blob: 7dc1e830b396915bc7c5963f1bb9ab54206c0750 [file] [log] [blame]
Willy Tarreaubaaee002006-06-26 02:48:02 +02001/*
2 * HA-Proxy : High Availability-enabled HTTP/TCP proxy
Willy Tarreau421ed392021-01-06 17:41:32 +01003 * Copyright 2000-2021 Willy Tarreau <willy@haproxy.org>.
Willy Tarreaubaaee002006-06-26 02:48:02 +02004 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
9 *
Ilya Shipitsin46a030c2020-07-05 16:36:08 +050010 * Please refer to RFC7230 - RFC7235 information about HTTP protocol, and
11 * RFC6265 for information about cookies usage. More generally, the IETF HTTP
Willy Tarreaubaaee002006-06-26 02:48:02 +020012 * Working Group's web site should be consulted for protocol related changes :
13 *
14 * http://ftp.ics.uci.edu/pub/ietf/http/
15 *
16 * Pending bugs (may be not fixed because never reproduced) :
17 * - solaris only : sometimes, an HTTP proxy with only a dispatch address causes
18 * the proxy to terminate (no core) if the client breaks the connection during
19 * the response. Seen on 1.1.8pre4, but never reproduced. May not be related to
20 * the snprintf() bug since requests were simple (GET / HTTP/1.0), but may be
21 * related to missing setsid() (fixed in 1.1.15)
22 * - a proxy with an invalid config will prevent the startup even if disabled.
23 *
24 * ChangeLog has moved to the CHANGELOG file.
25 *
Willy Tarreaubaaee002006-06-26 02:48:02 +020026 */
27
David Carlier7ece0962015-12-08 21:43:09 +000028#define _GNU_SOURCE
Willy Tarreaubaaee002006-06-26 02:48:02 +020029#include <stdio.h>
30#include <stdlib.h>
31#include <unistd.h>
32#include <string.h>
33#include <ctype.h>
Maxime de Roucy379d9c72016-05-13 23:52:56 +020034#include <dirent.h>
Maxime de Roucy379d9c72016-05-13 23:52:56 +020035#include <sys/stat.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020036#include <sys/time.h>
37#include <sys/types.h>
38#include <sys/socket.h>
39#include <netinet/tcp.h>
40#include <netinet/in.h>
41#include <arpa/inet.h>
42#include <netdb.h>
43#include <fcntl.h>
44#include <errno.h>
45#include <signal.h>
46#include <stdarg.h>
47#include <sys/resource.h>
Tim Duesterhusdfad6a42020-04-18 16:02:47 +020048#include <sys/utsname.h>
Marc-Antoine Perennou992709b2013-02-12 10:53:52 +010049#include <sys/wait.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020050#include <time.h>
51#include <syslog.h>
Michael Schererab012dd2013-01-12 18:35:19 +010052#include <grp.h>
Willy Tarreaufc6c0322012-11-16 16:12:27 +010053#ifdef USE_CPU_AFFINITY
Willy Tarreaufc6c0322012-11-16 16:12:27 +010054#include <sched.h>
David Carlier42d9e5a2018-11-12 16:22:19 +000055#if defined(__FreeBSD__) || defined(__DragonFly__)
Pieter Baauwcaa6a1b2015-09-17 21:26:40 +020056#include <sys/param.h>
David Carlier42d9e5a2018-11-12 16:22:19 +000057#ifdef __FreeBSD__
Pieter Baauwcaa6a1b2015-09-17 21:26:40 +020058#include <sys/cpuset.h>
David Carlier42d9e5a2018-11-12 16:22:19 +000059#endif
David Carlier6d5c8412017-11-29 11:02:32 +000060#include <pthread_np.h>
Pieter Baauwcaa6a1b2015-09-17 21:26:40 +020061#endif
David Carlier5e4c8e22019-09-13 05:12:58 +010062#ifdef __APPLE__
63#include <mach/mach_types.h>
64#include <mach/thread_act.h>
65#include <mach/thread_policy.h>
66#endif
Willy Tarreaufc6c0322012-11-16 16:12:27 +010067#endif
Willy Tarreaubaaee002006-06-26 02:48:02 +020068
Willy Tarreau636848a2019-04-15 19:38:50 +020069#if defined(USE_PRCTL)
70#include <sys/prctl.h>
71#endif
72
Willy Tarreaubaaee002006-06-26 02:48:02 +020073#ifdef DEBUG_FULL
74#include <assert.h>
75#endif
Tim Duesterhusd6942c82017-11-20 15:58:35 +010076#if defined(USE_SYSTEMD)
77#include <systemd/sd-daemon.h>
78#endif
Willy Tarreaubaaee002006-06-26 02:48:02 +020079
Willy Tarreau6c3a6812020-03-06 18:57:15 +010080#include <import/sha1.h>
81
Willy Tarreaub2551052020-06-09 09:07:15 +020082#include <haproxy/acl.h>
Amaury Denoyelle68fd7e42021-03-25 17:15:52 +010083#include <haproxy/action.h>
Willy Tarreaub2551052020-06-09 09:07:15 +020084#include <haproxy/activity.h>
85#include <haproxy/api.h>
86#include <haproxy/arg.h>
87#include <haproxy/auth.h>
Willy Tarreau8d366972020-05-27 16:10:29 +020088#include <haproxy/base64.h>
Willy Tarreaub2551052020-06-09 09:07:15 +020089#include <haproxy/capture-t.h>
Amaury Denoyelle5a6926d2021-03-30 17:34:24 +020090#include <haproxy/cfgdiag.h>
Willy Tarreau6be78492020-06-05 00:00:29 +020091#include <haproxy/cfgparse.h>
Willy Tarreauc13ed532020-06-02 10:22:45 +020092#include <haproxy/chunk.h>
Willy Tarreau83487a82020-06-04 20:19:54 +020093#include <haproxy/cli.h>
Willy Tarreau7ea393d2020-06-04 18:02:10 +020094#include <haproxy/connection.h>
Willy Tarreaueb92deb2020-06-04 10:53:16 +020095#include <haproxy/dns.h>
Willy Tarreau2741c8c2020-06-02 11:28:02 +020096#include <haproxy/dynbuf.h>
Willy Tarreau8d366972020-05-27 16:10:29 +020097#include <haproxy/errors.h>
Willy Tarreaub2551052020-06-09 09:07:15 +020098#include <haproxy/fd.h>
Willy Tarreauc7babd82020-06-04 21:29:29 +020099#include <haproxy/filters.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200100#include <haproxy/global.h>
Willy Tarreau86416052020-06-04 09:20:54 +0200101#include <haproxy/hlua.h>
Willy Tarreauc761f842020-06-04 11:40:28 +0200102#include <haproxy/http_rules.h>
Willy Tarreau853b2972020-05-27 18:01:47 +0200103#include <haproxy/list.h>
Willy Tarreau213e9902020-06-04 14:58:24 +0200104#include <haproxy/listener.h>
Willy Tarreauaeed4a82020-06-04 22:01:04 +0200105#include <haproxy/log.h>
Willy Tarreaub5abe5b2020-06-04 14:07:37 +0200106#include <haproxy/mworker.h>
Willy Tarreau7a00efb2020-06-02 17:02:59 +0200107#include <haproxy/namespace.h>
Willy Tarreau6131d6a2020-06-02 16:48:09 +0200108#include <haproxy/net_helper.h>
Willy Tarreau6019fab2020-05-27 16:26:00 +0200109#include <haproxy/openssl-compat.h>
Willy Tarreau225a90a2020-06-04 15:06:28 +0200110#include <haproxy/pattern.h>
Willy Tarreau3c2a7c22020-06-04 18:38:21 +0200111#include <haproxy/peers.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200112#include <haproxy/pool.h>
113#include <haproxy/protocol.h>
Willy Tarreaubf3b06b2020-08-26 10:23:40 +0200114#include <haproxy/proto_tcp.h>
Willy Tarreaua264d962020-06-04 22:29:18 +0200115#include <haproxy/proxy.h>
Willy Tarreau7cd8b6e2020-06-02 17:32:26 +0200116#include <haproxy/regex.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200117#include <haproxy/sample.h>
Willy Tarreau1e56f922020-06-04 23:20:13 +0200118#include <haproxy/server.h>
Willy Tarreau48d25b32020-06-04 18:58:52 +0200119#include <haproxy/session.h>
Willy Tarreau3727a8a2020-06-04 17:37:26 +0200120#include <haproxy/signal.h>
Willy Tarreau063d47d2020-08-28 16:29:53 +0200121#include <haproxy/sock.h>
Willy Tarreau25140cc2020-08-28 15:40:33 +0200122#include <haproxy/sock_inet.h>
Willy Tarreau209108d2020-06-04 20:30:20 +0200123#include <haproxy/ssl_sock.h>
Amaury Denoyelleee63d4b2020-10-05 11:49:42 +0200124#include <haproxy/stats-t.h>
Willy Tarreaudfd3de82020-06-04 23:46:14 +0200125#include <haproxy/stream.h>
Willy Tarreaucea0e1b2020-06-04 17:25:40 +0200126#include <haproxy/task.h>
Willy Tarreau3f567e42020-05-28 15:29:19 +0200127#include <haproxy/thread.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200128#include <haproxy/time.h>
129#include <haproxy/tools.h>
130#include <haproxy/uri_auth-t.h>
Willy Tarreaua1718922020-06-04 16:25:31 +0200131#include <haproxy/vars.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200132#include <haproxy/version.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +0200133
Willy Tarreaubaaee002006-06-26 02:48:02 +0200134
Willy Tarreau7b5654f2019-03-29 21:30:17 +0100135/* array of init calls for older platforms */
136DECLARE_INIT_STAGES;
137
Willy Tarreauf4596402021-04-10 16:53:05 +0200138/* create a read_mostly section to hold variables which are accessed a lot
139 * but which almost never change. The purpose is to isolate them in their
140 * own cache lines where they don't risk to be perturbated by write accesses
141 * to neighbor variables. We need to create an empty aligned variable for
142 * this. The fact that the variable is of size zero means that it will be
143 * eliminated at link time if no other variable uses it, but alignment will
144 * be respected.
