Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1 | /* |
| 2 | * HA-Proxy : High Availability-enabled HTTP/TCP proxy |
Willy Tarreau | 421ed39 | 2021-01-06 17:41:32 +0100 | [diff] [blame] | 3 | * Copyright 2000-2021 Willy Tarreau <willy@haproxy.org>. |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 4 | * |
| 5 | * This program is free software; you can redistribute it and/or |
| 6 | * modify it under the terms of the GNU General Public License |
| 7 | * as published by the Free Software Foundation; either version |
| 8 | * 2 of the License, or (at your option) any later version. |
| 9 | * |
Ilya Shipitsin | 46a030c | 2020-07-05 16:36:08 +0500 | [diff] [blame] | 10 | * Please refer to RFC7230 - RFC7235 information about HTTP protocol, and |
| 11 | * RFC6265 for information about cookies usage. More generally, the IETF HTTP |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 12 | * Working Group's web site should be consulted for protocol related changes : |
| 13 | * |
| 14 | * http://ftp.ics.uci.edu/pub/ietf/http/ |
| 15 | * |
| 16 | * Pending bugs (may be not fixed because never reproduced) : |
| 17 | * - solaris only : sometimes, an HTTP proxy with only a dispatch address causes |
| 18 | * the proxy to terminate (no core) if the client breaks the connection during |
| 19 | * the response. Seen on 1.1.8pre4, but never reproduced. May not be related to |
| 20 | * the snprintf() bug since requests were simple (GET / HTTP/1.0), but may be |
| 21 | * related to missing setsid() (fixed in 1.1.15) |
| 22 | * - a proxy with an invalid config will prevent the startup even if disabled. |
| 23 | * |
| 24 | * ChangeLog has moved to the CHANGELOG file. |
| 25 | * |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 26 | */ |
| 27 | |
David Carlier | 7ece096 | 2015-12-08 21:43:09 +0000 | [diff] [blame] | 28 | #define _GNU_SOURCE |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 29 | #include <stdio.h> |
| 30 | #include <stdlib.h> |
| 31 | #include <unistd.h> |
| 32 | #include <string.h> |
| 33 | #include <ctype.h> |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 34 | #include <dirent.h> |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 35 | #include <sys/stat.h> |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 36 | #include <sys/time.h> |
| 37 | #include <sys/types.h> |
| 38 | #include <sys/socket.h> |
| 39 | #include <netinet/tcp.h> |
| 40 | #include <netinet/in.h> |
| 41 | #include <arpa/inet.h> |
| 42 | #include <netdb.h> |
| 43 | #include <fcntl.h> |
| 44 | #include <errno.h> |
| 45 | #include <signal.h> |
| 46 | #include <stdarg.h> |
| 47 | #include <sys/resource.h> |
Tim Duesterhus | dfad6a4 | 2020-04-18 16:02:47 +0200 | [diff] [blame] | 48 | #include <sys/utsname.h> |
Marc-Antoine Perennou | 992709b | 2013-02-12 10:53:52 +0100 | [diff] [blame] | 49 | #include <sys/wait.h> |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 50 | #include <time.h> |
| 51 | #include <syslog.h> |
Michael Scherer | ab012dd | 2013-01-12 18:35:19 +0100 | [diff] [blame] | 52 | #include <grp.h> |
Willy Tarreau | fc6c032 | 2012-11-16 16:12:27 +0100 | [diff] [blame] | 53 | #ifdef USE_CPU_AFFINITY |
Willy Tarreau | fc6c032 | 2012-11-16 16:12:27 +0100 | [diff] [blame] | 54 | #include <sched.h> |
David Carlier | 42d9e5a | 2018-11-12 16:22:19 +0000 | [diff] [blame] | 55 | #if defined(__FreeBSD__) || defined(__DragonFly__) |
Pieter Baauw | caa6a1b | 2015-09-17 21:26:40 +0200 | [diff] [blame] | 56 | #include <sys/param.h> |
David Carlier | 42d9e5a | 2018-11-12 16:22:19 +0000 | [diff] [blame] | 57 | #ifdef __FreeBSD__ |
Pieter Baauw | caa6a1b | 2015-09-17 21:26:40 +0200 | [diff] [blame] | 58 | #include <sys/cpuset.h> |
David Carlier | 42d9e5a | 2018-11-12 16:22:19 +0000 | [diff] [blame] | 59 | #endif |
David Carlier | 6d5c841 | 2017-11-29 11:02:32 +0000 | [diff] [blame] | 60 | #include <pthread_np.h> |
Pieter Baauw | caa6a1b | 2015-09-17 21:26:40 +0200 | [diff] [blame] | 61 | #endif |
David Carlier | 5e4c8e2 | 2019-09-13 05:12:58 +0100 | [diff] [blame] | 62 | #ifdef __APPLE__ |
| 63 | #include <mach/mach_types.h> |
| 64 | #include <mach/thread_act.h> |
| 65 | #include <mach/thread_policy.h> |
| 66 | #endif |
Willy Tarreau | fc6c032 | 2012-11-16 16:12:27 +0100 | [diff] [blame] | 67 | #endif |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 68 | |
Willy Tarreau | 636848a | 2019-04-15 19:38:50 +0200 | [diff] [blame] | 69 | #if defined(USE_PRCTL) |
| 70 | #include <sys/prctl.h> |
| 71 | #endif |
| 72 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 73 | #ifdef DEBUG_FULL |
| 74 | #include <assert.h> |
| 75 | #endif |
Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 76 | #if defined(USE_SYSTEMD) |
| 77 | #include <systemd/sd-daemon.h> |
| 78 | #endif |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 79 | |
Willy Tarreau | 6c3a681 | 2020-03-06 18:57:15 +0100 | [diff] [blame] | 80 | #include <import/sha1.h> |
| 81 | |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 82 | #include <haproxy/acl.h> |
Amaury Denoyelle | 68fd7e4 | 2021-03-25 17:15:52 +0100 | [diff] [blame] | 83 | #include <haproxy/action.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 84 | #include <haproxy/activity.h> |
| 85 | #include <haproxy/api.h> |
| 86 | #include <haproxy/arg.h> |
| 87 | #include <haproxy/auth.h> |
Willy Tarreau | 8d36697 | 2020-05-27 16:10:29 +0200 | [diff] [blame] | 88 | #include <haproxy/base64.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 89 | #include <haproxy/capture-t.h> |
Amaury Denoyelle | 5a6926d | 2021-03-30 17:34:24 +0200 | [diff] [blame] | 90 | #include <haproxy/cfgdiag.h> |
Willy Tarreau | 6be7849 | 2020-06-05 00:00:29 +0200 | [diff] [blame] | 91 | #include <haproxy/cfgparse.h> |
Willy Tarreau | c13ed53 | 2020-06-02 10:22:45 +0200 | [diff] [blame] | 92 | #include <haproxy/chunk.h> |
Willy Tarreau | 83487a8 | 2020-06-04 20:19:54 +0200 | [diff] [blame] | 93 | #include <haproxy/cli.h> |
Willy Tarreau | 7ea393d | 2020-06-04 18:02:10 +0200 | [diff] [blame] | 94 | #include <haproxy/connection.h> |
Willy Tarreau | eb92deb | 2020-06-04 10:53:16 +0200 | [diff] [blame] | 95 | #include <haproxy/dns.h> |
Willy Tarreau | 2741c8c | 2020-06-02 11:28:02 +0200 | [diff] [blame] | 96 | #include <haproxy/dynbuf.h> |
Willy Tarreau | 8d36697 | 2020-05-27 16:10:29 +0200 | [diff] [blame] | 97 | #include <haproxy/errors.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 98 | #include <haproxy/fd.h> |
Willy Tarreau | c7babd8 | 2020-06-04 21:29:29 +0200 | [diff] [blame] | 99 | #include <haproxy/filters.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 100 | #include <haproxy/global.h> |
Willy Tarreau | 8641605 | 2020-06-04 09:20:54 +0200 | [diff] [blame] | 101 | #include <haproxy/hlua.h> |
Willy Tarreau | c761f84 | 2020-06-04 11:40:28 +0200 | [diff] [blame] | 102 | #include <haproxy/http_rules.h> |
Willy Tarreau | 853b297 | 2020-05-27 18:01:47 +0200 | [diff] [blame] | 103 | #include <haproxy/list.h> |
Willy Tarreau | 213e990 | 2020-06-04 14:58:24 +0200 | [diff] [blame] | 104 | #include <haproxy/listener.h> |
Willy Tarreau | aeed4a8 | 2020-06-04 22:01:04 +0200 | [diff] [blame] | 105 | #include <haproxy/log.h> |
Willy Tarreau | b5abe5b | 2020-06-04 14:07:37 +0200 | [diff] [blame] | 106 | #include <haproxy/mworker.h> |
Willy Tarreau | 7a00efb | 2020-06-02 17:02:59 +0200 | [diff] [blame] | 107 | #include <haproxy/namespace.h> |
Willy Tarreau | 6131d6a | 2020-06-02 16:48:09 +0200 | [diff] [blame] | 108 | #include <haproxy/net_helper.h> |
Willy Tarreau | 6019fab | 2020-05-27 16:26:00 +0200 | [diff] [blame] | 109 | #include <haproxy/openssl-compat.h> |
Willy Tarreau | 225a90a | 2020-06-04 15:06:28 +0200 | [diff] [blame] | 110 | #include <haproxy/pattern.h> |
Willy Tarreau | 3c2a7c2 | 2020-06-04 18:38:21 +0200 | [diff] [blame] | 111 | #include <haproxy/peers.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 112 | #include <haproxy/pool.h> |
| 113 | #include <haproxy/protocol.h> |
Willy Tarreau | bf3b06b | 2020-08-26 10:23:40 +0200 | [diff] [blame] | 114 | #include <haproxy/proto_tcp.h> |
Willy Tarreau | a264d96 | 2020-06-04 22:29:18 +0200 | [diff] [blame] | 115 | #include <haproxy/proxy.h> |
Willy Tarreau | 7cd8b6e | 2020-06-02 17:32:26 +0200 | [diff] [blame] | 116 | #include <haproxy/regex.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 117 | #include <haproxy/sample.h> |
Willy Tarreau | 1e56f92 | 2020-06-04 23:20:13 +0200 | [diff] [blame] | 118 | #include <haproxy/server.h> |
Willy Tarreau | 48d25b3 | 2020-06-04 18:58:52 +0200 | [diff] [blame] | 119 | #include <haproxy/session.h> |
Willy Tarreau | 3727a8a | 2020-06-04 17:37:26 +0200 | [diff] [blame] | 120 | #include <haproxy/signal.h> |
Willy Tarreau | 063d47d | 2020-08-28 16:29:53 +0200 | [diff] [blame] | 121 | #include <haproxy/sock.h> |
Willy Tarreau | 25140cc | 2020-08-28 15:40:33 +0200 | [diff] [blame] | 122 | #include <haproxy/sock_inet.h> |
Willy Tarreau | 209108d | 2020-06-04 20:30:20 +0200 | [diff] [blame] | 123 | #include <haproxy/ssl_sock.h> |
Amaury Denoyelle | ee63d4b | 2020-10-05 11:49:42 +0200 | [diff] [blame] | 124 | #include <haproxy/stats-t.h> |
Willy Tarreau | dfd3de8 | 2020-06-04 23:46:14 +0200 | [diff] [blame] | 125 | #include <haproxy/stream.h> |
Willy Tarreau | cea0e1b | 2020-06-04 17:25:40 +0200 | [diff] [blame] | 126 | #include <haproxy/task.h> |
Willy Tarreau | 3f567e4 | 2020-05-28 15:29:19 +0200 | [diff] [blame] | 127 | #include <haproxy/thread.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 128 | #include <haproxy/time.h> |
| 129 | #include <haproxy/tools.h> |
| 130 | #include <haproxy/uri_auth-t.h> |
Willy Tarreau | a171892 | 2020-06-04 16:25:31 +0200 | [diff] [blame] | 131 | #include <haproxy/vars.h> |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 132 | #include <haproxy/version.h> |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 133 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 134 | |
Willy Tarreau | 7b5654f | 2019-03-29 21:30:17 +0100 | [diff] [blame] | 135 | /* array of init calls for older platforms */ |
| 136 | DECLARE_INIT_STAGES; |
| 137 | |
Willy Tarreau | f459640 | 2021-04-10 16:53:05 +0200 | [diff] [blame] | 138 | /* create a read_mostly section to hold variables which are accessed a lot |
| 139 | * but which almost never change. The purpose is to isolate them in their |
| 140 | * own cache lines where they don't risk to be perturbated by write accesses |
| 141 | * to neighbor variables. We need to create an empty aligned variable for |
| 142 | * this. The fact that the variable is of size zero means that it will be |
| 143 | * eliminated at link time if no other variable uses it, but alignment will |
| 144 | * be respected. |
| 145 | */ |
| 146 | empty_t __read_mostly_align HA_SECTION("read_mostly") ALIGNED(64); |
| 147 | |
Willy Tarreau | 477ecd8 | 2010-01-03 21:12:30 +0100 | [diff] [blame] | 148 | /* list of config files */ |
| 149 | static struct list cfg_cfgfiles = LIST_HEAD_INIT(cfg_cfgfiles); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 150 | int pid; /* current process id */ |
Willy Tarreau | 2815664 | 2007-11-26 16:13:36 +0100 | [diff] [blame] | 151 | int relative_pid = 1; /* process id starting at 1 */ |
Willy Tarreau | 387bd4f | 2017-11-10 19:08:14 +0100 | [diff] [blame] | 152 | unsigned long pid_bit = 1; /* bit corresponding to the process id */ |
Willy Tarreau | a38a717 | 2019-02-02 17:11:28 +0100 | [diff] [blame] | 153 | unsigned long all_proc_mask = 1; /* mask of all processes */ |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 154 | |
Willy Tarreau | f8ea00e | 2020-03-12 17:24:53 +0100 | [diff] [blame] | 155 | volatile unsigned long sleeping_thread_mask = 0; /* Threads that are about to sleep in poll() */ |
Willy Tarreau | 4b3f27b | 2020-03-12 17:28:01 +0100 | [diff] [blame] | 156 | volatile unsigned long stopping_thread_mask = 0; /* Threads acknowledged stopping */ |
Willy Tarreau | f8ea00e | 2020-03-12 17:24:53 +0100 | [diff] [blame] | 157 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 158 | /* global options */ |
| 159 | struct global global = { |
Cyril Bonté | 203ec5a | 2017-03-23 22:44:13 +0100 | [diff] [blame] | 160 | .hard_stop_after = TICK_ETERNITY, |
Willy Tarreau | 247a13a | 2012-11-15 17:38:15 +0100 | [diff] [blame] | 161 | .nbproc = 1, |
Willy Tarreau | 149ab77 | 2019-01-26 14:27:06 +0100 | [diff] [blame] | 162 | .nbthread = 0, |
William Lallemand | 5f23240 | 2012-04-05 18:02:55 +0200 | [diff] [blame] | 163 | .req_count = 0, |
William Lallemand | 0f99e34 | 2011-10-12 17:50:54 +0200 | [diff] [blame] | 164 | .logsrvs = LIST_HEAD_INIT(global.logsrvs), |
William Lallemand | 9d5f548 | 2012-11-07 16:12:57 +0100 | [diff] [blame] | 165 | .maxzlibmem = 0, |
William Lallemand | d85f917 | 2012-11-09 17:05:39 +0100 | [diff] [blame] | 166 | .comp_rate_lim = 0, |
Emeric Brun | 850efd5 | 2014-01-29 12:24:34 +0100 | [diff] [blame] | 167 | .ssl_server_verify = SSL_SERVER_VERIFY_REQUIRED, |
Emeric Brun | ed76092 | 2010-10-22 17:59:25 +0200 | [diff] [blame] | 168 | .unix_bind = { |
| 169 | .ux = { |
| 170 | .uid = -1, |
| 171 | .gid = -1, |
| 172 | .mode = 0, |
| 173 | } |
| 174 | }, |
Willy Tarreau | 27a674e | 2009-08-17 07:23:33 +0200 | [diff] [blame] | 175 | .tune = { |
Willy Tarreau | 7ac908b | 2019-02-27 12:02:18 +0100 | [diff] [blame] | 176 | .options = GTUNE_LISTENER_MQ, |
Willy Tarreau | c77d364 | 2018-12-12 06:19:42 +0100 | [diff] [blame] | 177 | .bufsize = (BUFSIZE + 2*sizeof(void *) - 1) & -(2*sizeof(void *)), |
Christopher Faulet | 546c469 | 2020-01-22 14:31:21 +0100 | [diff] [blame] | 178 | .maxrewrite = MAXREWRITE, |
Willy Tarreau | a24adf0 | 2014-11-27 01:11:56 +0100 | [diff] [blame] | 179 | .reserved_bufs = RESERVED_BUFS, |
Willy Tarreau | f3045d2 | 2015-04-29 16:24:50 +0200 | [diff] [blame] | 180 | .pattern_cache = DEFAULT_PAT_LRU_SIZE, |
Olivier Houchard | 88698d9 | 2019-04-16 19:07:22 +0200 | [diff] [blame] | 181 | .pool_low_ratio = 20, |
| 182 | .pool_high_ratio = 25, |
Christopher Faulet | 41ba36f | 2019-07-19 09:36:45 +0200 | [diff] [blame] | 183 | .max_http_hdr = MAX_HTTP_HDR, |
Emeric Brun | fc32aca | 2012-09-03 12:10:29 +0200 | [diff] [blame] | 184 | #ifdef USE_OPENSSL |
Emeric Brun | 4663577 | 2012-11-14 11:32:56 +0100 | [diff] [blame] | 185 | .sslcachesize = SSLCACHESIZE, |
Emeric Brun | fc32aca | 2012-09-03 12:10:29 +0200 | [diff] [blame] | 186 | #endif |
William Lallemand | f374783 | 2012-11-09 12:33:10 +0100 | [diff] [blame] | 187 | .comp_maxlevel = 1, |
Willy Tarreau | 7e31273 | 2014-02-12 16:35:14 +0100 | [diff] [blame] | 188 | #ifdef DEFAULT_IDLE_TIMER |
| 189 | .idle_timer = DEFAULT_IDLE_TIMER, |
| 190 | #else |
| 191 | .idle_timer = 1000, /* 1 second */ |
| 192 | #endif |
Willy Tarreau | 27a674e | 2009-08-17 07:23:33 +0200 | [diff] [blame] | 193 | }, |
Emeric Brun | 76d8895 | 2012-10-05 15:47:31 +0200 | [diff] [blame] | 194 | #ifdef USE_OPENSSL |
| 195 | #ifdef DEFAULT_MAXSSLCONN |
Willy Tarreau | 403edff | 2012-09-06 11:58:37 +0200 | [diff] [blame] | 196 | .maxsslconn = DEFAULT_MAXSSLCONN, |
| 197 | #endif |
Emeric Brun | 76d8895 | 2012-10-05 15:47:31 +0200 | [diff] [blame] | 198 | #endif |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 199 | /* others NULL OK */ |
| 200 | }; |
| 201 | |
| 202 | /*********************************************************************/ |
| 203 | |
| 204 | int stopping; /* non zero means stopping in progress */ |
Cyril Bonté | 203ec5a | 2017-03-23 22:44:13 +0100 | [diff] [blame] | 205 | int killed; /* non zero means a hard-stop is triggered */ |
Willy Tarreau | af7ad00 | 2010-08-31 15:39:26 +0200 | [diff] [blame] | 206 | int jobs = 0; /* number of active jobs (conns, listeners, active tasks, ...) */ |
William Lallemand | a719926 | 2018-11-16 16:57:20 +0100 | [diff] [blame] | 207 | int unstoppable_jobs = 0; /* number of active jobs that can't be stopped during a soft stop */ |
Willy Tarreau | 199ad24 | 2018-11-05 16:31:22 +0100 | [diff] [blame] | 208 | int active_peers = 0; /* number of active peers (connection attempts and connected) */ |
Willy Tarreau | 2d372c2 | 2018-11-05 17:12:27 +0100 | [diff] [blame] | 209 | int connected_peers = 0; /* number of connected peers (verified ones) */ |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 210 | |
Ilya Shipitsin | 46a030c | 2020-07-05 16:36:08 +0500 | [diff] [blame] | 211 | /* Here we store information about the pids of the processes we may pause |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 212 | * or kill. We will send them a signal every 10 ms until we can bind to all |
| 213 | * our ports. With 200 retries, that's about 2 seconds. |
| 214 | */ |
| 215 | #define MAX_START_RETRIES 200 |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 216 | static int *oldpids = NULL; |
| 217 | static int oldpids_sig; /* use USR1 or TERM */ |
| 218 | |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 219 | /* Path to the unix socket we use to retrieve listener sockets from the old process */ |
| 220 | static const char *old_unixsocket; |
| 221 | |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 222 | static char *cur_unixsocket = NULL; |
| 223 | |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 224 | int atexit_flag = 0; |
| 225 | |
Willy Tarreau | bb545b4 | 2010-08-25 12:58:59 +0200 | [diff] [blame] | 226 | int nb_oldpids = 0; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 227 | const int zero = 0; |
| 228 | const int one = 1; |
Alexandre Cassen | 87ea548 | 2007-10-11 20:48:58 +0200 | [diff] [blame] | 229 | const struct linger nolinger = { .l_onoff = 1, .l_linger = 0 }; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 230 | |
Willy Tarreau | 1d21e0a | 2010-03-12 21:58:54 +0100 | [diff] [blame] | 231 | char hostname[MAX_HOSTNAME_LEN]; |
Dragan Dosen | 4f01415 | 2020-06-18 16:56:47 +0200 | [diff] [blame] | 232 | char *localpeer = NULL; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 233 | |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 234 | static char **old_argv = NULL; /* previous argv but cleaned up */ |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 235 | |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 236 | struct list proc_list = LIST_HEAD_INIT(proc_list); |
| 237 | |
| 238 | int master = 0; /* 1 if in master, 0 if in child */ |
Willy Tarreau | bf69640 | 2019-03-01 10:09:28 +0100 | [diff] [blame] | 239 | unsigned int rlim_fd_cur_at_boot = 0; |
| 240 | unsigned int rlim_fd_max_at_boot = 0; |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 241 | |
Willy Tarreau | 6c3a681 | 2020-03-06 18:57:15 +0100 | [diff] [blame] | 242 | /* per-boot randomness */ |
| 243 | unsigned char boot_seed[20]; /* per-boot random seed (160 bits initially) */ |
| 244 | |
William Lallemand | 16dd1b3 | 2018-11-19 18:46:18 +0100 | [diff] [blame] | 245 | struct mworker_proc *proc_self = NULL; |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 246 | |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 247 | static void *run_thread_poll_loop(void *data); |
| 248 | |
Willy Tarreau | ff05550 | 2014-04-28 22:27:06 +0200 | [diff] [blame] | 249 | /* bitfield of a few warnings to emit just once (WARN_*) */ |
| 250 | unsigned int warned = 0; |
| 251 | |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 252 | /* master CLI configuration (-S flag) */ |
| 253 | struct list mworker_cli_conf = LIST_HEAD_INIT(mworker_cli_conf); |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 254 | |
| 255 | /* These are strings to be reported in the output of "haproxy -vv". They may |
| 256 | * either be constants (in which case must_free must be zero) or dynamically |
| 257 | * allocated strings to pass to free() on exit, and in this case must_free |
| 258 | * must be non-zero. |
| 259 | */ |
| 260 | struct list build_opts_list = LIST_HEAD_INIT(build_opts_list); |
| 261 | struct build_opts_str { |
| 262 | struct list list; |
| 263 | const char *str; |
| 264 | int must_free; |
| 265 | }; |
| 266 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 267 | /*********************************************************************/ |
| 268 | /* general purpose functions ***************************************/ |
| 269 | /*********************************************************************/ |
| 270 | |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 271 | /* used to register some build option strings at boot. Set must_free to |
| 272 | * non-zero if the string must be freed upon exit. |
| 273 | */ |
| 274 | void hap_register_build_opts(const char *str, int must_free) |
| 275 | { |
| 276 | struct build_opts_str *b; |
| 277 | |
| 278 | b = calloc(1, sizeof(*b)); |
| 279 | if (!b) { |
| 280 | fprintf(stderr, "out of memory\n"); |
| 281 | exit(1); |
| 282 | } |
| 283 | b->str = str; |
| 284 | b->must_free = must_free; |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 285 | LIST_APPEND(&build_opts_list, &b->list); |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 286 | } |
| 287 | |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 288 | static void display_version() |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 289 | { |
Tim Duesterhus | dfad6a4 | 2020-04-18 16:02:47 +0200 | [diff] [blame] | 290 | struct utsname utsname; |
| 291 | |
Willy Tarreau | 08dd202 | 2019-11-21 18:07:30 +0100 | [diff] [blame] | 292 | printf("HA-Proxy version %s %s - https://haproxy.org/\n" |
| 293 | PRODUCT_STATUS "\n", haproxy_version, haproxy_date); |
Willy Tarreau | 47479eb | 2019-11-21 18:48:20 +0100 | [diff] [blame] | 294 | |
| 295 | if (strlen(PRODUCT_URL_BUGS) > 0) { |
| 296 | char base_version[20]; |
| 297 | int dots = 0; |
| 298 | char *del; |
| 299 | |
| 300 | /* only retrieve the base version without distro-specific extensions */ |
| 301 | for (del = haproxy_version; *del; del++) { |
| 302 | if (*del == '.') |
| 303 | dots++; |
| 304 | else if (*del < '0' || *del > '9') |
| 305 | break; |
| 306 | } |
| 307 | |
| 308 | strlcpy2(base_version, haproxy_version, del - haproxy_version + 1); |
| 309 | if (dots < 2) |
| 310 | printf("Known bugs: https://github.com/haproxy/haproxy/issues?q=is:issue+is:open\n"); |
| 311 | else |
| 312 | printf("Known bugs: " PRODUCT_URL_BUGS "\n", base_version); |
| 313 | } |
Tim Duesterhus | dfad6a4 | 2020-04-18 16:02:47 +0200 | [diff] [blame] | 314 | |
| 315 | if (uname(&utsname) == 0) { |
| 316 | printf("Running on: %s %s %s %s\n", utsname.sysname, utsname.release, utsname.version, utsname.machine); |
| 317 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 318 | } |
| 319 | |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 320 | static void display_build_opts() |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 321 | { |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 322 | struct build_opts_str *item; |
| 323 | |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 324 | printf("Build options :" |
| 325 | #ifdef BUILD_TARGET |
Willy Tarreau | 9f2b730 | 2008-01-02 20:48:34 +0100 | [diff] [blame] | 326 | "\n TARGET = " BUILD_TARGET |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 327 | #endif |
| 328 | #ifdef BUILD_CPU |
Willy Tarreau | 9f2b730 | 2008-01-02 20:48:34 +0100 | [diff] [blame] | 329 | "\n CPU = " BUILD_CPU |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 330 | #endif |
| 331 | #ifdef BUILD_CC |
Willy Tarreau | 9f2b730 | 2008-01-02 20:48:34 +0100 | [diff] [blame] | 332 | "\n CC = " BUILD_CC |
| 333 | #endif |
| 334 | #ifdef BUILD_CFLAGS |
| 335 | "\n CFLAGS = " BUILD_CFLAGS |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 336 | #endif |
Willy Tarreau | 9f2b730 | 2008-01-02 20:48:34 +0100 | [diff] [blame] | 337 | #ifdef BUILD_OPTIONS |
| 338 | "\n OPTIONS = " BUILD_OPTIONS |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 339 | #endif |
Tim Duesterhus | c8d1970 | 2020-11-21 18:07:59 +0100 | [diff] [blame] | 340 | #ifdef BUILD_DEBUG |
| 341 | "\n DEBUG = " BUILD_DEBUG |
| 342 | #endif |
Willy Tarreau | 7728ed3 | 2019-03-27 13:20:08 +0100 | [diff] [blame] | 343 | #ifdef BUILD_FEATURES |
| 344 | "\n\nFeature list : " BUILD_FEATURES |
| 345 | #endif |
Willy Tarreau | 27a674e | 2009-08-17 07:23:33 +0200 | [diff] [blame] | 346 | "\n\nDefault settings :" |
Willy Tarreau | ca783d4 | 2019-03-13 10:03:07 +0100 | [diff] [blame] | 347 | "\n bufsize = %d, maxrewrite = %d, maxpollevents = %d" |
Willy Tarreau | 27a674e | 2009-08-17 07:23:33 +0200 | [diff] [blame] | 348 | "\n\n", |
Willy Tarreau | ca783d4 | 2019-03-13 10:03:07 +0100 | [diff] [blame] | 349 | BUFSIZE, MAXREWRITE, MAX_POLL_EVENTS); |
Willy Tarreau | be5b685 | 2009-10-03 18:57:08 +0200 | [diff] [blame] | 350 | |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 351 | list_for_each_entry(item, &build_opts_list, list) { |
| 352 | puts(item->str); |
| 353 | } |
| 354 | |
Krzysztof Piotr Oledzki | 9610504 | 2010-01-29 17:50:44 +0100 | [diff] [blame] | 355 | putchar('\n'); |
| 356 | |
Willy Tarreau | be5b685 | 2009-10-03 18:57:08 +0200 | [diff] [blame] | 357 | list_pollers(stdout); |
| 358 | putchar('\n'); |
Christopher Faulet | 98d9fe2 | 2018-04-10 14:37:32 +0200 | [diff] [blame] | 359 | list_mux_proto(stdout); |
| 360 | putchar('\n'); |
Willy Tarreau | 679bba1 | 2019-03-19 08:08:10 +0100 | [diff] [blame] | 361 | list_services(stdout); |
| 362 | putchar('\n'); |
Christopher Faulet | b3f4e14 | 2016-03-07 12:46:38 +0100 | [diff] [blame] | 363 | list_filters(stdout); |
| 364 | putchar('\n'); |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 365 | } |
