Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 1 | /* |
| 2 | * Health-checks. |
| 3 | * |
| 4 | * Copyright 2008-2009 Krzysztof Piotr Oledzki <ole@ans.pl> |
| 5 | * |
| 6 | * This program is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU General Public License |
| 8 | * as published by the Free Software Foundation; either version |
| 9 | * 2 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | */ |
| 12 | |
Thierry FOURNIER | 7eeb435 | 2013-06-14 15:28:25 +0200 | [diff] [blame] | 13 | #ifndef _TYPES_CHECKS_H |
| 14 | #define _TYPES_CHECKS_H |
| 15 | |
Willy Tarreau | 4c7e4b7 | 2020-05-27 12:58:42 +0200 | [diff] [blame] | 16 | #include <haproxy/api-t.h> |
Willy Tarreau | 8d2b777 | 2020-05-27 10:58:19 +0200 | [diff] [blame] | 17 | #include <import/ebpttree.h> |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 18 | |
Willy Tarreau | eb6f701 | 2020-05-27 16:21:26 +0200 | [diff] [blame] | 19 | #include <import/ist.h> |
Willy Tarreau | 853b297 | 2020-05-27 18:01:47 +0200 | [diff] [blame] | 20 | #include <haproxy/list-t.h> |
Willy Tarreau | 7cd8b6e | 2020-06-02 17:32:26 +0200 | [diff] [blame] | 21 | #include <haproxy/regex-t.h> |
Willy Tarreau | 8dabda7 | 2020-05-27 17:22:10 +0200 | [diff] [blame] | 22 | #include <haproxy/buf-t.h> |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 23 | |
| 24 | #include <types/connection.h> |
| 25 | #include <types/obj_type.h> |
Christopher Faulet | dc75d57 | 2020-04-29 13:32:21 +0200 | [diff] [blame] | 26 | #include <types/proxy.h> |
| 27 | #include <types/sample.h> |
| 28 | #include <types/server.h> |
| 29 | #include <types/session.h> |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 30 | #include <types/task.h> |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 31 | |
Willy Tarreau | 6aaa1b8 | 2013-12-11 17:09:34 +0100 | [diff] [blame] | 32 | /* enum used by check->result. Must remain in this order, as some code uses |
| 33 | * result >= CHK_RES_PASSED to declare success. |
| 34 | */ |
| 35 | enum chk_result { |
| 36 | CHK_RES_UNKNOWN = 0, /* initialized to this by default */ |
Willy Tarreau | 2396418 | 2014-05-20 20:56:30 +0200 | [diff] [blame] | 37 | CHK_RES_NEUTRAL, /* valid check but no status information */ |
Willy Tarreau | 6aaa1b8 | 2013-12-11 17:09:34 +0100 | [diff] [blame] | 38 | CHK_RES_FAILED, /* check failed */ |
| 39 | CHK_RES_PASSED, /* check succeeded and server is fully up again */ |
| 40 | CHK_RES_CONDPASS, /* check reports the server doesn't want new sessions */ |
| 41 | }; |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 42 | |
Willy Tarreau | 2c115e5 | 2013-12-11 19:41:16 +0100 | [diff] [blame] | 43 | /* flags used by check->state */ |
| 44 | #define CHK_ST_INPROGRESS 0x0001 /* a check is currently running */ |
Willy Tarreau | 2e10f5a | 2013-12-11 20:11:55 +0100 | [diff] [blame] | 45 | #define CHK_ST_CONFIGURED 0x0002 /* this check is configured and may be enabled */ |
| 46 | #define CHK_ST_ENABLED 0x0004 /* this check is currently administratively enabled */ |
Willy Tarreau | 33a08db | 2013-12-11 21:03:31 +0100 | [diff] [blame] | 47 | #define CHK_ST_PAUSED 0x0008 /* checks are paused because of maintenance (health only) */ |
Willy Tarreau | 3343432 | 2013-12-11 21:15:19 +0100 | [diff] [blame] | 48 | #define CHK_ST_AGENT 0x0010 /* check is an agent check (otherwise it's a health check) */ |
Baptiste Assmann | 95db2bc | 2016-06-13 14:15:41 +0200 | [diff] [blame] | 49 | #define CHK_ST_PORT_MISS 0x0020 /* check can't be send because no port is configured to run it */ |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 50 | |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 51 | /* check status */ |
Christopher Faulet | 1032059 | 2020-04-01 10:37:29 +0200 | [diff] [blame] | 52 | enum healthcheck_status { |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 53 | HCHK_STATUS_UNKNOWN = 0, /* Unknown */ |