145 */
146empty_t __read_mostly_align HA_SECTION("read_mostly") ALIGNED(64);
147
Willy Tarreau477ecd82010-01-03 21:12:30 +0100148/* list of config files */
149static struct list cfg_cfgfiles = LIST_HEAD_INIT(cfg_cfgfiles);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200150int pid; /* current process id */
Willy Tarreau28156642007-11-26 16:13:36 +0100151int relative_pid = 1; /* process id starting at 1 */
Willy Tarreau387bd4f2017-11-10 19:08:14 +0100152unsigned long pid_bit = 1; /* bit corresponding to the process id */
Willy Tarreaua38a7172019-02-02 17:11:28 +0100153unsigned long all_proc_mask = 1; /* mask of all processes */
Willy Tarreaubaaee002006-06-26 02:48:02 +0200154
Willy Tarreauf8ea00e2020-03-12 17:24:53 +0100155volatile unsigned long sleeping_thread_mask = 0; /* Threads that are about to sleep in poll() */
Willy Tarreau4b3f27b2020-03-12 17:28:01 +0100156volatile unsigned long stopping_thread_mask = 0; /* Threads acknowledged stopping */
Willy Tarreauf8ea00e2020-03-12 17:24:53 +0100157
Willy Tarreaubaaee002006-06-26 02:48:02 +0200158/* global options */
159struct global global = {
Cyril Bonté203ec5a2017-03-23 22:44:13 +0100160 .hard_stop_after = TICK_ETERNITY,
Willy Tarreau247a13a2012-11-15 17:38:15 +0100161 .nbproc = 1,
Willy Tarreau149ab772019-01-26 14:27:06 +0100162 .nbthread = 0,
William Lallemand5f232402012-04-05 18:02:55 +0200163 .req_count = 0,
William Lallemand0f99e342011-10-12 17:50:54 +0200164 .logsrvs = LIST_HEAD_INIT(global.logsrvs),
William Lallemand9d5f5482012-11-07 16:12:57 +0100165 .maxzlibmem = 0,
William Lallemandd85f9172012-11-09 17:05:39 +0100166 .comp_rate_lim = 0,
Emeric Brun850efd52014-01-29 12:24:34 +0100167 .ssl_server_verify = SSL_SERVER_VERIFY_REQUIRED,
Emeric Bruned760922010-10-22 17:59:25 +0200168 .unix_bind = {
169 .ux = {
170 .uid = -1,
171 .gid = -1,
172 .mode = 0,
173 }
174 },
Willy Tarreau27a674e2009-08-17 07:23:33 +0200175 .tune = {
Willy Tarreau7ac908b2019-02-27 12:02:18 +0100176 .options = GTUNE_LISTENER_MQ,
Willy Tarreauc77d3642018-12-12 06:19:42 +0100177 .bufsize = (BUFSIZE + 2*sizeof(void *) - 1) & -(2*sizeof(void *)),
Christopher Faulet546c4692020-01-22 14:31:21 +0100178 .maxrewrite = MAXREWRITE,
Willy Tarreaua24adf02014-11-27 01:11:56 +0100179 .reserved_bufs = RESERVED_BUFS,
Willy Tarreauf3045d22015-04-29 16:24:50 +0200180 .pattern_cache = DEFAULT_PAT_LRU_SIZE,
Olivier Houchard88698d92019-04-16 19:07:22 +0200181 .pool_low_ratio = 20,
182 .pool_high_ratio = 25,
Christopher Faulet41ba36f2019-07-19 09:36:45 +0200183 .max_http_hdr = MAX_HTTP_HDR,
Emeric Brunfc32aca2012-09-03 12:10:29 +0200184#ifdef USE_OPENSSL
Emeric Brun46635772012-11-14 11:32:56 +0100185 .sslcachesize = SSLCACHESIZE,
Emeric Brunfc32aca2012-09-03 12:10:29 +0200186#endif
William Lallemandf3747832012-11-09 12:33:10 +0100187 .comp_maxlevel = 1,
Willy Tarreau7e312732014-02-12 16:35:14 +0100188#ifdef DEFAULT_IDLE_TIMER
189 .idle_timer = DEFAULT_IDLE_TIMER,
190#else
191 .idle_timer = 1000, /* 1 second */
192#endif
Willy Tarreau27a674e2009-08-17 07:23:33 +0200193 },
Emeric Brun76d88952012-10-05 15:47:31 +0200194#ifdef USE_OPENSSL
195#ifdef DEFAULT_MAXSSLCONN
Willy Tarreau403edff2012-09-06 11:58:37 +0200196 .maxsslconn = DEFAULT_MAXSSLCONN,
197#endif
Emeric Brun76d88952012-10-05 15:47:31 +0200198#endif
Willy Tarreaubaaee002006-06-26 02:48:02 +0200199 /* others NULL OK */
200};
201
202/*********************************************************************/
203
204int stopping; /* non zero means stopping in progress */
Cyril Bonté203ec5a2017-03-23 22:44:13 +0100205int killed; /* non zero means a hard-stop is triggered */
Willy Tarreauaf7ad002010-08-31 15:39:26 +0200206int jobs = 0; /* number of active jobs (conns, listeners, active tasks, ...) */
William Lallemanda7199262018-11-16 16:57:20 +0100207int unstoppable_jobs = 0; /* number of active jobs that can't be stopped during a soft stop */
Willy Tarreau199ad242018-11-05 16:31:22 +0100208int active_peers = 0; /* number of active peers (connection attempts and connected) */
Willy Tarreau2d372c22018-11-05 17:12:27 +0100209int connected_peers = 0; /* number of connected peers (verified ones) */
Willy Tarreaubaaee002006-06-26 02:48:02 +0200210
Ilya Shipitsin46a030c2020-07-05 16:36:08 +0500211/* Here we store information about the pids of the processes we may pause
Willy Tarreaubaaee002006-06-26 02:48:02 +0200212 * or kill. We will send them a signal every 10 ms until we can bind to all
213 * our ports. With 200 retries, that's about 2 seconds.
