Tatsuhiro Tsujikawa
b313386988
nghttpx: Add proxyproto to frontend option to accept PROXY protocol
...
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible. To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa
359730af54
Fix regression in ff64f64e1d
2016-12-21 23:19:10 +09:00
Tatsuhiro Tsujikawa
ff64f64e1d
nghttpx: Faster HTTP/1 frontend
2016-11-29 20:42:27 +09:00
Tatsuhiro Tsujikawa
46d1e6bb55
nghttpx: Increase block size of connection wide allocator to 512
2016-10-24 21:06:37 +09:00
Tatsuhiro Tsujikawa
1b4ccd0d51
nghttpx: Don't call get_config() repeatedly
2016-10-08 11:37:18 +09:00
Tatsuhiro Tsujikawa
8c1e155f44
nghttpx: Make it simple to calculate length
2016-10-03 22:09:46 +09:00
Tatsuhiro Tsujikawa
99a91e3172
nghttpx: Add BlockAllocator to Config object
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
ede6104900
nghttpx: Increase block size for connection wide BlockAllocator
2016-10-02 22:28:43 +09:00
Tatsuhiro Tsujikawa
e1a865c406
nghttpx: Add BlockAllocator version of util::formax_hex
2016-10-02 22:28:42 +09:00
Tatsuhiro Tsujikawa
8a9810ed32
nghttpx: Add BlockAllocator to ClientHandler
2016-10-01 22:54:17 +09:00
Tatsuhiro Tsujikawa
69b53b9aaa
nghttpx: Handle graceful shutdown with client IP affinity enabled
2016-09-22 23:17:49 +09:00
Tatsuhiro Tsujikawa
f267e400fa
nghttpx: Migrate backend stream to another h2 session on graceful shutdown
2016-09-15 00:53:41 +09:00
Tatsuhiro Tsujikawa
bc31146c1f
nghttpx: Add tls_sni to mruby Nghttpx::Env class
...
tls_sni returns TLS SNI value which client sent in this TLS
connection.
2016-09-10 22:08:34 +09:00
Tatsuhiro Tsujikawa
27b250ac8e
nghttpx: Add experimental TCP optimization for h2 frontend
2016-09-10 16:27:48 +09:00
Tatsuhiro Tsujikawa
ad3d43b8be
nghttpx: Add access log variable for backend host and port
...
Use $backend_host and $backend_port. $backend_host is backend host
name given in --backend option. It could be a path to UNIX domain
socket.
2016-08-05 00:04:47 +09:00
Tatsuhiro Tsujikawa
30f26a2b9d
nghttpx: Explicitly cast to uint32_t for hash calculation
2016-07-06 23:58:53 +09:00
Tatsuhiro Tsujikawa
2bbe4422d2
nghttpx: Use consistent hashing for client IP based session affinity
...
We use technique described in https://github.com/RJ/ketama
2016-07-06 23:31:10 +09:00
Tatsuhiro Tsujikawa
cbced219ec
nghttpx: Rewrite read timer handling
...
For HTTP/2, read timer starts when there is no downstream, and timer
stops when there is at least one downstream. For HTTP/1, read timer
starts when request handling finished, and timer stops when request
handling starts.
2016-06-24 00:04:39 +09:00
Tatsuhiro Tsujikawa
56e7cd4be2
nghttpx: Add healthmon parameter to -f option to enable health monitor mode
2016-06-17 00:00:37 +09:00
Tatsuhiro Tsujikawa
af9662f971
nghttpx: Make API processing one of alternative mode
2016-06-16 23:30:35 +09:00
Tatsuhiro Tsujikawa
c06e8c89ff
nghttpx: Use BlockAllocator in match_downstream_addr_group
2016-06-11 18:41:43 +09:00
Tatsuhiro Tsujikawa
a809da68a3
nghttpx: Aggregate router configuration into one struct
2016-06-11 18:25:38 +09:00
Tatsuhiro Tsujikawa
288449b9bc
nghttpx: Rewrite wildcard router
2016-06-10 23:43:44 +09:00
Tatsuhiro Tsujikawa
f9897f8ccd
nghttpx: Fix bugs and crash when affinity is enabled
2016-06-09 23:17:41 +09:00
Tatsuhiro Tsujikawa
143d0b69b7
nghttpx: Implement client IP based session affinity
2016-06-09 22:35:59 +09:00
Tatsuhiro Tsujikawa
845aa7a710
nghttpx: Share downstream config object
...
