From aba9cf49f326342965062f4c777d9a19bcf386bb Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 13 Oct 2009 21:36:49 -0400 Subject: Adding initial version of HAPRoxy package --- config/haproxy/binaries7/haproxy | Bin 0 -> 691728 bytes config/haproxy/binaries8/haproxy | Bin 0 -> 735640 bytes config/haproxy/haproxy.inc | 198 ++++++++++ config/haproxy/haproxy.xml | 109 ++++++ config/haproxy/haproxy_backends.php | 134 +++++++ config/haproxy/haproxy_backends_edit.php | 610 +++++++++++++++++++++++++++++++ config/haproxy/haproxy_global.php | 186 ++++++++++ config/haproxy/haproxy_servers.php | 146 ++++++++ config/haproxy/haproxy_servers_edit.php | 244 +++++++++++++ 9 files changed, 1627 insertions(+) create mode 100755 config/haproxy/binaries7/haproxy create mode 100755 config/haproxy/binaries8/haproxy create mode 100644 config/haproxy/haproxy.inc create mode 100644 config/haproxy/haproxy.xml create mode 100755 config/haproxy/haproxy_backends.php create mode 100755 config/haproxy/haproxy_backends_edit.php create mode 100755 config/haproxy/haproxy_global.php create mode 100755 config/haproxy/haproxy_servers.php create mode 100755 config/haproxy/haproxy_servers_edit.php (limited to 'config') diff --git a/config/haproxy/binaries7/haproxy b/config/haproxy/binaries7/haproxy new file mode 100755 index 00000000..e0d869b7 Binary files /dev/null and b/config/haproxy/binaries7/haproxy differ diff --git a/config/haproxy/binaries8/haproxy b/config/haproxy/binaries8/haproxy new file mode 100755 index 00000000..290dd861 Binary files /dev/null and b/config/haproxy/binaries8/haproxy differ diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc new file mode 100644 index 00000000..cb22d8c9 --- /dev/null +++ b/config/haproxy/haproxy.inc @@ -0,0 +1,198 @@ + +ENDOFF +} + +haproxy_stop_post () { + echo "Stopping haproxy." + killall haproxy +} + +run_rc_command "\$1" + +EOD; + + fwrite($fd, $haproxy); + fclose($fd); + conf_mount_ro(); + + exec("/usr/local/etc/rc.d/haproxy.sh start"); +} + +function haproxy_configure() { + global $config, $g; + + $a_global = &$config['installedpackages']['haproxy']; + $a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; + $a_frontends = &$config['installedpackages']['haproxy']['ha_frontends']['item']; + $a_servers = &$config['installedpackages']['haproxy']['ha_servers']['item']; + + $fd = fopen("{$g['varetc_path']}/haproxy.cfg", "w"); + + if(is_array($a_global)) { + fwrite ($fd, "global\n"); + fwrite ($fd, "\tmaxconn\t\t\t".$a_global['maxconn']."\n"); + fwrite ($fd, "\tlog\t\t\t127.0.0.1 local0\n"); + fwrite ($fd, "\tuid\t\t\t200\n"); + fwrite ($fd, "\tgid\t\t\t200\n"); + $numprocs = trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); + fwrite ($fd, "\tnbproc\t\t\t$numprocs\n"); + fwrite ($fd, "\tchroot\t\t\t/var/empty\n"); + fwrite ($fd, "\tdaemon\n"); + fwrite ($fd, "\n"); + } + + if(is_array($a_backends)) { + foreach ($a_backends as $backend) { + if($frontend['extaddr']=='any') + $listenip = "listen {$backend['name']}\t\t\t0.0.0.0:".$backend['port']."\n"; + else if($frontend['extaddr']=='') + $listenip = "listen {$backend['name']}\t\t\t" . get_current_wan_address('wan').":" . $backend['port']."\n"; + else + $listenip = "listen {$backend['name']}\t\t\t" . $backend['extaddr'] . ":" . $backend['port']."\n"; + + fwrite ($fd, "{$listenip}"); + fwrite ($fd, "\tmode\t\t\t".