Commit Graph

264 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa b313386988 nghttpx: Add proxyproto to frontend option to accept PROXY protocol
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible.  To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa 359730af54 Fix regression in ff64f64e1d 2016-12-21 23:19:10 +09:00
Tatsuhiro Tsujikawa ff64f64e1d nghttpx: Faster HTTP/1 frontend 2016-11-29 20:42:27 +09:00
Tatsuhiro Tsujikawa 46d1e6bb55 nghttpx: Increase block size of connection wide allocator to 512 2016-10-24 21:06:37 +09:00
Tatsuhiro Tsujikawa 1b4ccd0d51 nghttpx: Don't call get_config() repeatedly 2016-10-08 11:37:18 +09:00
Tatsuhiro Tsujikawa 8c1e155f44 nghttpx: Make it simple to calculate length 2016-10-03 22:09:46 +09:00
Tatsuhiro Tsujikawa 99a91e3172 nghttpx: Add BlockAllocator to Config object 2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa ede6104900 nghttpx: Increase block size for connection wide BlockAllocator 2016-10-02 22:28:43 +09:00
Tatsuhiro Tsujikawa e1a865c406 nghttpx: Add BlockAllocator version of util::formax_hex 2016-10-02 22:28:42 +09:00
Tatsuhiro Tsujikawa 8a9810ed32 nghttpx: Add BlockAllocator to ClientHandler 2016-10-01 22:54:17 +09:00
Tatsuhiro Tsujikawa 69b53b9aaa nghttpx: Handle graceful shutdown with client IP affinity enabled 2016-09-22 23:17:49 +09:00
Tatsuhiro Tsujikawa f267e400fa nghttpx: Migrate backend stream to another h2 session on graceful shutdown 2016-09-15 00:53:41 +09:00
Tatsuhiro Tsujikawa bc31146c1f nghttpx: Add tls_sni to mruby Nghttpx::Env class
tls_sni returns TLS SNI value which client sent in this TLS
connection.
2016-09-10 22:08:34 +09:00
Tatsuhiro Tsujikawa 27b250ac8e nghttpx: Add experimental TCP optimization for h2 frontend 2016-09-10 16:27:48 +09:00
Tatsuhiro Tsujikawa ad3d43b8be nghttpx: Add access log variable for backend host and port
Use $backend_host and $backend_port.  $backend_host is backend host
name given in --backend option.  It could be a path to UNIX domain
socket.
2016-08-05 00:04:47 +09:00
Tatsuhiro Tsujikawa 30f26a2b9d nghttpx: Explicitly cast to uint32_t for hash calculation 2016-07-06 23:58:53 +09:00
Tatsuhiro Tsujikawa 2bbe4422d2 nghttpx: Use consistent hashing for client IP based session affinity
We use technique described in https://github.com/RJ/ketama
2016-07-06 23:31:10 +09:00
Tatsuhiro Tsujikawa cbced219ec nghttpx: Rewrite read timer handling
For HTTP/2, read timer starts when there is no downstream, and timer
stops when there is at least one downstream.  For HTTP/1, read timer
starts when request handling finished, and timer stops when request
handling starts.
2016-06-24 00:04:39 +09:00
Tatsuhiro Tsujikawa 56e7cd4be2 nghttpx: Add healthmon parameter to -f option to enable health monitor mode 2016-06-17 00:00:37 +09:00
Tatsuhiro Tsujikawa af9662f971 nghttpx: Make API processing one of alternative mode 2016-06-16 23:30:35 +09:00
Tatsuhiro Tsujikawa c06e8c89ff nghttpx: Use BlockAllocator in match_downstream_addr_group 2016-06-11 18:41:43 +09:00
Tatsuhiro Tsujikawa a809da68a3 nghttpx: Aggregate router configuration into one struct 2016-06-11 18:25:38 +09:00
Tatsuhiro Tsujikawa 288449b9bc nghttpx: Rewrite wildcard router 2016-06-10 23:43:44 +09:00
Tatsuhiro Tsujikawa f9897f8ccd nghttpx: Fix bugs and crash when affinity is enabled 2016-06-09 23:17:41 +09:00
Tatsuhiro Tsujikawa 143d0b69b7 nghttpx: Implement client IP based session affinity 2016-06-09 22:35:59 +09:00
Tatsuhiro Tsujikawa 845aa7a710 nghttpx: Share downstream config object
This is the unit of sharing configurations to change
2016-06-03 19:57:43 +09:00
Tatsuhiro Tsujikawa fe58614b23 nghttpx: Use std::shared_ptr for downstream addresses so that we can swap them 2016-06-03 01:20:49 +09:00
Tatsuhiro Tsujikawa 667c8b0e27 nghttpx: Add APIDownstreamConnection to handle API request
For those connections via frontend with api parameter, they use solely
APIDownstreamConnection.