| 54 | HCHK_STATUS_INI, /* Initializing */ |
Krzysztof Piotr Oledzki | 213014e | 2009-09-27 15:50:02 +0200 | [diff] [blame] | 55 | HCHK_STATUS_START, /* Check started - SPECIAL STATUS */ |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 56 | |
Krzysztof Piotr Oledzki | 213014e | 2009-09-27 15:50:02 +0200 | [diff] [blame] | 57 | /* Below we have finished checks */ |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 58 | HCHK_STATUS_CHECKED, /* DUMMY STATUS */ |
Krzysztof Piotr Oledzki | 97f07b8 | 2009-12-15 22:31:24 +0100 | [diff] [blame] | 59 | |
Simon Horman | b7cd8f9 | 2012-03-19 07:25:28 +0900 | [diff] [blame] | 60 | HCHK_STATUS_HANA, /* Health analyze detected enough consecutive errors */ |
Krzysztof Piotr Oledzki | 97f07b8 | 2009-12-15 22:31:24 +0100 | [diff] [blame] | 61 | |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 62 | HCHK_STATUS_SOCKERR, /* Socket error */ |
| 63 | |
| 64 | HCHK_STATUS_L4OK, /* L4 check passed, for example tcp connect */ |
| 65 | HCHK_STATUS_L4TOUT, /* L4 timeout */ |
| 66 | HCHK_STATUS_L4CON, /* L4 connection problem, for example: */ |
| 67 | /* "Connection refused" (tcp rst) or "No route to host" (icmp) */ |
| 68 | |
| 69 | HCHK_STATUS_L6OK, /* L6 check passed */ |
| 70 | HCHK_STATUS_L6TOUT, /* L6 (SSL) timeout */ |
| 71 | HCHK_STATUS_L6RSP, /* L6 invalid response - protocol error */ |
| 72 | |
| 73 | HCHK_STATUS_L7TOUT, /* L7 (HTTP/SMTP) timeout */ |
| 74 | HCHK_STATUS_L7RSP, /* L7 invalid response - protocol error */ |
| 75 | |
Simon Horman | b7cd8f9 | 2012-03-19 07:25:28 +0900 | [diff] [blame] | 76 | /* Below we have layer 5-7 data available */ |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 77 | HCHK_STATUS_L57DATA, /* DUMMY STATUS */ |
| 78 | HCHK_STATUS_L7OKD, /* L7 check passed */ |
| 79 | HCHK_STATUS_L7OKCD, /* L7 check conditionally passed */ |
| 80 | HCHK_STATUS_L7STS, /* L7 response error, for example HTTP 5xx */ |
| 81 | |
Simon Horman | 98637e5 | 2014-06-20 12:30:16 +0900 | [diff] [blame] | 82 | HCHK_STATUS_PROCERR, /* External process check failure */ |
| 83 | HCHK_STATUS_PROCTOUT, /* External process check timeout */ |
| 84 | HCHK_STATUS_PROCOK, /* External process check passed */ |
| 85 | |
Krzysztof Piotr Oledzki | 0960541 | 2009-09-23 22:09:24 +0200 | [diff] [blame] | 86 | HCHK_STATUS_SIZE |
| 87 | }; |
Krzysztof Piotr Oledzki | 213014e | 2009-09-27 15:50:02 +0200 | [diff] [blame] | 88 | |
Krzysztof Piotr Oledzki | 97f07b8 | 2009-12-15 22:31:24 +0100 | [diff] [blame] | 89 | /* health status for response tracking */ |
| 90 | enum { |
| 91 | HANA_STATUS_UNKNOWN = 0, |
| 92 | |
| 93 | HANA_STATUS_L4_OK, /* L4 successful connection */ |
| 94 | HANA_STATUS_L4_ERR, /* L4 unsuccessful connection */ |
| 95 | |
| 96 | HANA_STATUS_HTTP_OK, /* Correct http response */ |
| 97 | HANA_STATUS_HTTP_STS, /* Wrong http response, for example HTTP 5xx */ |
| 98 | HANA_STATUS_HTTP_HDRRSP, /* Invalid http response (headers) */ |
| 99 | HANA_STATUS_HTTP_RSP, /* Invalid http response */ |
| 100 | |
| 101 | HANA_STATUS_HTTP_READ_ERROR, /* Read error */ |
| 102 | HANA_STATUS_HTTP_READ_TIMEOUT, /* Read timeout */ |
| 103 | HANA_STATUS_HTTP_BROKEN_PIPE, /* Unexpected close from server */ |
| 104 | |
| 105 | HANA_STATUS_SIZE |
| 106 | }; |
| 107 | |
| 108 | enum { |
| 109 | HANA_ONERR_UNKNOWN = 0, |
| 110 | |
| 111 | HANA_ONERR_FASTINTER, /* Force fastinter*/ |
| 112 | HANA_ONERR_FAILCHK, /* Simulate a failed check */ |
| 113 | HANA_ONERR_SUDDTH, /* Enters sudden death - one more failed check will mark this server down */ |
| 114 | HANA_ONERR_MARKDWN, /* Mark this server down, now! */ |
| 115 | }; |
| 116 | |
| 117 | enum { |