$backend['type'] . "\n"); + fwrite ($fd, "\tlog\t\t\tglobal\n"); + fwrite ($fd, "\toption\t\t\tdontlognull\n"); + fwrite ($fd, "\toption\t\t\thttpclose\n"); + fwrite ($fd, "\toption\t\t\tforwardfor\n"); + + if($backend['max_connections']) + fwrite ($fd, "\tmaxconn\t\t\t" . $backend['max_connections'] . "\n"); + + if($backend['client_timeout']) + fwrite ($fd, "\tclitimeout\t\t" . $backend['client_timeout'] . "\n"); + + if($backend['type']) + fwrite ($fd, "\tmode\t\t\t" . $backend['type'] . "\n"); + + if($backend['balance']) + fwrite ($fd, "\tbalance\t\t\t" . $backend['balance'] . "\n"); + + if($backend['connection_timeout']) + fwrite ($fd, "\tcontimeout\t\t" . $backend['connection_timeout'] . "\n"); + + if($backend['server_timeout']) + fwrite ($fd, "\tsrvtimeout\t\t" . $backend['server_timeout'] . "\n"); + + if($backend['retries']) + fwrite ($fd, "\tretries\t\t\t" . $backend['retries'] . "\n"); + + if($backend['cookie_name']) + fwrite ($fd, "\tcookie\t\t\t" . $backend['cookie_name'] . " insert indirect\n"); + + fwrite ($fd, "\toption\t\t\thttpchk HEAD " . $backend['monitor_uri'] . " HTTP/1.0\n"); + + if($backend['stats_enabled']=='yes') { + fwrite ($fd, "\tstats\t\t\tenable\n"); + if($backend['stats_uri']) + fwrite ($fd, "\tstats\t\t\turi ".$backend['stats_uri']."\n"); + if($backend['stats_realm']) + fwrite ($fd, "\tstats\t\t\trealm " . $backend['stats_realm'] . "\n"); + else + fwrite ($fd, "\tstats\t\t\trealm .\n"); + fwrite ($fd, "\tstats\t\t\tauth " . $backend['stats_username'].":". $backend['stats_password']."\n"); + } + + $a_acl=&$frontend['ha_acls']['item']; + if(!is_array($a_acl)) + $a_acl=array(); + + foreach ($a_acl as $acl) + fwrite ($fd, "\tacl\t\t\t".$acl['name']."\t\t".$acl['expression']."\n"); + + if(is_array($a_servers)) { + foreach ($a_servers as $server) { + if($server['backend']==$backend['name']) { + if($server['status']=='active') + fwrite ($fd, "\tserver\t\t\t".$server['name']." ".$server['address'].":".$server['port']." cookie ".$server['cookie']." check inter 1000 weight ".$server['weight']."\n"); + } + } + } + fwrite ($fd, "\n"); + } + } + + // create config file + fclose($fd); + + // reload haproxy + if(isset($a_global['enable'])) { + if(is_process_running('haproxy')) { + exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid`"); + } else { + exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D"); + } + return (0); + } else { + return (1); + } +} + +?> \ No newline at end of file diff --git a/config/haproxy/haproxy.xml b/config/haproxy/haproxy.xml new file mode 100644 index 00000000..db270467 --- /dev/null +++ b/config/haproxy/haproxy.xml @@ -0,0 +1,109 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + haproxy + 1.0 + HAProxy + /pkg_edit.php?xml=haproxy_servers.php + /usr/local/pkg/haproxy.inc + + HAProxy + +
Services
+ /haproxy_backends.php + + + HAProxy + haproxy.sh + haproxy + The Reliable, High Performance TCP/HTTP Load Balancer + + installedpackages->haproxy->config + + /usr/local/pkg/ + 077 + http://www.pfsense.com/packages/config/haproxy/haproxy.inc + + + /usr/local/www/ + 077 + http://www.pfsense.com/packages/config/haproxy/haproxy_backends.php + + + /usr/local/www/ + 077 + http://www.pfsense.com/packages/config/haproxy/haproxy_backends_edit.php + + + /usr/local/www/ + 077 + http://www.pfsense.com/packages/config/haproxy/haproxy_global.php + + + /usr/local/www/ + 077 + http://www.pfsense.com/packages/config/haproxy/haproxy_servers.php + + + /usr/local/www/ + 077 + http://www.pfsense.com/packages/config/haproxy/haproxy_servers_edit.php + + + + + + + + + if(!file_exists("/usr/local/bin/haproxy")) { + $freebsdv=`uname -r | cut -d'.' -f1`; + download_file_with_progress_bar("http://www.pfsense.org/packages/config/haproxy/binaries{$frebsdv}/haproxy", "/usr/local/bin/haproxy"); + exec("chmod a+rx /usr/local/bin/haproxy"); + } + + + + + + \ No newline at end of file diff --git a/config/haproxy/haproxy_backends.php b/config/haproxy/haproxy_backends.php new file mode 100755 index 00000000..b1b3ce56 --- /dev/null +++ b/config/haproxy/haproxy_backends.php @@ -0,0 +1,134 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); +require_once("haproxy.inc"); + +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } +} + +if ($_GET['act'] == "del") { + if ($a_backend[$_GET['id']]) { + if (!$input_errors) { + unset($a_backend[$_GET['id']]); + write_config(); + touch($d_haproxyconfdirty_path); + header("Location: haproxy_backends.php"); + exit; + } + } +} + +$pgtitle = "Services: HAProxy: Backends"; +include("head.inc"); + +?> + + +