In this commit, APIDownstreamConnection just consumes all request
body, and do nothing.  The next few commits implements our first API
endpoint: /v1/api/dynamicconfig.
2016-06-02 23:50:56 +09:00
Tatsuhiro Tsujikawa 26eb983cf0 nghttpx: Fix bug that h2 is used while there is no h2 backend 2016-05-26 00:14:11 +09:00
Tatsuhiro Tsujikawa e0491c2ee8 nghttpx: Refactor protocol selection in backend 2016-05-25 23:07:04 +09:00
Tatsuhiro Tsujikawa 2a4bf9f615 nghttpx: Allow mixed protocol and TLS settings among backends under same pattern 2016-05-24 23:36:43 +09:00
Tatsuhiro Tsujikawa 09b97a3313 nghttpx: Add mruby env.server_port to return frontend server side port 2016-04-28 00:19:30 +09:00
Tatsuhiro Tsujikawa 3d00dd6537 nghttpx: Fix erroneous division by sizeof(...) 2016-04-24 17:42:24 +09:00
Tatsuhiro Tsujikawa 2a59c832c1 nghttpx: Set 0 to next_proto_len explicitly for clarification 2016-04-08 23:03:42 +09:00
Tatsuhiro Tsujikawa 46514074a4 nghttpx: Better load balancing between backend HTTP/2 servers 2016-04-03 15:09:01 +09:00
Tatsuhiro Tsujikawa 344541dd89 nghttpx: Better distribute load to backend h2 servers 2016-04-02 00:02:48 +09:00
Tatsuhiro Tsujikawa 186d440168 nghttpx: More StringRef-fy 2016-03-25 01:19:42 +09:00
Tatsuhiro Tsujikawa 0875e66aab src: Remove streq(const char *) overload 2016-03-25 00:02:07 +09:00
Tatsuhiro Tsujikawa 58b06f32a2 nghttpx: Configure TLS per backend routing pattern
We added "tls" parameter to --backend option to enable TLS on that
backend connection.  --backend-tls options was deprecated, now is
noop.
2016-03-23 22:56:18 +09:00
Tatsuhiro Tsujikawa 0f9ed40bd9 nghttpx: Share connection among different patterns if address set are same 2016-03-23 00:01:27 +09:00
Tatsuhiro Tsujikawa a1e0bd134e nghttpx: Create at least the same number of h2 session as load balancing hosts 2016-03-19 12:00:27 +09:00
Tatsuhiro Tsujikawa 34d209b30b nghttpx: Add wildcard host routing
This change allows host pattern in --backend to include '*' to
indicate wildcard match.  The wildcard match is made in suffix match
only.
2016-03-13 01:01:34 +09:00
Tatsuhiro Tsujikawa b1b57cc740 nghttpx: Use StringRef for authority, scheme and path 2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa fe6ccd16da nghttpx: Change read timeout reset timing 2016-03-05 19:11:36 +09:00
Tatsuhiro Tsujikawa 284691253f nghttpx: Use StringRef for http::create_forwarded parameter 2016-02-29 00:05:32 +09:00
Tatsuhiro Tsujikawa 06921f35f3 nghttpx: Restructure mode settings
It is very hard to support multiple protocols in backend while
retaining multiple mode settings.  Therefore, we dropped modes except
for default and HTTP/2 proxy mode.  The other removed modes can be
emulated using combinations of options.  Now the backend connection is
not encrypted by default.  To enable encryption on backend connection,
use --backend-tls option.
2016-02-28 21:35:26 +09:00
Tatsuhiro Tsujikawa 1832f78684 nghttpx: Move downstream proto to DownstreamAddrGroup 2016-02-28 16:56:14 +09:00
Tatsuhiro Tsujikawa 8ca3e5f6ba nghttpx: Separate Downstream address group from config to runtime 2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa 21007da392 nghttpx: Rewrite backend HTTP/2 connection coalesce strategy
Previously, we use one Http2Session object per DownstreamAddrGroup.
This is not flexible, and we have to provision how many HTTP/2
connection is required in advance.  The new strategy is we add
Http2Session object on demand.  We measure the number of attached
downstream connection object and server advertised concurrency limit.