214 */
215#define MAX_START_RETRIES 200
Willy Tarreaubaaee002006-06-26 02:48:02 +0200216static int *oldpids = NULL;
217static int oldpids_sig; /* use USR1 or TERM */
218
Olivier Houchardf73629d2017-04-05 22:33:04 +0200219/* Path to the unix socket we use to retrieve listener sockets from the old process */
220static const char *old_unixsocket;
221
William Lallemand85b0bd92017-06-01 17:38:53 +0200222static char *cur_unixsocket = NULL;
223
William Lallemandcb11fd22017-06-01 17:38:52 +0200224int atexit_flag = 0;
225
Willy Tarreaubb545b42010-08-25 12:58:59 +0200226int nb_oldpids = 0;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200227const int zero = 0;
228const int one = 1;
Alexandre Cassen87ea5482007-10-11 20:48:58 +0200229const struct linger nolinger = { .l_onoff = 1, .l_linger = 0 };
Willy Tarreaubaaee002006-06-26 02:48:02 +0200230
Willy Tarreau1d21e0a2010-03-12 21:58:54 +0100231char hostname[MAX_HOSTNAME_LEN];
Dragan Dosen4f014152020-06-18 16:56:47 +0200232char *localpeer = NULL;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200233
William Lallemand00417412020-06-05 14:08:41 +0200234static char **old_argv = NULL; /* previous argv but cleaned up */
William Lallemand73b85e72017-06-01 17:38:51 +0200235
William Lallemandbc193052018-09-11 10:06:26 +0200236struct list proc_list = LIST_HEAD_INIT(proc_list);
237
238int master = 0; /* 1 if in master, 0 if in child */
Willy Tarreaubf696402019-03-01 10:09:28 +0100239unsigned int rlim_fd_cur_at_boot = 0;
240unsigned int rlim_fd_max_at_boot = 0;
William Lallemandbc193052018-09-11 10:06:26 +0200241
Willy Tarreau6c3a6812020-03-06 18:57:15 +0100242/* per-boot randomness */
243unsigned char boot_seed[20]; /* per-boot random seed (160 bits initially) */
244
William Lallemand16dd1b32018-11-19 18:46:18 +0100245struct mworker_proc *proc_self = NULL;
William Lallemandbc193052018-09-11 10:06:26 +0200246
William Lallemandb3f2be32018-09-11 10:06:18 +0200247static void *run_thread_poll_loop(void *data);
248
Willy Tarreauff055502014-04-28 22:27:06 +0200249/* bitfield of a few warnings to emit just once (WARN_*) */
250unsigned int warned = 0;
251
William Lallemande7361152018-10-26 14:47:36 +0200252/* master CLI configuration (-S flag) */
253struct list mworker_cli_conf = LIST_HEAD_INIT(mworker_cli_conf);
Willy Tarreaucdb737e2016-12-21 18:43:10 +0100254
255/* These are strings to be reported in the output of "haproxy -vv". They may
256 * either be constants (in which case must_free must be zero) or dynamically
257 * allocated strings to pass to free() on exit, and in this case must_free
258 * must be non-zero.
259 */
260struct list build_opts_list = LIST_HEAD_INIT(build_opts_list);
261struct build_opts_str {
262 struct list list;
263 const char *str;
264 int must_free;
265};
266
Willy Tarreaubaaee002006-06-26 02:48:02 +0200267/*********************************************************************/
268/* general purpose functions ***************************************/
269/*********************************************************************/
270
Willy Tarreaucdb737e2016-12-21 18:43:10 +0100271/* used to register some build option strings at boot. Set must_free to
272 * non-zero if the string must be freed upon exit.
273 */
274void hap_register_build_opts(const char *str, int must_free)
275{
276 struct build_opts_str *b;
277
278 b = calloc(1, sizeof(*b));
279 if (!b) {
280 fprintf(stderr, "out of memory\n");
281 exit(1);
282 }
283 b->str = str;
284 b->must_free = must_free;
Willy Tarreau2b718102021-04-21 07:32:39 +0200285 LIST_APPEND(&build_opts_list, &b->list);
Willy Tarreaucdb737e2016-12-21 18:43:10 +0100286}
287
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100288static void display_version()
Willy Tarreaubaaee002006-06-26 02:48:02 +0200289{
Tim Duesterhusdfad6a42020-04-18 16:02:47 +0200290 struct utsname utsname;
291
Willy Tarreau08dd2022019-11-21 18:07:30 +0100292 printf("HA-Proxy version %s %s - https://haproxy.org/\n"
293 PRODUCT_STATUS "\n", haproxy_version, haproxy_date);
Willy Tarreau47479eb2019-11-21 18:48:20 +0100294
295 if (strlen(PRODUCT_URL_BUGS) > 0) {
296 char base_version[20];
297 int dots = 0;
298 char *del;
299
300 /* only retrieve the base version without distro-specific extensions */
301 for (del = haproxy_version; *del; del++) {
302 if (*del == '.')
303 dots++;
304 else if (*del < '0' || *del > '9')
305 break;
306 }
307
308 strlcpy2(base_version, haproxy_version, del - haproxy_version + 1);
309 if (dots < 2)
310 printf("Known bugs: https://github.com/haproxy/haproxy/issues?q=is:issue+is:open\n");
311 else
312 printf("Known bugs: " PRODUCT_URL_BUGS "\n", base_version);
313 }
Tim Duesterhusdfad6a42020-04-18 16:02:47 +0200314
315 if (uname(&utsname) == 0) {
316 printf("Running on: %s %s %s %s\n", utsname.sysname, utsname.release, utsname.version, utsname.machine);
317 }
Willy Tarreaubaaee002006-06-26 02:48:02 +0200318}
319
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100320static void display_build_opts()
Willy Tarreau7b066db2007-12-02 11:28:59 +0100321{
Willy Tarreaucdb737e2016-12-21 18:43:10 +0100322 struct build_opts_str *item;
323
Willy Tarreau7b066db2007-12-02 11:28:59 +0100324 printf("Build options :"
325#ifdef BUILD_TARGET
Willy Tarreau9f2b7302008-01-02 20:48:34 +0100326 "\n TARGET = " BUILD_TARGET
Willy Tarreau7b066db2007-12-02 11:28:59 +0100327#endif
328#ifdef BUILD_CPU
Willy Tarreau9f2b7302008-01-02 20:48:34 +0100329 "\n CPU = " BUILD_CPU
Willy Tarreau7b066db2007-12-02 11:28:59 +0100330#endif
331#ifdef BUILD_CC
Willy Tarreau9f2b7302008-01-02 20:48:34 +0100332 "\n CC = " BUILD_CC
333#endif
334#ifdef BUILD_CFLAGS
335 "\n CFLAGS = " BUILD_CFLAGS
Willy Tarreau7b066db2007-12-02 11:28:59 +0100336#endif
Willy Tarreau9f2b7302008-01-02 20:48:34 +0100337#ifdef BUILD_OPTIONS
338 "\n OPTIONS = " BUILD_OPTIONS
Willy Tarreau7b066db2007-12-02 11:28:59 +0100339#endif
Tim Duesterhusc8d19702020-11-21 18:07:59 +0100340#ifdef BUILD_DEBUG
341 "\n DEBUG = " BUILD_DEBUG
342#endif
Willy Tarreau7728ed32019-03-27 13:20:08 +0100343#ifdef BUILD_FEATURES
344 "\n\nFeature list : " BUILD_FEATURES
345#endif
Willy Tarreau27a674e2009-08-17 07:23:33 +0200346 "\n\nDefault settings :"
Willy Tarreauca783d42019-03-13 10:03:07 +0100347 "\n bufsize = %d, maxrewrite = %d, maxpollevents = %d"
Willy Tarreau27a674e2009-08-17 07:23:33 +0200348 "\n\n",
Willy Tarreauca783d42019-03-13 10:03:07 +0100349 BUFSIZE, MAXREWRITE, MAX_POLL_EVENTS);
Willy Tarreaube5b6852009-10-03 18:57:08 +0200350
Willy Tarreaucdb737e2016-12-21 18:43:10 +0100351 list_for_each_entry(item, &build_opts_list, list) {
352 puts(item->str);
353 }
354
Krzysztof Piotr Oledzki96105042010-01-29 17:50:44 +0100355 putchar('\n');
356
Willy Tarreaube5b6852009-10-03 18:57:08 +0200357 list_pollers(stdout);
358 putchar('\n');
Christopher Faulet98d9fe22018-04-10 14:37:32 +0200359 list_mux_proto(stdout);
360 putchar('\n');
Willy Tarreau679bba12019-03-19 08:08:10 +0100361 list_services(stdout);
362 putchar('\n');
Christopher Fauletb3f4e142016-03-07 12:46:38 +0100363 list_filters(stdout);
364 putchar('\n');
Willy Tarreau7b066db2007-12-02 11:28:59 +0100365}
366