| 366 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 367 | /* |
| 368 | * This function prints the command line usage and exits |
| 369 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 370 | static void usage(char *name) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 371 | { |
| 372 | display_version(); |
| 373 | fprintf(stderr, |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 374 | "Usage : %s [-f <cfgfile|cfgdir>]* [ -vdV" |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 375 | "D ] [ -n <maxconn> ] [ -N <maxpconn> ]\n" |
Willy Tarreau | a088d31 | 2015-10-08 11:58:48 +0200 | [diff] [blame] | 376 | " [ -p <pidfile> ] [ -m <max megs> ] [ -C <dir> ] [-- <cfgfile>*]\n" |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 377 | " -v displays version ; -vv shows known build options.\n" |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 378 | " -d enters debug mode ; -db only disables background mode.\n" |
Willy Tarreau | 6e06443 | 2012-05-08 15:40:42 +0200 | [diff] [blame] | 379 | " -dM[<byte>] poisons memory with <byte> (defaults to 0x50)\n" |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 380 | " -V enters verbose mode (disables quiet mode)\n" |
Willy Tarreau | 576132e | 2011-09-10 19:26:56 +0200 | [diff] [blame] | 381 | " -D goes daemon ; -C changes to <dir> before loading files.\n" |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 382 | " -W master-worker mode.\n" |
Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 383 | #if defined(USE_SYSTEMD) |
| 384 | " -Ws master-worker mode with systemd notify support.\n" |
| 385 | #endif |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 386 | " -q quiet mode : don't display messages\n" |
Willy Tarreau | 5d01a63 | 2009-06-22 16:02:30 +0200 | [diff] [blame] | 387 | " -c check mode : only check config files and exit\n" |
Willy Tarreau | ca783d4 | 2019-03-13 10:03:07 +0100 | [diff] [blame] | 388 | " -n sets the maximum total # of connections (uses ulimit -n)\n" |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 389 | " -m limits the usable amount of memory (in MB)\n" |
| 390 | " -N sets the default, per-proxy maximum # of connections (%d)\n" |
Emeric Brun | 2b920a1 | 2010-09-23 18:30:22 +0200 | [diff] [blame] | 391 | " -L set local peer name (default to hostname)\n" |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 392 | " -p writes pids of all children to this file\n" |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 393 | #if defined(USE_EPOLL) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 394 | " -de disables epoll() usage even when available\n" |
| 395 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 396 | #if defined(USE_KQUEUE) |
Willy Tarreau | 1e63130a | 2007-04-09 12:03:06 +0200 | [diff] [blame] | 397 | " -dk disables kqueue() usage even when available\n" |
| 398 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 399 | #if defined(USE_EVPORTS) |
Emmanuel Hocdet | 0ba4f48 | 2019-04-08 16:53:32 +0000 | [diff] [blame] | 400 | " -dv disables event ports usage even when available\n" |
| 401 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 402 | #if defined(USE_POLL) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 403 | " -dp disables poll() usage even when available\n" |
| 404 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 405 | #if defined(USE_LINUX_SPLICE) |
Willy Tarreau | 3ab68cf | 2009-01-25 16:03:28 +0100 | [diff] [blame] | 406 | " -dS disables splice usage (broken on old kernels)\n" |
| 407 | #endif |
Nenad Merdanovic | 88afe03 | 2014-04-14 15:56:58 +0200 | [diff] [blame] | 408 | #if defined(USE_GETADDRINFO) |
| 409 | " -dG disables getaddrinfo() usage\n" |
| 410 | #endif |
Lukas Tribus | a0bcbdc | 2016-09-12 21:42:20 +0000 | [diff] [blame] | 411 | #if defined(SO_REUSEPORT) |
| 412 | " -dR disables SO_REUSEPORT usage\n" |
| 413 | #endif |
Willy Tarreau | 3eed10e | 2016-11-07 21:03:16 +0100 | [diff] [blame] | 414 | " -dr ignores server address resolution failures\n" |
Emeric Brun | 850efd5 | 2014-01-29 12:24:34 +0100 | [diff] [blame] | 415 | " -dV disables SSL verify on servers side\n" |
Willy Tarreau | 3eb10b8 | 2020-04-15 16:42:39 +0200 | [diff] [blame] | 416 | " -dW fails if any warning is emitted\n" |
Amaury Denoyelle | 7b01a8d | 2021-03-29 10:29:07 +0200 | [diff] [blame] | 417 | " -dD diagnostic mode : warn about suspicious configuration statements\n" |
Willy Tarreau | c6ca1aa | 2015-10-08 11:32:32 +0200 | [diff] [blame] | 418 | " -sf/-st [pid ]* finishes/terminates old pids.\n" |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 419 | " -x <unix_socket> get listening sockets from a unix socket\n" |
William Lallemand | 63329e3 | 2019-06-13 17:03:37 +0200 | [diff] [blame] | 420 | " -S <bind>[,<bind options>...] new master CLI\n" |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 421 | "\n", |
Willy Tarreau | ca783d4 | 2019-03-13 10:03:07 +0100 | [diff] [blame] | 422 | name, cfg_maxpconn); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 423 | exit(1); |
| 424 | } |
| 425 | |
| 426 | |
| 427 | |
| 428 | /*********************************************************************/ |
| 429 | /* more specific functions ***************************************/ |
| 430 | /*********************************************************************/ |
| 431 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 432 | /* sends the signal <sig> to all pids found in <oldpids>. Returns the number of |
| 433 | * pids the signal was correctly delivered to. |
| 434 | */ |
William Lallemand | e25473c | 2019-04-01 11:29:56 +0200 | [diff] [blame] | 435 | int tell_old_pids(int sig) |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 436 | { |
| 437 | int p; |
| 438 | int ret = 0; |
| 439 | for (p = 0; p < nb_oldpids; p++) |
| 440 | if (kill(oldpids[p], sig) == 0) |
| 441 | ret++; |
| 442 | return ret; |
| 443 | } |
| 444 | |
William Lallemand | 75ea0a0 | 2017-11-15 19:02:58 +0100 | [diff] [blame] | 445 | /* |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 446 | * remove a pid forom the olpid array and decrease nb_oldpids |
| 447 | * return 1 pid was found otherwise return 0 |
| 448 | */ |
| 449 | |
| 450 | int delete_oldpid(int pid) |
| 451 | { |
| 452 | int i; |
| 453 | |
| 454 | for (i = 0; i < nb_oldpids; i++) { |
| 455 | if (oldpids[i] == pid) { |
| 456 | oldpids[i] = oldpids[nb_oldpids - 1]; |
| 457 | oldpids[nb_oldpids - 1] = 0; |
| 458 | nb_oldpids--; |
| 459 | return 1; |
| 460 | } |
| 461 | } |
| 462 | return 0; |
| 463 | } |
| 464 | |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 465 | |
| 466 | static void get_cur_unixsocket() |
| 467 | { |
| 468 | /* if -x was used, try to update the stat socket if not available anymore */ |
Willy Tarreau | 4975d14 | 2021-03-13 11:00:33 +0100 | [diff] [blame] | 469 | if (global.cli_fe) { |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 470 | struct bind_conf *bind_conf; |
| 471 | |
| 472 | /* pass through all stats socket */ |
Willy Tarreau | 4975d14 | 2021-03-13 11:00:33 +0100 | [diff] [blame] | 473 | list_for_each_entry(bind_conf, &global.cli_fe->conf.bind, by_fe) { |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 474 | struct listener *l; |
| 475 | |
| 476 | list_for_each_entry(l, &bind_conf->listeners, by_bind) { |
| 477 | |
Willy Tarreau | 3715906 | 2020-08-27 07:48:42 +0200 | [diff] [blame] | 478 | if (l->rx.addr.ss_family == AF_UNIX && |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 479 | (bind_conf->level & ACCESS_FD_LISTENERS)) { |
| 480 | const struct sockaddr_un *un; |
| 481 | |
Willy Tarreau | 3715906 | 2020-08-27 07:48:42 +0200 | [diff] [blame] | 482 | un = (struct sockaddr_un *)&l->rx.addr; |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 483 | /* priority to old_unixsocket */ |
| 484 | if (!cur_unixsocket) { |
| 485 | cur_unixsocket = strdup(un->sun_path); |
| 486 | } else { |
Tim Duesterhus | e5ff141 | 2021-01-02 22:31:53 +0100 | [diff] [blame] | 487 | if (old_unixsocket && strcmp(un->sun_path, old_unixsocket) == 0) { |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 488 | free(cur_unixsocket); |
| 489 | cur_unixsocket = strdup(old_unixsocket); |
| 490 | return; |
| 491 | } |
| 492 | } |
| 493 | } |
| 494 | } |
| 495 | } |
| 496 | } |
| 497 | if (!cur_unixsocket && old_unixsocket) |
| 498 | cur_unixsocket = strdup(old_unixsocket); |
| 499 | } |
| 500 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 501 | /* |
| 502 | * When called, this function reexec haproxy with -sf followed by current |
Joseph Herlant | 0342090 | 2018-11-15 10:41:50 -0800 | [diff] [blame] | 503 | * children PIDs and possibly old children PIDs if they didn't leave yet. |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 504 | */ |
William Lallemand | a57b7e3 | 2018-12-14 21:11:31 +0100 | [diff] [blame] | 505 | void mworker_reload() |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 506 | { |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 507 | char **next_argv = NULL; |
| 508 | int old_argc = 0; /* previous number of argument */ |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 509 | int next_argc = 0; |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 510 | int i = 0; |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 511 | char *msg = NULL; |
Willy Tarreau | 8dca195 | 2019-03-01 10:21:55 +0100 | [diff] [blame] | 512 | struct rlimit limit; |
William Lallemand | 7c756a8 | 2018-11-26 11:53:40 +0100 | [diff] [blame] | 513 | struct per_thread_deinit_fct *ptdf; |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 514 | |
| 515 | mworker_block_signals(); |
Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 516 | #if defined(USE_SYSTEMD) |
| 517 | if (global.tune.options & GTUNE_USE_SYSTEMD) |
| 518 | sd_notify(0, "RELOADING=1"); |
| 519 | #endif |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 520 | setenv("HAPROXY_MWORKER_REEXEC", "1", 1); |
| 521 | |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 522 | mworker_proc_list_to_env(); /* put the children description in the env */ |
| 523 | |
William Lallemand | 7c756a8 | 2018-11-26 11:53:40 +0100 | [diff] [blame] | 524 | /* during the reload we must ensure that every FDs that can't be |
| 525 | * reuse (ie those that are not referenced in the proc_list) |
| 526 | * are closed or they will leak. */ |
| 527 | |
| 528 | /* close the listeners FD */ |
| 529 | mworker_cli_proxy_stop(); |
William Lallemand | 1686667 | 2019-06-24 17:40:48 +0200 | [diff] [blame] | 530 | |
| 531 | if (getenv("HAPROXY_MWORKER_WAIT_ONLY") == NULL) { |
| 532 | /* close the poller FD and the thread waker pipe FD */ |
| 533 | list_for_each_entry(ptdf, &per_thread_deinit_list, list) |
| 534 | ptdf->fct(); |
| 535 | if (fdtab) |
| 536 | deinit_pollers(); |
| 537 | } |
Ilya Shipitsin | 98a9e1b | 2021-02-19 23:42:53 +0500 | [diff] [blame] | 538 | #ifdef HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN |
William Lallemand | 5fdb5b3 | 2019-10-15 14:04:08 +0200 | [diff] [blame] | 539 | /* close random device FDs */ |
| 540 | RAND_keep_random_devices_open(0); |
Rob Allen | 56996da | 2019-05-03 09:11:32 +0100 | [diff] [blame] | 541 | #endif |
William Lallemand | 7c756a8 | 2018-11-26 11:53:40 +0100 | [diff] [blame] | 542 | |
Willy Tarreau | 8dca195 | 2019-03-01 10:21:55 +0100 | [diff] [blame] | 543 | /* restore the initial FD limits */ |
| 544 | limit.rlim_cur = rlim_fd_cur_at_boot; |
| 545 | limit.rlim_max = rlim_fd_max_at_boot; |
| 546 | if (setrlimit(RLIMIT_NOFILE, &limit) == -1) { |
| 547 | getrlimit(RLIMIT_NOFILE, &limit); |
| 548 | ha_warning("Failed to restore initial FD limits (cur=%u max=%u), using cur=%u max=%u\n", |
| 549 | rlim_fd_cur_at_boot, rlim_fd_max_at_boot, |
| 550 | (unsigned int)limit.rlim_cur, (unsigned int)limit.rlim_max); |
| 551 | } |
| 552 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 553 | /* compute length */ |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 554 | while (old_argv[old_argc]) |
| 555 | old_argc++; |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 556 | |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 557 | /* 1 for haproxy -sf, 2 for -x /socket */ |
Tim Duesterhus | e52b6e5 | 2020-09-12 20:26:43 +0200 | [diff] [blame] | 558 | next_argv = calloc(old_argc + 1 + 2 + mworker_child_nb() + nb_oldpids + 1, |
| 559 | sizeof(*next_argv)); |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 560 | if (next_argv == NULL) |
| 561 | goto alloc_error; |
| 562 | |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 563 | /* copy the program name */ |
| 564 | next_argv[next_argc++] = old_argv[0]; |
| 565 | |
| 566 | /* insert the new options just after argv[0] in case we have a -- */ |
| 567 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 568 | /* add -sf <PID>* to argv */ |
William Lallemand | 3f12887 | 2019-04-01 11:29:59 +0200 | [diff] [blame] | 569 | if (mworker_child_nb() > 0) { |
| 570 | struct mworker_proc *child; |
| 571 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 572 | next_argv[next_argc++] = "-sf"; |
William Lallemand | 3f12887 | 2019-04-01 11:29:59 +0200 | [diff] [blame] | 573 | |
| 574 | list_for_each_entry(child, &proc_list, list) { |
William Lallemand | 677e2f2 | 2019-11-19 17:04:18 +0100 | [diff] [blame] | 575 | if (!(child->options & (PROC_O_TYPE_WORKER|PROC_O_TYPE_PROG)) || child->pid <= -1 ) |
William Lallemand | 3f12887 | 2019-04-01 11:29:59 +0200 | [diff] [blame] | 576 | continue; |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 577 | if ((next_argv[next_argc++] = memprintf(&msg, "%d", child->pid)) == NULL) |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 578 | goto alloc_error; |
| 579 | msg = NULL; |
| 580 | } |
| 581 | } |
William Lallemand | 2bf6d62 | 2017-06-20 11:20:23 +0200 | [diff] [blame] | 582 | /* add the -x option with the stat socket */ |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 583 | if (cur_unixsocket) { |
William Lallemand | 2bf6d62 | 2017-06-20 11:20:23 +0200 | [diff] [blame] | 584 | next_argv[next_argc++] = "-x"; |
| 585 | next_argv[next_argc++] = (char *)cur_unixsocket; |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 586 | } |
| 587 | |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 588 | /* copy the previous options */ |
| 589 | for (i = 1; i < old_argc; i++) |
| 590 | next_argv[next_argc++] = old_argv[i]; |
| 591 | |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 592 | ha_warning("Reexecuting Master process\n"); |
Willy Tarreau | e0d86e2 | 2019-08-26 10:37:39 +0200 | [diff] [blame] | 593 | signal(SIGPROF, SIG_IGN); |
Tim Duesterhus | 0436ab7 | 2017-11-12 17:39:18 +0100 | [diff] [blame] | 594 | execvp(next_argv[0], next_argv); |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 595 | |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 596 | ha_warning("Failed to reexecute the master process [%d]: %s\n", pid, strerror(errno)); |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 597 | ha_free(&next_argv); |
William Lallemand | 722d4ca | 2017-11-15 19:02:55 +0100 | [diff] [blame] | 598 | return; |
| 599 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 600 | alloc_error: |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 601 | ha_free(&next_argv); |
Joseph Herlant | 07a0834 | 2018-11-15 10:43:05 -0800 | [diff] [blame] | 602 | ha_warning("Failed to reexecute the master process [%d]: Cannot allocate memory\n", pid); |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 603 | return; |
| 604 | } |
| 605 | |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 606 | static void mworker_loop() |
| 607 | { |
| 608 | |
| 609 | #if defined(USE_SYSTEMD) |
| 610 | if (global.tune.options & GTUNE_USE_SYSTEMD) |
| 611 | sd_notifyf(0, "READY=1\nMAINPID=%lu", (unsigned long)getpid()); |
| 612 | #endif |
Willy Tarreau | d83b6c1 | 2019-04-18 11:31:36 +0200 | [diff] [blame] | 613 | /* Busy polling makes no sense in the master :-) */ |
| 614 | global.tune.options &= ~GTUNE_BUSY_POLLING; |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 615 | |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 616 | master = 1; |
| 617 | |
Willy Tarreau | d26c9f9 | 2019-12-11 14:24:07 +0100 | [diff] [blame] | 618 | signal_unregister(SIGTTIN); |
| 619 | signal_unregister(SIGTTOU); |
William Lallemand | 0564d41 | 2018-11-20 17:36:53 +0100 | [diff] [blame] | 620 | signal_unregister(SIGUSR1); |
| 621 | signal_unregister(SIGHUP); |
| 622 | signal_unregister(SIGQUIT); |
| 623 | |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 624 | signal_register_fct(SIGTERM, mworker_catch_sigterm, SIGTERM); |
| 625 | signal_register_fct(SIGUSR1, mworker_catch_sigterm, SIGUSR1); |
Willy Tarreau | d26c9f9 | 2019-12-11 14:24:07 +0100 | [diff] [blame] | 626 | signal_register_fct(SIGTTIN, mworker_broadcast_signal, SIGTTIN); |
| 627 | signal_register_fct(SIGTTOU, mworker_broadcast_signal, SIGTTOU); |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 628 | signal_register_fct(SIGINT, mworker_catch_sigterm, SIGINT); |
| 629 | signal_register_fct(SIGHUP, mworker_catch_sighup, SIGHUP); |
| 630 | signal_register_fct(SIGUSR2, mworker_catch_sighup, SIGUSR2); |
| 631 | signal_register_fct(SIGCHLD, mworker_catch_sigchld, SIGCHLD); |
| 632 | |
| 633 | mworker_unblock_signals(); |
| 634 | mworker_cleanlisteners(); |
William Lallemand | 27f3fa5 | 2018-12-06 14:05:20 +0100 | [diff] [blame] | 635 | mworker_cleantasks(); |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 636 | |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 637 | mworker_catch_sigchld(NULL); /* ensure we clean the children in case |
| 638 | some SIGCHLD were lost */ |
| 639 | |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 640 | global.nbthread = 1; |
| 641 | relative_pid = 1; |
| 642 | pid_bit = 1; |
Willy Tarreau | a38a717 | 2019-02-02 17:11:28 +0100 | [diff] [blame] | 643 | all_proc_mask = 1; |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 644 | |
William Lallemand | 2672eb9 | 2018-12-14 15:52:39 +0100 | [diff] [blame] | 645 | #ifdef USE_THREAD |
| 646 | tid_bit = 1; |
| 647 | all_threads_mask = 1; |
| 648 | #endif |
| 649 | |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 650 | jobs++; /* this is the "master" job, we want to take care of the |
| 651 | signals even if there is no listener so the poll loop don't |
| 652 | leave */ |
| 653 | |
| 654 | fork_poller(); |
Willy Tarreau | b4f7cc3 | 2019-05-03 09:27:30 +0200 | [diff] [blame] | 655 | run_thread_poll_loop(0); |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 656 | } |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 657 | |
| 658 | /* |
| 659 | * Reexec the process in failure mode, instead of exiting |
| 660 | */ |
| 661 | void reexec_on_failure() |
| 662 | { |
| 663 | if (!atexit_flag) |
| 664 | return; |
| 665 | |
| 666 | setenv("HAPROXY_MWORKER_WAIT_ONLY", "1", 1); |
| 667 | |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 668 | ha_warning("Reexecuting Master process in waitpid mode\n"); |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 669 | mworker_reload(); |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 670 | } |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 671 | |
| 672 | |
| 673 | /* |
Willy Tarreau | d0807c3 | 2010-08-27 18:26:11 +0200 | [diff] [blame] | 674 | * upon SIGUSR1, let's have a soft stop. Note that soft_stop() broadcasts |
| 675 | * a signal zero to all subscribers. This means that it's as easy as |
| 676 | * subscribing to signal 0 to get informed about an imminent shutdown. |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 677 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 678 | static void sig_soft_stop(struct sig_handler *sh) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 679 | { |
| 680 | soft_stop(); |
Willy Tarreau | 24f4efa | 2010-08-27 17:56:48 +0200 | [diff] [blame] | 681 | signal_unregister_handler(sh); |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 682 | pool_gc(NULL); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 683 | } |
| 684 | |
| 685 | /* |
| 686 | * upon SIGTTOU, we pause everything |
| 687 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 688 | static void sig_pause(struct sig_handler *sh) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 689 | { |
Willy Tarreau | 775e001 | 2020-09-24 16:36:26 +0200 | [diff] [blame] | 690 | if (protocol_pause_all() & ERR_FATAL) { |
| 691 | const char *msg = "Some proxies refused to pause, performing soft stop now.\n"; |
Willy Tarreau | 0a002df | 2020-10-09 19:26:27 +0200 | [diff] [blame] | 692 | ha_warning("%s", msg); |
| 693 | send_log(NULL, LOG_WARNING, "%s", msg); |
Willy Tarreau | 775e001 | 2020-09-24 16:36:26 +0200 | [diff] [blame] | 694 | soft_stop(); |
| 695 | } |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 696 | pool_gc(NULL); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 697 | } |
| 698 | |
| 699 | /* |
| 700 | * upon SIGTTIN, let's have a soft stop. |
| 701 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 702 | static void sig_listen(struct sig_handler *sh) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 703 | { |
Willy Tarreau | 775e001 | 2020-09-24 16:36:26 +0200 | [diff] [blame] | 704 | if (protocol_resume_all() & ERR_FATAL) { |
| 705 | const char *msg = "Some proxies refused to resume, probably due to a conflict on a listening port. You may want to try again after the conflicting application is stopped, otherwise a restart might be needed to resume safe operations.\n"; |
Willy Tarreau | 0a002df | 2020-10-09 19:26:27 +0200 | [diff] [blame] | 706 | ha_warning("%s", msg); |
| 707 | send_log(NULL, LOG_WARNING, "%s", msg); |
Willy Tarreau | 775e001 | 2020-09-24 16:36:26 +0200 | [diff] [blame] | 708 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 709 | } |
| 710 | |
| 711 | /* |
| 712 | * this function dumps every server's state when the process receives SIGHUP. |
| 713 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 714 | static void sig_dump_state(struct sig_handler *sh) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 715 | { |
Olivier Houchard | fbc74e8 | 2017-11-24 16:54:05 +0100 | [diff] [blame] | 716 | struct proxy *p = proxies_list; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 717 | |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 718 | ha_warning("SIGHUP received, dumping servers states.\n"); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 719 | while (p) { |
| 720 | struct server *s = p->srv; |
| 721 | |
| 722 | send_log(p, LOG_NOTICE, "SIGHUP received, dumping servers states for proxy %s.\n", p->id); |
| 723 | while (s) { |
Willy Tarreau | 19d14ef | 2012-10-29 16:51:55 +0100 | [diff] [blame] | 724 | chunk_printf(&trash, |
| 725 | "SIGHUP: Server %s/%s is %s. Conn: %d act, %d pend, %lld tot.", |
| 726 | p->id, s->id, |
Emeric Brun | 52a91d3 | 2017-08-31 14:41:55 +0200 | [diff] [blame] | 727 | (s->cur_state != SRV_ST_STOPPED) ? "UP" : "DOWN", |
Willy Tarreau | 19d14ef | 2012-10-29 16:51:55 +0100 | [diff] [blame] | 728 | s->cur_sess, s->nbpend, s->counters.cum_sess); |
Willy Tarreau | 843b7cb | 2018-07-13 10:54:26 +0200 | [diff] [blame] | 729 | ha_warning("%s\n", trash.area); |
| 730 | send_log(p, LOG_NOTICE, "%s\n", trash.area); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 731 | s = s->next; |
| 732 | } |
| 733 | |
Willy Tarreau | 5fcc8f1 | 2007-09-17 11:27:09 +0200 | [diff] [blame] | 734 | /* FIXME: those info are a bit outdated. We should be able to distinguish between FE and BE. */ |
| 735 | if (!p->srv) { |
Willy Tarreau | 19d14ef | 2012-10-29 16:51:55 +0100 | [diff] [blame] | 736 | chunk_printf(&trash, |
| 737 | "SIGHUP: Proxy %s has no servers. Conn: act(FE+BE): %d+%d, %d pend (%d unass), tot(FE+BE): %lld+%lld.", |
| 738 | p->id, |
| 739 | p->feconn, p->beconn, p->totpend, p->nbpend, p->fe_counters.cum_conn, p->be_counters.cum_conn); |
Willy Tarreau | 5fcc8f1 | 2007-09-17 11:27:09 +0200 | [diff] [blame] | 740 | } else if (p->srv_act == 0) { |
Willy Tarreau | 19d14ef | 2012-10-29 16:51:55 +0100 | [diff] [blame] | 741 | chunk_printf(&trash, |
| 742 | "SIGHUP: Proxy %s %s ! Conn: act(FE+BE): %d+%d, %d pend (%d unass), tot(FE+BE): %lld+%lld.", |
| 743 | p->id, |
| 744 | (p->srv_bck) ? "is running on backup servers" : "has no server available", |
| 745 | p->feconn, p->beconn, p->totpend, p->nbpend, p->fe_counters.cum_conn, p->be_counters.cum_conn); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 746 | } else { |
Willy Tarreau | 19d14ef | 2012-10-29 16:51:55 +0100 | [diff] [blame] | 747 | chunk_printf(&trash, |
| 748 | "SIGHUP: Proxy %s has %d active servers and %d backup servers available." |
| 749 | " Conn: act(FE+BE): %d+%d, %d pend (%d unass), tot(FE+BE): %lld+%lld.", |
| 750 | p->id, p->srv_act, p->srv_bck, |
| 751 | p->feconn, p->beconn, p->totpend, p->nbpend, p->fe_counters.cum_conn, p->be_counters.cum_conn); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 752 | } |
Willy Tarreau | 843b7cb | 2018-07-13 10:54:26 +0200 | [diff] [blame] | 753 | ha_warning("%s\n", trash.area); |
| 754 | send_log(p, LOG_NOTICE, "%s\n", trash.area); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 755 | |
| 756 | p = p->next; |
| 757 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 758 | } |
| 759 | |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 760 | static void dump(struct sig_handler *sh) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 761 | { |
Willy Tarreau | c6ca1a0 | 2007-05-13 19:43:47 +0200 | [diff] [blame] | 762 | /* dump memory usage then free everything possible */ |
