diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/haproxy-devel/haproxy.inc | 35 | ||||
| -rwxr-xr-x | config/haproxy-devel/haproxy_global.php | 18 | ||||
| -rw-r--r-- | config/haproxy-devel/haproxy_listeners_edit.php | 29 | ||||
| -rw-r--r-- | config/haproxy-devel/haproxy_pool_edit.php | 2 |
4 files changed, 61 insertions, 23 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index 0f6de3de..954e933f 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -867,10 +867,12 @@ function haproxy_load_modules() { function use_transparent_clientip_proxying() { global $config; $a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item']; - foreach ($a_backends as $backend) { - if ($backend["transparent_clientip"] == 'yes') { - return true; - break; + if (is_array($a_backends)) { + foreach ($a_backends as $backend) { + if ($backend["transparent_clientip"] == 'yes') { + return true; + break; + } } } return false; @@ -939,7 +941,8 @@ function haproxy_check_run($reload) { if ($status != "MASTER") { if (haproxy_is_running()) { log_error("Stopping haproxy on CARP backup."); - exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); + //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile + haproxy_kill(); } return (0); } else if (haproxy_is_running() && $reload == 0) { @@ -951,7 +954,11 @@ function haproxy_check_run($reload) { return (0); if (haproxy_is_running()) { - exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode); + if (isset($a_global['terminate_on_reload'])) + $sf_st = "-st";//terminate old process as soon as the new process is listening + else + $sf_st = "-sf";//finish serving existing connections exit when done, and the new process is listening + exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode); } else { exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode); } @@ -960,11 +967,23 @@ function haproxy_check_run($reload) { return ($errcode); } else { if ($reload && haproxy_is_running()) { - exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); + //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile + haproxy_kill(); } return (0); } - +} + +function haproxy_kill($killimmediately = true) { + if ($killimmediately) + $signal = "KILL"; // stop now + else + $signal = "USR1"; // stop when all connections are closed + killprocesses("haproxy", "/var/run/haproxy.pid", $signal); +} + +function killprocesses($processname, $pidfile, $signal = "KILL") { + exec("kill -$signal `pgrep -x $processname | grep -w -f $pidfile`"); } function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 7ff0fb65..dbc55847 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -68,6 +68,7 @@ if ($_POST) { if (!$input_errors) { $config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false; + $config['installedpackages']['haproxy']['terminate_on_reload'] = $_POST['terminate_on_reload'] ? true : false; $config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false; $config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false; $config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false; @@ -84,10 +85,10 @@ if ($_POST) { write_config(); } } - } $pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']); +$pconfig['terminate_on_reload'] = isset($config['installedpackages']['haproxy']['terminate_on_reload']); $pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn']; $pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']); $pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword']; @@ -177,9 +178,9 @@ function enable_change(enable_change) { Sets the maximum per-process number of concurrent connections to X.<br/> <strong>NOTE:</strong> setting this value too high will result in HAProxy not being able to allocate enough memory.<br/> <?php - $hascpu = trim(`top | grep haproxy | awk '{ print $6 }'`); - if($hascpu) - echo "<p>Current memory usage {$hascpu}.</p>"; + $memusage = trim(`ps auxw | grep haproxy | grep -v grep | awk '{ print $5 }'`); + if($memusage) + echo "<p>Current memory usage: {$memusage} K.</p>"; ?> </td><td> <table style="border: 1px solid #000;"> @@ -225,6 +226,15 @@ function enable_change(enable_change) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Reload behaviour</td> + <td width="78%" class="vtable"> + <input name="terminate_on_reload" type="checkbox" value="yes" <?php if ($pconfig['terminate_on_reload']) echo "checked"; ?>> + Force immediate stop of old process on reload. (closes existing connections)<br/><br/>Note: when this option is selected connections will be closed when haproxy is restarted. + Otherwise the existing connections will be served by the old haproxy process untill they are closed. + Checking this option will interupt existing connections on a restart. (which happens when the configuration is applied, + but possibly also when pfSense detects an interface comming up or changing its ip-address)</td> + </tr> + <tr> <td valign="top" class="vncell"> Remote syslog host </td> diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index 05868de7..8f9c2484 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -160,23 +160,32 @@ if ($_POST) { unset($input_errors); $pconfig = $_POST; - $reqdfields = explode(" ", "name type port max_connections"); - $reqdfieldsn = explode(",", "Name,Type,Port,Max connections"); + + if ($pconfig['secondary'] != "yes") { + $reqdfields = explode(" ", "name type port max_connections"); + $reqdfieldsn = explode(",", "Name,Type,Port,Max connections"); + } else { + $reqdfields = explode(" ", "name"); + $reqdfieldsn = explode(",", "Name"); + } + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) $input_errors[] = "The field 'Name' contains invalid characters."; - if (!is_numeric($_POST['max_connections'])) - $input_errors[] = "The field 'Max connections' value is not a number."; + if ($pconfig['secondary'] != "yes") { + if (!is_numeric($_POST['max_connections'])) + $input_errors[] = "The field 'Max connections' value is not a number."; - $ports = split(",", $_POST['port'] . ","); - foreach($ports as $port) - if ($port && !is_numeric($port)) - $input_errors[] = "The field 'Port' value is not a number."; + $ports = split(",", $_POST['port'] . ","); + foreach($ports as $port) + if ($port && !is_numeric($port)) + $input_errors[] = "The field 'Port' value is not a number."; - if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout'])) - $input_errors[] = "The field 'Client timeout' value is not a number."; + if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout'])) + $input_errors[] = "The field 'Client timeout' value is not a number."; + } /* Ensure that our pool names are unique */ for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index e282504a..4b93632f 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -608,7 +608,7 @@ FLUSH PRIVILEGES;</pre> <td width="78%" class="vtable" colspan="2"> <input name="monitor_agentport" type="text" <?if(isset($pconfig['monitor_agentport'])) echo "value=\"{$pconfig['monitor_agentport']}\"";?>size="64"> <br/> - Fill in the TCP portnumber the healtcheck should be performed on. + Fill in the TCP portnumber the healthcheck should be performed on. </td> </tr> </table> |