Willy Tarreaubaaee002006-06-26 02:48:02 +0200367/*
368 * This function prints the command line usage and exits
369 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100370static void usage(char *name)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200371{
372 display_version();
373 fprintf(stderr,
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200374 "Usage : %s [-f <cfgfile|cfgdir>]* [ -vdV"
Willy Tarreaubaaee002006-06-26 02:48:02 +0200375 "D ] [ -n <maxconn> ] [ -N <maxpconn> ]\n"
Willy Tarreaua088d312015-10-08 11:58:48 +0200376 " [ -p <pidfile> ] [ -m <max megs> ] [ -C <dir> ] [-- <cfgfile>*]\n"
Willy Tarreau7b066db2007-12-02 11:28:59 +0100377 " -v displays version ; -vv shows known build options.\n"
Willy Tarreaubaaee002006-06-26 02:48:02 +0200378 " -d enters debug mode ; -db only disables background mode.\n"
Willy Tarreau6e064432012-05-08 15:40:42 +0200379 " -dM[<byte>] poisons memory with <byte> (defaults to 0x50)\n"
Willy Tarreaubaaee002006-06-26 02:48:02 +0200380 " -V enters verbose mode (disables quiet mode)\n"
Willy Tarreau576132e2011-09-10 19:26:56 +0200381 " -D goes daemon ; -C changes to <dir> before loading files.\n"
William Lallemand095ba4c2017-06-01 17:38:50 +0200382 " -W master-worker mode.\n"
Tim Duesterhusd6942c82017-11-20 15:58:35 +0100383#if defined(USE_SYSTEMD)
384 " -Ws master-worker mode with systemd notify support.\n"
385#endif
Willy Tarreaubaaee002006-06-26 02:48:02 +0200386 " -q quiet mode : don't display messages\n"
Willy Tarreau5d01a632009-06-22 16:02:30 +0200387 " -c check mode : only check config files and exit\n"
Willy Tarreauca783d42019-03-13 10:03:07 +0100388 " -n sets the maximum total # of connections (uses ulimit -n)\n"
Willy Tarreaubaaee002006-06-26 02:48:02 +0200389 " -m limits the usable amount of memory (in MB)\n"
390 " -N sets the default, per-proxy maximum # of connections (%d)\n"
Emeric Brun2b920a12010-09-23 18:30:22 +0200391 " -L set local peer name (default to hostname)\n"
Willy Tarreaubaaee002006-06-26 02:48:02 +0200392 " -p writes pids of all children to this file\n"
Willy Tarreaue5733232019-05-22 19:24:06 +0200393#if defined(USE_EPOLL)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200394 " -de disables epoll() usage even when available\n"
395#endif
Willy Tarreaue5733232019-05-22 19:24:06 +0200396#if defined(USE_KQUEUE)
Willy Tarreau1e63130a2007-04-09 12:03:06 +0200397 " -dk disables kqueue() usage even when available\n"
398#endif
Willy Tarreaue5733232019-05-22 19:24:06 +0200399#if defined(USE_EVPORTS)
Emmanuel Hocdet0ba4f482019-04-08 16:53:32 +0000400 " -dv disables event ports usage even when available\n"
401#endif
Willy Tarreaue5733232019-05-22 19:24:06 +0200402#if defined(USE_POLL)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200403 " -dp disables poll() usage even when available\n"
404#endif
Willy Tarreaue5733232019-05-22 19:24:06 +0200405#if defined(USE_LINUX_SPLICE)
Willy Tarreau3ab68cf2009-01-25 16:03:28 +0100406 " -dS disables splice usage (broken on old kernels)\n"
407#endif
Nenad Merdanovic88afe032014-04-14 15:56:58 +0200408#if defined(USE_GETADDRINFO)
409 " -dG disables getaddrinfo() usage\n"
410#endif
Lukas Tribusa0bcbdc2016-09-12 21:42:20 +0000411#if defined(SO_REUSEPORT)
412 " -dR disables SO_REUSEPORT usage\n"
413#endif
Willy Tarreau3eed10e2016-11-07 21:03:16 +0100414 " -dr ignores server address resolution failures\n"
Emeric Brun850efd52014-01-29 12:24:34 +0100415 " -dV disables SSL verify on servers side\n"
Willy Tarreau3eb10b82020-04-15 16:42:39 +0200416 " -dW fails if any warning is emitted\n"
Amaury Denoyelle7b01a8d2021-03-29 10:29:07 +0200417 " -dD diagnostic mode : warn about suspicious configuration statements\n"
Willy Tarreauc6ca1aa2015-10-08 11:32:32 +0200418 " -sf/-st [pid ]* finishes/terminates old pids.\n"
Olivier Houchardf73629d2017-04-05 22:33:04 +0200419 " -x <unix_socket> get listening sockets from a unix socket\n"
William Lallemand63329e32019-06-13 17:03:37 +0200420 " -S <bind>[,<bind options>...] new master CLI\n"
Willy Tarreaubaaee002006-06-26 02:48:02 +0200421 "\n",
Willy Tarreauca783d42019-03-13 10:03:07 +0100422 name, cfg_maxpconn);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200423 exit(1);
424}
425
426
427
428/*********************************************************************/
429/* more specific functions ***************************************/
430/*********************************************************************/
431
William Lallemand73b85e72017-06-01 17:38:51 +0200432/* sends the signal <sig> to all pids found in <oldpids>. Returns the number of
433 * pids the signal was correctly delivered to.
434 */
William Lallemande25473c2019-04-01 11:29:56 +0200435int tell_old_pids(int sig)
William Lallemand73b85e72017-06-01 17:38:51 +0200436{
437 int p;
438 int ret = 0;
439 for (p = 0; p < nb_oldpids; p++)
440 if (kill(oldpids[p], sig) == 0)
441 ret++;
442 return ret;
443}
444
William Lallemand75ea0a02017-11-15 19:02:58 +0100445/*
William Lallemand73b85e72017-06-01 17:38:51 +0200446 * remove a pid forom the olpid array and decrease nb_oldpids
447 * return 1 pid was found otherwise return 0
448 */
449
450int delete_oldpid(int pid)
451{
452 int i;
453
454 for (i = 0; i < nb_oldpids; i++) {
455 if (oldpids[i] == pid) {
456 oldpids[i] = oldpids[nb_oldpids - 1];
457 oldpids[nb_oldpids - 1] = 0;
458 nb_oldpids--;
459 return 1;
460 }
461 }
462 return 0;
463}
464
William Lallemand85b0bd92017-06-01 17:38:53 +0200465
466static void get_cur_unixsocket()
467{
468 /* if -x was used, try to update the stat socket if not available anymore */
Willy Tarreau4975d142021-03-13 11:00:33 +0100469 if (global.cli_fe) {
William Lallemand85b0bd92017-06-01 17:38:53 +0200470 struct bind_conf *bind_conf;
471
472 /* pass through all stats socket */
Willy Tarreau4975d142021-03-13 11:00:33 +0100473 list_for_each_entry(bind_conf, &global.cli_fe->conf.bind, by_fe) {
William Lallemand85b0bd92017-06-01 17:38:53 +0200474 struct listener *l;
475
476 list_for_each_entry(l, &bind_conf->listeners, by_bind) {
477
Willy Tarreau37159062020-08-27 07:48:42 +0200478 if (l->rx.addr.ss_family == AF_UNIX &&
William Lallemand85b0bd92017-06-01 17:38:53 +0200479 (bind_conf->level & ACCESS_FD_LISTENERS)) {
480 const struct sockaddr_un *un;
481
Willy Tarreau37159062020-08-27 07:48:42 +0200482 un = (struct sockaddr_un *)&l->rx.addr;
William Lallemand85b0bd92017-06-01 17:38:53 +0200483 /* priority to old_unixsocket */
484 if (!cur_unixsocket) {
485 cur_unixsocket = strdup(un->sun_path);
486 } else {
Tim Duesterhuse5ff1412021-01-02 22:31:53 +0100487 if (old_unixsocket && strcmp(un->sun_path, old_unixsocket) == 0) {
William Lallemand85b0bd92017-06-01 17:38:53 +0200488 free(cur_unixsocket);
489 cur_unixsocket = strdup(old_unixsocket);
490 return;
491 }
492 }
493 }
494 }
495 }
496 }
497 if (!cur_unixsocket && old_unixsocket)
498 cur_unixsocket = strdup(old_unixsocket);
499}
500
William Lallemand73b85e72017-06-01 17:38:51 +0200501/*
502 * When called, this function reexec haproxy with -sf followed by current
Joseph Herlant03420902018-11-15 10:41:50 -0800503 * children PIDs and possibly old children PIDs if they didn't leave yet.