| 763 | dump_pools(); |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 764 | pool_gc(NULL); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 765 | } |
| 766 | |
William Lallemand | e134041 | 2017-12-28 16:09:36 +0100 | [diff] [blame] | 767 | /* |
| 768 | * This function dup2 the stdio FDs (0,1,2) with <fd>, then closes <fd> |
| 769 | * If <fd> < 0, it opens /dev/null and use it to dup |
| 770 | * |
| 771 | * In the case of chrooting, you have to open /dev/null before the chroot, and |
| 772 | * pass the <fd> to this function |
| 773 | */ |
| 774 | static void stdio_quiet(int fd) |
| 775 | { |
| 776 | if (fd < 0) |
| 777 | fd = open("/dev/null", O_RDWR, 0); |
| 778 | |
| 779 | if (fd > -1) { |
| 780 | fclose(stdin); |
| 781 | fclose(stdout); |
| 782 | fclose(stderr); |
| 783 | |
| 784 | dup2(fd, 0); |
| 785 | dup2(fd, 1); |
| 786 | dup2(fd, 2); |
| 787 | if (fd > 2) |
| 788 | close(fd); |
| 789 | return; |
| 790 | } |
| 791 | |
| 792 | ha_alert("Cannot open /dev/null\n"); |
| 793 | exit(EXIT_FAILURE); |
| 794 | } |
| 795 | |
| 796 | |
Joseph Herlant | 0342090 | 2018-11-15 10:41:50 -0800 | [diff] [blame] | 797 | /* This function checks if cfg_cfgfiles contains directories. |
| 798 | * If it finds one, it adds all the files (and only files) it contains |
| 799 | * in cfg_cfgfiles in place of the directory (and removes the directory). |
| 800 | * It adds the files in lexical order. |
| 801 | * It adds only files with .cfg extension. |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 802 | * It doesn't add files with name starting with '.' |
| 803 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 804 | static void cfgfiles_expand_directories(void) |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 805 | { |
| 806 | struct wordlist *wl, *wlb; |
| 807 | char *err = NULL; |
| 808 | |
| 809 | list_for_each_entry_safe(wl, wlb, &cfg_cfgfiles, list) { |
| 810 | struct stat file_stat; |
| 811 | struct dirent **dir_entries = NULL; |
| 812 | int dir_entries_nb; |
| 813 | int dir_entries_it; |
| 814 | |
| 815 | if (stat(wl->s, &file_stat)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 816 | ha_alert("Cannot open configuration file/directory %s : %s\n", |
| 817 | wl->s, |
| 818 | strerror(errno)); |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 819 | exit(1); |
| 820 | } |
| 821 | |
| 822 | if (!S_ISDIR(file_stat.st_mode)) |
| 823 | continue; |
| 824 | |
| 825 | /* from this point wl->s is a directory */ |
| 826 | |
| 827 | dir_entries_nb = scandir(wl->s, &dir_entries, NULL, alphasort); |
| 828 | if (dir_entries_nb < 0) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 829 | ha_alert("Cannot open configuration directory %s : %s\n", |
| 830 | wl->s, |
| 831 | strerror(errno)); |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 832 | exit(1); |
| 833 | } |
| 834 | |
| 835 | /* for each element in the directory wl->s */ |
| 836 | for (dir_entries_it = 0; dir_entries_it < dir_entries_nb; dir_entries_it++) { |
| 837 | struct dirent *dir_entry = dir_entries[dir_entries_it]; |
| 838 | char *filename = NULL; |
| 839 | char *d_name_cfgext = strstr(dir_entry->d_name, ".cfg"); |
| 840 | |
| 841 | /* don't add filename that begin with . |
Joseph Herlant | 0342090 | 2018-11-15 10:41:50 -0800 | [diff] [blame] | 842 | * only add filename with .cfg extension |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 843 | */ |
| 844 | if (dir_entry->d_name[0] == '.' || |
| 845 | !(d_name_cfgext && d_name_cfgext[4] == '\0')) |
| 846 | goto next_dir_entry; |
| 847 | |
| 848 | if (!memprintf(&filename, "%s/%s", wl->s, dir_entry->d_name)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 849 | ha_alert("Cannot load configuration files %s : out of memory.\n", |
| 850 | filename); |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 851 | exit(1); |
| 852 | } |
| 853 | |
| 854 | if (stat(filename, &file_stat)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 855 | ha_alert("Cannot open configuration file %s : %s\n", |
| 856 | wl->s, |
| 857 | strerror(errno)); |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 858 | exit(1); |
| 859 | } |
| 860 | |
| 861 | /* don't add anything else than regular file in cfg_cfgfiles |
| 862 | * this way we avoid loops |
| 863 | */ |
| 864 | if (!S_ISREG(file_stat.st_mode)) |
| 865 | goto next_dir_entry; |
| 866 | |
| 867 | if (!list_append_word(&wl->list, filename, &err)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 868 | ha_alert("Cannot load configuration files %s : %s\n", |
| 869 | filename, |
| 870 | err); |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 871 | exit(1); |
| 872 | } |
| 873 | |
| 874 | next_dir_entry: |
| 875 | free(filename); |
| 876 | free(dir_entry); |
| 877 | } |
| 878 | |
| 879 | free(dir_entries); |
| 880 | |
| 881 | /* remove the current directory (wl) from cfg_cfgfiles */ |
| 882 | free(wl->s); |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 883 | LIST_DELETE(&wl->list); |
Maxime de Roucy | 379d9c7 | 2016-05-13 23:52:56 +0200 | [diff] [blame] | 884 | free(wl); |
| 885 | } |
| 886 | |
| 887 | free(err); |
| 888 | } |
| 889 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 890 | /* |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 891 | * copy and cleanup the current argv |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 892 | * Remove the -sf /-st / -x parameters |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 893 | * Return an allocated copy of argv |
| 894 | */ |
| 895 | |
| 896 | static char **copy_argv(int argc, char **argv) |
| 897 | { |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 898 | char **newargv, **retargv; |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 899 | |
Tim Duesterhus | e52b6e5 | 2020-09-12 20:26:43 +0200 | [diff] [blame] | 900 | newargv = calloc(argc + 2, sizeof(*newargv)); |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 901 | if (newargv == NULL) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 902 | ha_warning("Cannot allocate memory\n"); |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 903 | return NULL; |
| 904 | } |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 905 | retargv = newargv; |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 906 | |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 907 | /* first copy argv[0] */ |
| 908 | *newargv++ = *argv++; |
| 909 | argc--; |
| 910 | |
| 911 | while (argc > 0) { |
| 912 | if (**argv != '-') { |
| 913 | /* non options are copied but will fail in the argument parser */ |
| 914 | *newargv++ = *argv++; |
| 915 | argc--; |
| 916 | |
| 917 | } else { |
| 918 | char *flag; |
| 919 | |
| 920 | flag = *argv + 1; |
| 921 | |
| 922 | if (flag[0] == '-' && flag[1] == 0) { |
| 923 | /* "--\0" copy every arguments till the end of argv */ |
| 924 | *newargv++ = *argv++; |
| 925 | argc--; |
| 926 | |
| 927 | while (argc > 0) { |
| 928 | *newargv++ = *argv++; |
| 929 | argc--; |
| 930 | } |
| 931 | } else { |
| 932 | switch (*flag) { |
| 933 | case 's': |
| 934 | /* -sf / -st and their parameters are ignored */ |
| 935 | if (flag[1] == 'f' || flag[1] == 't') { |
| 936 | argc--; |
| 937 | argv++; |
| 938 | /* The list can't contain a negative value since the only |
| 939 | way to know the end of this list is by looking for the |
| 940 | next option or the end of the options */ |
| 941 | while (argc > 0 && argv[0][0] != '-') { |
| 942 | argc--; |
| 943 | argv++; |
| 944 | } |
William Lallemand | 398da62 | 2020-09-02 16:12:23 +0200 | [diff] [blame] | 945 | } else { |
| 946 | argc--; |
| 947 | argv++; |
| 948 | |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 949 | } |
| 950 | break; |
| 951 | |
| 952 | case 'x': |
| 953 | /* this option and its parameter are ignored */ |
| 954 | argc--; |
| 955 | argv++; |
| 956 | if (argc > 0) { |
| 957 | argc--; |
| 958 | argv++; |
| 959 | } |
| 960 | break; |
| 961 | |
| 962 | case 'C': |
| 963 | case 'n': |
| 964 | case 'm': |
| 965 | case 'N': |
| 966 | case 'L': |
| 967 | case 'f': |
| 968 | case 'p': |
| 969 | case 'S': |
| 970 | /* these options have only 1 parameter which must be copied and can start with a '-' */ |
| 971 | *newargv++ = *argv++; |
| 972 | argc--; |
| 973 | if (argc == 0) |
| 974 | goto error; |
| 975 | *newargv++ = *argv++; |
| 976 | argc--; |
| 977 | break; |
| 978 | default: |
| 979 | /* for other options just copy them without parameters, this is also done |
| 980 | * for options like "--foo", but this will fail in the argument parser. |
| 981 | * */ |
| 982 | *newargv++ = *argv++; |
| 983 | argc--; |
| 984 | break; |
| 985 | } |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 986 | } |
| 987 | } |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 988 | } |
William Lallemand | 2bf6d62 | 2017-06-20 11:20:23 +0200 | [diff] [blame] | 989 | |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 990 | return retargv; |
| 991 | |
| 992 | error: |
| 993 | free(retargv); |
| 994 | return NULL; |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 995 | } |
| 996 | |
Willy Tarreau | 6c3a681 | 2020-03-06 18:57:15 +0100 | [diff] [blame] | 997 | |
| 998 | /* Performs basic random seed initialization. The main issue with this is that |
| 999 | * srandom_r() only takes 32 bits and purposely provides a reproducible sequence, |
| 1000 | * which means that there will only be 4 billion possible random sequences once |
| 1001 | * srandom() is called, regardless of the internal state. Not calling it is |
| 1002 | * even worse as we'll always produce the same randoms sequences. What we do |
| 1003 | * here is to create an initial sequence from various entropy sources, hash it |
| 1004 | * using SHA1 and keep the resulting 160 bits available globally. |
| 1005 | * |
| 1006 | * We initialize the current process with the first 32 bits before starting the |
| 1007 | * polling loop, where all this will be changed to have process specific and |
| 1008 | * thread specific sequences. |
Willy Tarreau | 52bf839 | 2020-03-08 00:42:37 +0100 | [diff] [blame] | 1009 | * |
| 1010 | * Before starting threads, it's still possible to call random() as srandom() |
| 1011 | * is initialized from this, but after threads and/or processes are started, |
| 1012 | * only ha_random() is expected to be used to guarantee distinct sequences. |
Willy Tarreau | 6c3a681 | 2020-03-06 18:57:15 +0100 | [diff] [blame] | 1013 | */ |
| 1014 | static void ha_random_boot(char *const *argv) |
| 1015 | { |
| 1016 | unsigned char message[256]; |
| 1017 | unsigned char *m = message; |
| 1018 | struct timeval tv; |
| 1019 | blk_SHA_CTX ctx; |
| 1020 | unsigned long l; |
| 1021 | int fd; |
| 1022 | int i; |
| 1023 | |
| 1024 | /* start with current time as pseudo-random seed */ |
| 1025 | gettimeofday(&tv, NULL); |
| 1026 | write_u32(m, tv.tv_sec); m += 4; |
| 1027 | write_u32(m, tv.tv_usec); m += 4; |
| 1028 | |
| 1029 | /* PID and PPID add some OS-based randomness */ |
| 1030 | write_u16(m, getpid()); m += 2; |
| 1031 | write_u16(m, getppid()); m += 2; |
| 1032 | |
| 1033 | /* take up to 160 bits bytes from /dev/urandom if available (non-blocking) */ |
| 1034 | fd = open("/dev/urandom", O_RDONLY); |
| 1035 | if (fd >= 0) { |
| 1036 | i = read(fd, m, 20); |
| 1037 | if (i > 0) |
| 1038 | m += i; |
| 1039 | close(fd); |
| 1040 | } |
| 1041 | |
| 1042 | /* take up to 160 bits bytes from openssl (non-blocking) */ |
| 1043 | #ifdef USE_OPENSSL |
| 1044 | if (RAND_bytes(m, 20) == 1) |
| 1045 | m += 20; |
| 1046 | #endif |
| 1047 | |
| 1048 | /* take 160 bits from existing random in case it was already initialized */ |
| 1049 | for (i = 0; i < 5; i++) { |
| 1050 | write_u32(m, random()); |
| 1051 | m += 4; |
| 1052 | } |
| 1053 | |
| 1054 | /* stack address (benefit form operating system's ASLR) */ |
| 1055 | l = (unsigned long)&m; |
| 1056 | memcpy(m, &l, sizeof(l)); m += sizeof(l); |
| 1057 | |
| 1058 | /* argv address (benefit form operating system's ASLR) */ |
| 1059 | l = (unsigned long)&argv; |
| 1060 | memcpy(m, &l, sizeof(l)); m += sizeof(l); |
| 1061 | |
| 1062 | /* use tv_usec again after all the operations above */ |
| 1063 | gettimeofday(&tv, NULL); |
| 1064 | write_u32(m, tv.tv_usec); m += 4; |
| 1065 | |
| 1066 | /* |
| 1067 | * At this point, ~84-92 bytes have been used |
| 1068 | */ |
| 1069 | |
| 1070 | /* finish with the hostname */ |
| 1071 | strncpy((char *)m, hostname, message + sizeof(message) - m); |
| 1072 | m += strlen(hostname); |
| 1073 | |
| 1074 | /* total message length */ |
| 1075 | l = m - message; |
| 1076 | |
| 1077 | memset(&ctx, 0, sizeof(ctx)); |
| 1078 | blk_SHA1_Init(&ctx); |
| 1079 | blk_SHA1_Update(&ctx, message, l); |
| 1080 | blk_SHA1_Final(boot_seed, &ctx); |
| 1081 | |
| 1082 | srandom(read_u32(boot_seed)); |
Willy Tarreau | 52bf839 | 2020-03-08 00:42:37 +0100 | [diff] [blame] | 1083 | ha_random_seed(boot_seed, sizeof(boot_seed)); |
Willy Tarreau | 6c3a681 | 2020-03-06 18:57:15 +0100 | [diff] [blame] | 1084 | } |
| 1085 | |
Willy Tarreau | 5a023f0 | 2019-03-01 14:19:31 +0100 | [diff] [blame] | 1086 | /* considers splicing proxies' maxconn, computes the ideal global.maxpipes |
| 1087 | * setting, and returns it. It may return -1 meaning "unlimited" if some |
| 1088 | * unlimited proxies have been found and the global.maxconn value is not yet |
| 1089 | * set. It may also return a value greater than maxconn if it's not yet set. |
| 1090 | * Note that a value of zero means there is no need for pipes. -1 is never |
| 1091 | * returned if global.maxconn is valid. |
| 1092 | */ |
| 1093 | static int compute_ideal_maxpipes() |
| 1094 | { |
| 1095 | struct proxy *cur; |
| 1096 | int nbfe = 0, nbbe = 0; |
| 1097 | int unlimited = 0; |
| 1098 | int pipes; |
| 1099 | int max; |
| 1100 | |
| 1101 | for (cur = proxies_list; cur; cur = cur->next) { |
| 1102 | if (cur->options2 & (PR_O2_SPLIC_ANY)) { |
| 1103 | if (cur->cap & PR_CAP_FE) { |
| 1104 | max = cur->maxconn; |
| 1105 | nbfe += max; |
| 1106 | if (!max) { |
| 1107 | unlimited = 1; |
| 1108 | break; |
| 1109 | } |
| 1110 | } |
| 1111 | if (cur->cap & PR_CAP_BE) { |
| 1112 | max = cur->fullconn ? cur->fullconn : global.maxconn; |
| 1113 | nbbe += max; |
| 1114 | if (!max) { |
| 1115 | unlimited = 1; |
| 1116 | break; |
| 1117 | } |
| 1118 | } |
| 1119 | } |
| 1120 | } |
| 1121 | |
| 1122 | pipes = MAX(nbfe, nbbe); |
| 1123 | if (global.maxconn) { |
| 1124 | if (pipes > global.maxconn || unlimited) |
| 1125 | pipes = global.maxconn; |
| 1126 | } else if (unlimited) { |
| 1127 | pipes = -1; |
| 1128 | } |
| 1129 | |
| 1130 | return pipes >= 4 ? pipes / 4 : pipes; |
| 1131 | } |
| 1132 | |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1133 | /* considers global.maxsocks, global.maxpipes, async engines, SSL frontends and |
| 1134 | * rlimits and computes an ideal maxconn. It's meant to be called only when |
| 1135 | * maxsock contains the sum of listening FDs, before it is updated based on |
Willy Tarreau | df23c0c | 2019-03-13 10:10:49 +0100 | [diff] [blame] | 1136 | * maxconn and pipes. If there are not enough FDs left, DEFAULT_MAXCONN (by |
| 1137 | * default 100) is returned as it is expected that it will even run on tight |
| 1138 | * environments, and will maintain compatibility with previous packages that |
| 1139 | * used to rely on this value as the default one. The system will emit a |
| 1140 | * warning indicating how many FDs are missing anyway if needed. |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1141 | */ |
| 1142 | static int compute_ideal_maxconn() |
| 1143 | { |
| 1144 | int ssl_sides = !!global.ssl_used_frontend + !!global.ssl_used_backend; |
| 1145 | int engine_fds = global.ssl_used_async_engines * ssl_sides; |
| 1146 | int pipes = compute_ideal_maxpipes(); |
Willy Tarreau | b1beaa3 | 2020-03-06 10:25:31 +0100 | [diff] [blame] | 1147 | int remain = MAX(rlim_fd_cur_at_boot, rlim_fd_max_at_boot); |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1148 | int maxconn; |
| 1149 | |
| 1150 | /* we have to take into account these elements : |
| 1151 | * - number of engine_fds, which inflates the number of FD needed per |
| 1152 | * connection by this number. |
| 1153 | * - number of pipes per connection on average : for the unlimited |
| 1154 | * case, this is 0.5 pipe FDs per connection, otherwise it's a |
| 1155 | * fixed value of 2*pipes. |
| 1156 | * - two FDs per connection |
| 1157 | */ |
| 1158 | |
| 1159 | /* subtract listeners and checks */ |
| 1160 | remain -= global.maxsock; |
| 1161 | |
Willy Tarreau | 3f20085 | 2019-03-14 19:13:17 +0100 | [diff] [blame] | 1162 | /* one epoll_fd/kqueue_fd per thread */ |
| 1163 | remain -= global.nbthread; |
| 1164 | |
| 1165 | /* one wake-up pipe (2 fd) per thread */ |
| 1166 | remain -= 2 * global.nbthread; |
| 1167 | |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1168 | /* Fixed pipes values : we only subtract them if they're not larger |
| 1169 | * than the remaining FDs because pipes are optional. |
| 1170 | */ |
| 1171 | if (pipes >= 0 && pipes * 2 < remain) |
| 1172 | remain -= pipes * 2; |
| 1173 | |
| 1174 | if (pipes < 0) { |
| 1175 | /* maxsock = maxconn * 2 + maxconn/4 * 2 + maxconn * engine_fds. |
| 1176 | * = maxconn * (2 + 0.5 + engine_fds) |
| 1177 | * = maxconn * (4 + 1 + 2*engine_fds) / 2 |
| 1178 | */ |
| 1179 | maxconn = 2 * remain / (5 + 2 * engine_fds); |
| 1180 | } else { |
| 1181 | /* maxsock = maxconn * 2 + maxconn * engine_fds. |
| 1182 | * = maxconn * (2 + engine_fds) |
| 1183 | */ |
| 1184 | maxconn = remain / (2 + engine_fds); |
| 1185 | } |
| 1186 | |
Willy Tarreau | df23c0c | 2019-03-13 10:10:49 +0100 | [diff] [blame] | 1187 | return MAX(maxconn, DEFAULT_MAXCONN); |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1188 | } |
| 1189 | |
Willy Tarreau | a409f30 | 2020-03-10 17:08:53 +0100 | [diff] [blame] | 1190 | /* computes the estimated maxsock value for the given maxconn based on the |
| 1191 | * possibly set global.maxpipes and existing partial global.maxsock. It may |
| 1192 | * temporarily change global.maxconn for the time needed to propagate the |
| 1193 | * computations, and will reset it. |
| 1194 | */ |
| 1195 | static int compute_ideal_maxsock(int maxconn) |
| 1196 | { |
| 1197 | int maxpipes = global.maxpipes; |
| 1198 | int maxsock = global.maxsock; |
| 1199 | |
| 1200 | |
| 1201 | if (!maxpipes) { |
| 1202 | int old_maxconn = global.maxconn; |
| 1203 | |
| 1204 | global.maxconn = maxconn; |
| 1205 | maxpipes = compute_ideal_maxpipes(); |
| 1206 | global.maxconn = old_maxconn; |
| 1207 | } |
| 1208 | |
| 1209 | maxsock += maxconn * 2; /* each connection needs two sockets */ |
| 1210 | maxsock += maxpipes * 2; /* each pipe needs two FDs */ |
| 1211 | maxsock += global.nbthread; /* one epoll_fd/kqueue_fd per thread */ |
| 1212 | maxsock += 2 * global.nbthread; /* one wake-up pipe (2 fd) per thread */ |
| 1213 | |
| 1214 | /* compute fd used by async engines */ |
| 1215 | if (global.ssl_used_async_engines) { |
| 1216 | int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend; |
| 1217 | |
| 1218 | maxsock += maxconn * sides * global.ssl_used_async_engines; |
| 1219 | } |
| 1220 | return maxsock; |
| 1221 | } |
| 1222 | |
Thayne McCombs | 8f0cc5c | 2021-01-07 21:35:52 -0700 | [diff] [blame] | 1223 | /* Tests if it is possible to set the current process's RLIMIT_NOFILE to |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1224 | * <maxsock>, then sets it back to the previous value. Returns non-zero if the |
| 1225 | * value is accepted, non-zero otherwise. This is used to determine if an |
| 1226 | * automatic limit may be applied or not. When it is not, the caller knows that |
| 1227 | * the highest we can do is the rlim_max at boot. In case of error, we return |
| 1228 | * that the setting is possible, so that we defer the error processing to the |
| 1229 | * final stage in charge of enforcing this. |
| 1230 | */ |
| 1231 | static int check_if_maxsock_permitted(int maxsock) |
| 1232 | { |
| 1233 | struct rlimit orig_limit, test_limit; |
| 1234 | int ret; |
| 1235 | |
| 1236 | if (getrlimit(RLIMIT_NOFILE, &orig_limit) != 0) |
| 1237 | return 1; |
| 1238 | |
| 1239 | /* don't go further if we can't even set to what we have */ |
| 1240 | if (setrlimit(RLIMIT_NOFILE, &orig_limit) != 0) |
| 1241 | return 1; |
| 1242 | |
| 1243 | test_limit.rlim_max = MAX(maxsock, orig_limit.rlim_max); |
| 1244 | test_limit.rlim_cur = test_limit.rlim_max; |
| 1245 | ret = setrlimit(RLIMIT_NOFILE, &test_limit); |
| 1246 | |
| 1247 | if (setrlimit(RLIMIT_NOFILE, &orig_limit) != 0) |
| 1248 | return 1; |
| 1249 | |
| 1250 | return ret == 0; |
| 1251 | } |
| 1252 | |
| 1253 | |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 1254 | /* |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1255 | * This function initializes all the necessary variables. It only returns |
| 1256 | * if everything is OK. If something fails, it exits. |
| 1257 | */ |
Willy Tarreau | 1b5af7c | 2016-12-21 18:19:57 +0100 | [diff] [blame] | 1258 | static void init(int argc, char **argv) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1259 | { |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1260 | int arg_mode = 0; /* MODE_DEBUG, ... */ |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1261 | char *tmp; |
| 1262 | char *cfg_pidfile = NULL; |
Willy Tarreau | 058e907 | 2009-07-20 09:30:05 +0200 | [diff] [blame] | 1263 | int err_code = 0; |
Maxime de Roucy | 0f50392 | 2016-05-13 23:52:55 +0200 | [diff] [blame] | 1264 | char *err_msg = NULL; |
Willy Tarreau | 477ecd8 | 2010-01-03 21:12:30 +0100 | [diff] [blame] | 1265 | struct wordlist *wl; |
Kevinm | 48936af | 2010-12-22 16:08:21 +0000 | [diff] [blame] | 1266 | char *progname; |
Willy Tarreau | 576132e | 2011-09-10 19:26:56 +0200 | [diff] [blame] | 1267 | char *change_dir = NULL; |
Christopher Faulet | d7c9196 | 2015-04-30 11:48:27 +0200 | [diff] [blame] | 1268 | struct proxy *px; |
Willy Tarreau | e694573 | 2016-12-21 19:57:00 +0100 | [diff] [blame] | 1269 | struct post_check_fct *pcf; |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1270 | int ideal_maxconn; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1271 | |
Christopher Faulet | e3a5e35 | 2017-10-24 13:53:54 +0200 | [diff] [blame] | 1272 | global.mode = MODE_STARTING; |
William Lallemand | 0041741 | 2020-06-05 14:08:41 +0200 | [diff] [blame] | 1273 | old_argv = copy_argv(argc, argv); |
| 1274 | if (!old_argv) { |
William Lallemand | df6c5a8 | 2020-06-04 17:40:23 +0200 | [diff] [blame] | 1275 | ha_alert("failed to copy argv.\n"); |
| 1276 | exit(1); |
| 1277 | } |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 1278 | |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 1279 | if (!init_trash_buffers(1)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1280 | ha_alert("failed to initialize trash buffers.\n"); |
Christopher Faulet | 748919a | 2017-07-26 14:59:46 +0200 | [diff] [blame] | 1281 | exit(1); |
| 1282 | } |
David du Colombier | 7af4605 | 2012-05-16 14:16:48 +0200 | [diff] [blame] | 1283 | |
Emeric Brun | 2b920a1 | 2010-09-23 18:30:22 +0200 | [diff] [blame] | 1284 | /* NB: POSIX does not make it mandatory for gethostname() to NULL-terminate |
| 1285 | * the string in case of truncation, and at least FreeBSD appears not to do |
| 1286 | * it. |
| 1287 | */ |
| 1288 | memset(hostname, 0, sizeof(hostname)); |
| 1289 | gethostname(hostname, sizeof(hostname) - 1); |
Dragan Dosen | 4f01415 | 2020-06-18 16:56:47 +0200 | [diff] [blame] | 1290 | |
| 1291 | if ((localpeer = strdup(hostname)) == NULL) { |
| 1292 | ha_alert("Cannot allocate memory for local peer.\n"); |
| 1293 | exit(EXIT_FAILURE); |
| 1294 | } |
William Lallemand | daf4cd2 | 2018-04-17 16:46:13 +0200 | [diff] [blame] | 1295 | setenv("HAPROXY_LOCALPEER", localpeer, 1); |
Emeric Brun | 2b920a1 | 2010-09-23 18:30:22 +0200 | [diff] [blame] | 1296 | |
William Lallemand | 24c928c | 2020-01-14 17:58:18 +0100 | [diff] [blame] | 1297 | /* we were in mworker mode, we should restart in mworker mode */ |
| 1298 | if (getenv("HAPROXY_MWORKER_REEXEC") != NULL) |
| 1299 | global.mode |= MODE_MWORKER; |
| 1300 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1301 | /* |
| 1302 | * Initialize the previously static variables. |
| 1303 | */ |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 1304 | |
Willy Tarreau | 173d995 | 2018-01-26 21:48:23 +0100 | [diff] [blame] | 1305 | totalconn = actconn = listeners = stopping = 0; |
Cyril Bonté | 203ec5a | 2017-03-23 22:44:13 +0100 | [diff] [blame] | 1306 | killed = 0; |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 1307 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1308 | |
| 1309 | #ifdef HAPROXY_MEMMAX |
Willy Tarreau | 7006045 | 2015-12-14 12:46:07 +0100 | [diff] [blame] | 1310 | global.rlimit_memmax_all = HAPROXY_MEMMAX; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1311 | #endif |
| 1312 | |
Benoit GARNIER | b413c2a | 2016-03-27 11:08:03 +0200 | [diff] [blame] | 1313 | tzset(); |
Willy Tarreau | c4c80fb | 2021-04-11 15:00:34 +0200 | [diff] [blame] | 1314 | tv_init_process_date(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1315 | start_date = now; |
| 1316 | |
Willy Tarreau | 6c3a681 | 2020-03-06 18:57:15 +0100 | [diff] [blame] | 1317 | ha_random_boot(argv); |
Willy Tarreau | 84310e2 | 2014-02-14 11:59:04 +0100 | [diff] [blame] | 1318 | |
Willy Tarreau | 8ed669b | 2013-01-11 15:49:37 +0100 | [diff] [blame] | 1319 | if (init_acl() != 0) |