This is the unit of sharing configurations to change
2016-06-03 19:57:43 +09:00
Tatsuhiro Tsujikawa
fe58614b23
nghttpx: Use std::shared_ptr for downstream addresses so that we can swap them
2016-06-03 01:20:49 +09:00
Tatsuhiro Tsujikawa
667c8b0e27
nghttpx: Add APIDownstreamConnection to handle API request
...
For those connections via frontend with api parameter, they use solely
APIDownstreamConnection.
In this commit, APIDownstreamConnection just consumes all request
body, and do nothing. The next few commits implements our first API
endpoint: /v1/api/dynamicconfig.
2016-06-02 23:50:56 +09:00
Tatsuhiro Tsujikawa
26eb983cf0
nghttpx: Fix bug that h2 is used while there is no h2 backend
2016-05-26 00:14:11 +09:00
Tatsuhiro Tsujikawa
e0491c2ee8
nghttpx: Refactor protocol selection in backend
2016-05-25 23:07:04 +09:00
Tatsuhiro Tsujikawa
2a4bf9f615
nghttpx: Allow mixed protocol and TLS settings among backends under same pattern
2016-05-24 23:36:43 +09:00
Tatsuhiro Tsujikawa
09b97a3313
nghttpx: Add mruby env.server_port to return frontend server side port
2016-04-28 00:19:30 +09:00
Tatsuhiro Tsujikawa
3d00dd6537
nghttpx: Fix erroneous division by sizeof(...)
2016-04-24 17:42:24 +09:00
Tatsuhiro Tsujikawa
2a59c832c1
nghttpx: Set 0 to next_proto_len explicitly for clarification
2016-04-08 23:03:42 +09:00
Tatsuhiro Tsujikawa
46514074a4
nghttpx: Better load balancing between backend HTTP/2 servers
2016-04-03 15:09:01 +09:00
Tatsuhiro Tsujikawa
344541dd89
nghttpx: Better distribute load to backend h2 servers
2016-04-02 00:02:48 +09:00
Tatsuhiro Tsujikawa
186d440168
nghttpx: More StringRef-fy
2016-03-25 01:19:42 +09:00
Tatsuhiro Tsujikawa
0875e66aab
src: Remove streq(const char *) overload
2016-03-25 00:02:07 +09:00
Tatsuhiro Tsujikawa
58b06f32a2
nghttpx: Configure TLS per backend routing pattern
...
We added "tls" parameter to --backend option to enable TLS on that
backend connection. --backend-tls options was deprecated, now is
noop.
2016-03-23 22:56:18 +09:00
Tatsuhiro Tsujikawa
0f9ed40bd9
nghttpx: Share connection among different patterns if address set are same
2016-03-23 00:01:27 +09:00
Tatsuhiro Tsujikawa
a1e0bd134e
nghttpx: Create at least the same number of h2 session as load balancing hosts
2016-03-19 12:00:27 +09:00
Tatsuhiro Tsujikawa
34d209b30b
nghttpx: Add wildcard host routing
...
This change allows host pattern in --backend to include '*' to
indicate wildcard match. The wildcard match is made in suffix match
only.
2016-03-13 01:01:34 +09:00
Tatsuhiro Tsujikawa
b1b57cc740
nghttpx: Use StringRef for authority, scheme and path
2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa
fe6ccd16da
nghttpx: Change read timeout reset timing
2016-03-05 19:11:36 +09:00
Tatsuhiro Tsujikawa
284691253f
nghttpx: Use StringRef for http::create_forwarded parameter
2016-02-29 00:05:32 +09:00
Tatsuhiro Tsujikawa
06921f35f3
nghttpx: Restructure mode settings
...
It is very hard to support multiple protocols in backend while
retaining multiple mode settings. Therefore, we dropped modes except
for default and HTTP/2 proxy mode. The other removed modes can be
emulated using combinations of options. Now the backend connection is
not encrypted by default. To enable encryption on backend connection,
use --backend-tls option.
2016-02-28 21:35:26 +09:00
Tatsuhiro Tsujikawa
1832f78684
nghttpx: Move downstream proto to DownstreamAddrGroup
2016-02-28 16:56:14 +09:00
Tatsuhiro Tsujikawa
8ca3e5f6ba
nghttpx: Separate Downstream address group from config to runtime
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa
21007da392
nghttpx: Rewrite backend HTTP/2 connection coalesce strategy
...
Previously, we use one Http2Session object per DownstreamAddrGroup.
This is not flexible, and we have to provision how many HTTP/2
connection is required in advance. The new strategy is we add
Http2Session object on demand. We measure the number of attached
downstream connection object and server advertised concurrency limit.