+ + +

+You must apply the changes in order for them to take effect.");?>
+ + + + +
+ +
+
+ + + + + + + + + + + + + + + + + + + +
NameDescriptionType
+ + + + + + + + + + + +
+
+ + + + +
+
+
+
+

+ + + diff --git a/config/haproxy/haproxy_backends_edit.php b/config/haproxy/haproxy_backends_edit.php new file mode 100755 index 00000000..06b9d974 --- /dev/null +++ b/config/haproxy/haproxy_backends_edit.php @@ -0,0 +1,610 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} + +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if (isset($_POST['id'])) + $id = $_POST['id']; +else + $id = $_GET['id']; + +if (isset($id) && $a_backend[$id]) { + $pconfig['name'] = $a_backend[$id]['name']; + $pconfig['desc'] = $a_backend[$id]['desc']; + $pconfig['connection_timeout'] = $a_backend[$id]['connection_timeout']; + $pconfig['server_timeout'] = $a_backend[$id]['server_timeout']; + $pconfig['retries'] = $a_backend[$id]['retries']; + + $pconfig['type'] = $a_backend[$id]['type']; + $pconfig['balance'] = $a_backend[$id]['balance']; + $pconfig['monitor_uri'] = $a_backend[$id]['monitor_uri']; + + $pconfig['stats_enabled'] = $a_backend[$id]['stats_enabled']; + $pconfig['stats_username'] = $a_backend[$id]['stats_username']; + $pconfig['stats_password'] = $a_backend[$id]['stats_password']; + $pconfig['stats_uri'] = $a_backend[$id]['stats_uri']; + $pconfig['stats_realm'] = $a_backend[$id]['stats_realm']; + + $pconfig['type'] = $a_backend[$id]['type']; + $pconfig['extaddr'] = $a_backend[$id]['extaddr']; + $pconfig['max_connections'] = $a_backend[$id]['max_connections']; + $pconfig['client_timeout'] = $a_backend[$id]['client_timeout']; + $pconfig['stats_enabled'] = $a_backend[$id]['stats_enabled']; + $pconfig['stats_realm'] = $a_backend[$id]['stats_realm']; + $pconfig['stats_uri'] = $a_backend[$id]['stats_uri']; + $pconfig['stats_username'] = $a_backend[$id]['stats_username']; + $pconfig['stats_password'] = $a_backend[$id]['stats_password']; + $pconfig['port'] = $a_backend[$id]['port']; + $pconfig['a_acl']=&$a_backend[$id]['ha_acls']['item']; + +} + +$changedesc = "Services: HAProxy: Backends"; +$changecount = 0; + +if ($_POST) { + $changecount++; + + unset($input_errors); + $pconfig = $_POST; + + if ($_POST['stats_enabled']) { + $reqdfields = explode(" ", "name connection_timeout server_timeout retries stats_username stats_password stats_uri stats_realm"); + $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout,Retries,Stats Username,Stats Password,Stats Uri,Stats Realm"); + } else { + $reqdfields = explode(" ", "name connection_timeout server_timeout retries monitor_uri"); + $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout,Retries,Monitor Uri"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + $reqdfields = explode(" ", "name type port max_connections client_timeout"); + $reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (!is_numeric($_POST['connection_timeout'])) + $input_errors[] = "The field 'Connection timeout' value is not a number."; + + if (!is_numeric($_POST['server_timeout'])) + $input_errors[] = "The field 'Server timeout' value is not a number."; + + if (!is_numeric($_POST['retries'])) + $input_errors[] = "The field 'Retries' value is not a number."