| 1320 | exit(1); |
Willy Tarreau | b6b3df3 | 2018-11-26 16:31:20 +0100 | [diff] [blame] | 1321 | |
Thierry FOURNIER | 6f1fd48 | 2015-01-23 14:06:13 +0100 | [diff] [blame] | 1322 | /* Initialise lua. */ |
| 1323 | hlua_init(); |
Thierry FOURNIER | 6f1fd48 | 2015-01-23 14:06:13 +0100 | [diff] [blame] | 1324 | |
Christopher Faulet | ff2613e | 2016-11-09 11:36:17 +0100 | [diff] [blame] | 1325 | /* Initialize process vars */ |
| 1326 | vars_init(&global.vars, SCOPE_PROC); |
| 1327 | |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1328 | global.tune.options |= GTUNE_USE_SELECT; /* select() is always available */ |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1329 | #if defined(USE_POLL) |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1330 | global.tune.options |= GTUNE_USE_POLL; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1331 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1332 | #if defined(USE_EPOLL) |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1333 | global.tune.options |= GTUNE_USE_EPOLL; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1334 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1335 | #if defined(USE_KQUEUE) |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1336 | global.tune.options |= GTUNE_USE_KQUEUE; |
Willy Tarreau | 1e63130a | 2007-04-09 12:03:06 +0200 | [diff] [blame] | 1337 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1338 | #if defined(USE_EVPORTS) |
Emmanuel Hocdet | 0ba4f48 | 2019-04-08 16:53:32 +0000 | [diff] [blame] | 1339 | global.tune.options |= GTUNE_USE_EVPORTS; |
| 1340 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1341 | #if defined(USE_LINUX_SPLICE) |
Willy Tarreau | 3ab68cf | 2009-01-25 16:03:28 +0100 | [diff] [blame] | 1342 | global.tune.options |= GTUNE_USE_SPLICE; |
| 1343 | #endif |
Nenad Merdanovic | 88afe03 | 2014-04-14 15:56:58 +0200 | [diff] [blame] | 1344 | #if defined(USE_GETADDRINFO) |
| 1345 | global.tune.options |= GTUNE_USE_GAI; |
| 1346 | #endif |
Lukas Tribus | a0bcbdc | 2016-09-12 21:42:20 +0000 | [diff] [blame] | 1347 | #if defined(SO_REUSEPORT) |
| 1348 | global.tune.options |= GTUNE_USE_REUSEPORT; |
| 1349 | #endif |
Willy Tarreau | 76cc699 | 2020-07-01 18:49:24 +0200 | [diff] [blame] | 1350 | #ifdef USE_THREAD |
| 1351 | global.tune.options |= GTUNE_IDLE_POOL_SHARED; |
| 1352 | #endif |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 1353 | global.tune.options |= GTUNE_STRICT_LIMITS; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1354 | |
| 1355 | pid = getpid(); |
| 1356 | progname = *argv; |
| 1357 | while ((tmp = strchr(progname, '/')) != NULL) |
| 1358 | progname = tmp + 1; |
| 1359 | |
Kevinm | 48936af | 2010-12-22 16:08:21 +0000 | [diff] [blame] | 1360 | /* the process name is used for the logs only */ |
Eric Salama | 7cea606 | 2020-10-02 11:58:19 +0200 | [diff] [blame] | 1361 | chunk_initlen(&global.log_tag, strdup(progname), strlen(progname), strlen(progname)); |
| 1362 | if (b_orig(&global.log_tag) == NULL) { |
| 1363 | chunk_destroy(&global.log_tag); |
| 1364 | ha_alert("Cannot allocate memory for log_tag.\n"); |
| 1365 | exit(EXIT_FAILURE); |
| 1366 | } |
Kevinm | 48936af | 2010-12-22 16:08:21 +0000 | [diff] [blame] | 1367 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1368 | argc--; argv++; |
| 1369 | while (argc > 0) { |
| 1370 | char *flag; |
| 1371 | |
| 1372 | if (**argv == '-') { |
| 1373 | flag = *argv+1; |
| 1374 | |
| 1375 | /* 1 arg */ |
| 1376 | if (*flag == 'v') { |
| 1377 | display_version(); |
Willy Tarreau | 7b066db | 2007-12-02 11:28:59 +0100 | [diff] [blame] | 1378 | if (flag[1] == 'v') /* -vv */ |
| 1379 | display_build_opts(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1380 | exit(0); |
| 1381 | } |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1382 | #if defined(USE_EPOLL) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1383 | else if (*flag == 'd' && flag[1] == 'e') |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1384 | global.tune.options &= ~GTUNE_USE_EPOLL; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1385 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1386 | #if defined(USE_POLL) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1387 | else if (*flag == 'd' && flag[1] == 'p') |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1388 | global.tune.options &= ~GTUNE_USE_POLL; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1389 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1390 | #if defined(USE_KQUEUE) |
Willy Tarreau | 1e63130a | 2007-04-09 12:03:06 +0200 | [diff] [blame] | 1391 | else if (*flag == 'd' && flag[1] == 'k') |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 1392 | global.tune.options &= ~GTUNE_USE_KQUEUE; |
Willy Tarreau | 1e63130a | 2007-04-09 12:03:06 +0200 | [diff] [blame] | 1393 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1394 | #if defined(USE_EVPORTS) |
Emmanuel Hocdet | 0ba4f48 | 2019-04-08 16:53:32 +0000 | [diff] [blame] | 1395 | else if (*flag == 'd' && flag[1] == 'v') |
| 1396 | global.tune.options &= ~GTUNE_USE_EVPORTS; |
| 1397 | #endif |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1398 | #if defined(USE_LINUX_SPLICE) |
Willy Tarreau | 3ab68cf | 2009-01-25 16:03:28 +0100 | [diff] [blame] | 1399 | else if (*flag == 'd' && flag[1] == 'S') |
| 1400 | global.tune.options &= ~GTUNE_USE_SPLICE; |
| 1401 | #endif |
Nenad Merdanovic | 88afe03 | 2014-04-14 15:56:58 +0200 | [diff] [blame] | 1402 | #if defined(USE_GETADDRINFO) |
| 1403 | else if (*flag == 'd' && flag[1] == 'G') |
| 1404 | global.tune.options &= ~GTUNE_USE_GAI; |
| 1405 | #endif |
Lukas Tribus | a0bcbdc | 2016-09-12 21:42:20 +0000 | [diff] [blame] | 1406 | #if defined(SO_REUSEPORT) |
| 1407 | else if (*flag == 'd' && flag[1] == 'R') |
| 1408 | global.tune.options &= ~GTUNE_USE_REUSEPORT; |
| 1409 | #endif |
Emeric Brun | 850efd5 | 2014-01-29 12:24:34 +0100 | [diff] [blame] | 1410 | else if (*flag == 'd' && flag[1] == 'V') |
| 1411 | global.ssl_server_verify = SSL_SERVER_VERIFY_NONE; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1412 | else if (*flag == 'V') |
| 1413 | arg_mode |= MODE_VERBOSE; |
| 1414 | else if (*flag == 'd' && flag[1] == 'b') |
| 1415 | arg_mode |= MODE_FOREGROUND; |
Amaury Denoyelle | 7b01a8d | 2021-03-29 10:29:07 +0200 | [diff] [blame] | 1416 | else if (*flag == 'd' && flag[1] == 'D') |
| 1417 | arg_mode |= MODE_DIAG; |
Willy Tarreau | 3eb10b8 | 2020-04-15 16:42:39 +0200 | [diff] [blame] | 1418 | else if (*flag == 'd' && flag[1] == 'W') |
| 1419 | arg_mode |= MODE_ZERO_WARNING; |
Willy Tarreau | 6e06443 | 2012-05-08 15:40:42 +0200 | [diff] [blame] | 1420 | else if (*flag == 'd' && flag[1] == 'M') |
| 1421 | mem_poison_byte = flag[2] ? strtol(flag + 2, NULL, 0) : 'P'; |
Willy Tarreau | 3eed10e | 2016-11-07 21:03:16 +0100 | [diff] [blame] | 1422 | else if (*flag == 'd' && flag[1] == 'r') |
| 1423 | global.tune.options |= GTUNE_RESOLVE_DONTFAIL; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1424 | else if (*flag == 'd') |
| 1425 | arg_mode |= MODE_DEBUG; |
| 1426 | else if (*flag == 'c') |
| 1427 | arg_mode |= MODE_CHECK; |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 1428 | else if (*flag == 'D') |
Willy Tarreau | 6bde87b | 2009-05-18 16:29:51 +0200 | [diff] [blame] | 1429 | arg_mode |= MODE_DAEMON; |
Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 1430 | else if (*flag == 'W' && flag[1] == 's') { |
Lukas Tribus | f46bf95 | 2017-11-21 12:39:34 +0100 | [diff] [blame] | 1431 | arg_mode |= MODE_MWORKER | MODE_FOREGROUND; |
Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 1432 | #if defined(USE_SYSTEMD) |
| 1433 | global.tune.options |= GTUNE_USE_SYSTEMD; |
| 1434 | #else |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1435 | ha_alert("master-worker mode with systemd support (-Ws) requested, but not compiled. Use master-worker mode (-W) if you are not using Type=notify in your unit file or recompile with USE_SYSTEMD=1.\n\n"); |
Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 1436 | usage(progname); |
| 1437 | #endif |
| 1438 | } |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 1439 | else if (*flag == 'W') |
| 1440 | arg_mode |= MODE_MWORKER; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1441 | else if (*flag == 'q') |
| 1442 | arg_mode |= MODE_QUIET; |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 1443 | else if (*flag == 'x') { |
William Lallemand | 4f71d30 | 2020-06-04 23:41:29 +0200 | [diff] [blame] | 1444 | if (argc <= 1) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1445 | ha_alert("Unix socket path expected with the -x flag\n\n"); |
William Lallemand | 45eff44 | 2017-06-19 15:57:55 +0200 | [diff] [blame] | 1446 | usage(progname); |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 1447 | } |
William Lallemand | 4fc0969 | 2017-06-19 16:37:19 +0200 | [diff] [blame] | 1448 | if (old_unixsocket) |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1449 | ha_warning("-x option already set, overwriting the value\n"); |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 1450 | old_unixsocket = argv[1]; |
William Lallemand | 4fc0969 | 2017-06-19 16:37:19 +0200 | [diff] [blame] | 1451 | |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 1452 | argv++; |
| 1453 | argc--; |
| 1454 | } |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1455 | else if (*flag == 'S') { |
| 1456 | struct wordlist *c; |
| 1457 | |
William Lallemand | a6b3249 | 2020-06-04 23:49:20 +0200 | [diff] [blame] | 1458 | if (argc <= 1) { |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1459 | ha_alert("Socket and optional bind parameters expected with the -S flag\n"); |
| 1460 | usage(progname); |
| 1461 | } |
| 1462 | if ((c = malloc(sizeof(*c))) == NULL || (c->s = strdup(argv[1])) == NULL) { |
| 1463 | ha_alert("Cannot allocate memory\n"); |
| 1464 | exit(EXIT_FAILURE); |
| 1465 | } |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 1466 | LIST_INSERT(&mworker_cli_conf, &c->list); |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1467 | |
| 1468 | argv++; |
| 1469 | argc--; |
| 1470 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1471 | else if (*flag == 's' && (flag[1] == 'f' || flag[1] == 't')) { |
| 1472 | /* list of pids to finish ('f') or terminate ('t') */ |
| 1473 | |
| 1474 | if (flag[1] == 'f') |
| 1475 | oldpids_sig = SIGUSR1; /* finish then exit */ |
| 1476 | else |
| 1477 | oldpids_sig = SIGTERM; /* terminate immediately */ |
Willy Tarreau | c6ca1aa | 2015-10-08 11:32:32 +0200 | [diff] [blame] | 1478 | while (argc > 1 && argv[1][0] != '-') { |
Chris Lane | 236062f | 2018-02-05 23:15:44 +0000 | [diff] [blame] | 1479 | char * endptr = NULL; |
Willy Tarreau | c6ca1aa | 2015-10-08 11:32:32 +0200 | [diff] [blame] | 1480 | oldpids = realloc(oldpids, (nb_oldpids + 1) * sizeof(int)); |
| 1481 | if (!oldpids) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1482 | ha_alert("Cannot allocate old pid : out of memory.\n"); |
Willy Tarreau | c6ca1aa | 2015-10-08 11:32:32 +0200 | [diff] [blame] | 1483 | exit(1); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1484 | } |
Willy Tarreau | c6ca1aa | 2015-10-08 11:32:32 +0200 | [diff] [blame] | 1485 | argc--; argv++; |
Chris Lane | 236062f | 2018-02-05 23:15:44 +0000 | [diff] [blame] | 1486 | errno = 0; |
| 1487 | oldpids[nb_oldpids] = strtol(*argv, &endptr, 10); |
| 1488 | if (errno) { |
| 1489 | ha_alert("-%2s option: failed to parse {%s}: %s\n", |
| 1490 | flag, |
| 1491 | *argv, strerror(errno)); |
| 1492 | exit(1); |
| 1493 | } else if (endptr && strlen(endptr)) { |
Willy Tarreau | 9080711 | 2020-02-25 08:16:33 +0100 | [diff] [blame] | 1494 | while (isspace((unsigned char)*endptr)) endptr++; |
Aurélien Nephtali | 39b8988 | 2018-02-17 20:53:11 +0100 | [diff] [blame] | 1495 | if (*endptr != 0) { |
Chris Lane | 236062f | 2018-02-05 23:15:44 +0000 | [diff] [blame] | 1496 | ha_alert("-%2s option: some bytes unconsumed in PID list {%s}\n", |
| 1497 | flag, endptr); |
| 1498 | exit(1); |
Aurélien Nephtali | 39b8988 | 2018-02-17 20:53:11 +0100 | [diff] [blame] | 1499 | } |
Chris Lane | 236062f | 2018-02-05 23:15:44 +0000 | [diff] [blame] | 1500 | } |
Willy Tarreau | c6ca1aa | 2015-10-08 11:32:32 +0200 | [diff] [blame] | 1501 | if (oldpids[nb_oldpids] <= 0) |
| 1502 | usage(progname); |
| 1503 | nb_oldpids++; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1504 | } |
| 1505 | } |
Willy Tarreau | a088d31 | 2015-10-08 11:58:48 +0200 | [diff] [blame] | 1506 | else if (flag[0] == '-' && flag[1] == 0) { /* "--" */ |
| 1507 | /* now that's a cfgfile list */ |
| 1508 | argv++; argc--; |
| 1509 | while (argc > 0) { |
Maxime de Roucy | 0f50392 | 2016-05-13 23:52:55 +0200 | [diff] [blame] | 1510 | if (!list_append_word(&cfg_cfgfiles, *argv, &err_msg)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1511 | ha_alert("Cannot load configuration file/directory %s : %s\n", |
| 1512 | *argv, |
| 1513 | err_msg); |
Willy Tarreau | a088d31 | 2015-10-08 11:58:48 +0200 | [diff] [blame] | 1514 | exit(1); |
| 1515 | } |
Willy Tarreau | a088d31 | 2015-10-08 11:58:48 +0200 | [diff] [blame] | 1516 | argv++; argc--; |
| 1517 | } |
| 1518 | break; |
| 1519 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1520 | else { /* >=2 args */ |
| 1521 | argv++; argc--; |
| 1522 | if (argc == 0) |
Willy Tarreau | 3bafcdc | 2011-09-10 19:20:23 +0200 | [diff] [blame] | 1523 | usage(progname); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1524 | |
| 1525 | switch (*flag) { |
Willy Tarreau | 576132e | 2011-09-10 19:26:56 +0200 | [diff] [blame] | 1526 | case 'C' : change_dir = *argv; break; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1527 | case 'n' : cfg_maxconn = atol(*argv); break; |
Willy Tarreau | 7006045 | 2015-12-14 12:46:07 +0100 | [diff] [blame] | 1528 | case 'm' : global.rlimit_memmax_all = atol(*argv); break; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1529 | case 'N' : cfg_maxpconn = atol(*argv); break; |
William Lallemand | daf4cd2 | 2018-04-17 16:46:13 +0200 | [diff] [blame] | 1530 | case 'L' : |
Dragan Dosen | 4f01415 | 2020-06-18 16:56:47 +0200 | [diff] [blame] | 1531 | free(localpeer); |
| 1532 | if ((localpeer = strdup(*argv)) == NULL) { |
| 1533 | ha_alert("Cannot allocate memory for local peer.\n"); |
| 1534 | exit(EXIT_FAILURE); |
| 1535 | } |
William Lallemand | daf4cd2 | 2018-04-17 16:46:13 +0200 | [diff] [blame] | 1536 | setenv("HAPROXY_LOCALPEER", localpeer, 1); |
Dragan Dosen | 13cd54c | 2020-06-18 18:24:05 +0200 | [diff] [blame] | 1537 | global.localpeer_cmdline = 1; |
William Lallemand | daf4cd2 | 2018-04-17 16:46:13 +0200 | [diff] [blame] | 1538 | break; |
Willy Tarreau | 5d01a63 | 2009-06-22 16:02:30 +0200 | [diff] [blame] | 1539 | case 'f' : |
Maxime de Roucy | 0f50392 | 2016-05-13 23:52:55 +0200 | [diff] [blame] | 1540 | if (!list_append_word(&cfg_cfgfiles, *argv, &err_msg)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1541 | ha_alert("Cannot load configuration file/directory %s : %s\n", |
| 1542 | *argv, |
| 1543 | err_msg); |
Willy Tarreau | 5d01a63 | 2009-06-22 16:02:30 +0200 | [diff] [blame] | 1544 | exit(1); |
| 1545 | } |
Willy Tarreau | 5d01a63 | 2009-06-22 16:02:30 +0200 | [diff] [blame] | 1546 | break; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1547 | case 'p' : cfg_pidfile = *argv; break; |
Willy Tarreau | 3bafcdc | 2011-09-10 19:20:23 +0200 | [diff] [blame] | 1548 | default: usage(progname); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1549 | } |
| 1550 | } |
| 1551 | } |
| 1552 | else |
Willy Tarreau | 3bafcdc | 2011-09-10 19:20:23 +0200 | [diff] [blame] | 1553 | usage(progname); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1554 | argv++; argc--; |
| 1555 | } |
| 1556 | |
Christopher Faulet | e3a5e35 | 2017-10-24 13:53:54 +0200 | [diff] [blame] | 1557 | global.mode |= (arg_mode & (MODE_DAEMON | MODE_MWORKER | MODE_FOREGROUND | MODE_VERBOSE |
Amaury Denoyelle | 7b01a8d | 2021-03-29 10:29:07 +0200 | [diff] [blame] | 1558 | | MODE_QUIET | MODE_CHECK | MODE_DEBUG | MODE_ZERO_WARNING |
| 1559 | | MODE_DIAG)); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1560 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1561 | if (getenv("HAPROXY_MWORKER_WAIT_ONLY")) { |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 1562 | unsetenv("HAPROXY_MWORKER_WAIT_ONLY"); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1563 | global.mode |= MODE_MWORKER_WAIT; |
| 1564 | global.mode &= ~MODE_MWORKER; |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 1565 | } |
| 1566 | |
| 1567 | if ((global.mode & MODE_MWORKER) && (getenv("HAPROXY_MWORKER_REEXEC") != NULL)) { |
| 1568 | atexit_flag = 1; |
| 1569 | atexit(reexec_on_failure); |
| 1570 | } |
| 1571 | |
Willy Tarreau | 576132e | 2011-09-10 19:26:56 +0200 | [diff] [blame] | 1572 | if (change_dir && chdir(change_dir) < 0) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1573 | ha_alert("Could not change to directory %s : %s\n", change_dir, strerror(errno)); |
Willy Tarreau | 576132e | 2011-09-10 19:26:56 +0200 | [diff] [blame] | 1574 | exit(1); |
| 1575 | } |
| 1576 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1577 | global.maxsock = 10; /* reserve 10 fds ; will be incremented by socket eaters */ |
Willy Tarreau | 915e1eb | 2009-06-22 15:48:36 +0200 | [diff] [blame] | 1578 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1579 | /* in wait mode, we don't try to read the configuration files */ |
| 1580 | if (!(global.mode & MODE_MWORKER_WAIT)) { |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1581 | char *env_cfgfiles = NULL; |
| 1582 | int env_err = 0; |
Willy Tarreau | c438242 | 2009-12-06 13:10:44 +0100 | [diff] [blame] | 1583 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1584 | /* handle cfgfiles that are actually directories */ |
| 1585 | cfgfiles_expand_directories(); |
| 1586 | |
| 1587 | if (LIST_ISEMPTY(&cfg_cfgfiles)) |
| 1588 | usage(progname); |
| 1589 | |
| 1590 | |
| 1591 | list_for_each_entry(wl, &cfg_cfgfiles, list) { |
| 1592 | int ret; |
| 1593 | |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1594 | if (env_err == 0) { |
| 1595 | if (!memprintf(&env_cfgfiles, "%s%s%s", |
| 1596 | (env_cfgfiles ? env_cfgfiles : ""), |
| 1597 | (env_cfgfiles ? ";" : ""), wl->s)) |
| 1598 | env_err = 1; |
| 1599 | } |
William Lallemand | 7b302d8 | 2019-05-20 11:15:37 +0200 | [diff] [blame] | 1600 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1601 | ret = readcfgfile(wl->s); |
| 1602 | if (ret == -1) { |
| 1603 | ha_alert("Could not open configuration file %s : %s\n", |
| 1604 | wl->s, strerror(errno)); |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1605 | free(env_cfgfiles); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1606 | exit(1); |
| 1607 | } |
| 1608 | if (ret & (ERR_ABORT|ERR_FATAL)) |
| 1609 | ha_alert("Error(s) found in configuration file : %s\n", wl->s); |
| 1610 | err_code |= ret; |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1611 | if (err_code & ERR_ABORT) { |
| 1612 | free(env_cfgfiles); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1613 | exit(1); |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1614 | } |
Willy Tarreau | c438242 | 2009-12-06 13:10:44 +0100 | [diff] [blame] | 1615 | } |
Krzysztof Oledzki | b304dc7 | 2007-10-14 23:40:01 +0200 | [diff] [blame] | 1616 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1617 | /* do not try to resolve arguments nor to spot inconsistencies when |
| 1618 | * the configuration contains fatal errors caused by files not found |
| 1619 | * or failed memory allocations. |
| 1620 | */ |
| 1621 | if (err_code & (ERR_ABORT|ERR_FATAL)) { |
| 1622 | ha_alert("Fatal errors found in configuration.\n"); |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1623 | free(env_cfgfiles); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1624 | exit(1); |
| 1625 | } |
Christopher Faulet | 4e36682 | 2021-01-12 18:57:38 +0100 | [diff] [blame] | 1626 | if (env_err) { |
| 1627 | ha_alert("Could not allocate memory for HAPROXY_CFGFILES env variable\n"); |
| 1628 | exit(1); |
| 1629 | } |
| 1630 | setenv("HAPROXY_CFGFILES", env_cfgfiles, 1); |
| 1631 | free(env_cfgfiles); |
William Lallemand | 7b302d8 | 2019-05-20 11:15:37 +0200 | [diff] [blame] | 1632 | |
Willy Tarreau | b83dc3d | 2017-04-19 11:24:07 +0200 | [diff] [blame] | 1633 | } |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1634 | if (global.mode & MODE_MWORKER) { |
| 1635 | int proc; |
William Lallemand | 16dd1b3 | 2018-11-19 18:46:18 +0100 | [diff] [blame] | 1636 | struct mworker_proc *tmproc; |
| 1637 | |
William Lallemand | 482f9a9 | 2019-04-12 16:15:00 +0200 | [diff] [blame] | 1638 | setenv("HAPROXY_MWORKER", "1", 1); |
| 1639 | |
William Lallemand | 16dd1b3 | 2018-11-19 18:46:18 +0100 | [diff] [blame] | 1640 | if (getenv("HAPROXY_MWORKER_REEXEC") == NULL) { |
| 1641 | |
William Lallemand | f3a8683 | 2019-04-01 11:29:58 +0200 | [diff] [blame] | 1642 | tmproc = calloc(1, sizeof(*tmproc)); |
William Lallemand | 16dd1b3 | 2018-11-19 18:46:18 +0100 | [diff] [blame] | 1643 | if (!tmproc) { |
| 1644 | ha_alert("Cannot allocate process structures.\n"); |
| 1645 | exit(EXIT_FAILURE); |
| 1646 | } |
William Lallemand | 8f7069a | 2019-04-12 16:09:23 +0200 | [diff] [blame] | 1647 | tmproc->options |= PROC_O_TYPE_MASTER; /* master */ |
William Lallemand | 16dd1b3 | 2018-11-19 18:46:18 +0100 | [diff] [blame] | 1648 | tmproc->reloads = 0; |
| 1649 | tmproc->relative_pid = 0; |
| 1650 | tmproc->pid = pid; |
| 1651 | tmproc->timestamp = start_date.tv_sec; |
| 1652 | tmproc->ipc_fd[0] = -1; |
| 1653 | tmproc->ipc_fd[1] = -1; |
| 1654 | |
| 1655 | proc_self = tmproc; |
| 1656 | |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 1657 | LIST_APPEND(&proc_list, &tmproc->list); |
William Lallemand | 16dd1b3 | 2018-11-19 18:46:18 +0100 | [diff] [blame] | 1658 | } |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1659 | |
| 1660 | for (proc = 0; proc < global.nbproc; proc++) { |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1661 | |
William Lallemand | f3a8683 | 2019-04-01 11:29:58 +0200 | [diff] [blame] | 1662 | tmproc = calloc(1, sizeof(*tmproc)); |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1663 | if (!tmproc) { |
| 1664 | ha_alert("Cannot allocate process structures.\n"); |
| 1665 | exit(EXIT_FAILURE); |
| 1666 | } |
| 1667 | |
William Lallemand | 8f7069a | 2019-04-12 16:09:23 +0200 | [diff] [blame] | 1668 | tmproc->options |= PROC_O_TYPE_WORKER; /* worker */ |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1669 | tmproc->pid = -1; |
| 1670 | tmproc->reloads = 0; |
William Lallemand | e368330 | 2018-11-19 18:46:17 +0100 | [diff] [blame] | 1671 | tmproc->timestamp = -1; |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1672 | tmproc->relative_pid = 1 + proc; |
William Lallemand | 550db6d | 2018-11-06 17:37:12 +0100 | [diff] [blame] | 1673 | tmproc->ipc_fd[0] = -1; |
| 1674 | tmproc->ipc_fd[1] = -1; |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1675 | |
| 1676 | if (mworker_cli_sockpair_new(tmproc, proc) < 0) { |
| 1677 | exit(EXIT_FAILURE); |
| 1678 | } |
| 1679 | |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 1680 | LIST_APPEND(&proc_list, &tmproc->list); |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1681 | } |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 1682 | } |
| 1683 | if (global.mode & (MODE_MWORKER|MODE_MWORKER_WAIT)) { |
| 1684 | struct wordlist *it, *c; |
| 1685 | |
William Lallemand | 1b66361 | 2018-10-26 14:47:33 +0200 | [diff] [blame] | 1686 | mworker_env_to_proc_list(); /* get the info of the children in the env */ |
William Lallemand | 8a02257 | 2018-10-26 14:47:35 +0200 | [diff] [blame] | 1687 | |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1688 | |
William Lallemand | 550db6d | 2018-11-06 17:37:12 +0100 | [diff] [blame] | 1689 | if (!LIST_ISEMPTY(&mworker_cli_conf)) { |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1690 | |
William Lallemand | 550db6d | 2018-11-06 17:37:12 +0100 | [diff] [blame] | 1691 | if (mworker_cli_proxy_create() < 0) { |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1692 | ha_alert("Can't create the master's CLI.\n"); |
| 1693 | exit(EXIT_FAILURE); |
| 1694 | } |
William Lallemand | e736115 | 2018-10-26 14:47:36 +0200 | [diff] [blame] | 1695 | |
William Lallemand | 550db6d | 2018-11-06 17:37:12 +0100 | [diff] [blame] | 1696 | list_for_each_entry_safe(c, it, &mworker_cli_conf, list) { |
| 1697 | |
| 1698 | if (mworker_cli_proxy_new_listener(c->s) < 0) { |
| 1699 | ha_alert("Can't create the master's CLI.\n"); |
| 1700 | exit(EXIT_FAILURE); |
| 1701 | } |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 1702 | LIST_DELETE(&c->list); |
William Lallemand | 550db6d | 2018-11-06 17:37:12 +0100 | [diff] [blame] | 1703 | free(c->s); |
| 1704 | free(c); |
| 1705 | } |
| 1706 | } |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 1707 | } |
| 1708 | |
Eric Salama | 5ba8335 | 2021-03-16 15:11:17 +0100 | [diff] [blame] | 1709 | if (!LIST_ISEMPTY(&mworker_cli_conf) && !(arg_mode & MODE_MWORKER)) { |
| 1710 | ha_warning("a master CLI socket was defined, but master-worker mode (-W) is not enabled.\n"); |
| 1711 | } |
| 1712 | |
Willy Tarreau | f42d794 | 2020-10-20 11:54:49 +0200 | [diff] [blame] | 1713 | if (global.nbproc > 1 && !global.nbthread) { |
| 1714 | ha_warning("nbproc is deprecated!\n" |