Simon Horman | e0d1bfb | 2011-06-21 14:34:58 +0900 | [diff] [blame] | 118 | HANA_ONMARKEDDOWN_NONE = 0, |
Simon Horman | e0d1bfb | 2011-06-21 14:34:58 +0900 | [diff] [blame] | 119 | HANA_ONMARKEDDOWN_SHUTDOWNSESSIONS, /* Shutdown peer sessions */ |
| 120 | }; |
| 121 | |
| 122 | enum { |
Justin Karneges | eb2c24a | 2012-05-24 15:28:52 -0700 | [diff] [blame] | 123 | HANA_ONMARKEDUP_NONE = 0, |
| 124 | HANA_ONMARKEDUP_SHUTDOWNBACKUPSESSIONS, /* Shutdown peer sessions */ |
| 125 | }; |
| 126 | |
| 127 | enum { |
Krzysztof Piotr Oledzki | 97f07b8 | 2009-12-15 22:31:24 +0100 | [diff] [blame] | 128 | HANA_OBS_NONE = 0, |
| 129 | |
| 130 | HANA_OBS_LAYER4, /* Observe L4 - for example tcp */ |
| 131 | HANA_OBS_LAYER7, /* Observe L7 - for example http */ |
| 132 | |
| 133 | HANA_OBS_SIZE |
| 134 | }; |
| 135 | |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 136 | struct check { |
Christopher Faulet | 3829046 | 2020-04-21 11:46:40 +0200 | [diff] [blame] | 137 | enum obj_type obj_type; /* object type == OBJ_TYPE_CHECK */ |
Gaetan Rivet | 05d692d | 2020-02-14 17:42:54 +0100 | [diff] [blame] | 138 | struct session *sess; /* Health check session. */ |
Gaetan Rivet | 13a5043 | 2020-02-21 18:13:44 +0100 | [diff] [blame] | 139 | struct vars vars; /* Health check dynamic variables. */ |
Cyril Bonté | 9ce1311 | 2014-11-15 22:41:27 +0100 | [diff] [blame] | 140 | struct xprt_ops *xprt; /* transport layer operations for health checks */ |
Olivier Houchard | 9aaf778 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 141 | struct conn_stream *cs; /* conn_stream state for health checks */ |
Willy Tarreau | c9fa048 | 2018-07-10 17:43:27 +0200 | [diff] [blame] | 142 | struct buffer bi, bo; /* input and output buffers to send/recv check */ |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 143 | struct task *task; /* the task associated to the health check processing, NULL if disabled */ |
| 144 | struct timeval start; /* last health check start time */ |
| 145 | long duration; /* time in ms took to finish last health check */ |
| 146 | short status, code; /* check result, check code */ |
Willy Tarreau | 08eaa78 | 2017-11-26 08:44:34 +0100 | [diff] [blame] | 147 | unsigned short port; /* the port to use for the health checks */ |
Cyril Bonté | 9ce1311 | 2014-11-15 22:41:27 +0100 | [diff] [blame] | 148 | char desc[HCHK_DESC_LEN]; /* health check description */ |
Christopher Faulet | 4a8c026 | 2020-04-27 12:13:06 +0200 | [diff] [blame] | 149 | signed char use_ssl; /* use SSL for health checks (1: on, 0: server mode, -1: off) */ |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 150 | int send_proxy; /* send a PROXY protocol header with checks */ |
Christopher Faulet | 5d503fc | 2020-03-30 20:34:34 +0200 | [diff] [blame] | 151 | struct tcpcheck_rules *tcpcheck_rules; /* tcp-check send / expect rules */ |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 152 | struct tcpcheck_rule *current_step; /* current step when using tcpcheck */ |
| 153 | int inter, fastinter, downinter; /* checks: time in milliseconds */ |
Willy Tarreau | 6aaa1b8 | 2013-12-11 17:09:34 +0100 | [diff] [blame] | 154 | enum chk_result result; /* health-check result : CHK_RES_* */ |
Willy Tarreau | 2c115e5 | 2013-12-11 19:41:16 +0100 | [diff] [blame] | 155 | int state; /* state of the check : CHK_ST_* */ |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 156 | int health; /* 0 to rise-1 = bad; |
| 157 | * rise to rise+fall-1 = good */ |
| 158 | int rise, fall; /* time in iterations */ |
| 159 | int type; /* Check type, one of PR_O2_*_CHK */ |
| 160 | struct server *server; /* back-pointer to server */ |
Olivier Houchard | c98aa1f | 2019-01-11 18:17:17 +0100 | [diff] [blame] | 161 | struct proxy *proxy; /* proxy to be used */ |