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) + $input_errors[] = "The field 'Stats Username' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) + $input_errors[] = "The field 'Stats Password' contains invalid characters."; + + if (!is_numeric($_POST['max_connections'])) + $input_errors[] = "The field 'Max connections' value is not a number."; + + if (!is_numeric($_POST['port'])) + $input_errors[] = "The field 'Port' value is not a number."; + + if (!is_numeric($_POST['client_timeout'])) + $input_errors[] = "The field 'Client timeout' value is not a number."; + + /* Ensure that our pool names are unique */ + for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) + if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_backends']['item'][$i]['name']) && ($i != $id)) + $input_errors[] = "This backend name has already been used. Backend names must be unique."; + + $a_acl=array(); + $acl_names=array(); + for($x=0; $x<99; $x++) { + $acl_name=$_POST['acl_name'.$x]; + $acl_expression=$_POST['acl_expression'.$x]; + + if ($acl_name) { + // check for duplicates + if (in_array($acl_name, $acl_names)) { + $input_errors[] = "The name '$acl_name' is duplicate."; + } + + $acl_names[]=$acl_name; + + $acl=array(); + $acl['name']=$acl_name; + $acl['expression']=$acl_expression; + $a_acl[]=$acl; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $acl_name)) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (!preg_match("/.{2,}/", $acl_expression)) + $input_errors[] = "The field 'Expression' is required."; + + if (!preg_match("/.{2,}/", $acl_name)) + $input_errors[] = "The field 'Name' is required."; + + } + } + + $pconfig['a_acl']=$a_acl; + + if (!$input_errors) { + $backend = array(); + if(isset($id) && $a_backend[$id]) + $backend = $a_backend[$id]; + + if($backend['name'] != "") + $changedesc .= " modified '{$backend['name']}' pool:"; + + if ($backend['name']!=$_POST['name']) { + // name changed: + // * update servers + // * update frontend (default backend and acl) + if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { + $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); + } + $a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; + + for ( $i = 0; $i < count($a_server); $i++) { + if ($a_server[$i]['backend']==$backend['name']) { + $a_server[$i]['backend']=$_POST['name']; + } + } + + if (!is_array($config['installedpackages']['haproxy']['ha_frontends']['item'])) { + $config['installedpackages']['haproxy']['ha_frontends']['item'] = array(); + } + $a_frontend = &$config['installedpackages']['haproxy']['ha_frontends']['item']; + + for ( $i = 0; $i < count($a_frontend); $i++) { + if ($a_frontend[$i]['backend']==$backend['name']) { + $a_frontend[$i]['backend']=$_POST['name']; + } + + if (!is_array($a_frontend[$i]['ha_acls']['item'])) { + $a_frontend[$i]['ha_acls']['item'] = array(); + } + + $a_acl = &$a_frontend[$i]['ha_acls']['item']; + for ( $j = 0; $j < count($a_acl); $j++) { + if ($a_acl[$j]['backend']==$backend['name']) { + $a_acl[$j]['backend']=$_POST['name']; + } + } + } + } + + update_if_changed("name", $backend['name'], $_POST['name']); + update_if_changed("description", $backend['desc'], $_POST['desc']); + update_if_changed("connection_timeout", $backend['connection_timeout'], $_POST['connection_timeout']); + update_if_changed("server_timeout", $backend['server_timeout'], $_POST['server_timeout']); + update_if_changed("retries", $backend['retries'], $_POST['retries']); + update_if_changed("type", $backend['type'], $_POST['type']); + update_if_changed("balance", $backend['balance'], $_POST['balance']); + update_if_changed("cookie_name", $backend['cookie_name'], $_POST['cookie_name']); + update_if_changed("monitor_uri", $backend['monitor_uri'], $_POST['monitor_uri']); + update_if_changed("stats_enabled", $backend['stats_enabled'], $_POST['stats_enabled']); + update_if_changed("stats_username", $backend['stats_username'], $_POST['stats_username']); + update_if_changed("stats_password", $backend['stats_password'], $_POST['stats_password']); + update_if_changed("stats_uri", $backend['stats_uri'], $_POST['stats_uri']); + update_if_changed("stats_realm", $backend['stats_realm'], $_POST['stats_realm']); + update_if_changed("type", $backend['type'], $_POST['type']); + update_if_changed("port", $backend['port'], $_POST['port']); + update_if_changed("extaddr", $backend['extaddr'], $_POST['extaddr']); + update_if_changed("max_connections", $backend['max_connections'], $_POST['max_connections']); + update_if_changed("client_timeout", $backend['client_timeout'], $_POST['client_timeout']); + + $backend['ha_acls']['item']=$a_acl; + + if (isset($id) && $a_backend[$id]) { + $a_backend[$id] = $backend; + } else { + $a_backend[] = $backend; + } + + if ($changecount > 0) { + touch($d_haproxyconfdirty_path); + write_config($changedesc); + } + + header("Location: haproxy_backends.php"); + exit; + } +} + +$pgtitle = "HAProxy: Backend: Edit"; +include("head.inc"); + +?> + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + > + + + + > + + + + > + + + + + > + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Edit haproxy backend
Name + size="25" maxlength="25"> +
Description + size="64"> +
Connection timeout + size="64"> +
the time (in milliseconds) we give up if the connection does not complete within (30000).
+
Server timeout + size="64"> +
the time (in milliseconds) we accept to wait for data from the server, or for the server to accept data (30000).
+
Retries + size="64"> +
After a connection failure to a server, it is possible to retry, potentially +on another server. This is useful if health-checks are too rare and you don't +want the clients to see the failures. The number of attempts to reconnect is +set by the 'retries' parameter (2).
+
Type + +
Balance + + + + + + +
>Round robinEach server is used in turns, according to their weights. + This is the smoothest and fairest algorithm when the server's + processing time remains equally distributed. This algorithm + is dynamic, which means that server weights may be adjusted + on the fly for slow starts for instance.
>Source + The source IP address is hashed and divided by the total + weight of the running servers to designate which server will + receive the request. This ensures that the same client IP + address will always reach the same server as long as no + server goes down or up. If the hash result changes due to the + number of running servers changing, many clients will be + directed to a different server. This algorithm is generally + used in TCP mode where no cookie may be inserted. It may also + be used on the Internet to provide a best-effort stickyness + to clients which refuse session cookies. This algorithm is + static, which means that changing a server's weight on the + fly will have no effect.
+ >URI +The left part of the URI (before the question mark) is hashed + and divided by the total weight of the running servers. The + result designates which server will receive the request. This + ensures that a same URI will always be directed to the same + server as long as no server goes up or down. This is used + with proxy caches and anti-virus proxies in order to maximize + the cache hit rate. Note that this algorithm may only be used + in an HTTP backend. This algorithm is static, which means + that changing a server's weight on the fly will have no + effect.