As long as former is smaller than the latter, we attach new downstream
connection to it.  Once the limit is reached, we create new
Http2Session object.  If the number lowers the limit, we start to
share Http2Session object again.
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa c9a4f293a1 nghttpx: ConnectBlocker per backend address 2016-02-21 14:53:06 +09:00
Tatsuhiro Tsujikawa 49fa914db5 nghttpx: Use StringRef for string parameters in match_downstream_addr_group 2016-02-14 20:48:06 +09:00
Tatsuhiro Tsujikawa ede0f6aa32 src: Remove verbose const 2016-02-07 18:12:57 +09:00
Tatsuhiro Tsujikawa 6d49110a33 Rename FrontendAddr as UpstreamAddr 2016-02-07 17:51:53 +09:00
Tatsuhiro Tsujikawa 26d49c1dc3 nghttpx: Cache client session 2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa bb4e2f6a24 nghttpx: Add TLS support for HTTP/1 backend 2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa 5e9bcbec9a nghttpx: Fix bug that IPv6 address in Forwarded "for" is not quoted-string 2016-02-01 23:29:17 +09:00
Tatsuhiro Tsujikawa aa07fe7fa6 nghttpx: Support multiple frontend addresses
This commit allows nghttpx to listen to multiple address and port pair
by specifying -f option multiple times.
2016-02-01 23:10:29 +09:00
Tatsuhiro Tsujikawa 85bb37ab7c Enable ConstructorInitializerAllOnOneLineOrOnePerLine for better diff 2016-01-27 21:14:07 +09:00
Tatsuhiro Tsujikawa 98253b1d0d nghttpx: Use DefaultMemchunks as HTTP/2 and SPDY frontend response buffer 2016-01-27 15:28:01 +09:00
Tatsuhiro Tsujikawa 1739b5a0e6 nghttpx: Don't read frontend socket if read watcher is stopped 2016-01-27 15:26:06 +09:00
Tatsuhiro Tsujikawa 5a3ca7e700 nghttpx: Disallow user defined static obfuscated string for "for" parameter 2016-01-21 21:05:07 +09:00
Tatsuhiro Tsujikawa 03f7f8cb9c nghttpx: About implicit conversion from ImmutableString and std::string to StringRef
This is required to avoid creation of temporary ImmutableString
like so:

std::string x;
ImmutableString y = ...;
StringRef ref = !x.empty() ? x : y;

First, temporary ImmutableString is created with x since
ImmutableString has constructor to accept std::string.  After
StringRef gets this, the temporary ImmutableString is destroyed, and
ref has dangling pointer.
2016-01-21 17:12:40 +09:00
Tatsuhiro Tsujikawa db8de490a0 nghttpx: Omit Forwarded for and by parameter if UNIX domain socket is used 2016-01-19 23:26:04 +09:00
Tatsuhiro Tsujikawa 0402481be4 nghttpx: Organize connection related configuration into struct 2016-01-19 16:56:12 +09:00
Tatsuhiro Tsujikawa 35feae3b0c nghttpx: Group up logging related options 2016-01-18 17:26:27 +09:00
Tatsuhiro Tsujikawa 16549bb276 nghttpx: Structured configurations for http and http2 2016-01-18 17:00:20 +09:00
Tatsuhiro Tsujikawa f3e1dc7a4f nghttpx: Structured TLS related configurations 2016-01-18 14:21:09 +09:00
Tatsuhiro Tsujikawa 4f07db8bcb src: Rename our new string classes 2016-01-17 11:33:45 +09:00
Tatsuhiro Tsujikawa 959d378f2a nghttpx: Optimize accesslog write 2016-01-17 11:19:19 +09:00
Tatsuhiro Tsujikawa d678c07ddf nghttpx: Allow user to specify static obfuscated value via command-line 2016-01-16 11:32:26 +09:00
Tatsuhiro Tsujikawa 5c3f74b424 nghttpx: Add RFC 7239 Forwarded header field support 2016-01-16 11:32:14 +09:00
Tatsuhiro Tsujikawa 5a8cf94361 nghttpx: Refactor Downstream::response_sent_bodylen_ 2016-01-14 23:54:28 +09:00
Tatsuhiro Tsujikawa 3b8889a2a1 nghttpx: Extract response related fields to Response struct 2016-01-14 01:05:10 +09:00
Tatsuhiro Tsujikawa 919f08eb38 nghttpx: Extract request related fields to Request struct
Header field related functions are now gathered into FieldStore class.
This commit only handles request.  Subsequent commit will do the same
thing for response.