Simon Horman | 98637e5 | 2014-06-20 12:30:16 +0900 | [diff] [blame] | 162 | char **argv; /* the arguments to use if running a process-based check */ |
| 163 | char **envp; /* the environment to use if running a process-based check */ |
| 164 | struct pid_list *curpid; /* entry in pid_list used for current process-based test, or -1 if not in test */ |
Simon Horman | 0ba0e4a | 2015-01-30 11:23:00 +0900 | [diff] [blame] | 165 | struct sockaddr_storage addr; /* the address to check */ |
Olivier Houchard | fa8aa86 | 2018-10-10 18:25:41 +0200 | [diff] [blame] | 166 | struct wait_event wait_list; /* Waiting for I/O events */ |
Olivier Houchard | 9130a96 | 2017-10-17 17:33:43 +0200 | [diff] [blame] | 167 | char *sni; /* Server name */ |
Olivier Houchard | 9215014 | 2018-12-21 19:47:01 +0100 | [diff] [blame] | 168 | char *alpn_str; /* ALPN to use for checks */ |
| 169 | int alpn_len; /* ALPN string length */ |
Christopher Faulet | b356714 | 2020-04-21 11:59:32 +0200 | [diff] [blame] | 170 | const struct mux_proto_list *mux_proto; /* the mux to use for all outgoing connections (specified by the "proto" keyword) */ |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 171 | int via_socks4; /* check the connection via socks4 proxy */ |
Willy Tarreau | 8e85ad5 | 2013-12-11 16:45:07 +0100 | [diff] [blame] | 172 | }; |
| 173 | |
Christopher Faulet | a202d1d | 2020-03-26 17:38:49 +0100 | [diff] [blame] | 174 | #define TCPCHK_OPT_NONE 0x0000 /* no options specified, default */ |
| 175 | #define TCPCHK_OPT_SEND_PROXY 0x0001 /* send proxy-protocol string */ |
| 176 | #define TCPCHK_OPT_SSL 0x0002 /* SSL connection */ |
| 177 | #define TCPCHK_OPT_LINGER 0x0004 /* Do not RST connection, let it linger */ |
| 178 | #define TCPCHK_OPT_DEFAULT_CONNECT 0x0008 /* Do a connect using server params */ |
Christopher Faulet | bb591a1 | 2020-04-01 16:52:17 +0200 | [diff] [blame] | 179 | #define TCPCHK_OPT_IMPLICIT 0x0010 /* Implicit connect */ |
| 180 | #define TCPCHK_OPT_SOCKS4 0x0020 /* check the connection via socks4 proxy */ |
Gaetan Rivet | 06d963a | 2020-02-21 18:49:05 +0100 | [diff] [blame] | 181 | |
| 182 | struct tcpcheck_connect { |
Christopher Faulet | 5c28874 | 2020-03-31 08:15:58 +0200 | [diff] [blame] | 183 | char *sni; /* server name to use for SSL connections */ |
| 184 | char *alpn; /* ALPN to use for the SSL connection */ |
| 185 | int alpn_len; /* ALPN string length */ |
Christopher Faulet | b356714 | 2020-04-21 11:59:32 +0200 | [diff] [blame] | 186 | const struct mux_proto_list *mux_proto; /* the mux to use for all outgoing connections (specified by the "proto" keyword) */ |
Christopher Faulet | 5c28874 | 2020-03-31 08:15:58 +0200 | [diff] [blame] | 187 | uint16_t options; /* options when setting up a new connection */ |
| 188 | uint16_t port; /* port to connect to */ |
Christopher Faulet | b7d3009 | 2020-03-30 15:19:03 +0200 | [diff] [blame] | 189 | struct sample_expr *port_expr; /* sample expr to determine the port, may be NULL */ |
Christopher Faulet | 5c28874 | 2020-03-31 08:15:58 +0200 | [diff] [blame] | 190 | struct sockaddr_storage addr; /* the address to the connect */ |
Gaetan Rivet | 06d963a | 2020-02-21 18:49:05 +0100 | [diff] [blame] | 191 | }; |
| 192 | |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 193 | enum tcpcheck_send_type { |
Christopher Faulet | f50f4e9 | 2020-03-30 19:52:29 +0200 | [diff] [blame] | 194 | TCPCHK_SEND_UNDEF = 0, /* Send is not parsed. */ |
| 195 | TCPCHK_SEND_STRING, /* Send an ASCII string. */ |
| 196 | TCPCHK_SEND_BINARY, /* Send a binary sequence. */ |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 197 | TCPCHK_SEND_STRING_LF, /* Send an ASCII log-format string. */ |
| 198 | TCPCHK_SEND_BINARY_LF, /* Send a binary log-format sequence. */ |
| 199 | TCPCHK_SEND_HTTP, /* Send an HTTP request */ |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 200 | }; |