| 1715 | " | For suffering many limitations, the 'nbproc' directive is now deprecated\n" |
| 1716 | " | and scheduled for removal in 2.5. Just comment it out: haproxy will use\n" |
| 1717 | " | threads and will run on all allocated processors. You may also switch to\n" |
| 1718 | " | 'nbthread %d' to keep the same number of processors. If you absolutely\n" |
| 1719 | " | want to run in multi-process mode, you can silence this warning by adding\n" |
| 1720 | " | 'nbthread 1', but then please report your use case to developers.\n", |
| 1721 | global.nbproc); |
| 1722 | } |
| 1723 | |
Willy Tarreau | e90904d | 2021-02-12 14:08:31 +0100 | [diff] [blame] | 1724 | /* defaults sections are not needed anymore */ |
| 1725 | proxy_destroy_all_defaults(); |
| 1726 | |
Willy Tarreau | bb92501 | 2009-07-23 13:36:36 +0200 | [diff] [blame] | 1727 | err_code |= check_config_validity(); |
Christopher Faulet | c169296 | 2019-08-12 09:51:07 +0200 | [diff] [blame] | 1728 | for (px = proxies_list; px; px = px->next) { |
| 1729 | struct server *srv; |
| 1730 | struct post_proxy_check_fct *ppcf; |
| 1731 | struct post_server_check_fct *pscf; |
| 1732 | |
Christopher Faulet | d5bd824 | 2020-11-02 16:20:13 +0100 | [diff] [blame] | 1733 | if (px->disabled) |
| 1734 | continue; |
| 1735 | |
Christopher Faulet | c169296 | 2019-08-12 09:51:07 +0200 | [diff] [blame] | 1736 | list_for_each_entry(pscf, &post_server_check_list, list) { |
| 1737 | for (srv = px->srv; srv; srv = srv->next) |
| 1738 | err_code |= pscf->fct(srv); |
| 1739 | } |
| 1740 | list_for_each_entry(ppcf, &post_proxy_check_list, list) |
| 1741 | err_code |= ppcf->fct(px); |
| 1742 | } |
Willy Tarreau | bb92501 | 2009-07-23 13:36:36 +0200 | [diff] [blame] | 1743 | if (err_code & (ERR_ABORT|ERR_FATAL)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1744 | ha_alert("Fatal errors found in configuration.\n"); |
Willy Tarreau | 915e1eb | 2009-06-22 15:48:36 +0200 | [diff] [blame] | 1745 | exit(1); |
| 1746 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1747 | |
Carl Henrik Lunde | f91ac19 | 2020-02-27 16:45:50 +0100 | [diff] [blame] | 1748 | err_code |= pattern_finalize_config(); |
| 1749 | if (err_code & (ERR_ABORT|ERR_FATAL)) { |
| 1750 | ha_alert("Failed to finalize pattern config.\n"); |
| 1751 | exit(1); |
| 1752 | } |
Willy Tarreau | 0f93672 | 2019-04-11 14:47:08 +0200 | [diff] [blame] | 1753 | |
Willy Tarreau | 7006045 | 2015-12-14 12:46:07 +0100 | [diff] [blame] | 1754 | /* recompute the amount of per-process memory depending on nbproc and |
| 1755 | * the shared SSL cache size (allowed to exist in all processes). |
| 1756 | */ |
| 1757 | if (global.rlimit_memmax_all) { |
| 1758 | #if defined (USE_OPENSSL) && !defined(USE_PRIVATE_CACHE) |
| 1759 | int64_t ssl_cache_bytes = global.tune.sslcachesize * 200LL; |
| 1760 | |
| 1761 | global.rlimit_memmax = |
| 1762 | ((((int64_t)global.rlimit_memmax_all * 1048576LL) - |
| 1763 | ssl_cache_bytes) / global.nbproc + |
| 1764 | ssl_cache_bytes + 1048575LL) / 1048576LL; |
| 1765 | #else |
| 1766 | global.rlimit_memmax = global.rlimit_memmax_all / global.nbproc; |
| 1767 | #endif |
| 1768 | } |
| 1769 | |
Willy Tarreau | e573323 | 2019-05-22 19:24:06 +0200 | [diff] [blame] | 1770 | #ifdef USE_NS |
KOVACS Krisztian | b3e54fe | 2014-11-17 15:11:45 +0100 | [diff] [blame] | 1771 | err_code |= netns_init(); |
| 1772 | if (err_code & (ERR_ABORT|ERR_FATAL)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1773 | ha_alert("Failed to initialize namespace support.\n"); |
KOVACS Krisztian | b3e54fe | 2014-11-17 15:11:45 +0100 | [diff] [blame] | 1774 | exit(1); |
| 1775 | } |
| 1776 | #endif |
| 1777 | |
Baptiste Assmann | 4215d7d | 2016-11-02 15:33:15 +0100 | [diff] [blame] | 1778 | /* Apply server states */ |
| 1779 | apply_server_state(); |
| 1780 | |
Olivier Houchard | fbc74e8 | 2017-11-24 16:54:05 +0100 | [diff] [blame] | 1781 | for (px = proxies_list; px; px = px->next) |
Baptiste Assmann | 4215d7d | 2016-11-02 15:33:15 +0100 | [diff] [blame] | 1782 | srv_compute_all_admin_states(px); |
| 1783 | |
Baptiste Assmann | 83cbaa5 | 2016-11-02 15:34:05 +0100 | [diff] [blame] | 1784 | /* Apply servers' configured address */ |
| 1785 | err_code |= srv_init_addr(); |
| 1786 | if (err_code & (ERR_ABORT|ERR_FATAL)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1787 | ha_alert("Failed to initialize server(s) addr.\n"); |
Baptiste Assmann | 83cbaa5 | 2016-11-02 15:34:05 +0100 | [diff] [blame] | 1788 | exit(1); |
| 1789 | } |
| 1790 | |
Willy Tarreau | 3eb10b8 | 2020-04-15 16:42:39 +0200 | [diff] [blame] | 1791 | if (warned & WARN_ANY && global.mode & MODE_ZERO_WARNING) { |
| 1792 | ha_alert("Some warnings were found and 'zero-warning' is set. Aborting.\n"); |
| 1793 | exit(1); |
| 1794 | } |
| 1795 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1796 | if (global.mode & MODE_CHECK) { |
Willy Tarreau | 8b15ba1 | 2012-02-02 17:48:18 +0100 | [diff] [blame] | 1797 | struct peers *pr; |
| 1798 | struct proxy *px; |
| 1799 | |
Willy Tarreau | bebd212 | 2020-04-15 16:06:11 +0200 | [diff] [blame] | 1800 | if (warned & WARN_ANY) |
| 1801 | qfprintf(stdout, "Warnings were found.\n"); |
| 1802 | |
Frédéric Lécaille | ed2b4a6 | 2017-07-13 09:07:09 +0200 | [diff] [blame] | 1803 | for (pr = cfg_peers; pr; pr = pr->next) |
Willy Tarreau | 8b15ba1 | 2012-02-02 17:48:18 +0100 | [diff] [blame] | 1804 | if (pr->peers_fe) |
| 1805 | break; |
| 1806 | |
Olivier Houchard | fbc74e8 | 2017-11-24 16:54:05 +0100 | [diff] [blame] | 1807 | for (px = proxies_list; px; px = px->next) |
Willy Tarreau | c3914d4 | 2020-09-24 08:39:22 +0200 | [diff] [blame] | 1808 | if (!px->disabled && px->li_all) |
Willy Tarreau | 8b15ba1 | 2012-02-02 17:48:18 +0100 | [diff] [blame] | 1809 | break; |
| 1810 | |
| 1811 | if (pr || px) { |
| 1812 | /* At least one peer or one listener has been found */ |
| 1813 | qfprintf(stdout, "Configuration file is valid\n"); |
Tim Duesterhus | 0a3b43d | 2020-06-14 00:37:42 +0200 | [diff] [blame] | 1814 | deinit_and_exit(0); |
Willy Tarreau | 8b15ba1 | 2012-02-02 17:48:18 +0100 | [diff] [blame] | 1815 | } |
| 1816 | qfprintf(stdout, "Configuration file has no error but will not start (no listener) => exit(2).\n"); |
| 1817 | exit(2); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1818 | } |
Willy Tarreau | e9b2602 | 2011-08-01 20:57:55 +0200 | [diff] [blame] | 1819 | |
Amaury Denoyelle | 5a6926d | 2021-03-30 17:34:24 +0200 | [diff] [blame] | 1820 | if (global.mode & MODE_DIAG) { |
| 1821 | cfg_run_diagnostics(); |
| 1822 | } |
| 1823 | |
Willy Tarreau | 8263d2b | 2012-08-28 00:06:31 +0200 | [diff] [blame] | 1824 | /* now we know the buffer size, we can initialize the channels and buffers */ |
Willy Tarreau | 9b28e03 | 2012-10-12 23:49:43 +0200 | [diff] [blame] | 1825 | init_buffer(); |
Willy Tarreau | 8280d64 | 2009-09-23 23:37:52 +0200 | [diff] [blame] | 1826 | |
Willy Tarreau | e694573 | 2016-12-21 19:57:00 +0100 | [diff] [blame] | 1827 | list_for_each_entry(pcf, &post_check_list, list) { |
| 1828 | err_code |= pcf->fct(); |
| 1829 | if (err_code & (ERR_ABORT|ERR_FATAL)) |
| 1830 | exit(1); |
| 1831 | } |
| 1832 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1833 | if (cfg_maxconn > 0) |
| 1834 | global.maxconn = cfg_maxconn; |
| 1835 | |
Willy Tarreau | 4975d14 | 2021-03-13 11:00:33 +0100 | [diff] [blame] | 1836 | if (global.cli_fe) |
| 1837 | global.maxsock += global.cli_fe->maxconn; |
Willy Tarreau | 8d687d8 | 2019-03-01 09:39:42 +0100 | [diff] [blame] | 1838 | |
| 1839 | if (cfg_peers) { |
| 1840 | /* peers also need to bypass global maxconn */ |
| 1841 | struct peers *p = cfg_peers; |
| 1842 | |
| 1843 | for (p = cfg_peers; p; p = p->next) |
| 1844 | if (p->peers_fe) |
| 1845 | global.maxsock += p->peers_fe->maxconn; |
| 1846 | } |
| 1847 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1848 | if (cfg_pidfile) { |
Willy Tarreau | a534fea | 2008-08-03 12:19:50 +0200 | [diff] [blame] | 1849 | free(global.pidfile); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1850 | global.pidfile = strdup(cfg_pidfile); |
| 1851 | } |
| 1852 | |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1853 | /* Now we want to compute the maxconn and possibly maxsslconn values. |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1854 | * It's a bit tricky. Maxconn defaults to the pre-computed value based |
| 1855 | * on rlim_fd_cur and the number of FDs in use due to the configuration, |
| 1856 | * and maxsslconn defaults to DEFAULT_MAXSSLCONN. On top of that we can |
| 1857 | * enforce a lower limit based on memmax. |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1858 | * |
| 1859 | * If memmax is set, then it depends on which values are set. If |
| 1860 | * maxsslconn is set, we use memmax to determine how many cleartext |
| 1861 | * connections may be added, and set maxconn to the sum of the two. |
| 1862 | * If maxconn is set and not maxsslconn, maxsslconn is computed from |
| 1863 | * the remaining amount of memory between memmax and the cleartext |
| 1864 | * connections. If neither are set, then it is considered that all |
| 1865 | * connections are SSL-capable, and maxconn is computed based on this, |
| 1866 | * then maxsslconn accordingly. We need to know if SSL is used on the |
| 1867 | * frontends, backends, or both, because when it's used on both sides, |
| 1868 | * we need twice the value for maxsslconn, but we only count the |
| 1869 | * handshake once since it is not performed on the two sides at the |
| 1870 | * same time (frontend-side is terminated before backend-side begins). |
| 1871 | * The SSL stack is supposed to have filled ssl_session_cost and |
Willy Tarreau | 474b96a | 2015-01-28 19:03:21 +0100 | [diff] [blame] | 1872 | * ssl_handshake_cost during its initialization. In any case, if |
| 1873 | * SYSTEM_MAXCONN is set, we still enforce it as an upper limit for |
| 1874 | * maxconn in order to protect the system. |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1875 | */ |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1876 | ideal_maxconn = compute_ideal_maxconn(); |
| 1877 | |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1878 | if (!global.rlimit_memmax) { |
| 1879 | if (global.maxconn == 0) { |
Willy Tarreau | ac35093 | 2019-03-01 15:43:14 +0100 | [diff] [blame] | 1880 | global.maxconn = ideal_maxconn; |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1881 | if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) |
| 1882 | fprintf(stderr, "Note: setting global.maxconn to %d.\n", global.maxconn); |
| 1883 | } |
| 1884 | } |
| 1885 | #ifdef USE_OPENSSL |
| 1886 | else if (!global.maxconn && !global.maxsslconn && |
| 1887 | (global.ssl_used_frontend || global.ssl_used_backend)) { |
| 1888 | /* memmax is set, compute everything automatically. Here we want |
| 1889 | * to ensure that all SSL connections will be served. We take |
| 1890 | * care of the number of sides where SSL is used, and consider |
| 1891 | * the worst case : SSL used on both sides and doing a handshake |
| 1892 | * simultaneously. Note that we can't have more than maxconn |
| 1893 | * handshakes at a time by definition, so for the worst case of |
| 1894 | * two SSL conns per connection, we count a single handshake. |
| 1895 | */ |
| 1896 | int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend; |
| 1897 | int64_t mem = global.rlimit_memmax * 1048576ULL; |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1898 | int retried = 0; |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1899 | |
| 1900 | mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry |
| 1901 | mem -= global.maxzlibmem; |
| 1902 | mem = mem * MEM_USABLE_RATIO; |
| 1903 | |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1904 | /* Principle: we test once to set maxconn according to the free |
| 1905 | * memory. If it results in values the system rejects, we try a |
| 1906 | * second time by respecting rlim_fd_max. If it fails again, we |
| 1907 | * go back to the initial value and will let the final code |
| 1908 | * dealing with rlimit report the error. That's up to 3 attempts. |
| 1909 | */ |
| 1910 | do { |
| 1911 | global.maxconn = mem / |
| 1912 | ((STREAM_MAX_COST + 2 * global.tune.bufsize) + // stream + 2 buffers per stream |
| 1913 | sides * global.ssl_session_max_cost + // SSL buffers, one per side |
| 1914 | global.ssl_handshake_max_cost); // 1 handshake per connection max |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1915 | |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1916 | if (retried == 1) |
| 1917 | global.maxconn = MIN(global.maxconn, ideal_maxconn); |
| 1918 | global.maxconn = round_2dig(global.maxconn); |
Willy Tarreau | 474b96a | 2015-01-28 19:03:21 +0100 | [diff] [blame] | 1919 | #ifdef SYSTEM_MAXCONN |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1920 | if (global.maxconn > SYSTEM_MAXCONN) |
| 1921 | global.maxconn = SYSTEM_MAXCONN; |
Willy Tarreau | 474b96a | 2015-01-28 19:03:21 +0100 | [diff] [blame] | 1922 | #endif /* SYSTEM_MAXCONN */ |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1923 | global.maxsslconn = sides * global.maxconn; |
| 1924 | |
| 1925 | if (check_if_maxsock_permitted(compute_ideal_maxsock(global.maxconn))) |
| 1926 | break; |
| 1927 | } while (retried++ < 2); |
| 1928 | |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1929 | if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) |
| 1930 | fprintf(stderr, "Note: setting global.maxconn to %d and global.maxsslconn to %d.\n", |
| 1931 | global.maxconn, global.maxsslconn); |
| 1932 | } |
| 1933 | else if (!global.maxsslconn && |
| 1934 | (global.ssl_used_frontend || global.ssl_used_backend)) { |
| 1935 | /* memmax and maxconn are known, compute maxsslconn automatically. |
| 1936 | * maxsslconn being forced, we don't know how many of it will be |
| 1937 | * on each side if both sides are being used. The worst case is |
| 1938 | * when all connections use only one SSL instance because |
| 1939 | * handshakes may be on two sides at the same time. |
| 1940 | */ |
| 1941 | int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend; |
| 1942 | int64_t mem = global.rlimit_memmax * 1048576ULL; |
| 1943 | int64_t sslmem; |
| 1944 | |
| 1945 | mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry |
| 1946 | mem -= global.maxzlibmem; |
| 1947 | mem = mem * MEM_USABLE_RATIO; |
| 1948 | |
Willy Tarreau | 87b0966 | 2015-04-03 00:22:06 +0200 | [diff] [blame] | 1949 | sslmem = mem - global.maxconn * (int64_t)(STREAM_MAX_COST + 2 * global.tune.bufsize); |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1950 | global.maxsslconn = sslmem / (global.ssl_session_max_cost + global.ssl_handshake_max_cost); |
| 1951 | global.maxsslconn = round_2dig(global.maxsslconn); |
| 1952 | |
| 1953 | if (sslmem <= 0 || global.maxsslconn < sides) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 1954 | ha_alert("Cannot compute the automatic maxsslconn because global.maxconn is already too " |
| 1955 | "high for the global.memmax value (%d MB). The absolute maximum possible value " |
| 1956 | "without SSL is %d, but %d was found and SSL is in use.\n", |
| 1957 | global.rlimit_memmax, |
| 1958 | (int)(mem / (STREAM_MAX_COST + 2 * global.tune.bufsize)), |
| 1959 | global.maxconn); |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1960 | exit(1); |
| 1961 | } |
| 1962 | |
| 1963 | if (global.maxsslconn > sides * global.maxconn) |
| 1964 | global.maxsslconn = sides * global.maxconn; |
| 1965 | |
| 1966 | if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) |
| 1967 | fprintf(stderr, "Note: setting global.maxsslconn to %d\n", global.maxsslconn); |
| 1968 | } |
| 1969 | #endif |
| 1970 | else if (!global.maxconn) { |
| 1971 | /* memmax and maxsslconn are known/unused, compute maxconn automatically */ |
| 1972 | int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend; |
| 1973 | int64_t mem = global.rlimit_memmax * 1048576ULL; |
| 1974 | int64_t clearmem; |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1975 | int retried = 0; |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 1976 | |
| 1977 | if (global.ssl_used_frontend || global.ssl_used_backend) |
| 1978 | mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry |
| 1979 | |
| 1980 | mem -= global.maxzlibmem; |
| 1981 | mem = mem * MEM_USABLE_RATIO; |
| 1982 | |
| 1983 | clearmem = mem; |
| 1984 | if (sides) |
| 1985 | clearmem -= (global.ssl_session_max_cost + global.ssl_handshake_max_cost) * (int64_t)global.maxsslconn; |
| 1986 | |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1987 | /* Principle: we test once to set maxconn according to the free |
| 1988 | * memory. If it results in values the system rejects, we try a |
| 1989 | * second time by respecting rlim_fd_max. If it fails again, we |
| 1990 | * go back to the initial value and will let the final code |
| 1991 | * dealing with rlimit report the error. That's up to 3 attempts. |
| 1992 | */ |
| 1993 | do { |
| 1994 | global.maxconn = clearmem / (STREAM_MAX_COST + 2 * global.tune.bufsize); |
| 1995 | if (retried == 1) |
| 1996 | global.maxconn = MIN(global.maxconn, ideal_maxconn); |
| 1997 | global.maxconn = round_2dig(global.maxconn); |
Willy Tarreau | 474b96a | 2015-01-28 19:03:21 +0100 | [diff] [blame] | 1998 | #ifdef SYSTEM_MAXCONN |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 1999 | if (global.maxconn > SYSTEM_MAXCONN) |
| 2000 | global.maxconn = SYSTEM_MAXCONN; |
Willy Tarreau | 474b96a | 2015-01-28 19:03:21 +0100 | [diff] [blame] | 2001 | #endif /* SYSTEM_MAXCONN */ |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 2002 | |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 2003 | if (clearmem <= 0 || !global.maxconn) { |
| 2004 | ha_alert("Cannot compute the automatic maxconn because global.maxsslconn is already too " |
| 2005 | "high for the global.memmax value (%d MB). The absolute maximum possible value " |
| 2006 | "is %d, but %d was found.\n", |
| 2007 | global.rlimit_memmax, |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2008 | (int)(mem / (global.ssl_session_max_cost + global.ssl_handshake_max_cost)), |
Willy Tarreau | 304e17e | 2020-03-10 17:54:54 +0100 | [diff] [blame] | 2009 | global.maxsslconn); |
| 2010 | exit(1); |
| 2011 | } |
| 2012 | |
| 2013 | if (check_if_maxsock_permitted(compute_ideal_maxsock(global.maxconn))) |
| 2014 | break; |
| 2015 | } while (retried++ < 2); |
Willy Tarreau | d025648 | 2015-01-15 21:45:22 +0100 | [diff] [blame] | 2016 | |
| 2017 | if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) { |
| 2018 | if (sides && global.maxsslconn > sides * global.maxconn) { |
| 2019 | fprintf(stderr, "Note: global.maxsslconn is forced to %d which causes global.maxconn " |
| 2020 | "to be limited to %d. Better reduce global.maxsslconn to get more " |
| 2021 | "room for extra connections.\n", global.maxsslconn, global.maxconn); |
| 2022 | } |
| 2023 | fprintf(stderr, "Note: setting global.maxconn to %d\n", global.maxconn); |
| 2024 | } |
Willy Tarreau | 66aa61f | 2009-01-18 21:44:07 +0100 | [diff] [blame] | 2025 | } |
| 2026 | |
Willy Tarreau | a409f30 | 2020-03-10 17:08:53 +0100 | [diff] [blame] | 2027 | global.maxsock = compute_ideal_maxsock(global.maxconn); |
| 2028 | global.hardmaxconn = global.maxconn; |
Willy Tarreau | a4818db | 2020-06-19 16:20:59 +0200 | [diff] [blame] | 2029 | if (!global.maxpipes) |
| 2030 | global.maxpipes = compute_ideal_maxpipes(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2031 | |
Olivier Houchard | 88698d9 | 2019-04-16 19:07:22 +0200 | [diff] [blame] | 2032 | /* update connection pool thresholds */ |
| 2033 | global.tune.pool_low_count = ((long long)global.maxsock * global.tune.pool_low_ratio + 99) / 100; |
| 2034 | global.tune.pool_high_count = ((long long)global.maxsock * global.tune.pool_high_ratio + 99) / 100; |
| 2035 | |
Willy Tarreau | c8d5b95 | 2019-02-27 17:25:52 +0100 | [diff] [blame] | 2036 | proxy_adjust_all_maxconn(); |
| 2037 | |
Willy Tarreau | 1db3771 | 2007-06-03 17:16:49 +0200 | [diff] [blame] | 2038 | if (global.tune.maxpollevents <= 0) |
| 2039 | global.tune.maxpollevents = MAX_POLL_EVENTS; |
| 2040 | |
Willy Tarreau | 060a761 | 2021-03-10 11:06:26 +0100 | [diff] [blame] | 2041 | if (global.tune.runqueue_depth <= 0) { |
| 2042 | /* tests on various thread counts from 1 to 64 have shown an |
| 2043 | * optimal queue depth following roughly 1/sqrt(threads). |
| 2044 | */ |
| 2045 | int s = my_flsl(global.nbthread); |
| 2046 | s += (global.nbthread / s); // roughly twice the sqrt. |
| 2047 | global.tune.runqueue_depth = RUNQUEUE_DEPTH * 2 / s; |
| 2048 | } |
Olivier Houchard | 1599b80 | 2018-05-24 18:59:04 +0200 | [diff] [blame] | 2049 | |
Willy Tarreau | 6f4a82c | 2009-03-21 20:43:57 +0100 | [diff] [blame] | 2050 | if (global.tune.recv_enough == 0) |
| 2051 | global.tune.recv_enough = MIN_RECV_AT_ONCE_ENOUGH; |
| 2052 | |
Willy Tarreau | 27a674e | 2009-08-17 07:23:33 +0200 | [diff] [blame] | 2053 | if (global.tune.maxrewrite >= global.tune.bufsize / 2) |
| 2054 | global.tune.maxrewrite = global.tune.bufsize / 2; |
| 2055 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2056 | if (arg_mode & (MODE_DEBUG | MODE_FOREGROUND)) { |
| 2057 | /* command line debug mode inhibits configuration mode */ |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2058 | global.mode &= ~(MODE_DAEMON | MODE_QUIET); |
Willy Tarreau | 772f0dd | 2012-10-26 16:04:28 +0200 | [diff] [blame] | 2059 | global.mode |= (arg_mode & (MODE_DEBUG | MODE_FOREGROUND)); |
| 2060 | } |
| 2061 | |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2062 | if (arg_mode & MODE_DAEMON) { |
Willy Tarreau | 772f0dd | 2012-10-26 16:04:28 +0200 | [diff] [blame] | 2063 | /* command line daemon mode inhibits foreground and debug modes mode */ |
| 2064 | global.mode &= ~(MODE_DEBUG | MODE_FOREGROUND); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2065 | global.mode |= arg_mode & MODE_DAEMON; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2066 | } |
Willy Tarreau | 772f0dd | 2012-10-26 16:04:28 +0200 | [diff] [blame] | 2067 | |
| 2068 | global.mode |= (arg_mode & (MODE_QUIET | MODE_VERBOSE)); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2069 | |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2070 | if ((global.mode & MODE_DEBUG) && (global.mode & (MODE_DAEMON | MODE_QUIET))) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2071 | ha_warning("<debug> mode incompatible with <quiet> and <daemon>. Keeping <debug> only.\n"); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2072 | global.mode &= ~(MODE_DAEMON | MODE_QUIET); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2073 | } |
| 2074 | |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2075 | if ((global.nbproc > 1) && !(global.mode & (MODE_DAEMON | MODE_MWORKER))) { |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2076 | if (!(global.mode & (MODE_FOREGROUND | MODE_DEBUG))) |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2077 | ha_warning("<nbproc> is only meaningful in daemon mode or master-worker mode. Setting limit to 1 process.\n"); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2078 | global.nbproc = 1; |
| 2079 | } |
| 2080 | |
| 2081 | if (global.nbproc < 1) |
| 2082 | global.nbproc = 1; |
| 2083 | |
Christopher Faulet | be0faa2 | 2017-08-29 15:37:10 +0200 | [diff] [blame] | 2084 | if (global.nbthread < 1) |
| 2085 | global.nbthread = 1; |
| 2086 | |
Christopher Faulet | 3ef2639 | 2017-08-29 16:46:57 +0200 | [diff] [blame] | 2087 | /* Realloc trash buffers because global.tune.bufsize may have changed */ |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 2088 | if (!init_trash_buffers(0)) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2089 | ha_alert("failed to initialize trash buffers.\n"); |
Christopher Faulet | 3ef2639 | 2017-08-29 16:46:57 +0200 | [diff] [blame] | 2090 | exit(1); |
| 2091 | } |
| 2092 | |
Christopher Faulet | 96d4483 | 2017-11-14 22:02:30 +0100 | [diff] [blame] | 2093 | if (!init_log_buffers()) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2094 | ha_alert("failed to initialize log buffers.\n"); |
Christopher Faulet | 96d4483 | 2017-11-14 22:02:30 +0100 | [diff] [blame] | 2095 | exit(1); |
| 2096 | } |
| 2097 | |
Willy Tarreau | ef1d1f8 | 2007-04-16 00:25:25 +0200 | [diff] [blame] | 2098 | /* |
| 2099 | * Note: we could register external pollers here. |
| 2100 | * Built-in pollers have been registered before main(). |
| 2101 | */ |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2102 | |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 2103 | if (!(global.tune.options & GTUNE_USE_KQUEUE)) |
Willy Tarreau | 1e63130a | 2007-04-09 12:03:06 +0200 | [diff] [blame] | 2104 | disable_poller("kqueue"); |
| 2105 | |
Emmanuel Hocdet | 0ba4f48 | 2019-04-08 16:53:32 +0000 | [diff] [blame] | 2106 | if (!(global.tune.options & GTUNE_USE_EVPORTS)) |
| 2107 | disable_poller("evports"); |
| 2108 | |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 2109 | if (!(global.tune.options & GTUNE_USE_EPOLL)) |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2110 | disable_poller("epoll"); |
| 2111 | |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 2112 | if (!(global.tune.options & GTUNE_USE_POLL)) |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2113 | disable_poller("poll"); |
| 2114 | |
Willy Tarreau | 43b7899 | 2009-01-25 15:42:27 +0100 | [diff] [blame] | 2115 | if (!(global.tune.options & GTUNE_USE_SELECT)) |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2116 | disable_poller("select"); |