+
Stats Enabled + onclick='toggle_stats();'>
+ EXAMPLE: haproxystats + +
Stats Realm + size="64"> +
Stats Uri + size="64">
+ EXAMPLE: /haproxy?stats +
Stats Username + size="64"> +
Stats Password + size="64"> +
Monitor Uri + size="50" maxlength="50">
+
Port + size="10" maxlength="10"> +
the port to listen to
+
External address + +
+ + If you want this rule to apply to another IP address than the IP address of the interface chosen above, + select it here (you need to define Virtual IP addresses on the first). Also note that if you are trying to redirect connections on the LAN select the "any" option.
Type + +
Max connections + size="10" maxlength="10"> +
the time (in milliseconds) we give up if the connection does not complete within (8000).
+
Client timeout + size="10" maxlength="10"> +
the time (in milliseconds) we accept to wait for data from the client, or for the client to accept data (30000).
+
Access Control lists + + + + + + + + + + + + + + + +
NameExpressionBackend
+ +
+ + +
+ Fore more information about ACL's please see HAProxy Documentation Section 7 - Using ACL's +
  + + + + +
+
+
+ + + + diff --git a/config/haproxy/haproxy_global.php b/config/haproxy/haproxy_global.php new file mode 100755 index 00000000..53784027 --- /dev/null +++ b/config/haproxy/haproxy_global.php @@ -0,0 +1,186 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("globals.inc"); +require("guiconfig.inc"); +require_once("haproxy.inc"); + +if (!is_array($config['installedpackages']['haproxy'])) { + $config['installedpackages']['haproxy'] = array(); +} + +$pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']); +$pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn']; + +if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } else { + if ($_POST['enable']) { + $reqdfields = explode(" ", "maxconn"); + $reqdfieldsn = explode(",", "Maximum connections"); + } else { + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn']))) { + $input_errors[] = "The maximum number of connections should be numeric."; + } + + if (!$input_errors) { + $config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false; + $config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false; + + touch($d_haproxyconfdirty_path); + write_config(); + } + } + +} + +$pgtitle = "Services: HAProxy: Settings"; +include("head.inc"); + +?> + + + +
+ + +

+You must apply the changes in order for them to take effect.");?>
+ + + + +
+ +
+
+ + + + + + + + + + + + + + + + + +
  + onClick="enable_change(false)"> + Enable HAProxy
+ Maximum connections + + + + + +
+ value=""> per Backend. +
+ Sets the maximum per-process number of concurrent connections to X.
+ NOTE: setting this value too high will result in haproxy not being able to allocate enough memory.
+ + + + + + + + + + + + + + + + + + + + + + + + +
ConnectionsMemory usage
+
+
9993276 Kilobytes
999994448 Kilobytes
99999932540 Kilobytes
9999999143 Megabytes
+
+   +
  + +
+
+
+

+ + + + diff --git a/config/haproxy/haproxy_servers.php b/config/haproxy/haproxy_servers.php new file mode 100755 index 00000000..6533b704 --- /dev/null +++ b/config/haproxy/haproxy_servers.php @@ -0,0 +1,146 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); +require_once("haproxy.inc"); + +if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { + $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); +} +$a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; + +if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } +} + +if ($_GET['act'] == "del") { + if ($a_server[$_GET['id']]) { + if (!$input_errors) { + unset($a_server[$_GET['id']]); + write_config(); + touch($d_haproxyconfdirty_path); + header("Location: haproxy_servers.php"); + exit; + } + } +} + +$pgtitle = "Services: HAProxy: Backends"; +include("head.inc"); + +?> + + +
+ + +

+You must apply the changes in order for them to take effect.");?>
+ + + + +
+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
NameServerStatusBackendCookieWeight
+ + + + + + + + + + + + + + + + + +
+
+ + + + +
+
+
+
+

