From 0486d32f0b5f4d514f02f68c33f22f0864f20ac1 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Thu, 23 May 2013 22:01:11 +0200 Subject: haproxy-devel, fix required fields a shared-backend, optional Force immediate stop of old process on reload, fix show memory usage. --- config/haproxy-devel/haproxy.inc | 35 +++++++++++++++++++------ config/haproxy-devel/haproxy_global.php | 18 ++++++++++--- config/haproxy-devel/haproxy_listeners_edit.php | 29 +++++++++++++------- config/haproxy-devel/haproxy_pool_edit.php | 2 +- 4 files changed, 61 insertions(+), 23 deletions(-) (limited to 'config/haproxy-devel') diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index 0f6de3de..954e933f 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -867,10 +867,12 @@ function haproxy_load_modules() { function use_transparent_clientip_proxying() { global $config; $a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item']; - foreach ($a_backends as $backend) { - if ($backend["transparent_clientip"] == 'yes') { - return true; - break; + if (is_array($a_backends)) { + foreach ($a_backends as $backend) { + if ($backend["transparent_clientip"] == 'yes') { + return true; + break; + } } } return false; @@ -939,7 +941,8 @@ function haproxy_check_run($reload) { if ($status != "MASTER") { if (haproxy_is_running()) { log_error("Stopping haproxy on CARP backup."); - exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); + //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile + haproxy_kill(); } return (0); } else if (haproxy_is_running() && $reload == 0) { @@ -951,7 +954,11 @@ function haproxy_check_run($reload) { return (0); if (haproxy_is_running()) { - exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode); + if (isset($a_global['terminate_on_reload'])) + $sf_st = "-st";//terminate old process as soon as the new process is listening + else + $sf_st = "-sf";//finish serving existing connections exit when done, and the new process is listening + exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode); } else { exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode); } @@ -960,11 +967,23 @@ function haproxy_check_run($reload) { return ($errcode); } else { if ($reload && haproxy_is_running()) { - exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); + //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile + haproxy_kill(); } return (0); } - +} + +function haproxy_kill($killimmediately = true) { + if ($killimmediately) + $signal = "KILL"; // stop now + else + $signal = "USR1"; // stop when all connections are closed + killprocesses("haproxy", "/var/run/haproxy.pid", $signal); +} + +function killprocesses($processname, $pidfile, $signal = "KILL") { + exec("kill -$signal `pgrep -x $processname | grep -w -f $pidfile`"); } function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 7ff0fb65..dbc55847 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -68,6 +68,7 @@ if ($_POST) { if (!$input_errors) { $config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false; + $config['installedpackages']['haproxy']['terminate_on_reload'] = $_POST['terminate_on_reload'] ? true : false; $config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false; $config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false; $config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false; @@ -84,10 +85,10 @@ if ($_POST) { write_config(); } } - } $pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']); +$pconfig['terminate_on_reload'] = isset($config['installedpackages']['haproxy']['terminate_on_reload']); $pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn']; $pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']); $pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword']; @@ -177,9 +178,9 @@ function enable_change(enable_change) { Sets the maximum per-process number of concurrent connections to X.
NOTE: setting this value too high will result in HAProxy not being able to allocate enough memory.
Current memory usage {$hascpu}.

"; + $memusage = trim(`ps auxw | grep haproxy | grep -v grep | awk '{ print $5 }'`); + if($memusage) + echo "

Current memory usage: {$memusage} K.

"; ?> @@ -224,6 +225,15 @@ function enable_change(enable_change) { For more information about the "nbproc" option please see HAProxy Documentation + + + +
Reload behaviour + > + Force immediate stop of old process on reload. (closes existing connections)

Note: when this option is selected connections will be closed when haproxy is restarted. + Otherwise the existing connections will be served by the old haproxy process untill they are closed. + Checking this option will interupt existing connections on a restart. (which happens when the configuration is applied, + but possibly also when pfSense detects an interface comming up or changing its ip-address)
Remote syslog host diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index 05868de7..8f9c2484 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -160,23 +160,32 @@ if ($_POST) { unset($input_errors); $pconfig = $_POST; - $reqdfields = explode(" ", "name type port max_connections"); - $reqdfieldsn = explode(",", "Name,Type,Port,Max connections"); + + if ($pconfig['secondary'] != "yes") { + $reqdfields = explode(" ", "name type port max_connections"); + $reqdfieldsn = explode(",", "Name,Type,Port,Max connections"); + } else { + $reqdfields = explode(" ", "name"); + $reqdfieldsn = explode(",", "Name"); + } + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) $input_errors[] = "The field 'Name' contains invalid characters."; - if (!is_numeric($_POST['max_connections'])) - $input_errors[] = "The field 'Max connections' value is not a number."; + if ($pconfig['secondary'] != "yes") { + if (!is_numeric($_POST['max_connections'])) + $input_errors[] = "The field 'Max connections' value is not a number."; - $ports = split(",", $_POST['port'] . ","); - foreach($ports as $port) - if ($port && !is_numeric($port)) - $input_errors[] = "The field 'Port' value is not a number."; + $ports = split(",", $_POST['port'] . ","); + foreach($ports as $port) + if ($port && !is_numeric($port)) + $input_errors[] = "The field 'Port' value is not a number."; - if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout'])) - $input_errors[] = "The field 'Client timeout' value is not a number."; + if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout'])) + $input_errors[] = "The field 'Client timeout' value is not a number."; + } /* Ensure that our pool names are unique */ for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index e282504a..4b93632f 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -608,7 +608,7 @@ FLUSH PRIVILEGES; size="64">
- Fill in the TCP portnumber the healtcheck should be performed on. + Fill in the TCP portnumber the healthcheck should be performed on.
-- cgit v1.2.3