| 2117 | |
| 2118 | /* Note: we could disable any poller by name here */ |
| 2119 | |
Christopher Faulet | b3f4e14 | 2016-03-07 12:46:38 +0100 | [diff] [blame] | 2120 | if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) { |
Willy Tarreau | 2ff7622 | 2007-04-09 19:29:56 +0200 | [diff] [blame] | 2121 | list_pollers(stderr); |
Christopher Faulet | b3f4e14 | 2016-03-07 12:46:38 +0100 | [diff] [blame] | 2122 | fprintf(stderr, "\n"); |
| 2123 | list_filters(stderr); |
| 2124 | } |
Willy Tarreau | 2ff7622 | 2007-04-09 19:29:56 +0200 | [diff] [blame] | 2125 | |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2126 | if (!init_pollers()) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2127 | ha_alert("No polling mechanism available.\n" |
| 2128 | " It is likely that haproxy was built with TARGET=generic and that FD_SETSIZE\n" |
| 2129 | " is too low on this platform to support maxconn and the number of listeners\n" |
| 2130 | " and servers. You should rebuild haproxy specifying your system using TARGET=\n" |
| 2131 | " in order to support other polling systems (poll, epoll, kqueue) or reduce the\n" |
| 2132 | " global maxconn setting to accommodate the system's limitation. For reference,\n" |
| 2133 | " FD_SETSIZE=%d on this system, global.maxconn=%d resulting in a maximum of\n" |
| 2134 | " %d file descriptors. You should thus reduce global.maxconn by %d. Also,\n" |
| 2135 | " check build settings using 'haproxy -vv'.\n\n", |
| 2136 | FD_SETSIZE, global.maxconn, global.maxsock, (global.maxsock + 1 - FD_SETSIZE) / 2); |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2137 | exit(1); |
| 2138 | } |
Willy Tarreau | 2ff7622 | 2007-04-09 19:29:56 +0200 | [diff] [blame] | 2139 | if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) { |
| 2140 | printf("Using %s() as the polling mechanism.\n", cur_poller.name); |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2141 | } |
| 2142 | |
Krzysztof Piotr Oledzki | 48cb2ae | 2009-10-02 22:51:14 +0200 | [diff] [blame] | 2143 | if (!global.node) |
| 2144 | global.node = strdup(hostname); |
| 2145 | |
Willy Tarreau | 02b092f | 2020-10-07 18:36:54 +0200 | [diff] [blame] | 2146 | /* stop disabled proxies */ |
| 2147 | for (px = proxies_list; px; px = px->next) { |
Willy Tarreau | c3914d4 | 2020-09-24 08:39:22 +0200 | [diff] [blame] | 2148 | if (px->disabled) |
Willy Tarreau | 02b092f | 2020-10-07 18:36:54 +0200 | [diff] [blame] | 2149 | stop_proxy(px); |
| 2150 | } |
| 2151 | |
Thierry FOURNIER | a4a0f3d | 2015-01-23 12:08:30 +0100 | [diff] [blame] | 2152 | if (!hlua_post_init()) |
| 2153 | exit(1); |
Thomas Holmes | 6abded4 | 2015-05-12 16:23:58 +0100 | [diff] [blame] | 2154 | |
Maxime de Roucy | 0f50392 | 2016-05-13 23:52:55 +0200 | [diff] [blame] | 2155 | free(err_msg); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2156 | } |
| 2157 | |
Cyril Bonté | 203ec5a | 2017-03-23 22:44:13 +0100 | [diff] [blame] | 2158 | void deinit(void) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2159 | { |
Olivier Houchard | fbc74e8 | 2017-11-24 16:54:05 +0100 | [diff] [blame] | 2160 | struct proxy *p = proxies_list, *p0; |
Willy Tarreau | deb9ed8 | 2010-01-03 21:03:22 +0100 | [diff] [blame] | 2161 | struct wordlist *wl, *wlb; |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2162 | struct uri_auth *uap, *ua = NULL; |
William Lallemand | 0f99e34 | 2011-10-12 17:50:54 +0200 | [diff] [blame] | 2163 | struct logsrv *log, *logb; |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 2164 | struct build_opts_str *bol, *bolb; |
Tim Duesterhus | fdf904a | 2020-07-04 11:49:48 +0200 | [diff] [blame] | 2165 | struct post_deinit_fct *pdf, *pdfb; |
Tim Duesterhus | 17e363f | 2020-07-04 11:49:47 +0200 | [diff] [blame] | 2166 | struct proxy_deinit_fct *pxdf, *pxdfb; |
Tim Duesterhus | 0837eb1 | 2020-07-04 11:49:49 +0200 | [diff] [blame] | 2167 | struct server_deinit_fct *srvdf, *srvdfb; |
Tim Duesterhus | f0c25d2 | 2020-09-10 19:46:41 +0200 | [diff] [blame] | 2168 | struct per_thread_init_fct *tif, *tifb; |
| 2169 | struct per_thread_deinit_fct *tdf, *tdfb; |
| 2170 | struct per_thread_alloc_fct *taf, *tafb; |
| 2171 | struct per_thread_free_fct *tff, *tffb; |
Tim Duesterhus | 34bef07 | 2020-07-04 11:49:50 +0200 | [diff] [blame] | 2172 | struct post_server_check_fct *pscf, *pscfb; |
Tim Duesterhus | fc85494 | 2020-09-10 19:46:42 +0200 | [diff] [blame] | 2173 | struct post_check_fct *pcf, *pcfb; |
Tim Duesterhus | 53508d6 | 2020-09-10 19:46:40 +0200 | [diff] [blame] | 2174 | struct post_proxy_check_fct *ppcf, *ppcfb; |
Willy Tarreau | ae7bc4a | 2020-09-23 16:46:22 +0200 | [diff] [blame] | 2175 | int cur_fd; |
| 2176 | |
| 2177 | /* At this point the listeners state is weird: |
| 2178 | * - most listeners are still bound and referenced in their protocol |
| 2179 | * - some might be zombies that are not in their proto anymore, but |
| 2180 | * still appear in their proxy's listeners with a valid FD. |
| 2181 | * - some might be stopped and still appear in their proxy as FD #-1 |
| 2182 | * - among all of them, some might be inherited hence shared and we're |
| 2183 | * not allowed to pause them or whatever, we must just close them. |
| 2184 | * - finally some are not listeners (pipes, logs, stdout, etc) and |
| 2185 | * must be left intact. |
| 2186 | * |
| 2187 | * The safe way to proceed is to unbind (and close) whatever is not yet |
| 2188 | * unbound so that no more receiver/listener remains alive. Then close |
| 2189 | * remaining listener FDs, which correspond to zombie listeners (those |
| 2190 | * belonging to disabled proxies that were in another process). |
| 2191 | * objt_listener() would be cleaner here but not converted yet. |
| 2192 | */ |
| 2193 | protocol_unbind_all(); |
| 2194 | |
| 2195 | for (cur_fd = 0; cur_fd < global.maxsock; cur_fd++) { |
Willy Tarreau | 1a3770c | 2020-10-14 12:13:51 +0200 | [diff] [blame] | 2196 | if (!fdtab || !fdtab[cur_fd].owner) |
Willy Tarreau | ae7bc4a | 2020-09-23 16:46:22 +0200 | [diff] [blame] | 2197 | continue; |
| 2198 | |
Willy Tarreau | a74cb38 | 2020-10-15 21:29:49 +0200 | [diff] [blame] | 2199 | if (fdtab[cur_fd].iocb == &sock_accept_iocb) { |
Willy Tarreau | ae7bc4a | 2020-09-23 16:46:22 +0200 | [diff] [blame] | 2200 | struct listener *l = fdtab[cur_fd].owner; |
| 2201 | |
| 2202 | BUG_ON(l->state != LI_INIT); |
| 2203 | unbind_listener(l); |
| 2204 | } |
| 2205 | } |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2206 | |
Willy Tarreau | 24f4efa | 2010-08-27 17:56:48 +0200 | [diff] [blame] | 2207 | deinit_signals(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2208 | while (p) { |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2209 | /* build a list of unique uri_auths */ |
| 2210 | if (!ua) |
| 2211 | ua = p->uri_auth; |
| 2212 | else { |
| 2213 | /* check if p->uri_auth is unique */ |
| 2214 | for (uap = ua; uap; uap=uap->next) |
| 2215 | if (uap == p->uri_auth) |
| 2216 | break; |
| 2217 | |
Willy Tarreau | accc4e1 | 2008-06-24 11:14:45 +0200 | [diff] [blame] | 2218 | if (!uap && p->uri_auth) { |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2219 | /* add it, if it is */ |
| 2220 | p->uri_auth->next = ua; |
| 2221 | ua = p->uri_auth; |
| 2222 | } |
William Lallemand | 0f99e34 | 2011-10-12 17:50:54 +0200 | [diff] [blame] | 2223 | } |
| 2224 | |
Willy Tarreau | 4d2d098 | 2007-05-14 00:39:29 +0200 | [diff] [blame] | 2225 | p0 = p; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2226 | p = p->next; |
Amaury Denoyelle | 27fefa1 | 2021-03-24 16:13:20 +0100 | [diff] [blame] | 2227 | free_proxy(p0); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2228 | }/* end while(p) */ |
Willy Tarreau | dd81598 | 2007-10-16 12:25:14 +0200 | [diff] [blame] | 2229 | |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2230 | while (ua) { |
Tim Duesterhus | 00f00cf | 2020-09-10 19:46:38 +0200 | [diff] [blame] | 2231 | struct stat_scope *scope, *scopep; |
| 2232 | |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2233 | uap = ua; |
| 2234 | ua = ua->next; |
| 2235 | |
Willy Tarreau | a534fea | 2008-08-03 12:19:50 +0200 | [diff] [blame] | 2236 | free(uap->uri_prefix); |
| 2237 | free(uap->auth_realm); |
Krzysztof Piotr Oledzki | 48cb2ae | 2009-10-02 22:51:14 +0200 | [diff] [blame] | 2238 | free(uap->node); |
| 2239 | free(uap->desc); |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2240 | |
Krzysztof Piotr Oledzki | 8c8bd45 | 2010-01-29 19:29:32 +0100 | [diff] [blame] | 2241 | userlist_free(uap->userlist); |
Amaury Denoyelle | 68fd7e4 | 2021-03-25 17:15:52 +0100 | [diff] [blame] | 2242 | free_act_rules(&uap->http_req_rules); |
Krzysztof Piotr Oledzki | 8c8bd45 | 2010-01-29 19:29:32 +0100 | [diff] [blame] | 2243 | |
Tim Duesterhus | 00f00cf | 2020-09-10 19:46:38 +0200 | [diff] [blame] | 2244 | scope = uap->scope; |
| 2245 | while (scope) { |
| 2246 | scopep = scope; |
| 2247 | scope = scope->next; |
| 2248 | |
| 2249 | free(scopep->px_id); |
| 2250 | free(scopep); |
| 2251 | } |
| 2252 | |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2253 | free(uap); |
| 2254 | } |
| 2255 | |
Krzysztof Piotr Oledzki | 9610504 | 2010-01-29 17:50:44 +0100 | [diff] [blame] | 2256 | userlist_free(userlist); |
| 2257 | |
David Carlier | 834cb2e | 2015-09-25 12:02:25 +0100 | [diff] [blame] | 2258 | cfg_unregister_sections(); |
| 2259 | |
Christopher Faulet | 0132d06 | 2017-07-26 15:33:35 +0200 | [diff] [blame] | 2260 | deinit_log_buffers(); |
David Carlier | 834cb2e | 2015-09-25 12:02:25 +0100 | [diff] [blame] | 2261 | |
Willy Tarreau | 05554e6 | 2016-12-21 20:46:26 +0100 | [diff] [blame] | 2262 | list_for_each_entry(pdf, &post_deinit_list, list) |
| 2263 | pdf->fct(); |
| 2264 | |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 2265 | ha_free(&global.log_send_hostname); |
Dragan Dosen | 43885c7 | 2015-10-01 13:18:13 +0200 | [diff] [blame] | 2266 | chunk_destroy(&global.log_tag); |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 2267 | ha_free(&global.chroot); |
| 2268 | ha_free(&global.pidfile); |
| 2269 | ha_free(&global.node); |
| 2270 | ha_free(&global.desc); |
| 2271 | ha_free(&oldpids); |
| 2272 | ha_free(&old_argv); |
| 2273 | ha_free(&localpeer); |
| 2274 | ha_free(&global.server_state_base); |
| 2275 | ha_free(&global.server_state_file); |
Olivier Houchard | 3f795f7 | 2019-04-17 22:51:06 +0200 | [diff] [blame] | 2276 | task_destroy(idle_conn_task); |
Olivier Houchard | 9ea5d36 | 2019-02-14 18:29:09 +0100 | [diff] [blame] | 2277 | idle_conn_task = NULL; |
Krzysztof Piotr Oledzki | 8001d61 | 2008-05-31 13:53:23 +0200 | [diff] [blame] | 2278 | |
William Lallemand | 0f99e34 | 2011-10-12 17:50:54 +0200 | [diff] [blame] | 2279 | list_for_each_entry_safe(log, logb, &global.logsrvs, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2280 | LIST_DELETE(&log->list); |
Amaury Denoyelle | d688e01 | 2021-04-20 17:05:47 +0200 | [diff] [blame] | 2281 | free(log->conf.file); |
William Lallemand | 0f99e34 | 2011-10-12 17:50:54 +0200 | [diff] [blame] | 2282 | free(log); |
| 2283 | } |
Willy Tarreau | 477ecd8 | 2010-01-03 21:12:30 +0100 | [diff] [blame] | 2284 | list_for_each_entry_safe(wl, wlb, &cfg_cfgfiles, list) { |
Maxime de Roucy | 0f50392 | 2016-05-13 23:52:55 +0200 | [diff] [blame] | 2285 | free(wl->s); |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2286 | LIST_DELETE(&wl->list); |
Willy Tarreau | 477ecd8 | 2010-01-03 21:12:30 +0100 | [diff] [blame] | 2287 | free(wl); |
| 2288 | } |
| 2289 | |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 2290 | list_for_each_entry_safe(bol, bolb, &build_opts_list, list) { |
| 2291 | if (bol->must_free) |
| 2292 | free((void *)bol->str); |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2293 | LIST_DELETE(&bol->list); |
Willy Tarreau | cdb737e | 2016-12-21 18:43:10 +0100 | [diff] [blame] | 2294 | free(bol); |
| 2295 | } |
| 2296 | |
Tim Duesterhus | 17e363f | 2020-07-04 11:49:47 +0200 | [diff] [blame] | 2297 | list_for_each_entry_safe(pxdf, pxdfb, &proxy_deinit_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2298 | LIST_DELETE(&pxdf->list); |
Tim Duesterhus | 17e363f | 2020-07-04 11:49:47 +0200 | [diff] [blame] | 2299 | free(pxdf); |
| 2300 | } |
| 2301 | |
Tim Duesterhus | fdf904a | 2020-07-04 11:49:48 +0200 | [diff] [blame] | 2302 | list_for_each_entry_safe(pdf, pdfb, &post_deinit_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2303 | LIST_DELETE(&pdf->list); |
Tim Duesterhus | fdf904a | 2020-07-04 11:49:48 +0200 | [diff] [blame] | 2304 | free(pdf); |
| 2305 | } |
| 2306 | |
Tim Duesterhus | 0837eb1 | 2020-07-04 11:49:49 +0200 | [diff] [blame] | 2307 | list_for_each_entry_safe(srvdf, srvdfb, &server_deinit_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2308 | LIST_DELETE(&srvdf->list); |
Tim Duesterhus | 0837eb1 | 2020-07-04 11:49:49 +0200 | [diff] [blame] | 2309 | free(srvdf); |
| 2310 | } |
| 2311 | |
Tim Duesterhus | fc85494 | 2020-09-10 19:46:42 +0200 | [diff] [blame] | 2312 | list_for_each_entry_safe(pcf, pcfb, &post_check_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2313 | LIST_DELETE(&pcf->list); |
Tim Duesterhus | fc85494 | 2020-09-10 19:46:42 +0200 | [diff] [blame] | 2314 | free(pcf); |
| 2315 | } |
| 2316 | |
Tim Duesterhus | 34bef07 | 2020-07-04 11:49:50 +0200 | [diff] [blame] | 2317 | list_for_each_entry_safe(pscf, pscfb, &post_server_check_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2318 | LIST_DELETE(&pscf->list); |
Tim Duesterhus | 34bef07 | 2020-07-04 11:49:50 +0200 | [diff] [blame] | 2319 | free(pscf); |
| 2320 | } |
| 2321 | |
Tim Duesterhus | 53508d6 | 2020-09-10 19:46:40 +0200 | [diff] [blame] | 2322 | list_for_each_entry_safe(ppcf, ppcfb, &post_proxy_check_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2323 | LIST_DELETE(&ppcf->list); |
Tim Duesterhus | 53508d6 | 2020-09-10 19:46:40 +0200 | [diff] [blame] | 2324 | free(ppcf); |
| 2325 | } |
| 2326 | |
Tim Duesterhus | f0c25d2 | 2020-09-10 19:46:41 +0200 | [diff] [blame] | 2327 | list_for_each_entry_safe(tif, tifb, &per_thread_init_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2328 | LIST_DELETE(&tif->list); |
Tim Duesterhus | f0c25d2 | 2020-09-10 19:46:41 +0200 | [diff] [blame] | 2329 | free(tif); |
| 2330 | } |
| 2331 | |
| 2332 | list_for_each_entry_safe(tdf, tdfb, &per_thread_deinit_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2333 | LIST_DELETE(&tdf->list); |
Tim Duesterhus | f0c25d2 | 2020-09-10 19:46:41 +0200 | [diff] [blame] | 2334 | free(tdf); |
| 2335 | } |
| 2336 | |
| 2337 | list_for_each_entry_safe(taf, tafb, &per_thread_alloc_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2338 | LIST_DELETE(&taf->list); |
Tim Duesterhus | f0c25d2 | 2020-09-10 19:46:41 +0200 | [diff] [blame] | 2339 | free(taf); |
| 2340 | } |
| 2341 | |
| 2342 | list_for_each_entry_safe(tff, tffb, &per_thread_free_list, list) { |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 2343 | LIST_DELETE(&tff->list); |
Tim Duesterhus | f0c25d2 | 2020-09-10 19:46:41 +0200 | [diff] [blame] | 2344 | free(tff); |
| 2345 | } |
| 2346 | |
Christopher Faulet | ff2613e | 2016-11-09 11:36:17 +0100 | [diff] [blame] | 2347 | vars_prune(&global.vars, NULL, NULL); |
Willy Tarreau | 2455ceb | 2018-11-26 15:57:34 +0100 | [diff] [blame] | 2348 | pool_destroy_all(); |
Krzysztof Piotr Oledzki | a643baf | 2008-05-29 23:53:44 +0200 | [diff] [blame] | 2349 | deinit_pollers(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2350 | } /* end deinit() */ |
| 2351 | |
Willy Tarreau | f3ca5a0 | 2020-06-15 18:43:46 +0200 | [diff] [blame] | 2352 | __attribute__((noreturn)) void deinit_and_exit(int status) |
Tim Duesterhus | 2654055 | 2020-06-14 00:37:41 +0200 | [diff] [blame] | 2353 | { |
| 2354 | deinit(); |
| 2355 | exit(status); |
| 2356 | } |
William Lallemand | 7216032 | 2018-11-06 17:37:16 +0100 | [diff] [blame] | 2357 | |
Willy Tarreau | 918ff60 | 2011-07-25 16:33:49 +0200 | [diff] [blame] | 2358 | /* Runs the polling loop */ |
Willy Tarreau | 3ebd55e | 2020-03-03 14:59:56 +0100 | [diff] [blame] | 2359 | void run_poll_loop() |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2360 | { |
Willy Tarreau | 2ae84e4 | 2019-05-28 16:44:05 +0200 | [diff] [blame] | 2361 | int next, wake; |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2362 | |
Willy Tarreau | b0b37bc | 2008-06-23 14:00:57 +0200 | [diff] [blame] | 2363 | tv_update_date(0,1); |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2364 | while (1) { |
Willy Tarreau | c49ba52 | 2019-12-11 08:12:23 +0100 | [diff] [blame] | 2365 | wake_expired_tasks(); |
| 2366 | |
William Lallemand | 1aab50b | 2018-06-07 09:46:01 +0200 | [diff] [blame] | 2367 | /* check if we caught some signals and process them in the |
| 2368 | first thread */ |
Willy Tarreau | a7ad4ae | 2020-06-19 12:06:34 +0200 | [diff] [blame] | 2369 | if (signal_queue_len && tid == 0) { |
| 2370 | activity[tid].wake_signal++; |
William Lallemand | 1aab50b | 2018-06-07 09:46:01 +0200 | [diff] [blame] | 2371 | signal_process_queue(); |
Willy Tarreau | a7ad4ae | 2020-06-19 12:06:34 +0200 | [diff] [blame] | 2372 | } |
| 2373 | |
| 2374 | /* Process a few tasks */ |
| 2375 | process_runnable_tasks(); |
Willy Tarreau | 2985794 | 2009-05-10 09:01:21 +0200 | [diff] [blame] | 2376 | |
Willy Tarreau | 7067b3a | 2019-06-02 11:11:29 +0200 | [diff] [blame] | 2377 | /* also stop if we failed to cleanly stop all tasks */ |
| 2378 | if (killed > 1) |
| 2379 | break; |
| 2380 | |
Willy Tarreau | 10146c9 | 2015-04-13 20:44:19 +0200 | [diff] [blame] | 2381 | /* expire immediately if events are pending */ |
Willy Tarreau | 2ae84e4 | 2019-05-28 16:44:05 +0200 | [diff] [blame] | 2382 | wake = 1; |
Olivier Houchard | 305d5ab | 2019-07-24 18:07:06 +0200 | [diff] [blame] | 2383 | if (thread_has_tasks()) |
Willy Tarreau | d80cb4e | 2018-01-20 19:30:13 +0100 | [diff] [blame] | 2384 | activity[tid].wake_tasks++; |
Olivier Houchard | 79321b9 | 2018-07-26 17:55:11 +0200 | [diff] [blame] | 2385 | else { |
Olivier Houchard | b23a61f | 2019-03-08 18:51:17 +0100 | [diff] [blame] | 2386 | _HA_ATOMIC_OR(&sleeping_thread_mask, tid_bit); |
| 2387 | __ha_barrier_atomic_store(); |
Willy Tarreau | 95abd5b | 2020-03-23 09:33:32 +0100 | [diff] [blame] | 2388 | if (thread_has_tasks()) { |
Olivier Houchard | 79321b9 | 2018-07-26 17:55:11 +0200 | [diff] [blame] | 2389 | activity[tid].wake_tasks++; |
Olivier Houchard | b23a61f | 2019-03-08 18:51:17 +0100 | [diff] [blame] | 2390 | _HA_ATOMIC_AND(&sleeping_thread_mask, ~tid_bit); |
Olivier Houchard | 79321b9 | 2018-07-26 17:55:11 +0200 | [diff] [blame] | 2391 | } else |
Willy Tarreau | 2ae84e4 | 2019-05-28 16:44:05 +0200 | [diff] [blame] | 2392 | wake = 0; |
Olivier Houchard | 79321b9 | 2018-07-26 17:55:11 +0200 | [diff] [blame] | 2393 | } |
Willy Tarreau | 10146c9 | 2015-04-13 20:44:19 +0200 | [diff] [blame] | 2394 | |
Willy Tarreau | 4f46a35 | 2020-03-23 09:27:28 +0100 | [diff] [blame] | 2395 | if (!wake) { |
Willy Tarreau | d7a6b2f | 2020-05-13 13:51:01 +0200 | [diff] [blame] | 2396 | int i; |
| 2397 | |
| 2398 | if (stopping) { |
Willy Tarreau | 1db4273 | 2021-04-06 11:44:07 +0200 | [diff] [blame] | 2399 | if (_HA_ATOMIC_OR_FETCH(&stopping_thread_mask, tid_bit) == tid_bit) { |
Willy Tarreau | d645574 | 2020-05-13 14:30:25 +0200 | [diff] [blame] | 2400 | /* notify all threads that stopping was just set */ |
| 2401 | for (i = 0; i < global.nbthread; i++) |
Willy Tarreau | 369a2ef | 2020-06-29 19:23:19 +0200 | [diff] [blame] | 2402 | if (((all_threads_mask & ~stopping_thread_mask) >> i) & 1) |
Willy Tarreau | d645574 | 2020-05-13 14:30:25 +0200 | [diff] [blame] | 2403 | wake_thread(i); |
| 2404 | } |
Willy Tarreau | d7a6b2f | 2020-05-13 13:51:01 +0200 | [diff] [blame] | 2405 | } |
Willy Tarreau | 4f46a35 | 2020-03-23 09:27:28 +0100 | [diff] [blame] | 2406 | |
| 2407 | /* stop when there's nothing left to do */ |
| 2408 | if ((jobs - unstoppable_jobs) == 0 && |
Willy Tarreau | d7a6b2f | 2020-05-13 13:51:01 +0200 | [diff] [blame] | 2409 | (stopping_thread_mask & all_threads_mask) == all_threads_mask) { |
| 2410 | /* wake all threads waiting on jobs==0 */ |
| 2411 | for (i = 0; i < global.nbthread; i++) |
| 2412 | if (((all_threads_mask & ~tid_bit) >> i) & 1) |
| 2413 | wake_thread(i); |
Willy Tarreau | 4f46a35 | 2020-03-23 09:27:28 +0100 | [diff] [blame] | 2414 | break; |
Willy Tarreau | d7a6b2f | 2020-05-13 13:51:01 +0200 | [diff] [blame] | 2415 | } |
Willy Tarreau | 4f46a35 | 2020-03-23 09:27:28 +0100 | [diff] [blame] | 2416 | } |
| 2417 | |
Willy Tarreau | c49ba52 | 2019-12-11 08:12:23 +0100 | [diff] [blame] | 2418 | /* If we have to sleep, measure how long */ |
| 2419 | next = wake ? TICK_ETERNITY : next_timer_expiry(); |
| 2420 | |
Willy Tarreau | 58b458d | 2008-06-29 22:40:23 +0200 | [diff] [blame] | 2421 | /* The poller will ensure it returns around <next> */ |
Willy Tarreau | 2ae84e4 | 2019-05-28 16:44:05 +0200 | [diff] [blame] | 2422 | cur_poller.poll(&cur_poller, next, wake); |
Emeric Brun | 64cc49c | 2017-10-03 14:46:45 +0200 | [diff] [blame] | 2423 | |
Willy Tarreau | d80cb4e | 2018-01-20 19:30:13 +0100 | [diff] [blame] | 2424 | activity[tid].loops++; |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 2425 | } |
| 2426 | } |
| 2427 | |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2428 | static void *run_thread_poll_loop(void *data) |
| 2429 | { |
Willy Tarreau | 082b628 | 2019-05-22 14:42:12 +0200 | [diff] [blame] | 2430 | struct per_thread_alloc_fct *ptaf; |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2431 | struct per_thread_init_fct *ptif; |
| 2432 | struct per_thread_deinit_fct *ptdf; |
Willy Tarreau | 082b628 | 2019-05-22 14:42:12 +0200 | [diff] [blame] | 2433 | struct per_thread_free_fct *ptff; |
Willy Tarreau | 34a150c | 2019-06-11 09:16:41 +0200 | [diff] [blame] | 2434 | static int init_left = 0; |
Willy Tarreau | af613e8 | 2020-06-05 08:40:51 +0200 | [diff] [blame] | 2435 | __decl_thread(static pthread_mutex_t init_mutex = PTHREAD_MUTEX_INITIALIZER); |
| 2436 | __decl_thread(static pthread_cond_t init_cond = PTHREAD_COND_INITIALIZER); |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2437 | |
Willy Tarreau | b4f7cc3 | 2019-05-03 09:27:30 +0200 | [diff] [blame] | 2438 | ha_set_tid((unsigned long)data); |
Willy Tarreau | d022e9c | 2019-09-24 08:25:15 +0200 | [diff] [blame] | 2439 | sched = &task_per_thread[tid]; |
Willy Tarreau | 91e6df0 | 2019-05-03 17:21:18 +0200 | [diff] [blame] | 2440 | |
Willy Tarreau | f617824 | 2019-05-21 19:46:58 +0200 | [diff] [blame] | 2441 | #if (_POSIX_TIMERS > 0) && defined(_POSIX_THREAD_CPUTIME) |
Willy Tarreau | 91e6df0 | 2019-05-03 17:21:18 +0200 | [diff] [blame] | 2442 | #ifdef USE_THREAD |
Willy Tarreau | 8323a37 | 2019-05-20 18:57:53 +0200 | [diff] [blame] | 2443 | pthread_getcpuclockid(pthread_self(), &ti->clock_id); |
Willy Tarreau | 624dcbf | 2019-05-20 20:23:06 +0200 | [diff] [blame] | 2444 | #else |
Willy Tarreau | 8323a37 | 2019-05-20 18:57:53 +0200 | [diff] [blame] | 2445 | ti->clock_id = CLOCK_THREAD_CPUTIME_ID; |
Willy Tarreau | 91e6df0 | 2019-05-03 17:21:18 +0200 | [diff] [blame] | 2446 | #endif |
Willy Tarreau | 663fda4 | 2019-05-21 15:14:08 +0200 | [diff] [blame] | 2447 | #endif |
Willy Tarreau | 6ec902a | 2019-06-07 14:41:11 +0200 | [diff] [blame] | 2448 | /* Now, initialize one thread init at a time. This is better since |
| 2449 | * some init code is a bit tricky and may release global resources |
| 2450 | * after reallocating them locally. This will also ensure there is |
| 2451 | * no race on file descriptors allocation. |
| 2452 | */ |
Willy Tarreau | 34a150c | 2019-06-11 09:16:41 +0200 | [diff] [blame] | 2453 | #ifdef USE_THREAD |
| 2454 | pthread_mutex_lock(&init_mutex); |
| 2455 | #endif |
| 2456 | /* The first thread must set the number of threads left */ |
| 2457 | if (!init_left) |
| 2458 | init_left = global.nbthread; |
| 2459 | init_left--; |
Willy Tarreau | 91e6df0 | 2019-05-03 17:21:18 +0200 | [diff] [blame] | 2460 | |
Willy Tarreau | c4c80fb | 2021-04-11 15:00:34 +0200 | [diff] [blame] | 2461 | tv_init_thread_date(); |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2462 | |
Willy Tarreau | 082b628 | 2019-05-22 14:42:12 +0200 | [diff] [blame] | 2463 | /* per-thread alloc calls performed here are not allowed to snoop on |
| 2464 | * other threads, so they are free to initialize at their own rhythm |
| 2465 | * as long as they act as if they were alone. None of them may rely |
| 2466 | * on resources initialized by the other ones. |
| 2467 | */ |
| 2468 | list_for_each_entry(ptaf, &per_thread_alloc_list, list) { |
| 2469 | if (!ptaf->fct()) { |
| 2470 | ha_alert("failed to allocate resources for thread %u.\n", tid); |
| 2471 | exit(1); |
| 2472 | } |
| 2473 | } |
| 2474 | |
Willy Tarreau | 3078e9f | 2019-05-20 10:50:43 +0200 | [diff] [blame] | 2475 | /* per-thread init calls performed here are not allowed to snoop on |
| 2476 | * other threads, so they are free to initialize at their own rhythm |
| 2477 | * as long as they act as if they were alone. |
| 2478 | */ |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2479 | list_for_each_entry(ptif, &per_thread_init_list, list) { |
| 2480 | if (!ptif->fct()) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2481 | ha_alert("failed to initialize thread %u.\n", tid); |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2482 | exit(1); |
| 2483 | } |
| 2484 | } |
| 2485 | |