| 201 | |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 202 | struct tcpcheck_http_hdr { |
| 203 | struct ist name; /* the header name */ |
| 204 | struct list value; /* the log-format string value */ |
| 205 | struct list list; /* header chained list */ |
| 206 | }; |
| 207 | |
Christopher Faulet | 8021a5f | 2020-04-24 13:53:12 +0200 | [diff] [blame] | 208 | struct tcpcheck_codes { |
| 209 | unsigned int (*codes)[2]; /* an array of roange of codes: [0]=min [1]=max */ |
| 210 | size_t num; /* number of entry in the array */ |
| 211 | }; |
| 212 | |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 213 | #define TCPCHK_SND_HTTP_FL_URI_FMT 0x0001 /* Use a log-format string for the uri */ |
| 214 | #define TCPCHK_SND_HTTP_FL_BODY_FMT 0x0002 /* Use a log-format string for the body */ |
| 215 | #define TCPCHK_SND_HTTP_FROM_OPT 0x0004 /* Send rule coming from "option httpck" directive */ |
| 216 | |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 217 | struct tcpcheck_send { |
| 218 | enum tcpcheck_send_type type; |
Christopher Faulet | f50f4e9 | 2020-03-30 19:52:29 +0200 | [diff] [blame] | 219 | union { |
| 220 | struct ist data; /* an ASCII string or a binary sequence */ |
| 221 | struct list fmt; /* an ASCII or hexa log-format string */ |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 222 | struct { |
| 223 | unsigned int flags; /* TCPCHK_SND_HTTP_FL_* */ |
| 224 | struct http_meth meth; /* the HTTP request method */ |
| 225 | union { |
| 226 | struct ist uri; /* the HTTP request uri is a string */ |
| 227 | struct list uri_fmt; /* or a log-format string */ |
| 228 | }; |
| 229 | struct ist vsn; /* the HTTP request version string */ |
| 230 | struct list hdrs; /* the HTTP request header list */ |
| 231 | union { |
| 232 | struct ist body; /* the HTTP request payload is a string */ |
| 233 | struct list body_fmt; /* or a log-format string */ |
| 234 | }; |
| 235 | } http; /* Info about the HTTP request to send */ |
Christopher Faulet | f50f4e9 | 2020-03-30 19:52:29 +0200 | [diff] [blame] | 236 | }; |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 237 | }; |
| 238 | |
Christopher Faulet | 6f87adc | 2020-04-03 11:16:13 +0200 | [diff] [blame] | 239 | enum tcpcheck_eval_ret { |
| 240 | TCPCHK_EVAL_WAIT = 0, |
| 241 | TCPCHK_EVAL_STOP, |
| 242 | TCPCHK_EVAL_CONTINUE, |
| 243 | }; |
| 244 | |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 245 | enum tcpcheck_expect_type { |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 246 | TCPCHK_EXPECT_UNDEF = 0, /* Match is not used. */ |
| 247 | TCPCHK_EXPECT_STRING, /* Matches a string. */ |
Christopher Faulet | 67a2345 | 2020-05-05 18:10:01 +0200 | [diff] [blame] | 248 | TCPCHK_EXPECT_STRING_REGEX, /* Matches a regular pattern. */ |
Christopher Faulet | aaab083 | 2020-05-05 15:54:22 +0200 | [diff] [blame] | 249 | TCPCHK_EXPECT_STRING_LF, /* Matches a log-format string. */ |
Christopher Faulet | 3970819 | 2020-05-05 10:47:36 +0200 | [diff] [blame] | 250 | TCPCHK_EXPECT_BINARY, /* Matches a binary sequence on a hex-encoded text. */ |
Christopher Faulet | 67a2345 | 2020-05-05 18:10:01 +0200 | [diff] [blame] | 251 | TCPCHK_EXPECT_BINARY_REGEX, /* Matches a regular pattern on a hex-encoded text. */ |
Christopher Faulet | aaab083 | 2020-05-05 15:54:22 +0200 | [diff] [blame] | 252 | TCPCHK_EXPECT_BINARY_LF, /* Matches a log-format binary sequence on a hex-encoded text. */ |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 253 | TCPCHK_EXPECT_CUSTOM, /* Execute a custom function. */ |
Christopher Faulet | 3970819 | 2020-05-05 10:47:36 +0200 | [diff] [blame] | 254 | TCPCHK_EXPECT_HTTP_STATUS, /* Matches a list of codes on the HTTP status */ |
