[DOC] remove several trailing spaces
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 637c2b8..2f16e49 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -156,7 +156,7 @@
First, let's consider this HTTP request :
Line Contents
- number
+ number
1 GET /serv/login.php?lang=en&profile=2 HTTP/1.1
2 Host: www.mydomain.com
3 User-agent: my small browser
@@ -202,7 +202,7 @@
- a star ('*') : this form is only accepted in association with the OPTIONS
method and is not relayable. It is used to inquiry a next hop's
capabilities.
-
+
- an address:port combination : 192.168.0.12:80
This is used with the CONNECT method, which is used to establish TCP
tunnels through HTTP proxies, generally for HTTPS, but sometimes for
@@ -254,7 +254,7 @@
messages. Let's consider this HTTP response :
Line Contents
- number
+ number
1 HTTP/1.1 200 OK
2 Content-length: 350
3 Content-Type: text/html
@@ -288,7 +288,7 @@
- 5xx = error caused by the server (eg: 500, 502, 503)
Please refer to RFC2616 for the detailed meaning of all such codes. The
-"reason" field is just a hint, but is not parsed by clients. Anything can be
+"reason" field is just a hint, but is not parsed by clients. Anything can be
found there, but it's a common practice to respect the well-established
messages. It can be composed of one or multiple words, such as "OK", "Found",
or "Authentication Required".
@@ -385,7 +385,7 @@
- stats
- node
- description
-
+
* Performance tuning
- maxconn
- maxpipes
@@ -399,7 +399,7 @@
- tune.maxaccept
- tune.maxpollevents
- tune.maxrewrite
-
+
* Debugging
- debug
- quiet
@@ -415,7 +415,7 @@
attacker to exploit the system. This only works when the process is started
with superuser privileges. It is important to ensure that <jail_dir> is both
empty and unwritable to anyone.
-
+
daemon
Makes the process fork into background. This is the recommended mode of
operation. It is equivalent to the command line "-D" argument. It can be
@@ -426,11 +426,11 @@
ID is dedicated to HAProxy or to a small set of similar daemons. HAProxy must
be started with a user belonging to this group, or with superuser privileges.
See also "group" and "uid".
-
+
group <group name>
Similar to "gid" but uses the GID of group name <group name> from /etc/group.
See also "gid" and "user".
-
+
log <address> <facility> [max level [min level]]
Adds a global syslog server. Up to two global servers can be defined. They
will receive logs for startups and exits, as well as all logs from proxies
@@ -711,12 +711,12 @@
keyword defaults frontend listen backend
----------------------+----------+----------+---------+---------
-acl - X X X
-appsession - - X X
+acl - X X X
+appsession - - X X
backlog X X X -
-balance X - X X
-bind - X X -
-bind-process X X X X
+balance X - X X
+bind - X X -
+bind-process X X X X
block - X X X
capture cookie - X X -
capture request header - X X -
@@ -1486,7 +1486,7 @@
If the server is located on the same LAN as haproxy, the connection should be
immediate (less than a few milliseconds). Anyway, it is a good practice to
- cover one or several TCP packet losses by specifying timeouts that are
+ cover one or several TCP packet losses by specifying timeouts that are
slightly above multiples of 3 seconds (eg: 4 or 5 seconds). By default, the
connect timeout also presets the queue timeout to the same value if this one
has not been specified. Historically, the contimeout was also used to set the
@@ -2141,7 +2141,7 @@
the response. However, this introduces risks of congestion when lots of users
do the same, and is completely useless nowadays because probably no client at
all will close the session while waiting for the response. Some HTTP agents
- support this behaviour (Squid, Apache, HAProxy), and others do not (TUX, most
+ support this behaviour (Squid, Apache, HAProxy), and others do not (TUX, most
hardware-based load balancers). So the probability for a closed input channel
to represent a user hitting the "STOP" button is close to 100%, and the risk
of being the single component to break rare but valid traffic is extremely
@@ -2156,7 +2156,7 @@
during the connection establishment if the server has not yet acknowledged
the connection request. This considerably reduces the queue size and the load
on saturated servers when users are tempted to click on STOP, which in turn
- reduces the response time for other users.
+ reduces the response time for other users.
If this option has been enabled in a "defaults" section, it can be disabled
in a specific instance by prepending the "no" keyword before it.
@@ -2434,7 +2434,7 @@
<network> is an optional argument used to disable this option for sources
matching <network>
<name> an optional argument to specify a different "X-Forwarded-For"
- header name.
+ header name.
Since HAProxy works in reverse-proxy mode, the servers see its IP address as
their client address. This is sometimes annoying when the client's IP address
@@ -2447,10 +2447,10 @@
that only the last occurrence of the header must be used, since it is really
possible that the client has already brought one.