William Lallemand73b85e72017-06-01 17:38:51 +0200504 */
William Lallemanda57b7e32018-12-14 21:11:31 +0100505void mworker_reload()
William Lallemand73b85e72017-06-01 17:38:51 +0200506{
William Lallemand00417412020-06-05 14:08:41 +0200507 char **next_argv = NULL;
508 int old_argc = 0; /* previous number of argument */
William Lallemand73b85e72017-06-01 17:38:51 +0200509 int next_argc = 0;
William Lallemand00417412020-06-05 14:08:41 +0200510 int i = 0;
William Lallemand73b85e72017-06-01 17:38:51 +0200511 char *msg = NULL;
Willy Tarreau8dca1952019-03-01 10:21:55 +0100512 struct rlimit limit;
William Lallemand7c756a82018-11-26 11:53:40 +0100513 struct per_thread_deinit_fct *ptdf;
William Lallemand73b85e72017-06-01 17:38:51 +0200514
515 mworker_block_signals();
Tim Duesterhusd6942c82017-11-20 15:58:35 +0100516#if defined(USE_SYSTEMD)
517 if (global.tune.options & GTUNE_USE_SYSTEMD)
518 sd_notify(0, "RELOADING=1");
519#endif
William Lallemand73b85e72017-06-01 17:38:51 +0200520 setenv("HAPROXY_MWORKER_REEXEC", "1", 1);
521
William Lallemandbc193052018-09-11 10:06:26 +0200522 mworker_proc_list_to_env(); /* put the children description in the env */
523
William Lallemand7c756a82018-11-26 11:53:40 +0100524 /* during the reload we must ensure that every FDs that can't be
525 * reuse (ie those that are not referenced in the proc_list)
526 * are closed or they will leak. */
527
528 /* close the listeners FD */
529 mworker_cli_proxy_stop();
William Lallemand16866672019-06-24 17:40:48 +0200530
531 if (getenv("HAPROXY_MWORKER_WAIT_ONLY") == NULL) {
532 /* close the poller FD and the thread waker pipe FD */
533 list_for_each_entry(ptdf, &per_thread_deinit_list, list)
534 ptdf->fct();
535 if (fdtab)
536 deinit_pollers();
537 }
Ilya Shipitsin98a9e1b2021-02-19 23:42:53 +0500538#ifdef HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
William Lallemand5fdb5b32019-10-15 14:04:08 +0200539 /* close random device FDs */
540 RAND_keep_random_devices_open(0);
Rob Allen56996da2019-05-03 09:11:32 +0100541#endif
William Lallemand7c756a82018-11-26 11:53:40 +0100542
Willy Tarreau8dca1952019-03-01 10:21:55 +0100543 /* restore the initial FD limits */
544 limit.rlim_cur = rlim_fd_cur_at_boot;
545 limit.rlim_max = rlim_fd_max_at_boot;
546 if (setrlimit(RLIMIT_NOFILE, &limit) == -1) {
547 getrlimit(RLIMIT_NOFILE, &limit);
548 ha_warning("Failed to restore initial FD limits (cur=%u max=%u), using cur=%u max=%u\n",
549 rlim_fd_cur_at_boot, rlim_fd_max_at_boot,
550 (unsigned int)limit.rlim_cur, (unsigned int)limit.rlim_max);
551 }
552
William Lallemand73b85e72017-06-01 17:38:51 +0200553 /* compute length */
William Lallemand00417412020-06-05 14:08:41 +0200554 while (old_argv[old_argc])
555 old_argc++;
William Lallemand73b85e72017-06-01 17:38:51 +0200556
William Lallemand85b0bd92017-06-01 17:38:53 +0200557 /* 1 for haproxy -sf, 2 for -x /socket */
Tim Duesterhuse52b6e52020-09-12 20:26:43 +0200558 next_argv = calloc(old_argc + 1 + 2 + mworker_child_nb() + nb_oldpids + 1,
559 sizeof(*next_argv));
William Lallemand73b85e72017-06-01 17:38:51 +0200560 if (next_argv == NULL)
561 goto alloc_error;
562
William Lallemand00417412020-06-05 14:08:41 +0200563 /* copy the program name */
564 next_argv[next_argc++] = old_argv[0];
565
566 /* insert the new options just after argv[0] in case we have a -- */
567
William Lallemand73b85e72017-06-01 17:38:51 +0200568 /* add -sf <PID>* to argv */
William Lallemand3f128872019-04-01 11:29:59 +0200569 if (mworker_child_nb() > 0) {
570 struct mworker_proc *child;
571
William Lallemand73b85e72017-06-01 17:38:51 +0200572 next_argv[next_argc++] = "-sf";
William Lallemand3f128872019-04-01 11:29:59 +0200573
574 list_for_each_entry(child, &proc_list, list) {
William Lallemand677e2f22019-11-19 17:04:18 +0100575 if (!(child->options & (PROC_O_TYPE_WORKER|PROC_O_TYPE_PROG)) || child->pid <= -1 )
William Lallemand3f128872019-04-01 11:29:59 +0200576 continue;
William Lallemand00417412020-06-05 14:08:41 +0200577 if ((next_argv[next_argc++] = memprintf(&msg, "%d", child->pid)) == NULL)
William Lallemand73b85e72017-06-01 17:38:51 +0200578 goto alloc_error;
579 msg = NULL;
580 }
581 }
William Lallemand2bf6d622017-06-20 11:20:23 +0200582 /* add the -x option with the stat socket */
William Lallemand85b0bd92017-06-01 17:38:53 +0200583 if (cur_unixsocket) {
William Lallemand2bf6d622017-06-20 11:20:23 +0200584 next_argv[next_argc++] = "-x";
585 next_argv[next_argc++] = (char *)cur_unixsocket;
William Lallemand85b0bd92017-06-01 17:38:53 +0200586 }
587
William Lallemand00417412020-06-05 14:08:41 +0200588 /* copy the previous options */
589 for (i = 1; i < old_argc; i++)
590 next_argv[next_argc++] = old_argv[i];
591
Christopher Faulet767a84b2017-11-24 16:50:31 +0100592 ha_warning("Reexecuting Master process\n");
Willy Tarreaue0d86e22019-08-26 10:37:39 +0200593 signal(SIGPROF, SIG_IGN);
Tim Duesterhus0436ab72017-11-12 17:39:18 +0100594 execvp(next_argv[0], next_argv);
William Lallemand73b85e72017-06-01 17:38:51 +0200595
Christopher Faulet767a84b2017-11-24 16:50:31 +0100596 ha_warning("Failed to reexecute the master process [%d]: %s\n", pid, strerror(errno));
Willy Tarreau61cfdf42021-02-20 10:46:51 +0100597 ha_free(&next_argv);
William Lallemand722d4ca2017-11-15 19:02:55 +0100598 return;
599
William Lallemand73b85e72017-06-01 17:38:51 +0200600alloc_error:
Willy Tarreau61cfdf42021-02-20 10:46:51 +0100601 ha_free(&next_argv);
Joseph Herlant07a08342018-11-15 10:43:05 -0800602 ha_warning("Failed to reexecute the master process [%d]: Cannot allocate memory\n", pid);
William Lallemand73b85e72017-06-01 17:38:51 +0200603 return;
604}
605
William Lallemandb3f2be32018-09-11 10:06:18 +0200606static void mworker_loop()
607{
608
609#if defined(USE_SYSTEMD)
610 if (global.tune.options & GTUNE_USE_SYSTEMD)
611 sd_notifyf(0, "READY=1\nMAINPID=%lu", (unsigned long)getpid());
612#endif
Willy Tarreaud83b6c12019-04-18 11:31:36 +0200613 /* Busy polling makes no sense in the master :-) */
614 global.tune.options &= ~GTUNE_BUSY_POLLING;
William Lallemandb3f2be32018-09-11 10:06:18 +0200615
William Lallemandbc193052018-09-11 10:06:26 +0200616 master = 1;
617
Willy Tarreaud26c9f92019-12-11 14:24:07 +0100618 signal_unregister(SIGTTIN);
619 signal_unregister(SIGTTOU);
William Lallemand0564d412018-11-20 17:36:53 +0100620 signal_unregister(SIGUSR1);
621 signal_unregister(SIGHUP);
622 signal_unregister(SIGQUIT);
623
William Lallemandb3f2be32018-09-11 10:06:18 +0200624 signal_register_fct(SIGTERM, mworker_catch_sigterm, SIGTERM);
625 signal_register_fct(SIGUSR1, mworker_catch_sigterm, SIGUSR1);
Willy Tarreaud26c9f92019-12-11 14:24:07 +0100626 signal_register_fct(SIGTTIN, mworker_broadcast_signal, SIGTTIN);
627 signal_register_fct(SIGTTOU, mworker_broadcast_signal, SIGTTOU);
William Lallemandb3f2be32018-09-11 10:06:18 +0200628 signal_register_fct(SIGINT, mworker_catch_sigterm, SIGINT);
629 signal_register_fct(SIGHUP, mworker_catch_sighup, SIGHUP);
630 signal_register_fct(SIGUSR2, mworker_catch_sighup, SIGUSR2);
631 signal_register_fct(SIGCHLD, mworker_catch_sigchld, SIGCHLD);
632
633 mworker_unblock_signals();
634 mworker_cleanlisteners();
William Lallemand27f3fa52018-12-06 14:05:20 +0100635 mworker_cleantasks();
William Lallemandb3f2be32018-09-11 10:06:18 +0200636
William Lallemandbc193052018-09-11 10:06:26 +0200637 mworker_catch_sigchld(NULL); /* ensure we clean the children in case
638 some SIGCHLD were lost */
639
William Lallemandb3f2be32018-09-11 10:06:18 +0200640 global.nbthread = 1;
641 relative_pid = 1;
642 pid_bit = 1;
Willy Tarreaua38a7172019-02-02 17:11:28 +0100643 all_proc_mask = 1;
William Lallemandb3f2be32018-09-11 10:06:18 +0200644
William Lallemand2672eb92018-12-14 15:52:39 +0100645#ifdef USE_THREAD
646 tid_bit = 1;
647 all_threads_mask = 1;
648#endif
649
William Lallemandb3f2be32018-09-11 10:06:18 +0200650 jobs++; /* this is the "master" job, we want to take care of the
651 signals even if there is no listener so the poll loop don't
652 leave */
653
654 fork_poller();
Willy Tarreaub4f7cc32019-05-03 09:27:30 +0200655 run_thread_poll_loop(0);
William Lallemandb3f2be32018-09-11 10:06:18 +0200656}
William Lallemandcb11fd22017-06-01 17:38:52 +0200657
658/*
659 * Reexec the process in failure mode, instead of exiting
660 */
661void reexec_on_failure()
662{
663 if (!atexit_flag)
664 return;
665
666 setenv("HAPROXY_MWORKER_WAIT_ONLY", "1", 1);
667
Christopher Faulet767a84b2017-11-24 16:50:31 +0100668 ha_warning("Reexecuting Master process in waitpid mode\n");
William Lallemandcb11fd22017-06-01 17:38:52 +0200669 mworker_reload();
William Lallemandcb11fd22017-06-01 17:38:52 +0200670}
William Lallemand73b85e72017-06-01 17:38:51 +0200671
672
673/*
Willy Tarreaud0807c32010-08-27 18:26:11 +0200674 * upon SIGUSR1, let's have a soft stop. Note that soft_stop() broadcasts
675 * a signal zero to all subscribers. This means that it's as easy as
676 * subscribing to signal 0 to get informed about an imminent shutdown.