+ + + diff --git a/config/haproxy/haproxy_servers_edit.php b/config/haproxy/haproxy_servers_edit.php new file mode 100755 index 00000000..475c847e --- /dev/null +++ b/config/haproxy/haproxy_servers_edit.php @@ -0,0 +1,244 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { + $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); +} + +$a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; + +if (isset($_POST['id'])) + $id = $_POST['id']; +else + $id = $_GET['id']; + +if (isset($id) && $a_server[$id]) { + $pconfig['name'] = $a_server[$id]['name']; + $pconfig['address'] = $a_server[$id]['address']; + $pconfig['port'] = $a_server[$id]['port']; + $pconfig['backend'] = $a_server[$id]['backend']; + $pconfig['weight'] = $a_server[$id]['weight']; + $pconfig['cookie'] = $a_server[$id]['cookie']; + $pconfig['status'] = $a_server[$id]['status']; +} + +$changedesc = "Services: HAProxy: Servers: "; +$changecount = 0; + +if ($_POST) { + $changecount++; + + unset($input_errors); + $pconfig = $_POST; + + $reqdfields = explode(" ", "name address port backend weight cookie"); + $reqdfieldsn = explode(",", "Name,Address,Port,Backend,Weight,Cookie"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.]/", $_POST['address'])) + $input_errors[] = "The field 'Address' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['cookie'])) + $input_errors[] = "The field 'Cookie' contains invalid characters."; + + if (!is_numeric($_POST['port'])) + $input_errors[] = "The field 'Port' value is not a number."; + else { + if (!($_POST['port']>=1 && $_POST['port']<=65535)) + $input_errors[] = "The field 'Port' value must be between 1 and 65535."; + } + + if (!is_numeric($_POST['weight'])) + $input_errors[] = "The field 'Weight' value is not a number."; + else { + if (!($_POST['weight']>=1 && $_POST['weight']<=256)) + $input_errors[] = "The field 'Weight' value must be between 1 and 256."; + } + + /* Ensure that our pool names are unique */ + for ($i=0; isset($config['installedpackages']['haproxy']['ha_servers']['item'][$i]); $i++) + if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_servers']['item'][$i]['name']) && ($i != $id)) + $input_errors[] = "This server name has already been used. Server names must be unique."; + + if (!$input_errors) { + $server = array(); + if(isset($id) && $a_server[$id]) + $server = $a_server[$id]; + + if($server['name'] != "") + $changedesc .= " modified '{$server['name']}' pool:"; + + update_if_changed("name", $server['name'], $_POST['name']); + update_if_changed("address", $server['address'], $_POST['address']); + update_if_changed("port", $server['port'], $_POST['port']); + update_if_changed("backend", $server['backend'], $_POST['backend']); + update_if_changed("cookie", $server['cookie'], $_POST['cookie']); + update_if_changed("weight", $server['weight'], $_POST['weight']); + update_if_changed("status", $server['status'], $_POST['status']); + + if (isset($id) && $a_server[$id]) { + $a_server[$id] = $server; + } else { + $a_server[] = $server; + } + + if ($changecount > 0) { + touch($d_haproxyconfdirty_path); + write_config($changedesc); + /* + echo "
";
+			print_r($config);
+			echo "
"; + */ + } + + header("Location: haproxy_servers.php"); + exit; + } +} + +$pgtitle = "HAProxy: Server: Edit"; +include("head.inc"); + +?> + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Edit haproxy server
Name + size="16" maxlength="16"> +
Address + size="64"> +
Port + size="5"> +
Backend + +
+
Status + +
Cookie + size="64">
+ This value will be checked in incoming requests, and the first + operational server possessing the same value will be selected. In return, in + cookie insertion or rewrite modes, this value will be assigned to the cookie + sent to the client. There is nothing wrong in having several servers sharing + the same cookie value, and it is in fact somewhat common between normal and + backup servers. See also the "cookie" keyword in backend section. + +
Weight + size="64">
+ The default weight is 1, and the maximal value is 255.
+ NOTE: If this + parameter is used to distribute the load according to server's capacity, it + is recommended to start with values which can both grow and shrink, for + instance between 10 and 100 to leave enough room above and below for later + adjustments. + +
  + + + + +
+
+
+ + + -- cgit v1.2.3