Willy Tarreau | 7109282 | 2019-06-10 09:51:04 +0200 | [diff] [blame] | 2486 | /* enabling protocols will result in fd_insert() calls to be performed, |
| 2487 | * we want all threads to have already allocated their local fd tables |
Willy Tarreau | 34a150c | 2019-06-11 09:16:41 +0200 | [diff] [blame] | 2488 | * before doing so, thus only the last thread does it. |
Willy Tarreau | 7109282 | 2019-06-10 09:51:04 +0200 | [diff] [blame] | 2489 | */ |
Willy Tarreau | 34a150c | 2019-06-11 09:16:41 +0200 | [diff] [blame] | 2490 | if (init_left == 0) |
Willy Tarreau | e4d7c9d | 2019-06-10 10:14:52 +0200 | [diff] [blame] | 2491 | protocol_enable_all(); |
Willy Tarreau | 6ec902a | 2019-06-07 14:41:11 +0200 | [diff] [blame] | 2492 | |
Willy Tarreau | 34a150c | 2019-06-11 09:16:41 +0200 | [diff] [blame] | 2493 | #ifdef USE_THREAD |
| 2494 | pthread_cond_broadcast(&init_cond); |
| 2495 | pthread_mutex_unlock(&init_mutex); |
| 2496 | |
| 2497 | /* now wait for other threads to finish starting */ |
| 2498 | pthread_mutex_lock(&init_mutex); |
| 2499 | while (init_left) |
| 2500 | pthread_cond_wait(&init_cond, &init_mutex); |
| 2501 | pthread_mutex_unlock(&init_mutex); |
| 2502 | #endif |
Willy Tarreau | 3078e9f | 2019-05-20 10:50:43 +0200 | [diff] [blame] | 2503 | |
Willy Tarreau | a45a8b5 | 2019-12-06 16:31:45 +0100 | [diff] [blame] | 2504 | #if defined(PR_SET_NO_NEW_PRIVS) && defined(USE_PRCTL) |
| 2505 | /* Let's refrain from using setuid executables. This way the impact of |
| 2506 | * an eventual vulnerability in a library remains limited. It may |
| 2507 | * impact external checks but who cares about them anyway ? In the |
| 2508 | * worst case it's possible to disable the option. Obviously we do this |
| 2509 | * in workers only. We can't hard-fail on this one as it really is |
| 2510 | * implementation dependent though we're interested in feedback, hence |
| 2511 | * the warning. |
| 2512 | */ |
| 2513 | if (!(global.tune.options & GTUNE_INSECURE_SETUID) && !master) { |
| 2514 | static int warn_fail; |
Willy Tarreau | 1851572 | 2021-04-06 11:57:41 +0200 | [diff] [blame] | 2515 | if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1 && !_HA_ATOMIC_FETCH_ADD(&warn_fail, 1)) { |
Willy Tarreau | a45a8b5 | 2019-12-06 16:31:45 +0100 | [diff] [blame] | 2516 | ha_warning("Failed to disable setuid, please report to developers with detailed " |
| 2517 | "information about your operating system. You can silence this warning " |
| 2518 | "by adding 'insecure-setuid-wanted' in the 'global' section.\n"); |
| 2519 | } |
| 2520 | } |
| 2521 | #endif |
| 2522 | |
Willy Tarreau | d96f112 | 2019-12-03 07:07:36 +0100 | [diff] [blame] | 2523 | #if defined(RLIMIT_NPROC) |
| 2524 | /* all threads have started, it's now time to prevent any new thread |
| 2525 | * or process from starting. Obviously we do this in workers only. We |
| 2526 | * can't hard-fail on this one as it really is implementation dependent |
| 2527 | * though we're interested in feedback, hence the warning. |
| 2528 | */ |
| 2529 | if (!(global.tune.options & GTUNE_INSECURE_FORK) && !master) { |
| 2530 | struct rlimit limit = { .rlim_cur = 0, .rlim_max = 0 }; |
| 2531 | static int warn_fail; |
| 2532 | |
Willy Tarreau | 1851572 | 2021-04-06 11:57:41 +0200 | [diff] [blame] | 2533 | if (setrlimit(RLIMIT_NPROC, &limit) == -1 && !_HA_ATOMIC_FETCH_ADD(&warn_fail, 1)) { |
Willy Tarreau | d96f112 | 2019-12-03 07:07:36 +0100 | [diff] [blame] | 2534 | ha_warning("Failed to disable forks, please report to developers with detailed " |
| 2535 | "information about your operating system. You can silence this warning " |
| 2536 | "by adding 'insecure-fork-wanted' in the 'global' section.\n"); |
| 2537 | } |
| 2538 | } |
| 2539 | #endif |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2540 | run_poll_loop(); |
| 2541 | |
| 2542 | list_for_each_entry(ptdf, &per_thread_deinit_list, list) |
| 2543 | ptdf->fct(); |
| 2544 | |
Willy Tarreau | 082b628 | 2019-05-22 14:42:12 +0200 | [diff] [blame] | 2545 | list_for_each_entry(ptff, &per_thread_free_list, list) |
| 2546 | ptff->fct(); |
| 2547 | |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 2548 | #ifdef USE_THREAD |
Olivier Houchard | b23a61f | 2019-03-08 18:51:17 +0100 | [diff] [blame] | 2549 | _HA_ATOMIC_AND(&all_threads_mask, ~tid_bit); |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 2550 | if (tid > 0) |
| 2551 | pthread_exit(NULL); |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2552 | #endif |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 2553 | return NULL; |
| 2554 | } |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 2555 | |
William Dauchy | f9af9d7 | 2019-11-17 15:47:16 +0100 | [diff] [blame] | 2556 | /* set uid/gid depending on global settings */ |
| 2557 | static void set_identity(const char *program_name) |
| 2558 | { |
| 2559 | if (global.gid) { |
| 2560 | if (getgroups(0, NULL) > 0 && setgroups(0, NULL) == -1) |
| 2561 | ha_warning("[%s.main()] Failed to drop supplementary groups. Using 'gid'/'group'" |
| 2562 | " without 'uid'/'user' is generally useless.\n", program_name); |
| 2563 | |
| 2564 | if (setgid(global.gid) == -1) { |
| 2565 | ha_alert("[%s.main()] Cannot set gid %d.\n", program_name, global.gid); |
| 2566 | protocol_unbind_all(); |
| 2567 | exit(1); |
| 2568 | } |
| 2569 | } |
| 2570 | |
| 2571 | if (global.uid && setuid(global.uid) == -1) { |
| 2572 | ha_alert("[%s.main()] Cannot set uid %d.\n", program_name, global.uid); |
| 2573 | protocol_unbind_all(); |
| 2574 | exit(1); |
| 2575 | } |
| 2576 | } |
| 2577 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2578 | int main(int argc, char **argv) |
| 2579 | { |
| 2580 | int err, retry; |
| 2581 | struct rlimit limit; |
Willy Tarreau | 269ab31 | 2012-09-05 08:02:48 +0200 | [diff] [blame] | 2582 | int pidfd = -1; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2583 | |
Olivier Houchard | 5fa300d | 2018-02-03 15:15:21 +0100 | [diff] [blame] | 2584 | setvbuf(stdout, NULL, _IONBF, 0); |
Willy Tarreau | 5794fb0 | 2018-11-25 18:43:29 +0100 | [diff] [blame] | 2585 | |
Willy Tarreau | ff9c914 | 2019-02-07 10:39:36 +0100 | [diff] [blame] | 2586 | /* this can only safely be done here, though it's optimized away by |
| 2587 | * the compiler. |
| 2588 | */ |
| 2589 | if (MAX_PROCS < 1 || MAX_PROCS > LONGBITS) { |
| 2590 | ha_alert("MAX_PROCS value must be between 1 and %d inclusive; " |
| 2591 | "HAProxy was built with value %d, please fix it and rebuild.\n", |
| 2592 | LONGBITS, MAX_PROCS); |
| 2593 | exit(1); |
| 2594 | } |
| 2595 | |
Willy Tarreau | bf69640 | 2019-03-01 10:09:28 +0100 | [diff] [blame] | 2596 | /* take a copy of initial limits before we possibly change them */ |
| 2597 | getrlimit(RLIMIT_NOFILE, &limit); |
Willy Tarreau | 2bd0f81 | 2020-10-13 15:36:08 +0200 | [diff] [blame] | 2598 | |
| 2599 | if (limit.rlim_max == RLIM_INFINITY) |
| 2600 | limit.rlim_max = limit.rlim_cur; |
Willy Tarreau | bf69640 | 2019-03-01 10:09:28 +0100 | [diff] [blame] | 2601 | rlim_fd_cur_at_boot = limit.rlim_cur; |
| 2602 | rlim_fd_max_at_boot = limit.rlim_max; |
| 2603 | |
Willy Tarreau | 5794fb0 | 2018-11-25 18:43:29 +0100 | [diff] [blame] | 2604 | /* process all initcalls in order of potential dependency */ |
| 2605 | RUN_INITCALLS(STG_PREPARE); |
| 2606 | RUN_INITCALLS(STG_LOCK); |
| 2607 | RUN_INITCALLS(STG_ALLOC); |
| 2608 | RUN_INITCALLS(STG_POOL); |
| 2609 | RUN_INITCALLS(STG_REGISTER); |
| 2610 | RUN_INITCALLS(STG_INIT); |
| 2611 | |
Emeric Brun | cf20bf1 | 2010-10-22 16:06:11 +0200 | [diff] [blame] | 2612 | init(argc, argv); |
Willy Tarreau | 24f4efa | 2010-08-27 17:56:48 +0200 | [diff] [blame] | 2613 | signal_register_fct(SIGQUIT, dump, SIGQUIT); |
| 2614 | signal_register_fct(SIGUSR1, sig_soft_stop, SIGUSR1); |
| 2615 | signal_register_fct(SIGHUP, sig_dump_state, SIGHUP); |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 2616 | signal_register_fct(SIGUSR2, NULL, 0); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2617 | |
Willy Tarreau | e437c44 | 2010-03-17 18:02:46 +0100 | [diff] [blame] | 2618 | /* Always catch SIGPIPE even on platforms which define MSG_NOSIGNAL. |
| 2619 | * Some recent FreeBSD setups report broken pipes, and MSG_NOSIGNAL |
| 2620 | * was defined there, so let's stay on the safe side. |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2621 | */ |
Willy Tarreau | 24f4efa | 2010-08-27 17:56:48 +0200 | [diff] [blame] | 2622 | signal_register_fct(SIGPIPE, NULL, 0); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2623 | |
Willy Tarreau | dc23a92 | 2011-02-16 11:10:36 +0100 | [diff] [blame] | 2624 | /* ulimits */ |
| 2625 | if (!global.rlimit_nofile) |
| 2626 | global.rlimit_nofile = global.maxsock; |
| 2627 | |
| 2628 | if (global.rlimit_nofile) { |
Willy Tarreau | e5cfdac | 2019-03-01 10:32:05 +0100 | [diff] [blame] | 2629 | limit.rlim_cur = global.rlimit_nofile; |
| 2630 | limit.rlim_max = MAX(rlim_fd_max_at_boot, limit.rlim_cur); |
| 2631 | |
Willy Tarreau | dc23a92 | 2011-02-16 11:10:36 +0100 | [diff] [blame] | 2632 | if (setrlimit(RLIMIT_NOFILE, &limit) == -1) { |
Willy Tarreau | ef63547 | 2016-06-21 11:48:18 +0200 | [diff] [blame] | 2633 | getrlimit(RLIMIT_NOFILE, &limit); |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2634 | if (global.tune.options & GTUNE_STRICT_LIMITS) { |
| 2635 | ha_alert("[%s.main()] Cannot raise FD limit to %d, limit is %d.\n", |
| 2636 | argv[0], global.rlimit_nofile, (int)limit.rlim_cur); |
Jerome Magnin | 50f757c | 2021-01-12 20:19:38 +0100 | [diff] [blame] | 2637 | exit(1); |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2638 | } |
| 2639 | else { |
| 2640 | /* try to set it to the max possible at least */ |
| 2641 | limit.rlim_cur = limit.rlim_max; |
| 2642 | if (setrlimit(RLIMIT_NOFILE, &limit) != -1) |
| 2643 | getrlimit(RLIMIT_NOFILE, &limit); |
Willy Tarreau | 164dd0b | 2016-06-21 11:51:59 +0200 | [diff] [blame] | 2644 | |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 2645 | ha_warning("[%s.main()] Cannot raise FD limit to %d, limit is %d.\n", |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2646 | argv[0], global.rlimit_nofile, (int)limit.rlim_cur); |
| 2647 | global.rlimit_nofile = limit.rlim_cur; |
| 2648 | } |
Willy Tarreau | dc23a92 | 2011-02-16 11:10:36 +0100 | [diff] [blame] | 2649 | } |
| 2650 | } |
| 2651 | |
| 2652 | if (global.rlimit_memmax) { |
| 2653 | limit.rlim_cur = limit.rlim_max = |
Willy Tarreau | 7006045 | 2015-12-14 12:46:07 +0100 | [diff] [blame] | 2654 | global.rlimit_memmax * 1048576ULL; |
Willy Tarreau | dc23a92 | 2011-02-16 11:10:36 +0100 | [diff] [blame] | 2655 | #ifdef RLIMIT_AS |
| 2656 | if (setrlimit(RLIMIT_AS, &limit) == -1) { |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2657 | if (global.tune.options & GTUNE_STRICT_LIMITS) { |
| 2658 | ha_alert("[%s.main()] Cannot fix MEM limit to %d megs.\n", |
| 2659 | argv[0], global.rlimit_memmax); |
Jerome Magnin | 50f757c | 2021-01-12 20:19:38 +0100 | [diff] [blame] | 2660 | exit(1); |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2661 | } |
| 2662 | else |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 2663 | ha_warning("[%s.main()] Cannot fix MEM limit to %d megs.\n", |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2664 | argv[0], global.rlimit_memmax); |
Willy Tarreau | dc23a92 | 2011-02-16 11:10:36 +0100 | [diff] [blame] | 2665 | } |
| 2666 | #else |
| 2667 | if (setrlimit(RLIMIT_DATA, &limit) == -1) { |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2668 | if (global.tune.options & GTUNE_STRICT_LIMITS) { |
| 2669 | ha_alert("[%s.main()] Cannot fix MEM limit to %d megs.\n", |
| 2670 | argv[0], global.rlimit_memmax); |
Jerome Magnin | 50f757c | 2021-01-12 20:19:38 +0100 | [diff] [blame] | 2671 | exit(1); |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2672 | } |
| 2673 | else |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 2674 | ha_warning("[%s.main()] Cannot fix MEM limit to %d megs.\n", |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2675 | argv[0], global.rlimit_memmax); |
Willy Tarreau | dc23a92 | 2011-02-16 11:10:36 +0100 | [diff] [blame] | 2676 | } |
| 2677 | #endif |
| 2678 | } |
| 2679 | |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 2680 | if (old_unixsocket) { |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 2681 | if (strcmp("/dev/null", old_unixsocket) != 0) { |
Willy Tarreau | 4296174 | 2020-08-28 18:42:45 +0200 | [diff] [blame] | 2682 | if (sock_get_old_sockets(old_unixsocket) != 0) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2683 | ha_alert("Failed to get the sockets from the old process!\n"); |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 2684 | if (!(global.mode & MODE_MWORKER)) |
| 2685 | exit(1); |
| 2686 | } |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 2687 | } |
| 2688 | } |
William Lallemand | 85b0bd9 | 2017-06-01 17:38:53 +0200 | [diff] [blame] | 2689 | get_cur_unixsocket(); |
| 2690 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2691 | /* We will loop at most 100 times with 10 ms delay each time. |
| 2692 | * That's at most 1 second. We only send a signal to old pids |
| 2693 | * if we cannot grab at least one port. |
| 2694 | */ |
| 2695 | retry = MAX_START_RETRIES; |
| 2696 | err = ERR_NONE; |
| 2697 | while (retry >= 0) { |
| 2698 | struct timeval w; |
Willy Tarreau | e91bff2 | 2020-09-02 11:11:43 +0200 | [diff] [blame] | 2699 | err = protocol_bind_all(retry == 0 || nb_oldpids == 0); |
Willy Tarreau | e13e925 | 2007-12-20 23:05:50 +0100 | [diff] [blame] | 2700 | /* exit the loop on no error or fatal error */ |
| 2701 | if ((err & (ERR_RETRYABLE|ERR_FATAL)) != ERR_RETRYABLE) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2702 | break; |
Willy Tarreau | bb545b4 | 2010-08-25 12:58:59 +0200 | [diff] [blame] | 2703 | if (nb_oldpids == 0 || retry == 0) |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2704 | break; |
| 2705 | |
| 2706 | /* FIXME-20060514: Solaris and OpenBSD do not support shutdown() on |
| 2707 | * listening sockets. So on those platforms, it would be wiser to |
| 2708 | * simply send SIGUSR1, which will not be undoable. |
| 2709 | */ |
Willy Tarreau | bb545b4 | 2010-08-25 12:58:59 +0200 | [diff] [blame] | 2710 | if (tell_old_pids(SIGTTOU) == 0) { |
| 2711 | /* no need to wait if we can't contact old pids */ |
| 2712 | retry = 0; |
| 2713 | continue; |
| 2714 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2715 | /* give some time to old processes to stop listening */ |
| 2716 | w.tv_sec = 0; |
| 2717 | w.tv_usec = 10*1000; |
| 2718 | select(0, NULL, NULL, NULL, &w); |
| 2719 | retry--; |
| 2720 | } |
| 2721 | |
Willy Tarreau | e91bff2 | 2020-09-02 11:11:43 +0200 | [diff] [blame] | 2722 | /* Note: protocol_bind_all() sends an alert when it fails. */ |
Willy Tarreau | 0a3b9d9 | 2009-02-04 17:05:23 +0100 | [diff] [blame] | 2723 | if ((err & ~ERR_WARN) != ERR_NONE) { |
Willy Tarreau | e91bff2 | 2020-09-02 11:11:43 +0200 | [diff] [blame] | 2724 | ha_alert("[%s.main()] Some protocols failed to start their listeners! Exiting.\n", argv[0]); |
Willy Tarreau | f68da46 | 2009-06-09 14:36:00 +0200 | [diff] [blame] | 2725 | if (retry != MAX_START_RETRIES && nb_oldpids) { |
| 2726 | protocol_unbind_all(); /* cleanup everything we can */ |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2727 | tell_old_pids(SIGTTIN); |
Willy Tarreau | f68da46 | 2009-06-09 14:36:00 +0200 | [diff] [blame] | 2728 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2729 | exit(1); |
| 2730 | } |
| 2731 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2732 | if (!(global.mode & MODE_MWORKER_WAIT) && listeners == 0) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2733 | ha_alert("[%s.main()] No enabled listener found (check for 'bind' directives) ! Exiting.\n", argv[0]); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2734 | /* Note: we don't have to send anything to the old pids because we |
| 2735 | * never stopped them. */ |
| 2736 | exit(1); |
| 2737 | } |
| 2738 | |
Willy Tarreau | e91bff2 | 2020-09-02 11:11:43 +0200 | [diff] [blame] | 2739 | /* Ok, all listeners should now be bound, close any leftover sockets |
Olivier Houchard | f73629d | 2017-04-05 22:33:04 +0200 | [diff] [blame] | 2740 | * the previous process gave us, we don't need them anymore |
| 2741 | */ |
| 2742 | while (xfer_sock_list != NULL) { |
| 2743 | struct xfer_sock_list *tmpxfer = xfer_sock_list->next; |
| 2744 | close(xfer_sock_list->fd); |
| 2745 | free(xfer_sock_list->iface); |
| 2746 | free(xfer_sock_list->namespace); |
| 2747 | free(xfer_sock_list); |
| 2748 | xfer_sock_list = tmpxfer; |
| 2749 | } |
Willy Tarreau | dd81598 | 2007-10-16 12:25:14 +0200 | [diff] [blame] | 2750 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2751 | /* prepare pause/play signals */ |
Willy Tarreau | 24f4efa | 2010-08-27 17:56:48 +0200 | [diff] [blame] | 2752 | signal_register_fct(SIGTTOU, sig_pause, SIGTTOU); |
| 2753 | signal_register_fct(SIGTTIN, sig_listen, SIGTTIN); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2754 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2755 | /* MODE_QUIET can inhibit alerts and warnings below this line */ |
| 2756 | |
PiBa-NL | 149a81a | 2017-12-25 21:03:31 +0100 | [diff] [blame] | 2757 | if (getenv("HAPROXY_MWORKER_REEXEC") != NULL) { |
| 2758 | /* either stdin/out/err are already closed or should stay as they are. */ |
| 2759 | if ((global.mode & MODE_DAEMON)) { |
| 2760 | /* daemon mode re-executing, stdin/stdout/stderr are already closed so keep quiet */ |
| 2761 | global.mode &= ~MODE_VERBOSE; |
| 2762 | global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */ |
| 2763 | } |
| 2764 | } else { |
| 2765 | if ((global.mode & MODE_QUIET) && !(global.mode & MODE_VERBOSE)) { |
| 2766 | /* detach from the tty */ |
William Lallemand | e134041 | 2017-12-28 16:09:36 +0100 | [diff] [blame] | 2767 | stdio_quiet(-1); |
PiBa-NL | 149a81a | 2017-12-25 21:03:31 +0100 | [diff] [blame] | 2768 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2769 | } |
| 2770 | |
| 2771 | /* open log & pid files before the chroot */ |
William Lallemand | 8029300 | 2017-11-06 11:00:03 +0100 | [diff] [blame] | 2772 | if ((global.mode & MODE_DAEMON || global.mode & MODE_MWORKER) && global.pidfile != NULL) { |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2773 | unlink(global.pidfile); |
| 2774 | pidfd = open(global.pidfile, O_CREAT | O_WRONLY | O_TRUNC, 0644); |
| 2775 | if (pidfd < 0) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2776 | ha_alert("[%s.main()] Cannot create pidfile %s\n", argv[0], global.pidfile); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2777 | if (nb_oldpids) |
| 2778 | tell_old_pids(SIGTTIN); |
Willy Tarreau | dd81598 | 2007-10-16 12:25:14 +0200 | [diff] [blame] | 2779 | protocol_unbind_all(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2780 | exit(1); |
| 2781 | } |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2782 | } |
| 2783 | |
Willy Tarreau | b38651a | 2007-03-24 17:24:39 +0100 | [diff] [blame] | 2784 | if ((global.last_checks & LSTCHK_NETADM) && global.uid) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2785 | ha_alert("[%s.main()] Some configuration options require full privileges, so global.uid cannot be changed.\n" |
| 2786 | "", argv[0]); |
Willy Tarreau | dd81598 | 2007-10-16 12:25:14 +0200 | [diff] [blame] | 2787 | protocol_unbind_all(); |
Willy Tarreau | b38651a | 2007-03-24 17:24:39 +0100 | [diff] [blame] | 2788 | exit(1); |
| 2789 | } |
| 2790 | |
Jackie Tapia | 749f74c | 2020-07-22 18:59:40 -0500 | [diff] [blame] | 2791 | /* If the user is not root, we'll still let them try the configuration |
| 2792 | * but we inform them that unexpected behaviour may occur. |
Willy Tarreau | 4e30ed7 | 2009-02-04 18:02:48 +0100 | [diff] [blame] | 2793 | */ |
| 2794 | if ((global.last_checks & LSTCHK_NETADM) && getuid()) |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2795 | ha_warning("[%s.main()] Some options which require full privileges" |
| 2796 | " might not work well.\n" |
| 2797 | "", argv[0]); |
Willy Tarreau | 4e30ed7 | 2009-02-04 18:02:48 +0100 | [diff] [blame] | 2798 | |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2799 | if ((global.mode & (MODE_MWORKER|MODE_DAEMON)) == 0) { |
| 2800 | |
| 2801 | /* chroot if needed */ |
| 2802 | if (global.chroot != NULL) { |
| 2803 | if (chroot(global.chroot) == -1 || chdir("/") == -1) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2804 | ha_alert("[%s.main()] Cannot chroot(%s).\n", argv[0], global.chroot); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2805 | if (nb_oldpids) |
| 2806 | tell_old_pids(SIGTTIN); |
| 2807 | protocol_unbind_all(); |
| 2808 | exit(1); |
| 2809 | } |
Willy Tarreau | f223cc0 | 2007-10-15 18:57:08 +0200 | [diff] [blame] | 2810 | } |
Willy Tarreau | f223cc0 | 2007-10-15 18:57:08 +0200 | [diff] [blame] | 2811 | } |
| 2812 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2813 | if (nb_oldpids && !(global.mode & MODE_MWORKER_WAIT)) |
Willy Tarreau | bb545b4 | 2010-08-25 12:58:59 +0200 | [diff] [blame] | 2814 | nb_oldpids = tell_old_pids(oldpids_sig); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2815 | |
William Lallemand | 27edc4b | 2019-05-07 17:49:33 +0200 | [diff] [blame] | 2816 | /* send a SIGTERM to workers who have a too high reloads number */ |
| 2817 | if ((global.mode & MODE_MWORKER) && !(global.mode & MODE_MWORKER_WAIT)) |
| 2818 | mworker_kill_max_reloads(SIGTERM); |
| 2819 | |
William Lallemand | 8a361b5 | 2017-06-20 11:20:33 +0200 | [diff] [blame] | 2820 | if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL)) { |
| 2821 | nb_oldpids = 0; |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 2822 | ha_free(&oldpids); |
William Lallemand | 8a361b5 | 2017-06-20 11:20:33 +0200 | [diff] [blame] | 2823 | } |
| 2824 | |
| 2825 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2826 | /* Note that any error at this stage will be fatal because we will not |
| 2827 | * be able to restart the old pids. |
| 2828 | */ |
| 2829 | |
William Dauchy | f9af9d7 | 2019-11-17 15:47:16 +0100 | [diff] [blame] | 2830 | if ((global.mode & (MODE_MWORKER | MODE_DAEMON)) == 0) |
| 2831 | set_identity(argv[0]); |
Willy Tarreau | 636848a | 2019-04-15 19:38:50 +0200 | [diff] [blame] | 2832 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2833 | /* check ulimits */ |
| 2834 | limit.rlim_cur = limit.rlim_max = 0; |
| 2835 | getrlimit(RLIMIT_NOFILE, &limit); |
| 2836 | if (limit.rlim_cur < global.maxsock) { |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2837 | if (global.tune.options & GTUNE_STRICT_LIMITS) { |
| 2838 | ha_alert("[%s.main()] FD limit (%d) too low for maxconn=%d/maxsock=%d. " |
| 2839 | "Please raise 'ulimit-n' to %d or more to avoid any trouble.\n", |
| 2840 | argv[0], (int)limit.rlim_cur, global.maxconn, global.maxsock, |
| 2841 | global.maxsock); |
Jerome Magnin | 50f757c | 2021-01-12 20:19:38 +0100 | [diff] [blame] | 2842 | exit(1); |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2843 | } |
| 2844 | else |
| 2845 | ha_alert("[%s.main()] FD limit (%d) too low for maxconn=%d/maxsock=%d. " |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 2846 | "Please raise 'ulimit-n' to %d or more to avoid any trouble.\n", |
William Dauchy | 0fec3ab | 2019-10-27 20:08:11 +0100 | [diff] [blame] | 2847 | argv[0], (int)limit.rlim_cur, global.maxconn, global.maxsock, |
| 2848 | global.maxsock); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2849 | } |
| 2850 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2851 | if (global.mode & (MODE_DAEMON | MODE_MWORKER | MODE_MWORKER_WAIT)) { |
Willy Tarreau | 0b9c02c | 2009-02-04 22:05:05 +0100 | [diff] [blame] | 2852 | struct proxy *px; |
Willy Tarreau | f83d3fe | 2015-05-01 19:13:41 +0200 | [diff] [blame] | 2853 | struct peers *curpeers; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2854 | int ret = 0; |
| 2855 | int proc; |
William Lallemand | e134041 | 2017-12-28 16:09:36 +0100 | [diff] [blame] | 2856 | int devnullfd = -1; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2857 | |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2858 | /* |
| 2859 | * if daemon + mworker: must fork here to let a master |
| 2860 | * process live in background before forking children |
| 2861 | */ |
William Lallemand | 73b85e7 | 2017-06-01 17:38:51 +0200 | [diff] [blame] | 2862 | |
| 2863 | if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL) |
| 2864 | && (global.mode & MODE_MWORKER) |
| 2865 | && (global.mode & MODE_DAEMON)) { |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2866 | ret = fork(); |
| 2867 | if (ret < 0) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 2868 | ha_alert("[%s.main()] Cannot fork.\n", argv[0]); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2869 | protocol_unbind_all(); |
| 2870 | exit(1); /* there has been an error */ |
William Lallemand | bfd8eb5 | 2018-07-04 15:31:23 +0200 | [diff] [blame] | 2871 | } else if (ret > 0) { /* parent leave to daemonize */ |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2872 | exit(0); |
William Lallemand | bfd8eb5 | 2018-07-04 15:31:23 +0200 | [diff] [blame] | 2873 | } else /* change the process group ID in the child (master process) */ |
| 2874 | setsid(); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 2875 | } |
William Lallemand | e20b6a6 | 2017-06-01 17:38:55 +0200 | [diff] [blame] | 2876 | |