- The keyword "header" may be used to supply a different header name to replace
+ The keyword "header" may be used to supply a different header name to replace
the default "X-Forwarded-For". This can be useful where you might already
- have a "X-Forwarded-For" header from a different application (eg: stunnel),
- and you need preserve it. Also if your backend server doesn't use the
+ have a "X-Forwarded-For" header from a different application (eg: stunnel),
+ and you need preserve it. Also if your backend server doesn't use the
"X-Forwarded-For" header and requires different one (eg: Zeus Web Servers
require "X-Cluster-Client-IP").
@@ -2928,7 +2928,7 @@
It also allows to retry last connection to another server in case of multiple
connection failures. Of course, it requires having "retries" set to a nonzero
value.
-
+
This form is the preferred form, which replaces both the "redispatch" and
"redisp" keywords.
@@ -2943,7 +2943,7 @@
Use SMTP health checks for server testing
May be used in sections : defaults | frontend | listen | backend
yes | no | yes | yes
- Arguments :
+ Arguments :
<hello> is an optional argument. It is the "hello" command to use. It can
be either "HELO" (for SMTP) or "EHLO" (for ESTMP). All other
values will be turned into the default command ("HELO").
@@ -3442,7 +3442,7 @@
It also allows to retry last connection to another server in case of multiple
connection failures. Of course, it requires having "retries" set to a nonzero
value.
-
+
This form is deprecated, do not use it in any new configuration, use the new
"option redispatch" instead.
@@ -3486,7 +3486,7 @@
<search> will mark the request as allowed, even if any later test would
result in a deny. The test applies both to the request line and to request
headers. Keep in mind that URLs in request line are case-sensitive while
- header names are not.
+ header names are not.
It is easier, faster and more powerful to use ACLs to write access policies.
Reqdeny, reqallow and reqpass should be avoided in new designs.
@@ -3549,11 +3549,11 @@
<search> will mark the request as denied, even if any later test would
result in an allow. The test applies both to the request line and to request
headers. Keep in mind that URLs in request line are case-sensitive while
- header names are not.
+ header names are not.
A denied request will generate an "HTTP 403 forbidden" response once the
complete request has been parsed. This is consistent with what is practiced
- using ACLs.
+ using ACLs.
It is easier, faster and more powerful to use ACLs to write access policies.
Reqdeny, reqallow and reqpass should be avoided in new designs.
@@ -3982,7 +3982,7 @@
order to avoid complex situations to debug. Whatever the expected server
response times, it is a good practice to cover at least one or several TCP
packet losses by specifying timeouts that are slightly above multiples of 3
- seconds (eg: 4 or 5 seconds minimum).
+ seconds (eg: 4 or 5 seconds minimum).
This parameter is specific to backends, but can be specified once for all in
"defaults" sections. This is in fact one of the easiest solutions not to
@@ -4459,7 +4459,7 @@
For most protocols, it is enough to set it to a few seconds, as most clients
send the full request immediately upon connection. Add 3 or more seconds to
cover TCP retransmits but that's all. For some protocols, it may make sense
- to use large values, for instance to ensure that the client never talks
+ to use large values, for instance to ensure that the client never talks
before the server (eg: SMTP), or to wait for a client to talk before passing
data to the server (eg: SSL). Note that the client timeout must cover at
least the inspection delay, otherwise it will expire first.
@@ -4549,7 +4549,7 @@
If the server is located on the same LAN as haproxy, the connection should be
immediate (less than a few milliseconds). Anyway, it is a good practice to
- cover one or several TCP packet losses by specifying timeouts that are
+ cover one or several TCP packet losses by specifying timeouts that are
slightly above multiples of 3 seconds (eg: 4 or 5 seconds). By default, the
connect timeout also presets both queue and tarpit timeouts to the same value
if these have not been specified.
@@ -4695,7 +4695,7 @@
order to avoid complex situations to debug. Whatever the expected server
response times, it is a good practice to cover at least one or several TCP
packet losses by specifying timeouts that are slightly above multiples of 3
- seconds (eg: 4 or 5 seconds minimum).
+ seconds (eg: 4 or 5 seconds minimum).
This parameter is specific to backends, but can be specified once for all in
"defaults" sections. This is in fact one of the easiest solutions not to
@@ -4728,7 +4728,7 @@
unit if the number is suffixed by the unit, as specified at the top of this
document. If unspecified, the same value as the backend's connection timeout
("timeout connect") is used, for backwards compatibility with older versions
- with no "timeout tapit" parameter.
+ with no "timeout tapit" parameter.
See also : "timeout connect", "contimeout".
@@ -4792,7 +4792,7 @@
must decode several protocols on a unique port, one of them being HTTP.
See also: "default_backend", "tcp-request", and section 7 about ACLs.
-
+
5. Server and default-server options
-----------------
@@ -4896,7 +4896,7 @@
---------------------------------+-----------------------------------------
DOWN 100% (non-transitional) | "downinter" if set, "inter" otherwise.
---------------------------------+-----------------------------------------
-
+
Just as with every other time-based parameter, they can be entered in any
other explicit unit among { us, ms, s, m, h, d }. The "inter" parameter also
serves as a timeout for health checks sent to servers if "timeout check" is
@@ -5171,7 +5171,7 @@
- req* statements are applied after "block" statements, so that "block" is
always the first one, but before "use_backend" in order to permit rewriting
- before switching.
