aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/haproxy-devel/haproxy.inc35
-rwxr-xr-xconfig/haproxy-devel/haproxy_global.php18
-rw-r--r--config/haproxy-devel/haproxy_listeners_edit.php29
-rw-r--r--config/haproxy-devel/haproxy_pool_edit.php2
4 files changed, 61 insertions, 23 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 0f6de3de..954e933f 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -867,10 +867,12 @@ function haproxy_load_modules() {
function use_transparent_clientip_proxying() {
global $config;
$a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item'];
- foreach ($a_backends as $backend) {
- if ($backend["transparent_clientip"] == 'yes') {
- return true;
- break;
+ if (is_array($a_backends)) {
+ foreach ($a_backends as $backend) {
+ if ($backend["transparent_clientip"] == 'yes') {
+ return true;
+ break;
+ }
}
}
return false;
@@ -939,7 +941,8 @@ function haproxy_check_run($reload) {
if ($status != "MASTER") {
if (haproxy_is_running()) {
log_error("Stopping haproxy on CARP backup.");
- exec("/bin/pkill -F /var/run/haproxy.pid haproxy");
+ //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile
+ haproxy_kill();
}
return (0);
} else if (haproxy_is_running() && $reload == 0) {
@@ -951,7 +954,11 @@ function haproxy_check_run($reload) {
return (0);
if (haproxy_is_running()) {
- exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode);
+ if (isset($a_global['terminate_on_reload']))
+ $sf_st = "-st";//terminate old process as soon as the new process is listening
+ else
+ $sf_st = "-sf";//finish serving existing connections exit when done, and the new process is listening
+ exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode);
} else {
exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode);
}
@@ -960,11 +967,23 @@ function haproxy_check_run($reload) {
return ($errcode);
} else {
if ($reload && haproxy_is_running()) {
- exec("/bin/pkill -F /var/run/haproxy.pid haproxy");
+ //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile
+ haproxy_kill();
}
return (0);
}
-
+}
+
+function haproxy_kill($killimmediately = true) {
+ if ($killimmediately)
+ $signal = "KILL"; // stop now
+ else
+ $signal = "USR1"; // stop when all connections are closed
+ killprocesses("haproxy", "/var/run/haproxy.pid", $signal);
+}
+
+function killprocesses($processname, $pidfile, $signal = "KILL") {
+ exec("kill -$signal `pgrep -x $processname | grep -w -f $pidfile`");
}
function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php
index 7ff0fb65..dbc55847 100755
--- a/config/haproxy-devel/haproxy_global.php
+++ b/config/haproxy-devel/haproxy_global.php
@@ -68,6 +68,7 @@ if ($_POST) {
if (!$input_errors) {
$config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false;
+ $config['installedpackages']['haproxy']['terminate_on_reload'] = $_POST['terminate_on_reload'] ? true : false;
$config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false;
$config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false;
$config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false;
@@ -84,10 +85,10 @@ if ($_POST) {
write_config();
}
}
-
}
$pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']);
+$pconfig['terminate_on_reload'] = isset($config['installedpackages']['haproxy']['terminate_on_reload']);
$pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn'];
$pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']);
$pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword'];
@@ -177,9 +178,9 @@ function enable_change(enable_change) {
Sets the maximum per-process number of concurrent connections to X.<br/>
<strong>NOTE:</strong> setting this value too high will result in HAProxy not being able to allocate enough memory.<br/>
<?php
- $hascpu = trim(`top | grep haproxy | awk '{ print $6 }'`);
- if($hascpu)
- echo "<p>Current memory usage {$hascpu}.</p>";
+ $memusage = trim(`ps auxw | grep haproxy | grep -v grep | awk '{ print $5 }'`);
+ if($memusage)
+ echo "<p>Current memory usage: {$memusage} K.</p>";
?>
</td><td>
<table style="border: 1px solid #000;">
@@ -225,6 +226,15 @@ function enable_change(enable_change) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell">Reload behaviour</td>
+ <td width="78%" class="vtable">
+ <input name="terminate_on_reload" type="checkbox" value="yes" <?php if ($pconfig['terminate_on_reload']) echo "checked"; ?>>
+ Force immediate stop of old process on reload. (closes existing connections)<br/><br/>Note: when this option is selected connections will be closed when haproxy is restarted.
+ Otherwise the existing connections will be served by the old haproxy process untill they are closed.
+ Checking this option will interupt existing connections on a restart. (which happens when the configuration is applied,
+ but possibly also when pfSense detects an interface comming up or changing its ip-address)</td>
+ </tr>
+ <tr>
<td valign="top" class="vncell">
Remote syslog host
</td>
diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php
index 05868de7..8f9c2484 100644
--- a/config/haproxy-devel/haproxy_listeners_edit.php
+++ b/config/haproxy-devel/haproxy_listeners_edit.php
@@ -160,23 +160,32 @@ if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
- $reqdfields = explode(" ", "name type port max_connections");
- $reqdfieldsn = explode(",", "Name,Type,Port,Max connections");
+
+ if ($pconfig['secondary'] != "yes") {
+ $reqdfields = explode(" ", "name type port max_connections");
+ $reqdfieldsn = explode(",", "Name,Type,Port,Max connections");
+ } else {
+ $reqdfields = explode(" ", "name");
+ $reqdfieldsn = explode(",", "Name");
+ }
+
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name']))
$input_errors[] = "The field 'Name' contains invalid characters.";
- if (!is_numeric($_POST['max_connections']))
- $input_errors[] = "The field 'Max connections' value is not a number.";
+ if ($pconfig['secondary'] != "yes") {
+ if (!is_numeric($_POST['max_connections']))
+ $input_errors[] = "The field 'Max connections' value is not a number.";
- $ports = split(",", $_POST['port'] . ",");
- foreach($ports as $port)
- if ($port && !is_numeric($port))
- $input_errors[] = "The field 'Port' value is not a number.";
+ $ports = split(",", $_POST['port'] . ",");
+ foreach($ports as $port)
+ if ($port && !is_numeric($port))
+ $input_errors[] = "The field 'Port' value is not a number.";
- if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout']))
- $input_errors[] = "The field 'Client timeout' value is not a number.";
+ if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout']))
+ $input_errors[] = "The field 'Client timeout' value is not a number.";
+ }
/* Ensure that our pool names are unique */
for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++)
diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php
index e282504a..4b93632f 100644
--- a/config/haproxy-devel/haproxy_pool_edit.php
+++ b/config/haproxy-devel/haproxy_pool_edit.php
@@ -608,7 +608,7 @@ FLUSH PRIVILEGES;</pre>
<td width="78%" class="vtable" colspan="2">
<input name="monitor_agentport" type="text" <?if(isset($pconfig['monitor_agentport'])) echo "value=\"{$pconfig['monitor_agentport']}\"";?>size="64">
<br/>
- Fill in the TCP portnumber the healtcheck should be performed on.
+ Fill in the TCP portnumber the healthcheck should be performed on.
</td>
</tr>
</table>