparse-listen.c |  7 ++-
 src/fcgi-app.c| 10 +-
 src/flt_spoe.c|  6 ++
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c
index 3f16a2517..7220b50ec 100644
--- a/src/cfgparse-listen.c
+++ b/src/cfgparse-listen.c
@@ -806,7 +806,12 @@ int cfg_parse_listen(const char *file, int linenum, char 
**args, int kwm)
err_code |= ERR_ALERT | ERR_FATAL;
goto out;
}
-
+   if (strcasecmp(args[1], "or") == 0 || strcasecmp(args[1], "||") 
== 0) {
+   ha_warning("parsing [%s:%d] : acl name '%s' will never 
match. 'or' and '||' are used to express a "
+  "logical disjunction within a condition.\n",
+  file, linenum, args[1]);
+   err_code |= ERR_WARN;
+   }
if (parse_acl((const char **)args + 1, &curproxy->acl, &errmsg, 
&curproxy->conf.args, file, linenum) == NULL) {
ha_alert("parsing [%s:%d] : error detected while 
parsing ACL '%s' : %s.\n",
 file, linenum, args[1], errmsg);
diff --git a/src/fcgi-app.c b/src/fcgi-app.c
index f7108c376..873fc0f13 100644
--- a/src/fcgi-app.c
+++ b/src/fcgi-app.c
@@ -885,11 +885,19 @@ static int cfg_parse_fcgi_app(const char *file, int 
linenum, char **args, int kw
ha_alert("parsing [%s:%d] : character '%c' is not 
permitted in acl name '%s'.\n",
 file, linenum, *err, args[1]);
err_code |= ERR_ALERT | ERR_FATAL;
+   goto out;
+   }
+   if (strcasecmp(args[1], "or") == 0 || strcasecmp(args[1], "||") 
== 0) {
+   ha_warning("parsing [%s:%d] : acl name '%s' will never 
match. 'or' and '||' are used to express a "
+  "logical disjunction within a condition.\n",
+  file, linenum, args[1]);
+   err_code |= ERR_WARN;
}
-   else if (parse_acl((const char **)args+1, &curapp->acls, 
&errmsg, &curapp->conf.args, file, linenum) == NULL) {
+   if (parse_acl((const char **)args+1, &curapp->acls, &errmsg, 
&curapp->conf.args, file, linenum) == NULL) {
ha_alert("parsing [%s:%d] : error detected while 
parsing ACL '%s' : %s.\n",
 file, linenum, args[1], errmsg);
err_code |= ERR_ALERT | ERR_FATAL;
+   goto out;
}
}
else if (!strcmp(args[0], "set-param")) {
diff --git a/src/flt_spoe.c b/src/flt_spoe.c
index e3328cc01..3951e6527 100644
--- a/src/flt_spoe.c
+++ b/src/flt_spoe.c
@@ -3991,6 +3991,12 @@ cfg_parse_spoe_message(const char *file, int linenum, 
char **args, int kwm)
err_code |= ERR_ALERT | ERR_FATAL;
goto out;
}
+   if (strcasecmp(args[1], "or") == 0 || strcasecmp(args[1], "||") 
== 0) {
+   ha_warning("parsing [%s:%d] : acl name '%s' will never 
match. 'or' and '||' are used to express a "
+

Re: [PATCH] CLEANUP: Remove unused static function `free_dcache`

2020-02-05 Thread Willy Tarreau 
On Wed, Feb 05, 2020 at 05:22:02PM +0100, Tim Duesterhus wrote:
> The function was change to be static in commit
> 6c39198b57566ddfc5368e481d2a7cf8111d, but even that commit
> no longer uses it. The purpose of the change vs. outright removal
> is unclear.

OK thanks Tim. Indeed, better remove it now, it's not lost anyway if
we need to unearth it later. Applied now, thanks!

Willy

Re: [PATCH] CLEANUP: Remove unused static function `free_dcache`

2020-02-05 Thread Илья Шипицин 
it is the last warning in travis-ci. we may consider adding ERR=1

ср, 5 февр. 2020 г. в 21:22, Tim Duesterhus :

> The function was change to be static in commit
> 6c39198b57566ddfc5368e481d2a7cf8111d, but even that commit
> no longer uses it. The purpose of the change vs. outright removal
> is unclear.
>
> see issue #301
> ---
>  src/peers.c | 12 
>  1 file changed, 12 deletions(-)
>
> diff --git a/src/peers.c b/src/peers.c
> index e2581a73b..52e2a8ba4 100644
> --- a/src/peers.c
> +++ b/src/peers.c
> @@ -2889,18 +2889,6 @@ static struct dcache *new_dcache(size_t max_entries)
> return NULL;
>  }
>
> -/*
> - * Deallocate a cache of dictionary entries.
> - */
> -static inline void free_dcache(struct dcache *dc)
> -{
> -   free_dcache_tx(dc->tx);
> -   dc->tx = NULL;
> -   free(dc->rx); dc->rx = NULL;
> -   free(dc);
> -}
> -
> -
>  /*
>   * Look for the dictionary entry with the value of  in  cache of
> dictionary
>   * entries used upon transmission.
> --
> 2.25.0
>
>

[PATCH] CLEANUP: Remove unused static function `free_dcache`

2020-02-05 Thread Tim Duesterhus 
The function was change to be static in commit
6c39198b57566ddfc5368e481d2a7cf8111d, but even that commit
no longer uses it. The purpose of the change vs. outright removal
is unclear.

see issue #301
---
 src/peers.c | 12 
 1 file changed, 12 deletions(-)

diff --git a/src/peers.c b/src/peers.c
index e2581a73b..52e2a8ba4 100644
--- a/src/peers.c
+++ b/src/peers.c
@@ -2889,18 +2889,6 @@ static struct dcache *new_dcache(size_t max_entries)
return NULL;
 }
 
-/*
- * Deallocate a cache of dictionary entries.
- */
-static inline void free_dcache(struct dcache *dc)
-{
-   free_dcache_tx(dc->tx);
-   dc->tx = NULL;
-   free(dc->rx); dc->rx = NULL;
-   free(dc);
-}
-
-
 /*
  * Look for the dictionary entry with the value of  in  cache of 
dictionary
  * entries used upon transmission.
-- 
2.25.0