Christopher Faulet | 67a2345 | 2020-05-05 18:10:01 +0200 | [diff] [blame] | 255 | TCPCHK_EXPECT_HTTP_STATUS_REGEX, /* Matches a regular pattern on the HTTP status */ |
Christopher Faulet | 3970819 | 2020-05-05 10:47:36 +0200 | [diff] [blame] | 256 | TCPCHK_EXPECT_HTTP_HEADER, /* Matches on HTTP headers */ |
| 257 | TCPCHK_EXPECT_HTTP_BODY, /* Matches a string oa the HTTP payload */ |
Christopher Faulet | 67a2345 | 2020-05-05 18:10:01 +0200 | [diff] [blame] | 258 | TCPCHK_EXPECT_HTTP_BODY_REGEX, /* Matches a regular pattern on a HTTP payload */ |
Christopher Faulet | aaab083 | 2020-05-05 15:54:22 +0200 | [diff] [blame] | 259 | TCPCHK_EXPECT_HTTP_BODY_LF, /* Matches a log-format string on the HTTP payload */ |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 260 | }; |
| 261 | |
Christopher Faulet | 12d5740 | 2020-04-10 09:58:42 +0200 | [diff] [blame] | 262 | /* tcp-check expect flags */ |
Christopher Faulet | 3970819 | 2020-05-05 10:47:36 +0200 | [diff] [blame] | 263 | #define TCPCHK_EXPT_FL_INV 0x0001 /* Matching is inversed */ |
| 264 | #define TCPCHK_EXPT_FL_HTTP_HNAME_STR 0x0002 /* Exact match on the HTTP header name */ |
| 265 | #define TCPCHK_EXPT_FL_HTTP_HNAME_BEG 0x0004 /* Prefix match on the HTTP header name */ |
| 266 | #define TCPCHK_EXPT_FL_HTTP_HNAME_END 0x0008 /* Suffix match on the HTTP header name */ |
| 267 | #define TCPCHK_EXPT_FL_HTTP_HNAME_SUB 0x0010 /* Substring match on the HTTP header name */ |
| 268 | #define TCPCHK_EXPT_FL_HTTP_HNAME_REG 0x0020 /* Regex match on the HTTP header name */ |
| 269 | #define TCPCHK_EXPT_FL_HTTP_HNAME_FMT 0x0040 /* The HTTP header name is a log-format string */ |
| 270 | #define TCPCHK_EXPT_FL_HTTP_HVAL_NONE 0x0080 /* No match on the HTTP header value */ |
| 271 | #define TCPCHK_EXPT_FL_HTTP_HVAL_STR 0x0100 /* Exact match on the HTTP header value */ |
| 272 | #define TCPCHK_EXPT_FL_HTTP_HVAL_BEG 0x0200 /* Prefix match on the HTTP header value */ |
| 273 | #define TCPCHK_EXPT_FL_HTTP_HVAL_END 0x0400 /* Suffix match on the HTTP header value */ |
| 274 | #define TCPCHK_EXPT_FL_HTTP_HVAL_SUB 0x0800 /* Substring match on the HTTP header value */ |
| 275 | #define TCPCHK_EXPT_FL_HTTP_HVAL_REG 0x1000 /* Regex match on the HTTP header value*/ |
| 276 | #define TCPCHK_EXPT_FL_HTTP_HVAL_FMT 0x2000 /* The HTTP header value is a log-format string */ |
| 277 | #define TCPCHK_EXPT_FL_HTTP_HVAL_FULL 0x4000 /* Match the full header value ( no stop on commas ) */ |
Christopher Faulet | 12d5740 | 2020-04-10 09:58:42 +0200 | [diff] [blame] | 278 | |
Christopher Faulet | 3970819 | 2020-05-05 10:47:36 +0200 | [diff] [blame] | 279 | #define TCPCHK_EXPT_FL_HTTP_HNAME_TYPE 0x003E /* Mask to get matching method on header name */ |
| 280 | #define TCPCHK_EXPT_FL_HTTP_HVAL_TYPE 0x1F00 /* Mask to get matching method on header value */ |
Christopher Faulet | aaab083 | 2020-05-05 15:54:22 +0200 | [diff] [blame] | 281 | |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 282 | struct tcpcheck_expect { |
Christopher Faulet | 12d5740 | 2020-04-10 09:58:42 +0200 | [diff] [blame] | 283 | enum tcpcheck_expect_type type; /* Type of pattern used for matching. */ |
| 284 | unsigned int flags; /* TCPCHK_EXPT_FL_* */ |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 285 | union { |
Christopher Faulet | 8021a5f | 2020-04-24 13:53:12 +0200 | [diff] [blame] | 286 | struct ist data; /* Matching a literal string / binary anywhere in the response. */ |
| 287 | struct my_regex *regex; /* Matching a regex pattern. */ |
| 288 | struct tcpcheck_codes codes; /* Matching a list of codes */ |
Christopher Faulet | aaab083 | 2020-05-05 15:54:22 +0200 | [diff] [blame] | 289 | struct list fmt; /* Matching a log-format string / binary */ |
Christopher Faulet | 3970819 | 2020-05-05 10:47:36 +0200 | [diff] [blame] | 290 | struct { |
