Commit Graph

234 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa b8fda6808b nghttpx: Cookie based session affinity 2017-11-01 22:18:03 +09:00
Tatsuhiro Tsujikawa 60baca27e4 nghttpx: Add more TLS related attributes to mruby Env object
The added attributes are:

* tls_cipher
* tls_protocol
* tls_session_id
* tls_session_reused
* alpn
2017-10-29 22:42:30 +09:00
Tatsuhiro Tsujikawa c573c80bd3 nghttpx: Pass a pointer to SSL instead of TLSSessionInfo to LogSpec 2017-10-29 19:47:39 +09:00
Tatsuhiro Tsujikawa f507b5eee4 nghttpx: Use an existing h2 backend connection as much as possible
h2load measurement reveals that this strategy is 3 times faster than
the previous implementations.
2017-10-19 21:15:08 +09:00
Tatsuhiro Tsujikawa 4d76606fa2 Fix bug that forwarded for is not affected by proxy protocol 2017-08-09 22:44:14 +09:00
Tatsuhiro Tsujikawa 17614312e0 Merge pull request #892 from nghttp2/nghttpx-sni-fwd
nghttpx: SNI based backend server selection
2017-04-19 21:22:15 +09:00
Tatsuhiro Tsujikawa a2e35a0757 nghttpx: Add $tls_sni access log variable 2017-04-18 22:44:26 +09:00
Tatsuhiro Tsujikawa c8a5f1e335 nghttpx: SNI based backend server selection 2017-04-16 23:47:10 +09:00
Tatsuhiro Tsujikawa 058122b804 nghttpx: Rename shrpx_ssl.{h,cc} as shrpx_tls.{h,cc}
The namespace shrpx::ssl was also renamed as shrpx::tls.
2017-04-01 15:12:28 +09:00
Tatsuhiro Tsujikawa 69f63c529d src: Rename ssl.{h,cc} as tls.{h,cc}
nghttp2::ssl namespace was also renamed as nghttp2::tls.
2017-04-01 15:12:28 +09:00
Tatsuhiro Tsujikawa b9b58c781e nghttpx: Avoid extra TLS handshake calls 2017-03-30 22:23:55 +09:00
Tatsuhiro Tsujikawa 9aee518352 nghttpx: Effectively revert ff64f64e1d 2017-03-15 00:07:57 +09:00
Tatsuhiro Tsujikawa fa074145a4 Merge pull request #788 from nghttp2/nghttpx-h2-proxy-pattern-match
nghttpx: Enable backend pattern matching with http2-proxy
2017-03-06 21:22:34 +09:00
Tatsuhiro Tsujikawa a7c780a732 nghttpx: Redirect to HTTPS URI with redirect-if-not-tls param
This commit removes frontend-tls parameter, and adds
redirect-if-not-tls parameter parameter to --backend option.  nghttpx
now responds to the request with 308 status code to redirect the
request to https URI if frontend connection is not TLS encrypted, and
redirect-if-no-tls parameter is used in --backend option.  The port
number in Location header field is 443 by default (thus omitted), but
it can be configurable using --redirect-https-port option.
2017-02-18 22:32:27 +09:00
Tatsuhiro Tsujikawa e5b84fad09 nghttpx: Fix bug that old config is used during reloading config 2017-02-16 22:46:22 +09:00
Tatsuhiro Tsujikawa 0b1ddad62b nghttpx: Add frontend-tls parameter to backend to require client TLS 2017-01-28 22:19:14 +09:00
Tatsuhiro Tsujikawa 3ddc446ba2 nghttpx: Enable backend pattern matching with http2-proxy 2017-01-26 01:04:27 +09:00
Tatsuhiro Tsujikawa a2afd393ed nghttpx: Remove field from LogSpec which can be got from Downstream 2017-01-11 22:30:12 +09:00
Tatsuhiro Tsujikawa 33aa327ef5 nghttpx: Fix access.log timestamp
access.log timestamp is now when request header fields are received,
rather than when access log is written.
2017-01-11 20:47:17 +09:00
Tatsuhiro Tsujikawa 4fa150c494 nghttpx: Use Memchunk based read buffer for frontend connection
Previously, we have dedicated read buffer for each frontend
connection.  With this commit, the buffer spaces are only used when
needed, and pooled if they are not used.  This reduces memory usage
for idle client connections.
2017-01-08 23:20:14 +09:00
Tatsuhiro Tsujikawa b313386988 nghttpx: Add proxyproto to frontend option to accept PROXY protocol
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible.  To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa 359730af54 Fix regression in ff64f64e1d 2016-12-21 23:19:10 +09:00
Tatsuhiro Tsujikawa ff64f64e1d nghttpx: Faster HTTP/1 frontend 2016-11-29 20:42:27 +09:00