+ before switching.
7. Using ACLs
@@ -5428,7 +5428,7 @@
tcp-request inspect-delay 100ms
tcp-request content accept if ! too_fast
tcp-request content accept if WAIT_END
-
+
be_sess_rate <integer>
be_sess_rate(backend) <integer>
Returns true when the sessions creation rate on the backend matches the
@@ -5614,7 +5614,7 @@
"http_proxy". Note that if the port is not specified in the request, port 80
is assumed.
-hdr <string>
+hdr <string>
hdr(header) <string>
Note: all the "hdr*" matching criteria either apply to all headers, or to a
particular header whose name is passed between parenthesis and without any
@@ -6079,7 +6079,7 @@
>>> Feb 6 12:14:14 localhost \
haproxy[14389]: 10.0.1.2:33317 [06/Feb/2009:12:14:14.655] http-in \
static/srv1 10/0/30/69/109 200 2750 - - ---- 1/1/1/1/0 0/0 {1wt.eu} \
- {} "GET /index.html HTTP/1.1"
+ {} "GET /index.html HTTP/1.1"
Field Format Extract from the example above
1 process_name '[' pid ']:' haproxy[14389]:
@@ -6098,7 +6098,7 @@
14 '{' captured_request_headers* '}' {haproxy.1wt.eu}
15 '{' captured_response_headers* '}' {}
16 '"' http_request '"' "GET /index.html HTTP/1.1"
-
+
Detailed fields description :
- "client_ip" is the IP address of the client which initiated the TCP
@@ -6622,7 +6622,7 @@
by network routing issues between the client and haproxy, or by a
keep-alive session between the server and the client terminated first
by the client.
-
+
cD The client did not send nor acknowledge any data for as long as the
"timeout client" delay. This is often caused by network failures on
the client side, or the client simply leaving the net uncleanly.
@@ -6844,14 +6844,14 @@
haproxy[2022]: 127.0.0.1:34020 [09/Aug/2004:20:30:46] proxy-out \
proxy-out/cache1 0/0/0/182/+182 200 +279 - - ---- 0/0/0/0/0 0/0 \
{w.ods.org||} {Formilux/0.1.8|3495|||} \
- "GET http://trafic.1wt.eu/ HTTP/1.1"
+ "GET http://trafic.1wt.eu/ HTTP/1.1"
>>> Aug 9 20:30:46 localhost \
haproxy[2022]: 127.0.0.1:34028 [09/Aug/2004:20:30:46] proxy-out \
proxy-out/cache1 0/0/2/126/+128 301 +223 - - ---- 0/0/0/0/0 0/0 \
{www.sytadin.equipement.gouv.fr||http://trafic.1wt.eu/} \
{Apache|230|||http://www.sytadin.} \
- "GET http://www.sytadin.equipement.gouv.fr/ HTTP/1.1"
+ "GET http://www.sytadin.equipement.gouv.fr/ HTTP/1.1"
8.9. Examples of logs
@@ -6896,7 +6896,7 @@
to return the 502 and not the server.
>>> haproxy[18113]: 127.0.0.1:34548 [15/Oct/2003:15:18:55.798] px-http \
- px-http/<NOSRV> -1/-1/-1/-1/8490 -1 0 - - CR-- 2/2/2/0/0 0/0 ""
+ px-http/<NOSRV> -1/-1/-1/-1/8490 -1 0 - - CR-- 2/2/2/0/0 0/0 ""
=> the client never completed its request and aborted itself ("C---") after
8.5s, while the proxy was waiting for the request headers ("-R--").
@@ -6918,7 +6918,7 @@
>>> haproxy[18989]: 10.0.0.1:34552 [15/Oct/2003:15:26:31.462] px-http \
px-http/srv1 3183/-1/-1/-1/11215 503 0 - - SC-- 205/202/202/115/3 \
- 0/0 "HEAD / HTTP/1.0"
+ 0/0 "HEAD / HTTP/1.0"
=> The request took 3s to complete (probably a network problem), and the
connection to the server failed ('SC--') after 4 attempts of 2 seconds
@@ -6991,12 +6991,12 @@
(tcp rst) or "No route to host" (icmp)
L6OK -> check passed on layer 6
L6TOUT -> layer 6 (SSL) timeout
- L6RSP -> layer 6 invalid response - protocol error
+ L6RSP -> layer 6 invalid response - protocol error
L7OK -> check passed on layer 7
L7OKC -> check conditionally passed on layer 7, for example 404 with
disable-on-404
L7TOUT -> layer 7 (HTTP/SMTP) timeout
- L7RSP -> layer 7 invalid response - protocol error
+ L7RSP -> layer 7 invalid response - protocol error
L7STS -> layer 7 response error, for example HTTP 5xx
37. check_code: layer5-7 code, if available
38. check_duration: time in ms took to finish last health check