| 291 | union { |
| 292 | struct ist name; |
| 293 | struct list name_fmt; |
| 294 | struct my_regex *name_re; |
| 295 | }; |
| 296 | union { |
| 297 | struct ist value; |
| 298 | struct list value_fmt; |
| 299 | struct my_regex *value_re; |
| 300 | }; |
| 301 | } hdr; /* Matching a header pattern */ |
| 302 | |
Christopher Faulet | 9e6ed15 | 2020-04-03 15:24:06 +0200 | [diff] [blame] | 303 | |
| 304 | /* custom function to eval epxect rule */ |
| 305 | enum tcpcheck_eval_ret (*custom)(struct check *, struct tcpcheck_rule *, int); |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 306 | }; |
| 307 | struct tcpcheck_rule *head; /* first expect of a chain. */ |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 308 | int min_recv; /* Minimum amount of data before an expect can be applied. (default: -1, ignored) */ |
Christopher Faulet | ec07e38 | 2020-04-07 14:56:26 +0200 | [diff] [blame] | 309 | enum healthcheck_status ok_status; /* The healthcheck status to use on success (default: L7OKD) */ |
Christopher Faulet | cf80f2f | 2020-04-01 11:04:52 +0200 | [diff] [blame] | 310 | enum healthcheck_status err_status; /* The healthcheck status to use on error (default: L7RSP) */ |
| 311 | enum healthcheck_status tout_status; /* The healthcheck status to use on timeout (default: L7TOUT) */ |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 312 | struct list onerror_fmt; /* log-format string to use as comment on error */ |
| 313 | struct list onsuccess_fmt; /* log-format string to use as comment on success (if last rule) */ |
Christopher Faulet | 98cc57c | 2020-04-01 20:52:31 +0200 | [diff] [blame] | 314 | struct sample_expr *status_expr; /* sample expr to determine the check status code */ |
Gaetan Rivet | b616add | 2020-02-07 15:37:17 +0100 | [diff] [blame] | 315 | }; |
| 316 | |
Gaetan Rivet | 707b52f | 2020-02-21 18:14:59 +0100 | [diff] [blame] | 317 | struct tcpcheck_action_kw { |
| 318 | struct act_rule *rule; |
| 319 | }; |
| 320 | |
Willy Tarreau | 98aec9f | 2013-12-06 16:16:41 +0100 | [diff] [blame] | 321 | /* possible actions for tcpcheck_rule->action */ |
Gaetan Rivet | dd66732 | 2020-02-14 11:25:09 +0100 | [diff] [blame] | 322 | enum tcpcheck_rule_type { |
| 323 | TCPCHK_ACT_SEND = 0, /* send action, regular string format */ |
| 324 | TCPCHK_ACT_EXPECT, /* expect action, either regular or binary string */ |
| 325 | TCPCHK_ACT_CONNECT, /* connect action, to probe a new port */ |
| 326 | TCPCHK_ACT_COMMENT, /* no action, simply a comment used for logs */ |
Gaetan Rivet | 707b52f | 2020-02-21 18:14:59 +0100 | [diff] [blame] | 327 | TCPCHK_ACT_ACTION_KW, /* custom registered action_kw rule. */ |
Baptiste Assmann | 5ecb77f | 2013-10-06 23:24:13 +0200 | [diff] [blame] | 328 | }; |
| 329 | |
| 330 | struct tcpcheck_rule { |
| 331 | struct list list; /* list linked to from the proxy */ |
Gaetan Rivet | dd66732 | 2020-02-14 11:25:09 +0100 | [diff] [blame] | 332 | enum tcpcheck_rule_type action; /* type of the rule. */ |
Gaetan Rivet | 5301b01 | 2020-02-25 17:19:17 +0100 | [diff] [blame] | 333 | int index; /* Index within the list. Starts at 0. */ |
Baptiste Assmann | aa12b47 | 2015-04-25 16:16:48 +0200 | [diff] [blame] | 334 | char *comment; /* comment to be used in the logs and on the stats socket */ |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 335 | union { |
Gaetan Rivet | 06d963a | 2020-02-21 18:49:05 +0100 | [diff] [blame] | 336 | struct tcpcheck_connect connect; /* Connect rule. */ |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 337 | struct tcpcheck_send send; /* Send rule. */ |
| 338 | struct tcpcheck_expect expect; /* Expected pattern. */ |
Gaetan Rivet | 707b52f | 2020-02-21 18:14:59 +0100 | [diff] [blame] | 339 | struct tcpcheck_action_kw action_kw; /* Custom action. */ |