William Lallemand | e20b6a6 | 2017-06-01 17:38:55 +0200 | [diff] [blame] | 2877 | |
William Lallemand | deed780 | 2017-11-06 11:00:04 +0100 | [diff] [blame] | 2878 | /* if in master-worker mode, write the PID of the father */ |
| 2879 | if (global.mode & MODE_MWORKER) { |
| 2880 | char pidstr[100]; |
Willy Tarreau | 76a80c7 | 2019-06-22 07:41:38 +0200 | [diff] [blame] | 2881 | snprintf(pidstr, sizeof(pidstr), "%d\n", (int)getpid()); |
Willy Tarreau | 46ec48b | 2018-01-23 19:20:19 +0100 | [diff] [blame] | 2882 | if (pidfd >= 0) |
Willy Tarreau | 2e8ab6b | 2020-03-14 11:03:20 +0100 | [diff] [blame] | 2883 | DISGUISE(write(pidfd, pidstr, strlen(pidstr))); |
William Lallemand | deed780 | 2017-11-06 11:00:04 +0100 | [diff] [blame] | 2884 | } |
| 2885 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2886 | /* the father launches the required number of processes */ |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2887 | if (!(global.mode & MODE_MWORKER_WAIT)) { |
William Lallemand | 9a1ee7a | 2019-04-01 11:30:02 +0200 | [diff] [blame] | 2888 | if (global.mode & MODE_MWORKER) |
| 2889 | mworker_ext_launch_all(); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2890 | for (proc = 0; proc < global.nbproc; proc++) { |
| 2891 | ret = fork(); |
| 2892 | if (ret < 0) { |
| 2893 | ha_alert("[%s.main()] Cannot fork.\n", argv[0]); |
| 2894 | protocol_unbind_all(); |
| 2895 | exit(1); /* there has been an error */ |
| 2896 | } |
Willy Tarreau | 52bf839 | 2020-03-08 00:42:37 +0100 | [diff] [blame] | 2897 | else if (ret == 0) { /* child breaks here */ |
| 2898 | ha_random_jump96(relative_pid); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2899 | break; |
Willy Tarreau | 52bf839 | 2020-03-08 00:42:37 +0100 | [diff] [blame] | 2900 | } |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2901 | if (pidfd >= 0 && !(global.mode & MODE_MWORKER)) { |
| 2902 | char pidstr[100]; |
| 2903 | snprintf(pidstr, sizeof(pidstr), "%d\n", ret); |
Willy Tarreau | 2e8ab6b | 2020-03-14 11:03:20 +0100 | [diff] [blame] | 2904 | DISGUISE(write(pidfd, pidstr, strlen(pidstr))); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2905 | } |
| 2906 | if (global.mode & MODE_MWORKER) { |
| 2907 | struct mworker_proc *child; |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 2908 | |
William Lallemand | 220567e | 2018-11-21 18:04:53 +0100 | [diff] [blame] | 2909 | ha_notice("New worker #%d (%d) forked\n", relative_pid, ret); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2910 | /* find the right mworker_proc */ |
| 2911 | list_for_each_entry(child, &proc_list, list) { |
| 2912 | if (child->relative_pid == relative_pid && |
William Lallemand | 8f7069a | 2019-04-12 16:09:23 +0200 | [diff] [blame] | 2913 | child->reloads == 0 && child->options & PROC_O_TYPE_WORKER) { |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2914 | child->timestamp = now.tv_sec; |
| 2915 | child->pid = ret; |
William Lallemand | 1dc6963 | 2019-06-12 19:11:33 +0200 | [diff] [blame] | 2916 | child->version = strdup(haproxy_version); |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2917 | break; |
| 2918 | } |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 2919 | } |
| 2920 | } |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 2921 | |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2922 | relative_pid++; /* each child will get a different one */ |
| 2923 | pid_bit <<= 1; |
| 2924 | } |
| 2925 | } else { |
| 2926 | /* wait mode */ |
| 2927 | global.nbproc = 1; |
| 2928 | proc = 1; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2929 | } |
Willy Tarreau | fc6c032 | 2012-11-16 16:12:27 +0100 | [diff] [blame] | 2930 | |
| 2931 | #ifdef USE_CPU_AFFINITY |
| 2932 | if (proc < global.nbproc && /* child */ |
Willy Tarreau | ff9c914 | 2019-02-07 10:39:36 +0100 | [diff] [blame] | 2933 | proc < MAX_PROCS && /* only the first 32/64 processes may be pinned */ |
Christopher Faulet | cb6a945 | 2017-11-22 16:50:41 +0100 | [diff] [blame] | 2934 | global.cpu_map.proc[proc]) /* only do this if the process has a CPU map */ |
Pieter Baauw | caa6a1b | 2015-09-17 21:26:40 +0200 | [diff] [blame] | 2935 | #ifdef __FreeBSD__ |
Olivier Houchard | 97148f6 | 2017-08-16 17:29:11 +0200 | [diff] [blame] | 2936 | { |
| 2937 | cpuset_t cpuset; |
| 2938 | int i; |
Christopher Faulet | cb6a945 | 2017-11-22 16:50:41 +0100 | [diff] [blame] | 2939 | unsigned long cpu_map = global.cpu_map.proc[proc]; |
Olivier Houchard | 97148f6 | 2017-08-16 17:29:11 +0200 | [diff] [blame] | 2940 | |
| 2941 | CPU_ZERO(&cpuset); |
| 2942 | while ((i = ffsl(cpu_map)) > 0) { |
| 2943 | CPU_SET(i - 1, &cpuset); |
Cyril Bonté | d400ab3 | 2018-03-12 21:47:39 +0100 | [diff] [blame] | 2944 | cpu_map &= ~(1UL << (i - 1)); |
Olivier Houchard | 97148f6 | 2017-08-16 17:29:11 +0200 | [diff] [blame] | 2945 | } |
| 2946 | ret = cpuset_setaffinity(CPU_LEVEL_WHICH, CPU_WHICH_PID, -1, sizeof(cpuset), &cpuset); |
| 2947 | } |
David Carlier | 2d0493a | 2020-12-02 21:14:51 +0000 | [diff] [blame] | 2948 | #elif defined(__linux__) || defined(__DragonFly__) |
Christopher Faulet | cb6a945 | 2017-11-22 16:50:41 +0100 | [diff] [blame] | 2949 | sched_setaffinity(0, sizeof(unsigned long), (void *)&global.cpu_map.proc[proc]); |
Willy Tarreau | fc6c032 | 2012-11-16 16:12:27 +0100 | [diff] [blame] | 2950 | #endif |
Pieter Baauw | caa6a1b | 2015-09-17 21:26:40 +0200 | [diff] [blame] | 2951 | #endif |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2952 | /* close the pidfile both in children and father */ |
Willy Tarreau | 269ab31 | 2012-09-05 08:02:48 +0200 | [diff] [blame] | 2953 | if (pidfd >= 0) { |
| 2954 | //lseek(pidfd, 0, SEEK_SET); /* debug: emulate eglibc bug */ |
| 2955 | close(pidfd); |
| 2956 | } |
Willy Tarreau | d137dd3 | 2010-08-25 12:49:05 +0200 | [diff] [blame] | 2957 | |
| 2958 | /* We won't ever use this anymore */ |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 2959 | ha_free(&global.pidfile); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 2960 | |
Willy Tarreau | edaff0a | 2015-05-01 17:01:08 +0200 | [diff] [blame] | 2961 | if (proc == global.nbproc) { |
William Lallemand | 944e619 | 2018-11-21 15:48:31 +0100 | [diff] [blame] | 2962 | if (global.mode & (MODE_MWORKER|MODE_MWORKER_WAIT)) { |
PiBa-NL | baf6ea4 | 2017-11-28 23:26:08 +0100 | [diff] [blame] | 2963 | |
| 2964 | if ((!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) && |
| 2965 | (global.mode & MODE_DAEMON)) { |
| 2966 | /* detach from the tty, this is required to properly daemonize. */ |
William Lallemand | e134041 | 2017-12-28 16:09:36 +0100 | [diff] [blame] | 2967 | if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL)) |
| 2968 | stdio_quiet(-1); |
| 2969 | |
PiBa-NL | baf6ea4 | 2017-11-28 23:26:08 +0100 | [diff] [blame] | 2970 | global.mode &= ~MODE_VERBOSE; |
| 2971 | global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */ |
PiBa-NL | baf6ea4 | 2017-11-28 23:26:08 +0100 | [diff] [blame] | 2972 | } |
| 2973 | |
William Lallemand | b3f2be3 | 2018-09-11 10:06:18 +0200 | [diff] [blame] | 2974 | mworker_loop(); |
William Lallemand | 1499b9b | 2017-06-07 15:04:47 +0200 | [diff] [blame] | 2975 | /* should never get there */ |
| 2976 | exit(EXIT_FAILURE); |
Willy Tarreau | edaff0a | 2015-05-01 17:01:08 +0200 | [diff] [blame] | 2977 | } |
William Lallemand | cf4e496 | 2017-06-08 19:05:48 +0200 | [diff] [blame] | 2978 | #if defined(USE_OPENSSL) && !defined(OPENSSL_NO_DH) |
Grant Zhang | 872f9c2 | 2017-01-21 01:10:18 +0000 | [diff] [blame] | 2979 | ssl_free_dh(); |
| 2980 | #endif |
William Lallemand | 1499b9b | 2017-06-07 15:04:47 +0200 | [diff] [blame] | 2981 | exit(0); /* parent must leave */ |
Willy Tarreau | edaff0a | 2015-05-01 17:01:08 +0200 | [diff] [blame] | 2982 | } |
| 2983 | |
William Lallemand | cb11fd2 | 2017-06-01 17:38:52 +0200 | [diff] [blame] | 2984 | /* child must never use the atexit function */ |
| 2985 | atexit_flag = 0; |
| 2986 | |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 2987 | /* close useless master sockets */ |
| 2988 | if (global.mode & MODE_MWORKER) { |
| 2989 | struct mworker_proc *child, *it; |
| 2990 | master = 0; |
| 2991 | |
William Lallemand | 309dc9a | 2018-10-26 14:47:45 +0200 | [diff] [blame] | 2992 | mworker_cli_proxy_stop(); |
| 2993 | |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 2994 | /* free proc struct of other processes */ |
| 2995 | list_for_each_entry_safe(child, it, &proc_list, list) { |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 2996 | /* close the FD of the master side for all |
| 2997 | * workers, we don't need to close the worker |
| 2998 | * side of other workers since it's done with |
| 2999 | * the bind_proc */ |
Tim Duesterhus | 742e0f9 | 2018-11-25 20:03:39 +0100 | [diff] [blame] | 3000 | if (child->ipc_fd[0] >= 0) |
| 3001 | close(child->ipc_fd[0]); |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 3002 | if (child->relative_pid == relative_pid && |
| 3003 | child->reloads == 0) { |
| 3004 | /* keep this struct if this is our pid */ |
| 3005 | proc_self = child; |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 3006 | continue; |
William Lallemand | ce83b4a | 2018-10-26 14:47:30 +0200 | [diff] [blame] | 3007 | } |
Willy Tarreau | 2b71810 | 2021-04-21 07:32:39 +0200 | [diff] [blame] | 3008 | LIST_DELETE(&child->list); |
Tim Duesterhus | 9b7a976 | 2019-05-16 20:23:22 +0200 | [diff] [blame] | 3009 | mworker_free_child(child); |
| 3010 | child = NULL; |
William Lallemand | bc19305 | 2018-09-11 10:06:26 +0200 | [diff] [blame] | 3011 | } |
| 3012 | } |
Willy Tarreau | 1605c7a | 2018-01-23 19:01:49 +0100 | [diff] [blame] | 3013 | |
William Lallemand | e134041 | 2017-12-28 16:09:36 +0100 | [diff] [blame] | 3014 | if (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) { |
| 3015 | devnullfd = open("/dev/null", O_RDWR, 0); |
| 3016 | if (devnullfd < 0) { |
| 3017 | ha_alert("Cannot open /dev/null\n"); |
| 3018 | exit(EXIT_FAILURE); |
| 3019 | } |
| 3020 | } |
| 3021 | |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 3022 | /* Must chroot and setgid/setuid in the children */ |
| 3023 | /* chroot if needed */ |
| 3024 | if (global.chroot != NULL) { |
| 3025 | if (chroot(global.chroot) == -1 || chdir("/") == -1) { |
Christopher Faulet | 767a84b | 2017-11-24 16:50:31 +0100 | [diff] [blame] | 3026 | ha_alert("[%s.main()] Cannot chroot1(%s).\n", argv[0], global.chroot); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 3027 | if (nb_oldpids) |
| 3028 | tell_old_pids(SIGTTIN); |
| 3029 | protocol_unbind_all(); |
| 3030 | exit(1); |
| 3031 | } |
| 3032 | } |
| 3033 | |
Willy Tarreau | 61cfdf4 | 2021-02-20 10:46:51 +0100 | [diff] [blame] | 3034 | ha_free(&global.chroot); |
William Dauchy | f9af9d7 | 2019-11-17 15:47:16 +0100 | [diff] [blame] | 3035 | set_identity(argv[0]); |
William Lallemand | 095ba4c | 2017-06-01 17:38:50 +0200 | [diff] [blame] | 3036 | |
William Lallemand | 7f80eb2 | 2017-05-26 18:19:55 +0200 | [diff] [blame] | 3037 | /* pass through every cli socket, and check if it's bound to |
| 3038 | * the current process and if it exposes listeners sockets. |
| 3039 | * Caution: the GTUNE_SOCKET_TRANSFER is now set after the fork. |
| 3040 | * */ |
| 3041 | |
Willy Tarreau | 4975d14 | 2021-03-13 11:00:33 +0100 | [diff] [blame] | 3042 | if (global.cli_fe) { |
William Lallemand | 7f80eb2 | 2017-05-26 18:19:55 +0200 | [diff] [blame] | 3043 | struct bind_conf *bind_conf; |
| 3044 | |
Willy Tarreau | 4975d14 | 2021-03-13 11:00:33 +0100 | [diff] [blame] | 3045 | list_for_each_entry(bind_conf, &global.cli_fe->conf.bind, by_fe) { |
William Lallemand | 7f80eb2 | 2017-05-26 18:19:55 +0200 | [diff] [blame] | 3046 | if (bind_conf->level & ACCESS_FD_LISTENERS) { |
Willy Tarreau | e26993c | 2020-09-03 07:18:55 +0200 | [diff] [blame] | 3047 | if (!bind_conf->settings.bind_proc || bind_conf->settings.bind_proc & (1UL << proc)) { |
William Lallemand | 7f80eb2 | 2017-05-26 18:19:55 +0200 | [diff] [blame] | 3048 | global.tune.options |= GTUNE_SOCKET_TRANSFER; |
| 3049 | break; |
| 3050 | } |
| 3051 | } |
| 3052 | } |
| 3053 | } |
| 3054 | |
Willy Tarreau | 0b9c02c | 2009-02-04 22:05:05 +0100 | [diff] [blame] | 3055 | /* we might have to unbind some proxies from some processes */ |
Olivier Houchard | fbc74e8 | 2017-11-24 16:54:05 +0100 | [diff] [blame] | 3056 | px = proxies_list; |
Willy Tarreau | 0b9c02c | 2009-02-04 22:05:05 +0100 | [diff] [blame] | 3057 | while (px != NULL) { |
Willy Tarreau | c3914d4 | 2020-09-24 08:39:22 +0200 | [diff] [blame] | 3058 | if (px->bind_proc && !px->disabled) { |
Willy Tarreau | 337c835 | 2020-09-24 10:51:29 +0200 | [diff] [blame] | 3059 | if (!(px->bind_proc & (1UL << proc))) |
| 3060 | stop_proxy(px); |
Willy Tarreau | 0b9c02c | 2009-02-04 22:05:05 +0100 | [diff] [blame] | 3061 | } |
| 3062 | px = px->next; |
| 3063 | } |
| 3064 | |
Emeric Brun | c47ba59 | 2020-10-07 10:13:10 +0200 | [diff] [blame] | 3065 | /* we might have to unbind some log forward proxies from some processes */ |
| 3066 | px = cfg_log_forward; |
| 3067 | while (px != NULL) { |
Willy Tarreau | c3914d4 | 2020-09-24 08:39:22 +0200 | [diff] [blame] | 3068 | if (px->bind_proc && !px->disabled) { |
Willy Tarreau | 337c835 | 2020-09-24 10:51:29 +0200 | [diff] [blame] | 3069 | if (!(px->bind_proc & (1UL << proc))) |
| 3070 | stop_proxy(px); |
Emeric Brun | c47ba59 | 2020-10-07 10:13:10 +0200 | [diff] [blame] | 3071 | } |
| 3072 | px = px->next; |
| 3073 | } |
| 3074 | |
Willy Tarreau | f83d3fe | 2015-05-01 19:13:41 +0200 | [diff] [blame] | 3075 | /* we might have to unbind some peers sections from some processes */ |
Frédéric Lécaille | ed2b4a6 | 2017-07-13 09:07:09 +0200 | [diff] [blame] | 3076 | for (curpeers = cfg_peers; curpeers; curpeers = curpeers->next) { |
Willy Tarreau | f83d3fe | 2015-05-01 19:13:41 +0200 | [diff] [blame] | 3077 | if (!curpeers->peers_fe) |
| 3078 | continue; |
| 3079 | |
| 3080 | if (curpeers->peers_fe->bind_proc & (1UL << proc)) |
| 3081 | continue; |
| 3082 | |
| 3083 | stop_proxy(curpeers->peers_fe); |
| 3084 | /* disable this peer section so that it kills itself */ |
Willy Tarreau | 47c8c02 | 2015-09-28 16:39:25 +0200 | [diff] [blame] | 3085 | signal_unregister_handler(curpeers->sighandler); |
Olivier Houchard | 3f795f7 | 2019-04-17 22:51:06 +0200 | [diff] [blame] | 3086 | task_destroy(curpeers->sync_task); |
Willy Tarreau | 47c8c02 | 2015-09-28 16:39:25 +0200 | [diff] [blame] | 3087 | curpeers->sync_task = NULL; |
Olivier Houchard | 3f795f7 | 2019-04-17 22:51:06 +0200 | [diff] [blame] | 3088 | task_destroy(curpeers->peers_fe->task); |
Willy Tarreau | 47c8c02 | 2015-09-28 16:39:25 +0200 | [diff] [blame] | 3089 | curpeers->peers_fe->task = NULL; |
Willy Tarreau | f83d3fe | 2015-05-01 19:13:41 +0200 | [diff] [blame] | 3090 | curpeers->peers_fe = NULL; |
| 3091 | } |
| 3092 | |
William Lallemand | 2e8fad9 | 2018-11-13 16:18:23 +0100 | [diff] [blame] | 3093 | /* |
| 3094 | * This is only done in daemon mode because we might want the |
| 3095 | * logs on stdout in mworker mode. If we're NOT in QUIET mode, |
| 3096 | * we should now close the 3 first FDs to ensure that we can |
| 3097 | * detach from the TTY. We MUST NOT do it in other cases since |
| 3098 | * it would have already be done, and 0-2 would have been |
| 3099 | * affected to listening sockets |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 3100 | */ |
William Lallemand | 2e8fad9 | 2018-11-13 16:18:23 +0100 | [diff] [blame] | 3101 | if ((global.mode & MODE_DAEMON) && |
| 3102 | (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE))) { |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 3103 | /* detach from the tty */ |
William Lallemand | e134041 | 2017-12-28 16:09:36 +0100 | [diff] [blame] | 3104 | stdio_quiet(devnullfd); |
Willy Tarreau | 106cb76 | 2008-11-16 07:40:34 +0100 | [diff] [blame] | 3105 | global.mode &= ~MODE_VERBOSE; |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 3106 | global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */ |
| 3107 | } |
| 3108 | pid = getpid(); /* update child's pid */ |
William Lallemand | bfd8eb5 | 2018-07-04 15:31:23 +0200 | [diff] [blame] | 3109 | if (!(global.mode & MODE_MWORKER)) /* in mworker mode we don't want a new pgid for the children */ |
| 3110 | setsid(); |
Willy Tarreau | 2ff7622 | 2007-04-09 19:29:56 +0200 | [diff] [blame] | 3111 | fork_poller(); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 3112 | } |
| 3113 | |
William Dauchy | e039f26 | 2019-11-17 15:47:15 +0100 | [diff] [blame] | 3114 | /* try our best to re-enable core dumps depending on system capabilities. |
| 3115 | * What is addressed here : |
| 3116 | * - remove file size limits |
| 3117 | * - remove core size limits |
| 3118 | * - mark the process dumpable again if it lost it due to user/group |
| 3119 | */ |
| 3120 | if (global.tune.options & GTUNE_SET_DUMPABLE) { |
| 3121 | limit.rlim_cur = limit.rlim_max = RLIM_INFINITY; |
| 3122 | |
| 3123 | #if defined(RLIMIT_FSIZE) |
| 3124 | if (setrlimit(RLIMIT_FSIZE, &limit) == -1) { |
| 3125 | if (global.tune.options & GTUNE_STRICT_LIMITS) { |
| 3126 | ha_alert("[%s.main()] Failed to set the raise the maximum " |
| 3127 | "file size.\n", argv[0]); |
Jerome Magnin | 50f757c | 2021-01-12 20:19:38 +0100 | [diff] [blame] | 3128 | exit(1); |
William Dauchy | e039f26 | 2019-11-17 15:47:15 +0100 | [diff] [blame] | 3129 | } |
| 3130 | else |
| 3131 | ha_warning("[%s.main()] Failed to set the raise the maximum " |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 3132 | "file size.\n", argv[0]); |
William Dauchy | e039f26 | 2019-11-17 15:47:15 +0100 | [diff] [blame] | 3133 | } |
| 3134 | #endif |
| 3135 | |
| 3136 | #if defined(RLIMIT_CORE) |
| 3137 | if (setrlimit(RLIMIT_CORE, &limit) == -1) { |
| 3138 | if (global.tune.options & GTUNE_STRICT_LIMITS) { |
| 3139 | ha_alert("[%s.main()] Failed to set the raise the core " |
| 3140 | "dump size.\n", argv[0]); |
Jerome Magnin | 50f757c | 2021-01-12 20:19:38 +0100 | [diff] [blame] | 3141 | exit(1); |
William Dauchy | e039f26 | 2019-11-17 15:47:15 +0100 | [diff] [blame] | 3142 | } |
| 3143 | else |
| 3144 | ha_warning("[%s.main()] Failed to set the raise the core " |
William Dauchy | a519460 | 2020-03-28 19:29:58 +0100 | [diff] [blame] | 3145 | "dump size.\n", argv[0]); |
William Dauchy | e039f26 | 2019-11-17 15:47:15 +0100 | [diff] [blame] | 3146 | } |
| 3147 | #endif |
| 3148 | |
| 3149 | #if defined(USE_PRCTL) |
| 3150 | if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1) |
| 3151 | ha_warning("[%s.main()] Failed to set the dumpable flag, " |
| 3152 | "no core will be dumped.\n", argv[0]); |
| 3153 | #endif |
| 3154 | } |
| 3155 | |
Christopher Faulet | e3a5e35 | 2017-10-24 13:53:54 +0200 | [diff] [blame] | 3156 | global.mode &= ~MODE_STARTING; |
Willy Tarreau | 4f60f16 | 2007-04-08 16:39:58 +0200 | [diff] [blame] | 3157 | /* |
| 3158 | * That's it : the central polling loop. Run until we stop. |
| 3159 | */ |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 3160 | #ifdef USE_THREAD |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3161 | { |
William Lallemand | 1aab50b | 2018-06-07 09:46:01 +0200 | [diff] [blame] | 3162 | sigset_t blocked_sig, old_sig; |
Willy Tarreau | c40efc1 | 2019-05-03 09:22:44 +0200 | [diff] [blame] | 3163 | int i; |
| 3164 | |
William Lallemand | 1aab50b | 2018-06-07 09:46:01 +0200 | [diff] [blame] | 3165 | /* ensure the signals will be blocked in every thread */ |
| 3166 | sigfillset(&blocked_sig); |
| 3167 | sigdelset(&blocked_sig, SIGPROF); |
| 3168 | sigdelset(&blocked_sig, SIGBUS); |
| 3169 | sigdelset(&blocked_sig, SIGFPE); |
| 3170 | sigdelset(&blocked_sig, SIGILL); |
| 3171 | sigdelset(&blocked_sig, SIGSEGV); |
| 3172 | pthread_sigmask(SIG_SETMASK, &blocked_sig, &old_sig); |
| 3173 | |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3174 | /* Create nbthread-1 thread. The first thread is the current process */ |
David Carlier | a92c5ce | 2019-09-13 05:03:12 +0100 | [diff] [blame] | 3175 | ha_thread_info[0].pthread = pthread_self(); |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3176 | for (i = 1; i < global.nbthread; i++) |
David Carlier | a92c5ce | 2019-09-13 05:03:12 +0100 | [diff] [blame] | 3177 | pthread_create(&ha_thread_info[i].pthread, NULL, &run_thread_poll_loop, (void *)(long)i); |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3178 | |
Christopher Faulet | 6251902 | 2017-10-16 15:49:32 +0200 | [diff] [blame] | 3179 | #ifdef USE_CPU_AFFINITY |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3180 | /* Now the CPU affinity for all threads */ |
Willy Tarreau | 7764a57 | 2019-07-16 15:10:34 +0200 | [diff] [blame] | 3181 | if (global.cpu_map.proc_t1[relative_pid-1]) |
| 3182 | global.cpu_map.thread[0] &= global.cpu_map.proc_t1[relative_pid-1]; |
| 3183 | |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3184 | for (i = 0; i < global.nbthread; i++) { |
Christopher Faulet | cb6a945 | 2017-11-22 16:50:41 +0100 | [diff] [blame] | 3185 | if (global.cpu_map.proc[relative_pid-1]) |
Willy Tarreau | 81492c9 | 2019-05-03 09:41:23 +0200 | [diff] [blame] | 3186 | global.cpu_map.thread[i] &= global.cpu_map.proc[relative_pid-1]; |
Christopher Faulet | 6251902 | 2017-10-16 15:49:32 +0200 | [diff] [blame] | 3187 | |
Willy Tarreau | 421f02e | 2018-01-20 18:19:22 +0100 | [diff] [blame] | 3188 | if (i < MAX_THREADS && /* only the first 32/64 threads may be pinned */ |
Willy Tarreau | 81492c9 | 2019-05-03 09:41:23 +0200 | [diff] [blame] | 3189 | global.cpu_map.thread[i]) {/* only do this if the thread has a THREAD map */ |
David Carlier | 5e4c8e2 | 2019-09-13 05:12:58 +0100 | [diff] [blame] | 3190 | #if defined(__APPLE__) |
| 3191 | int j; |
| 3192 | unsigned long cpu_map = global.cpu_map.thread[i]; |
| 3193 | |
| 3194 | while ((j = ffsl(cpu_map)) > 0) { |
| 3195 | thread_affinity_policy_data_t cpu_set = { j - 1 }; |
| 3196 | thread_port_t mthread = pthread_mach_thread_np(ha_thread_info[i].pthread); |
| 3197 | thread_policy_set(mthread, THREAD_AFFINITY_POLICY, (thread_policy_t)&cpu_set, 1); |
| 3198 | cpu_map &= ~(1UL << (j - 1)); |
| 3199 | } |
| 3200 | #else |
Olivier Houchard | 829aa24 | 2017-12-01 18:19:43 +0100 | [diff] [blame] | 3201 | #if defined(__FreeBSD__) || defined(__NetBSD__) |
| 3202 | cpuset_t cpuset; |
| 3203 | #else |
| 3204 | cpu_set_t cpuset; |
| 3205 | #endif |
| 3206 | int j; |
Willy Tarreau | 81492c9 | 2019-05-03 09:41:23 +0200 | [diff] [blame] | 3207 | unsigned long cpu_map = global.cpu_map.thread[i]; |
Olivier Houchard | 829aa24 | 2017-12-01 18:19:43 +0100 | [diff] [blame] | 3208 | |
| 3209 | CPU_ZERO(&cpuset); |
| 3210 | |
| 3211 | while ((j = ffsl(cpu_map)) > 0) { |
| 3212 | CPU_SET(j - 1, &cpuset); |
Cyril Bonté | d400ab3 | 2018-03-12 21:47:39 +0100 | [diff] [blame] | 3213 | cpu_map &= ~(1UL << (j - 1)); |
Olivier Houchard | 829aa24 | 2017-12-01 18:19:43 +0100 | [diff] [blame] | 3214 | } |
David Carlier | a92c5ce | 2019-09-13 05:03:12 +0100 | [diff] [blame] | 3215 | pthread_setaffinity_np(ha_thread_info[i].pthread, |
Olivier Houchard | 829aa24 | 2017-12-01 18:19:43 +0100 | [diff] [blame] | 3216 | sizeof(cpuset), &cpuset); |
David Carlier | 5e4c8e2 | 2019-09-13 05:12:58 +0100 | [diff] [blame] | 3217 | #endif |
Olivier Houchard | 829aa24 | 2017-12-01 18:19:43 +0100 | [diff] [blame] | 3218 | } |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 3219 | } |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3220 | #endif /* !USE_CPU_AFFINITY */ |
| 3221 | |
William Lallemand | 1aab50b | 2018-06-07 09:46:01 +0200 | [diff] [blame] | 3222 | /* when multithreading we need to let only the thread 0 handle the signals */ |
William Lallemand | d3801c1 | 2018-09-11 10:06:23 +0200 | [diff] [blame] | 3223 | haproxy_unblock_signals(); |
William Lallemand | 1aab50b | 2018-06-07 09:46:01 +0200 | [diff] [blame] | 3224 | |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3225 | /* Finally, start the poll loop for the first thread */ |
Willy Tarreau | b4f7cc3 | 2019-05-03 09:27:30 +0200 | [diff] [blame] | 3226 | run_thread_poll_loop(0); |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3227 | |
| 3228 | /* Wait the end of other threads */ |
| 3229 | for (i = 1; i < global.nbthread; i++) |
David Carlier | a92c5ce | 2019-09-13 05:03:12 +0100 | [diff] [blame] | 3230 | pthread_join(ha_thread_info[i].pthread, NULL); |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 3231 | |
Christopher Faulet | b79a94c | 2017-05-30 15:34:30 +0200 | [diff] [blame] | 3232 | #if defined(DEBUG_THREAD) || defined(DEBUG_FULL) |
| 3233 | show_lock_stats(); |
| 3234 | #endif |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 3235 | } |
Christopher Faulet | cd7879a | 2017-10-27 13:53:47 +0200 | [diff] [blame] | 3236 | #else /* ! USE_THREAD */ |
William Lallemand | d3801c1 | 2018-09-11 10:06:23 +0200 | [diff] [blame] | 3237 | haproxy_unblock_signals(); |
Willy Tarreau | b4f7cc3 | 2019-05-03 09:27:30 +0200 | [diff] [blame] | 3238 | run_thread_poll_loop(0); |
Christopher Faulet | 6251902 | 2017-10-16 15:49:32 +0200 | [diff] [blame] | 3239 | #endif |
Christopher Faulet | 1d17c10 | 2017-08-29 15:38:48 +0200 | [diff] [blame] | 3240 | |
Tim Duesterhus | 0a3b43d | 2020-06-14 00:37:42 +0200 | [diff] [blame] | 3241 | deinit_and_exit(0); |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 3242 | } |
| 3243 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 3244 | /* |
| 3245 | * Local variables: |
| 3246 | * c-indent-level: 8 |
| 3247 | * c-basic-offset: 8 |
| 3248 | * End: |
| 3249 | */ |