Willy Tarreaubaaee002006-06-26 02:48:02 +0200677 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100678static void sig_soft_stop(struct sig_handler *sh)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200679{
680 soft_stop();
Willy Tarreau24f4efa2010-08-27 17:56:48 +0200681 signal_unregister_handler(sh);
Willy Tarreaubafbe012017-11-24 17:34:44 +0100682 pool_gc(NULL);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200683}
684
685/*
686 * upon SIGTTOU, we pause everything
687 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100688static void sig_pause(struct sig_handler *sh)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200689{
Willy Tarreau775e0012020-09-24 16:36:26 +0200690 if (protocol_pause_all() & ERR_FATAL) {
691 const char *msg = "Some proxies refused to pause, performing soft stop now.\n";
Willy Tarreau0a002df2020-10-09 19:26:27 +0200692 ha_warning("%s", msg);
693 send_log(NULL, LOG_WARNING, "%s", msg);
Willy Tarreau775e0012020-09-24 16:36:26 +0200694 soft_stop();
695 }
Willy Tarreaubafbe012017-11-24 17:34:44 +0100696 pool_gc(NULL);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200697}
698
699/*
700 * upon SIGTTIN, let's have a soft stop.
701 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100702static void sig_listen(struct sig_handler *sh)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200703{
Willy Tarreau775e0012020-09-24 16:36:26 +0200704 if (protocol_resume_all() & ERR_FATAL) {
705 const char *msg = "Some proxies refused to resume, probably due to a conflict on a listening port. You may want to try again after the conflicting application is stopped, otherwise a restart might be needed to resume safe operations.\n";
Willy Tarreau0a002df2020-10-09 19:26:27 +0200706 ha_warning("%s", msg);
707 send_log(NULL, LOG_WARNING, "%s", msg);
Willy Tarreau775e0012020-09-24 16:36:26 +0200708 }
Willy Tarreaubaaee002006-06-26 02:48:02 +0200709}
710
711/*
712 * this function dumps every server's state when the process receives SIGHUP.
713 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100714static void sig_dump_state(struct sig_handler *sh)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200715{
Olivier Houchardfbc74e82017-11-24 16:54:05 +0100716 struct proxy *p = proxies_list;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200717
Christopher Faulet767a84b2017-11-24 16:50:31 +0100718 ha_warning("SIGHUP received, dumping servers states.\n");
Willy Tarreaubaaee002006-06-26 02:48:02 +0200719 while (p) {
720 struct server *s = p->srv;
721
722 send_log(p, LOG_NOTICE, "SIGHUP received, dumping servers states for proxy %s.\n", p->id);
723 while (s) {
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100724 chunk_printf(&trash,
725 "SIGHUP: Server %s/%s is %s. Conn: %d act, %d pend, %lld tot.",
726 p->id, s->id,
Emeric Brun52a91d32017-08-31 14:41:55 +0200727 (s->cur_state != SRV_ST_STOPPED) ? "UP" : "DOWN",
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100728 s->cur_sess, s->nbpend, s->counters.cum_sess);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200729 ha_warning("%s\n", trash.area);
730 send_log(p, LOG_NOTICE, "%s\n", trash.area);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200731 s = s->next;
732 }
733
Willy Tarreau5fcc8f12007-09-17 11:27:09 +0200734 /* FIXME: those info are a bit outdated. We should be able to distinguish between FE and BE. */
735 if (!p->srv) {
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100736 chunk_printf(&trash,
737 "SIGHUP: Proxy %s has no servers. Conn: act(FE+BE): %d+%d, %d pend (%d unass), tot(FE+BE): %lld+%lld.",
738 p->id,
739 p->feconn, p->beconn, p->totpend, p->nbpend, p->fe_counters.cum_conn, p->be_counters.cum_conn);
Willy Tarreau5fcc8f12007-09-17 11:27:09 +0200740 } else if (p->srv_act == 0) {
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100741 chunk_printf(&trash,
742 "SIGHUP: Proxy %s %s ! Conn: act(FE+BE): %d+%d, %d pend (%d unass), tot(FE+BE): %lld+%lld.",
743 p->id,
744 (p->srv_bck) ? "is running on backup servers" : "has no server available",
745 p->feconn, p->beconn, p->totpend, p->nbpend, p->fe_counters.cum_conn, p->be_counters.cum_conn);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200746 } else {
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100747 chunk_printf(&trash,
748 "SIGHUP: Proxy %s has %d active servers and %d backup servers available."
749 " Conn: act(FE+BE): %d+%d, %d pend (%d unass), tot(FE+BE): %lld+%lld.",
750 p->id, p->srv_act, p->srv_bck,
751 p->feconn, p->beconn, p->totpend, p->nbpend, p->fe_counters.cum_conn, p->be_counters.cum_conn);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200752 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200753 ha_warning("%s\n", trash.area);
754 send_log(p, LOG_NOTICE, "%s\n", trash.area);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200755
756 p = p->next;
757 }
Willy Tarreaubaaee002006-06-26 02:48:02 +0200758}
759
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100760static void dump(struct sig_handler *sh)
Willy Tarreaubaaee002006-06-26 02:48:02 +0200761{
Willy Tarreauc6ca1a02007-05-13 19:43:47 +0200762 /* dump memory usage then free everything possible */
763 dump_pools();
Willy Tarreaubafbe012017-11-24 17:34:44 +0100764 pool_gc(NULL);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200765}
766
William Lallemande1340412017-12-28 16:09:36 +0100767/*
768 * This function dup2 the stdio FDs (0,1,2) with <fd>, then closes <fd>
769 * If <fd> < 0, it opens /dev/null and use it to dup
770 *
771 * In the case of chrooting, you have to open /dev/null before the chroot, and
772 * pass the <fd> to this function
773 */
774static void stdio_quiet(int fd)
775{
776 if (fd < 0)
777 fd = open("/dev/null", O_RDWR, 0);
778
779 if (fd > -1) {
780 fclose(stdin);
781 fclose(stdout);
782 fclose(stderr);
783
784 dup2(fd, 0);
785 dup2(fd, 1);
786 dup2(fd, 2);
787 if (fd > 2)
788 close(fd);
789 return;
790 }
791
792 ha_alert("Cannot open /dev/null\n");
793 exit(EXIT_FAILURE);
794}
795
796
Joseph Herlant03420902018-11-15 10:41:50 -0800797/* This function checks if cfg_cfgfiles contains directories.