Gaetan Rivet | 48219dc | 2020-02-21 18:41:28 +0100 | [diff] [blame] | 340 | }; |
Baptiste Assmann | 5ecb77f | 2013-10-06 23:24:13 +0200 | [diff] [blame] | 341 | }; |
| 342 | |
Christopher Faulet | 404f919 | 2020-04-09 23:13:54 +0200 | [diff] [blame] | 343 | #define TCPCHK_RULES_NONE 0x00000000 |
| 344 | #define TCPCHK_RULES_UNUSED_TCP_RS 0x00000001 /* An unused tcp-check ruleset exists */ |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 345 | #define TCPCHK_RULES_UNUSED_HTTP_RS 0x00000002 /* An unused http-check ruleset exists */ |
| 346 | #define TCPCHK_RULES_UNUSED_RS 0x00000003 /* Mask for unused ruleset */ |
Christopher Faulet | 33f05df | 2020-04-01 11:08:50 +0200 | [diff] [blame] | 347 | |
Christopher Faulet | ce35507 | 2020-04-02 11:44:39 +0200 | [diff] [blame] | 348 | #define TCPCHK_RULES_PGSQL_CHK 0x00000010 |
Christopher Faulet | 33f05df | 2020-04-01 11:08:50 +0200 | [diff] [blame] | 349 | #define TCPCHK_RULES_REDIS_CHK 0x00000020 |
Christopher Faulet | fbcc77c | 2020-04-01 20:54:05 +0200 | [diff] [blame] | 350 | #define TCPCHK_RULES_SMTP_CHK 0x00000030 |
Christopher Faulet | e5870d8 | 2020-04-15 11:32:03 +0200 | [diff] [blame] | 351 | #define TCPCHK_RULES_HTTP_CHK 0x00000040 |
Christopher Faulet | f2b3be5 | 2020-04-02 18:07:37 +0200 | [diff] [blame] | 352 | #define TCPCHK_RULES_MYSQL_CHK 0x00000050 |
Christopher Faulet | 1997eca | 2020-04-03 23:13:50 +0200 | [diff] [blame] | 353 | #define TCPCHK_RULES_LDAP_CHK 0x00000060 |
Christopher Faulet | 811f78c | 2020-04-01 11:10:27 +0200 | [diff] [blame] | 354 | #define TCPCHK_RULES_SSL3_CHK 0x00000070 |
Christopher Faulet | 0ae3d1d | 2020-04-06 17:54:24 +0200 | [diff] [blame] | 355 | #define TCPCHK_RULES_AGENT_CHK 0x00000080 |
Christopher Faulet | 267b01b | 2020-04-04 10:27:09 +0200 | [diff] [blame] | 356 | #define TCPCHK_RULES_SPOP_CHK 0x00000090 |
Christopher Faulet | d7e6396 | 2020-04-17 20:15:59 +0200 | [diff] [blame] | 357 | /* Unused 0x000000A0..0x00000FF0 (reserverd for futur proto) */ |
| 358 | #define TCPCHK_RULES_TCP_CHK 0x00000FF0 |
Christopher Faulet | 799f3a4 | 2020-04-07 12:06:14 +0200 | [diff] [blame] | 359 | #define TCPCHK_RULES_PROTO_CHK 0x00000FF0 /* Mask to cover protocol check */ |
Christopher Faulet | 5d503fc | 2020-03-30 20:34:34 +0200 | [diff] [blame] | 360 | |
Christopher Faulet | 7a1e2e1 | 2020-04-02 18:05:11 +0200 | [diff] [blame] | 361 | /* A list of tcp-check vars, to be registered before executing a ruleset */ |
| 362 | struct tcpcheck_var { |
| 363 | struct ist name; /* the variable name with the scope */ |
| 364 | struct sample_data data; /* the data associated to the variable */ |
| 365 | struct list list; /* element to chain tcp-check vars */ |
| 366 | }; |
| 367 | |
Christopher Faulet | 5d503fc | 2020-03-30 20:34:34 +0200 | [diff] [blame] | 368 | /* a list of tcp-check rules */ |
| 369 | struct tcpcheck_rules { |
Christopher Faulet | 7a1e2e1 | 2020-04-02 18:05:11 +0200 | [diff] [blame] | 370 | unsigned int flags; /* flags applied to the rules */ |
| 371 | struct list *list; /* the list of tcpcheck_rules */ |
| 372 | struct list preset_vars; /* The list of variable to preset before executing the ruleset */ |
Christopher Faulet | 5d503fc | 2020-03-30 20:34:34 +0200 | [diff] [blame] | 373 | }; |
| 374 | |
| 375 | /* A list of tcp-check rules with a name */ |
| 376 | struct tcpcheck_ruleset { |
Christopher Faulet | d7cee71 | 2020-04-21 13:45:00 +0200 | [diff] [blame] | 377 | struct list rules; /* the list of tcpcheck_rule */ |
| 378 | struct ebpt_node node; /* node in the shared tree */ |
Christopher Faulet | 5d503fc | 2020-03-30 20:34:34 +0200 | [diff] [blame] | 379 | }; |
| 380 | |
| 381 | |
Thierry FOURNIER | 7eeb435 | 2013-06-14 15:28:25 +0200 | [diff] [blame] | 382 | #endif /* _TYPES_CHECKS_H */ |