As long as former is smaller than the latter, we attach new downstream
connection to it. Once the limit is reached, we create new
Http2Session object. If the number lowers the limit, we start to
share Http2Session object again.
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa
c9a4f293a1
nghttpx: ConnectBlocker per backend address
2016-02-21 14:53:06 +09:00
Tatsuhiro Tsujikawa
49fa914db5
nghttpx: Use StringRef for string parameters in match_downstream_addr_group
2016-02-14 20:48:06 +09:00
Tatsuhiro Tsujikawa
ede0f6aa32
src: Remove verbose const
2016-02-07 18:12:57 +09:00
Tatsuhiro Tsujikawa
6d49110a33
Rename FrontendAddr as UpstreamAddr
2016-02-07 17:51:53 +09:00
Tatsuhiro Tsujikawa
26d49c1dc3
nghttpx: Cache client session
2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa
bb4e2f6a24
nghttpx: Add TLS support for HTTP/1 backend
2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa
5e9bcbec9a
nghttpx: Fix bug that IPv6 address in Forwarded "for" is not quoted-string
2016-02-01 23:29:17 +09:00
Tatsuhiro Tsujikawa
aa07fe7fa6
nghttpx: Support multiple frontend addresses
...
This commit allows nghttpx to listen to multiple address and port pair
by specifying -f option multiple times.
2016-02-01 23:10:29 +09:00
Tatsuhiro Tsujikawa
85bb37ab7c
Enable ConstructorInitializerAllOnOneLineOrOnePerLine for better diff
2016-01-27 21:14:07 +09:00
Tatsuhiro Tsujikawa
98253b1d0d
nghttpx: Use DefaultMemchunks as HTTP/2 and SPDY frontend response buffer
2016-01-27 15:28:01 +09:00
Tatsuhiro Tsujikawa
1739b5a0e6
nghttpx: Don't read frontend socket if read watcher is stopped
2016-01-27 15:26:06 +09:00
Tatsuhiro Tsujikawa
5a3ca7e700
nghttpx: Disallow user defined static obfuscated string for "for" parameter
2016-01-21 21:05:07 +09:00
Tatsuhiro Tsujikawa
03f7f8cb9c
nghttpx: About implicit conversion from ImmutableString and std::string to StringRef
...
This is required to avoid creation of temporary ImmutableString
like so:
std::string x;
ImmutableString y = ...;
StringRef ref = !x.empty() ? x : y;
First, temporary ImmutableString is created with x since
ImmutableString has constructor to accept std::string. After
StringRef gets this, the temporary ImmutableString is destroyed, and
ref has dangling pointer.
2016-01-21 17:12:40 +09:00
Tatsuhiro Tsujikawa
db8de490a0
nghttpx: Omit Forwarded for and by parameter if UNIX domain socket is used
2016-01-19 23:26:04 +09:00
Tatsuhiro Tsujikawa
0402481be4
nghttpx: Organize connection related configuration into struct
2016-01-19 16:56:12 +09:00
Tatsuhiro Tsujikawa
35feae3b0c
nghttpx: Group up logging related options
2016-01-18 17:26:27 +09:00
Tatsuhiro Tsujikawa
16549bb276
nghttpx: Structured configurations for http and http2
2016-01-18 17:00:20 +09:00
Tatsuhiro Tsujikawa
f3e1dc7a4f
nghttpx: Structured TLS related configurations
2016-01-18 14:21:09 +09:00
Tatsuhiro Tsujikawa
4f07db8bcb
src: Rename our new string classes
2016-01-17 11:33:45 +09:00
Tatsuhiro Tsujikawa
959d378f2a
nghttpx: Optimize accesslog write
2016-01-17 11:19:19 +09:00
Tatsuhiro Tsujikawa
d678c07ddf
nghttpx: Allow user to specify static obfuscated value via command-line
2016-01-16 11:32:26 +09:00
Tatsuhiro Tsujikawa
5c3f74b424
nghttpx: Add RFC 7239 Forwarded header field support
2016-01-16 11:32:14 +09:00
Tatsuhiro Tsujikawa
5a8cf94361
nghttpx: Refactor Downstream::response_sent_bodylen_
2016-01-14 23:54:28 +09:00
Tatsuhiro Tsujikawa
3b8889a2a1
nghttpx: Extract response related fields to Response struct
2016-01-14 01:05:10 +09:00
Tatsuhiro Tsujikawa
919f08eb38
nghttpx: Extract request related fields to Request struct
...
Header field related functions are now gathered into FieldStore class.
This commit only handles request. Subsequent commit will do the same
thing for response.