798 * If it finds one, it adds all the files (and only files) it contains
799 * in cfg_cfgfiles in place of the directory (and removes the directory).
800 * It adds the files in lexical order.
801 * It adds only files with .cfg extension.
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200802 * It doesn't add files with name starting with '.'
803 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +0100804static void cfgfiles_expand_directories(void)
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200805{
806 struct wordlist *wl, *wlb;
807 char *err = NULL;
808
809 list_for_each_entry_safe(wl, wlb, &cfg_cfgfiles, list) {
810 struct stat file_stat;
811 struct dirent **dir_entries = NULL;
812 int dir_entries_nb;
813 int dir_entries_it;
814
815 if (stat(wl->s, &file_stat)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100816 ha_alert("Cannot open configuration file/directory %s : %s\n",
817 wl->s,
818 strerror(errno));
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200819 exit(1);
820 }
821
822 if (!S_ISDIR(file_stat.st_mode))
823 continue;
824
825 /* from this point wl->s is a directory */
826
827 dir_entries_nb = scandir(wl->s, &dir_entries, NULL, alphasort);
828 if (dir_entries_nb < 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100829 ha_alert("Cannot open configuration directory %s : %s\n",
830 wl->s,
831 strerror(errno));
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200832 exit(1);
833 }
834
835 /* for each element in the directory wl->s */
836 for (dir_entries_it = 0; dir_entries_it < dir_entries_nb; dir_entries_it++) {
837 struct dirent *dir_entry = dir_entries[dir_entries_it];
838 char *filename = NULL;
839 char *d_name_cfgext = strstr(dir_entry->d_name, ".cfg");
840
841 /* don't add filename that begin with .
Joseph Herlant03420902018-11-15 10:41:50 -0800842 * only add filename with .cfg extension
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200843 */
844 if (dir_entry->d_name[0] == '.' ||
845 !(d_name_cfgext && d_name_cfgext[4] == '\0'))
846 goto next_dir_entry;
847
848 if (!memprintf(&filename, "%s/%s", wl->s, dir_entry->d_name)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100849 ha_alert("Cannot load configuration files %s : out of memory.\n",
850 filename);
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200851 exit(1);
852 }
853
854 if (stat(filename, &file_stat)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100855 ha_alert("Cannot open configuration file %s : %s\n",
856 wl->s,
857 strerror(errno));
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200858 exit(1);
859 }
860
861 /* don't add anything else than regular file in cfg_cfgfiles
862 * this way we avoid loops
863 */
864 if (!S_ISREG(file_stat.st_mode))
865 goto next_dir_entry;
866
867 if (!list_append_word(&wl->list, filename, &err)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100868 ha_alert("Cannot load configuration files %s : %s\n",
869 filename,
870 err);
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200871 exit(1);
872 }
873
874next_dir_entry:
875 free(filename);
876 free(dir_entry);
877 }
878
879 free(dir_entries);
880
881 /* remove the current directory (wl) from cfg_cfgfiles */
882 free(wl->s);
Willy Tarreau2b718102021-04-21 07:32:39 +0200883 LIST_DELETE(&wl->list);
Maxime de Roucy379d9c72016-05-13 23:52:56 +0200884 free(wl);
885 }
886
887 free(err);
888}
889
Willy Tarreaubaaee002006-06-26 02:48:02 +0200890/*
William Lallemand73b85e72017-06-01 17:38:51 +0200891 * copy and cleanup the current argv
William Lallemanddf6c5a82020-06-04 17:40:23 +0200892 * Remove the -sf /-st / -x parameters
William Lallemand73b85e72017-06-01 17:38:51 +0200893 * Return an allocated copy of argv
894 */
895
896static char **copy_argv(int argc, char **argv)
897{
William Lallemanddf6c5a82020-06-04 17:40:23 +0200898 char **newargv, **retargv;
William Lallemand73b85e72017-06-01 17:38:51 +0200899
Tim Duesterhuse52b6e52020-09-12 20:26:43 +0200900 newargv = calloc(argc + 2, sizeof(*newargv));
William Lallemand73b85e72017-06-01 17:38:51 +0200901 if (newargv == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100902 ha_warning("Cannot allocate memory\n");
William Lallemand73b85e72017-06-01 17:38:51 +0200903 return NULL;
904 }
William Lallemanddf6c5a82020-06-04 17:40:23 +0200905 retargv = newargv;
William Lallemand73b85e72017-06-01 17:38:51 +0200906
William Lallemanddf6c5a82020-06-04 17:40:23 +0200907 /* first copy argv[0] */
908 *newargv++ = *argv++;
909 argc--;
910
911 while (argc > 0) {
912 if (**argv != '-') {
913 /* non options are copied but will fail in the argument parser */
914 *newargv++ = *argv++;
915 argc--;
916
917 } else {
918 char *flag;
919
920 flag = *argv + 1;
921
922 if (flag[0] == '-' && flag[1] == 0) {
923 /* "--\0" copy every arguments till the end of argv */
924 *newargv++ = *argv++;
925 argc--;
926
927 while (argc > 0) {
928 *newargv++ = *argv++;
929 argc--;
930 }
931 } else {
932 switch (*flag) {
933 case 's':
934 /* -sf / -st and their parameters are ignored */
935 if (flag[1] == 'f' || flag[1] == 't') {
936 argc--;
937 argv++;
938 /* The list can't contain a negative value since the only
939 way to know the end of this list is by looking for the
940 next option or the end of the options */
941 while (argc > 0 && argv[0][0] != '-') {
942 argc--;
943 argv++;
944 }
William Lallemand398da622020-09-02 16:12:23 +0200945 } else {
946 argc--;
947 argv++;
948
William Lallemanddf6c5a82020-06-04 17:40:23 +0200949 }
950 break;
951
952 case 'x':
953 /* this option and its parameter are ignored */
954 argc--;
955 argv++;
956 if (argc > 0) {
957 argc--;
958 argv++;
959 }
960 break;
961
962 case 'C':
963 case 'n':
964 case 'm':
965 case 'N':
966 case 'L':
967 case 'f':
968 case 'p':
969 case 'S':
970 /* these options have only 1 parameter which must be copied and can start with a '-' */
971 *newargv++ = *argv++;
972 argc--;
973 if (argc == 0)
974 goto error;
975 *newargv++ = *argv++;
976 argc--;
977 break;
978 default:
979 /* for other options just copy them without parameters, this is also done
980 * for options like "--foo", but this will fail in the argument parser.
981 * */
982 *newargv++ = *argv++;
983 argc--;
984 break;
985 }
William Lallemand73b85e72017-06-01 17:38:51 +0200986 }
987 }
William Lallemand73b85e72017-06-01 17:38:51 +0200988 }
William Lallemand2bf6d622017-06-20 11:20:23 +0200989
William Lallemanddf6c5a82020-06-04 17:40:23 +0200990 return retargv;
991
992error:
993 free(retargv);
994 return NULL;
William Lallemand73b85e72017-06-01 17:38:51 +0200995}
996
Willy Tarreau6c3a6812020-03-06 18:57:15 +0100997
998/* Performs basic random seed initialization. The main issue with this is that
999 * srandom_r() only takes 32 bits and purposely provides a reproducible sequence,
1000 * which means that there will only be 4 billion possible random sequences once
1001 * srandom() is called, regardless of the internal state. Not calling it is
1002 * even worse as we'll always produce the same randoms sequences. What we do
1003 * here is to create an initial sequence from various entropy sources, hash it
1004 * using SHA1 and keep the resulting 160 bits available globally.
1005 *
1006 * We initialize the current process with the first 32 bits before starting the
1007 * polling loop, where all this will be changed to have process specific and
1008 * thread specific sequences.
Willy Tarreau52bf8392020-03-08 00:42:37 +01001009 *
1010 * Before starting threads, it's still possible to call random() as srandom()
1011 * is initialized from this, but after threads and/or processes are started,
1012 * only ha_random() is expected to be used to guarantee distinct sequences.