Tatsuhiro Tsujikawa 46d1e6bb55 nghttpx: Increase block size of connection wide allocator to 512 2016-10-24 21:06:37 +09:00
Tatsuhiro Tsujikawa 1b4ccd0d51 nghttpx: Don't call get_config() repeatedly 2016-10-08 11:37:18 +09:00
Tatsuhiro Tsujikawa 8c1e155f44 nghttpx: Make it simple to calculate length 2016-10-03 22:09:46 +09:00
Tatsuhiro Tsujikawa 99a91e3172 nghttpx: Add BlockAllocator to Config object 2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa ede6104900 nghttpx: Increase block size for connection wide BlockAllocator 2016-10-02 22:28:43 +09:00
Tatsuhiro Tsujikawa e1a865c406 nghttpx: Add BlockAllocator version of util::formax_hex 2016-10-02 22:28:42 +09:00
Tatsuhiro Tsujikawa 8a9810ed32 nghttpx: Add BlockAllocator to ClientHandler 2016-10-01 22:54:17 +09:00
Tatsuhiro Tsujikawa 69b53b9aaa nghttpx: Handle graceful shutdown with client IP affinity enabled 2016-09-22 23:17:49 +09:00
Tatsuhiro Tsujikawa f267e400fa nghttpx: Migrate backend stream to another h2 session on graceful shutdown 2016-09-15 00:53:41 +09:00
Tatsuhiro Tsujikawa bc31146c1f nghttpx: Add tls_sni to mruby Nghttpx::Env class
tls_sni returns TLS SNI value which client sent in this TLS
connection.
2016-09-10 22:08:34 +09:00
Tatsuhiro Tsujikawa 27b250ac8e nghttpx: Add experimental TCP optimization for h2 frontend 2016-09-10 16:27:48 +09:00
Tatsuhiro Tsujikawa ad3d43b8be nghttpx: Add access log variable for backend host and port
Use $backend_host and $backend_port.  $backend_host is backend host
name given in --backend option.  It could be a path to UNIX domain
socket.
2016-08-05 00:04:47 +09:00
Tatsuhiro Tsujikawa 30f26a2b9d nghttpx: Explicitly cast to uint32_t for hash calculation 2016-07-06 23:58:53 +09:00
Tatsuhiro Tsujikawa 2bbe4422d2 nghttpx: Use consistent hashing for client IP based session affinity
We use technique described in https://github.com/RJ/ketama
2016-07-06 23:31:10 +09:00
Tatsuhiro Tsujikawa cbced219ec nghttpx: Rewrite read timer handling
For HTTP/2, read timer starts when there is no downstream, and timer
stops when there is at least one downstream.  For HTTP/1, read timer
starts when request handling finished, and timer stops when request
handling starts.
2016-06-24 00:04:39 +09:00
Tatsuhiro Tsujikawa 56e7cd4be2 nghttpx: Add healthmon parameter to -f option to enable health monitor mode 2016-06-17 00:00:37 +09:00
Tatsuhiro Tsujikawa af9662f971 nghttpx: Make API processing one of alternative mode 2016-06-16 23:30:35 +09:00
Tatsuhiro Tsujikawa c06e8c89ff nghttpx: Use BlockAllocator in match_downstream_addr_group 2016-06-11 18:41:43 +09:00
Tatsuhiro Tsujikawa a809da68a3 nghttpx: Aggregate router configuration into one struct 2016-06-11 18:25:38 +09:00
Tatsuhiro Tsujikawa 288449b9bc nghttpx: Rewrite wildcard router 2016-06-10 23:43:44 +09:00
Tatsuhiro Tsujikawa f9897f8ccd nghttpx: Fix bugs and crash when affinity is enabled 2016-06-09 23:17:41 +09:00
Tatsuhiro Tsujikawa 143d0b69b7 nghttpx: Implement client IP based session affinity 2016-06-09 22:35:59 +09:00
Tatsuhiro Tsujikawa 845aa7a710 nghttpx: Share downstream config object
This is the unit of sharing configurations to change
2016-06-03 19:57:43 +09:00
Tatsuhiro Tsujikawa fe58614b23 nghttpx: Use std::shared_ptr for downstream addresses so that we can swap them 2016-06-03 01:20:49 +09:00
Tatsuhiro Tsujikawa 667c8b0e27 nghttpx: Add APIDownstreamConnection to handle API request
For those connections via frontend with api parameter, they use solely
APIDownstreamConnection.

In this commit, APIDownstreamConnection just consumes all request
body, and do nothing.  The next few commits implements our first API
endpoint: /v1/api/dynamicconfig.
2016-06-02 23:50:56 +09:00
Tatsuhiro Tsujikawa 26eb983cf0 nghttpx: Fix bug that h2 is used while there is no h2 backend 2016-05-26 00:14:11 +09:00
Tatsuhiro Tsujikawa e0491c2ee8 nghttpx: Refactor protocol selection in backend 2016-05-25 23:07:04 +09:00