2016-01-14 01:04:32 +09:00
Tatsuhiro Tsujikawa ef7d6e8a0c nghttpx: Loose HTTP Upgrade condition 2015-12-16 00:38:30 +09:00
Tatsuhiro Tsujikawa 71012fe83a nghttpx: Add constexpr 2015-12-15 22:47:05 +09:00
Tatsuhiro Tsujikawa ba9e912cf6 src: Rename isAlpha, isDigit, and isHexDigit as is_... 2015-11-28 00:42:51 +09:00
Lucas Pardue dcc9aaaa24 Add TLS dynamic record size behaviour command line options 2015-10-22 14:07:18 +00:00
Tatsuhiro Tsujikawa 777e1ee2c5 nghttpx: Use send_data_callback for higher throughput 2015-10-03 17:56:37 +09:00
Tatsuhiro Tsujikawa da89f9c150 nghttpx: Refactor client handler write
Move write buffer to Upstream objects
2015-10-03 11:09:42 +09:00
Tatsuhiro Tsujikawa fe79b6d118 nghttpx: Avoid last buffer copy when HTTP/1.1 is used 2015-10-01 23:34:17 +09:00
Tatsuhiro Tsujikawa 8acf9a2802 nghttpx: Trie based routing 2015-09-26 22:19:10 +09:00
Tatsuhiro Tsujikawa 1c2fcc2a55 nghttpx: Handle SSL/TLS data following PROXY protocol line 2015-09-17 22:26:49 +09:00
Tatsuhiro Tsujikawa 753f6d4a3e src: Fix compiler warning 2015-09-09 21:01:13 +09:00
Tatsuhiro Tsujikawa aba2dbddc2 nghttpx: Don't allow partial PROXY protocol line 2015-09-09 00:21:54 +09:00
Tatsuhiro Tsujikawa 79945c0c45 nghttpx: Robust PROXY protocol implementation 2015-09-07 22:37:25 +09:00
Tatsuhiro Tsujikawa a1bb48770c nghttpx: Add tests for PROXY protocol handling 2015-09-06 23:11:07 +09:00
Tatsuhiro Tsujikawa d05b77b36c nghttpx: More logging for PROXY protocol handling 2015-09-06 21:44:45 +09:00
Tatsuhiro Tsujikawa ce53bd239e nghttpx: Implement PROXY protocol version 1
Use --accept-proxy-protocol to enable PROXY protocol handling
2015-09-06 21:30:19 +09:00
Tatsuhiro Tsujikawa 200217d8ea nghttpx: Store empty string to path for server-wide OPTIONS request
This change is required to show path attribute to mruby script.  It is
desirable to construct URI from parts.  Just checking method and path
is "*" is awkward.
2015-09-04 00:14:09 +09:00
Tatsuhiro Tsujikawa d70eb14ce0 nghttpx: Drop connection before TLS finish if h2 requirement is not fulfilled 2015-08-31 23:30:40 +09:00
Tatsuhiro Tsujikawa 1c12606e70 nghttpx: Don't allow blacked listed cipher suites for HTTP/2 connection 2015-08-19 23:42:43 +09:00
Tatsuhiro Tsujikawa b8f05c89bd nghttpx: App data in SSL is Connection, not ClientHandler 2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa e91a576179 nghttpx: Rewrite TLS async handshake using memchunk buffers 2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa 6446660113 nghttpx: Make record size timeout more durable to high load situation 2015-07-29 20:57:11 +09:00
Tatsuhiro Tsujikawa 90b4b48c7e nghttpx: Add shared session cache using memcached 2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa f96edbf987 nghttpx: Pin frontend to specific HTTP/2 session object per group 2015-07-13 21:31:37 +09:00
Tatsuhiro Tsujikawa 6307f96fb3 nghttpx: Enable host-path backend routing in HTTP/2 backend
To achieve host-path backend routing, we changed behaviour of
--backend-http2-connections-per-worker.  It now sets the number of
HTTP/2 physical connections per pattern group if pattern is used in -b
option.

Fixes GH-292
2015-07-12 23:02:30 +09:00
Tatsuhiro Tsujikawa 3119fc259c Select backend based on request host and path by extending -b option
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]].  The optional
<PATTERN>s specify the request host and path it is used for.  The
<PATTERN> can contain path, host + path or host.  The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa 197493afd4 nghttpx: Add log variables related to SSL/TLS connection
This commit add following 3 log variables to SSL/TLS connection:
$ssl_cipher, $ssl_protocol, $ssl_session_id.  If no information is
available for them, '-' is produced for each.
2015-06-28 16:44:34 +09:00