2016-01-14 01:04:32 +09:00
Tatsuhiro Tsujikawa
ef7d6e8a0c
nghttpx: Loose HTTP Upgrade condition
2015-12-16 00:38:30 +09:00
Tatsuhiro Tsujikawa
71012fe83a
nghttpx: Add constexpr
2015-12-15 22:47:05 +09:00
Tatsuhiro Tsujikawa
ba9e912cf6
src: Rename isAlpha, isDigit, and isHexDigit as is_...
2015-11-28 00:42:51 +09:00
Lucas Pardue
dcc9aaaa24
Add TLS dynamic record size behaviour command line options
2015-10-22 14:07:18 +00:00
Tatsuhiro Tsujikawa
777e1ee2c5
nghttpx: Use send_data_callback for higher throughput
2015-10-03 17:56:37 +09:00
Tatsuhiro Tsujikawa
da89f9c150
nghttpx: Refactor client handler write
...
Move write buffer to Upstream objects
2015-10-03 11:09:42 +09:00
Tatsuhiro Tsujikawa
fe79b6d118
nghttpx: Avoid last buffer copy when HTTP/1.1 is used
2015-10-01 23:34:17 +09:00
Tatsuhiro Tsujikawa
8acf9a2802
nghttpx: Trie based routing
2015-09-26 22:19:10 +09:00
Tatsuhiro Tsujikawa
1c2fcc2a55
nghttpx: Handle SSL/TLS data following PROXY protocol line
2015-09-17 22:26:49 +09:00
Tatsuhiro Tsujikawa
753f6d4a3e
src: Fix compiler warning
2015-09-09 21:01:13 +09:00
Tatsuhiro Tsujikawa
aba2dbddc2
nghttpx: Don't allow partial PROXY protocol line
2015-09-09 00:21:54 +09:00
Tatsuhiro Tsujikawa
79945c0c45
nghttpx: Robust PROXY protocol implementation
2015-09-07 22:37:25 +09:00
Tatsuhiro Tsujikawa
a1bb48770c
nghttpx: Add tests for PROXY protocol handling
2015-09-06 23:11:07 +09:00
Tatsuhiro Tsujikawa
d05b77b36c
nghttpx: More logging for PROXY protocol handling
2015-09-06 21:44:45 +09:00
Tatsuhiro Tsujikawa
ce53bd239e
nghttpx: Implement PROXY protocol version 1
...
Use --accept-proxy-protocol to enable PROXY protocol handling
2015-09-06 21:30:19 +09:00
Tatsuhiro Tsujikawa
200217d8ea
nghttpx: Store empty string to path for server-wide OPTIONS request
...
This change is required to show path attribute to mruby script. It is
desirable to construct URI from parts. Just checking method and path
is "*" is awkward.
2015-09-04 00:14:09 +09:00
Tatsuhiro Tsujikawa
d70eb14ce0
nghttpx: Drop connection before TLS finish if h2 requirement is not fulfilled
2015-08-31 23:30:40 +09:00
Tatsuhiro Tsujikawa
1c12606e70
nghttpx: Don't allow blacked listed cipher suites for HTTP/2 connection
2015-08-19 23:42:43 +09:00
Tatsuhiro Tsujikawa
b8f05c89bd
nghttpx: App data in SSL is Connection, not ClientHandler
2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa
e91a576179
nghttpx: Rewrite TLS async handshake using memchunk buffers
2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa
6446660113
nghttpx: Make record size timeout more durable to high load situation
2015-07-29 20:57:11 +09:00
Tatsuhiro Tsujikawa
90b4b48c7e
nghttpx: Add shared session cache using memcached
2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa
f96edbf987
nghttpx: Pin frontend to specific HTTP/2 session object per group
2015-07-13 21:31:37 +09:00
Tatsuhiro Tsujikawa
6307f96fb3
nghttpx: Enable host-path backend routing in HTTP/2 backend
...
To achieve host-path backend routing, we changed behaviour of
--backend-http2-connections-per-worker. It now sets the number of
HTTP/2 physical connections per pattern group if pattern is used in -b
option.
Fixes GH-292
2015-07-12 23:02:30 +09:00
Tatsuhiro Tsujikawa
3119fc259c
Select backend based on request host and path by extending -b option
...
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]]. The optional
<PATTERN>s specify the request host and path it is used for. The
<PATTERN> can contain path, host + path or host. The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa
197493afd4
nghttpx: Add log variables related to SSL/TLS connection
...
This commit add following 3 log variables to SSL/TLS connection:
$ssl_cipher, $ssl_protocol, $ssl_session_id. If no information is
available for them, '-' is produced for each.
2015-06-28 16:44:34 +09:00