Willy Tarreau6c3a6812020-03-06 18:57:15 +01001013 */
1014static void ha_random_boot(char *const *argv)
1015{
1016 unsigned char message[256];
1017 unsigned char *m = message;
1018 struct timeval tv;
1019 blk_SHA_CTX ctx;
1020 unsigned long l;
1021 int fd;
1022 int i;
1023
1024 /* start with current time as pseudo-random seed */
1025 gettimeofday(&tv, NULL);
1026 write_u32(m, tv.tv_sec); m += 4;
1027 write_u32(m, tv.tv_usec); m += 4;
1028
1029 /* PID and PPID add some OS-based randomness */
1030 write_u16(m, getpid()); m += 2;
1031 write_u16(m, getppid()); m += 2;
1032
1033 /* take up to 160 bits bytes from /dev/urandom if available (non-blocking) */
1034 fd = open("/dev/urandom", O_RDONLY);
1035 if (fd >= 0) {
1036 i = read(fd, m, 20);
1037 if (i > 0)
1038 m += i;
1039 close(fd);
1040 }
1041
1042 /* take up to 160 bits bytes from openssl (non-blocking) */
1043#ifdef USE_OPENSSL
1044 if (RAND_bytes(m, 20) == 1)
1045 m += 20;
1046#endif
1047
1048 /* take 160 bits from existing random in case it was already initialized */
1049 for (i = 0; i < 5; i++) {
1050 write_u32(m, random());
1051 m += 4;
1052 }
1053
1054 /* stack address (benefit form operating system's ASLR) */
1055 l = (unsigned long)&m;
1056 memcpy(m, &l, sizeof(l)); m += sizeof(l);
1057
1058 /* argv address (benefit form operating system's ASLR) */
1059 l = (unsigned long)&argv;
1060 memcpy(m, &l, sizeof(l)); m += sizeof(l);
1061
1062 /* use tv_usec again after all the operations above */
1063 gettimeofday(&tv, NULL);
1064 write_u32(m, tv.tv_usec); m += 4;
1065
1066 /*
1067 * At this point, ~84-92 bytes have been used
1068 */
1069
1070 /* finish with the hostname */
1071 strncpy((char *)m, hostname, message + sizeof(message) - m);
1072 m += strlen(hostname);
1073
1074 /* total message length */
1075 l = m - message;
1076
1077 memset(&ctx, 0, sizeof(ctx));
1078 blk_SHA1_Init(&ctx);
1079 blk_SHA1_Update(&ctx, message, l);
1080 blk_SHA1_Final(boot_seed, &ctx);
1081
1082 srandom(read_u32(boot_seed));
Willy Tarreau52bf8392020-03-08 00:42:37 +01001083 ha_random_seed(boot_seed, sizeof(boot_seed));
Willy Tarreau6c3a6812020-03-06 18:57:15 +01001084}
1085
Willy Tarreau5a023f02019-03-01 14:19:31 +01001086/* considers splicing proxies' maxconn, computes the ideal global.maxpipes
1087 * setting, and returns it. It may return -1 meaning "unlimited" if some
1088 * unlimited proxies have been found and the global.maxconn value is not yet
1089 * set. It may also return a value greater than maxconn if it's not yet set.
1090 * Note that a value of zero means there is no need for pipes. -1 is never
1091 * returned if global.maxconn is valid.
1092 */
1093static int compute_ideal_maxpipes()
1094{
1095 struct proxy *cur;
1096 int nbfe = 0, nbbe = 0;
1097 int unlimited = 0;
1098 int pipes;
1099 int max;
1100
1101 for (cur = proxies_list; cur; cur = cur->next) {
1102 if (cur->options2 & (PR_O2_SPLIC_ANY)) {
1103 if (cur->cap & PR_CAP_FE) {
1104 max = cur->maxconn;
1105 nbfe += max;
1106 if (!max) {
1107 unlimited = 1;
1108 break;
1109 }
1110 }
1111 if (cur->cap & PR_CAP_BE) {
1112 max = cur->fullconn ? cur->fullconn : global.maxconn;
1113 nbbe += max;
1114 if (!max) {
1115 unlimited = 1;
1116 break;
1117 }
1118 }
1119 }
1120 }
1121
1122 pipes = MAX(nbfe, nbbe);
1123 if (global.maxconn) {
1124 if (pipes > global.maxconn || unlimited)
1125 pipes = global.maxconn;
1126 } else if (unlimited) {
1127 pipes = -1;
1128 }
1129
1130 return pipes >= 4 ? pipes / 4 : pipes;
1131}
1132
Willy Tarreauac350932019-03-01 15:43:14 +01001133/* considers global.maxsocks, global.maxpipes, async engines, SSL frontends and
1134 * rlimits and computes an ideal maxconn. It's meant to be called only when
1135 * maxsock contains the sum of listening FDs, before it is updated based on
Willy Tarreaudf23c0c2019-03-13 10:10:49 +01001136 * maxconn and pipes. If there are not enough FDs left, DEFAULT_MAXCONN (by
1137 * default 100) is returned as it is expected that it will even run on tight
1138 * environments, and will maintain compatibility with previous packages that
1139 * used to rely on this value as the default one. The system will emit a
1140 * warning indicating how many FDs are missing anyway if needed.
Willy Tarreauac350932019-03-01 15:43:14 +01001141 */
1142static int compute_ideal_maxconn()
1143{
1144 int ssl_sides = !!global.ssl_used_frontend + !!global.ssl_used_backend;
1145 int engine_fds = global.ssl_used_async_engines * ssl_sides;
1146 int pipes = compute_ideal_maxpipes();
Willy Tarreaub1beaa32020-03-06 10:25:31 +01001147 int remain = MAX(rlim_fd_cur_at_boot, rlim_fd_max_at_boot);
Willy Tarreauac350932019-03-01 15:43:14 +01001148 int maxconn;
1149
1150 /* we have to take into account these elements :
1151 * - number of engine_fds, which inflates the number of FD needed per
1152 * connection by this number.
1153 * - number of pipes per connection on average : for the unlimited
1154 * case, this is 0.5 pipe FDs per connection, otherwise it's a
1155 * fixed value of 2*pipes.
1156 * - two FDs per connection
1157 */
1158
1159 /* subtract listeners and checks */
1160 remain -= global.maxsock;
1161
Willy Tarreau3f200852019-03-14 19:13:17 +01001162 /* one epoll_fd/kqueue_fd per thread */
1163 remain -= global.nbthread;
1164
1165 /* one wake-up pipe (2 fd) per thread */
1166 remain -= 2 * global.nbthread;
1167
Willy Tarreauac350932019-03-01 15:43:14 +01001168 /* Fixed pipes values : we only subtract them if they're not larger
1169 * than the remaining FDs because pipes are optional.
1170 */
1171 if (pipes >= 0 && pipes * 2 < remain)
1172 remain -= pipes * 2;
1173
1174 if (pipes < 0) {
1175 /* maxsock = maxconn * 2 + maxconn/4 * 2 + maxconn * engine_fds.
1176 * = maxconn * (2 + 0.5 + engine_fds)
1177 * = maxconn * (4 + 1 + 2*engine_fds) / 2
1178 */
1179 maxconn = 2 * remain / (5 + 2 * engine_fds);
1180 } else {
1181 /* maxsock = maxconn * 2 + maxconn * engine_fds.
1182 * = maxconn * (2 + engine_fds)
1183 */
1184 maxconn = remain / (2 + engine_fds);
1185 }
1186
Willy Tarreaudf23c0c2019-03-13 10:10:49 +01001187 return MAX(maxconn, DEFAULT_MAXCONN);
Willy Tarreauac350932019-03-01 15:43:14 +01001188}
1189
Willy Tarreaua409f302020-03-10 17:08:53 +01001190/* computes the estimated maxsock value for the given maxconn based on the
1191 * possibly set global.maxpipes and existing partial global.maxsock. It may
1192 * temporarily change global.maxconn for the time needed to propagate the
1193 * computations, and will reset it.
1194 */
1195static int compute_ideal_maxsock(int maxconn)
1196{
1197 int maxpipes = global.maxpipes;
1198 int maxsock = global.maxsock;
1199
1200
1201 if (!maxpipes) {
1202 int old_maxconn = global.maxconn;
1203
1204 global.maxconn = maxconn;
1205 maxpipes = compute_ideal_maxpipes();
1206 global.maxconn = old_maxconn;
1207 }
1208
1209 maxsock += maxconn * 2; /* each connection needs two sockets */
1210 maxsock += maxpipes * 2; /* each pipe needs two FDs */
1211 maxsock += global.nbthread; /* one epoll_fd/kqueue_fd per thread */
1212 maxsock += 2 * global.nbthread; /* one wake-up pipe (2 fd) per thread */
1213
1214 /* compute fd used by async engines */
1215 if (global.ssl_used_async_engines) {
1216 int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend;
1217
1218 maxsock += maxconn * sides * global.ssl_used_async_engines;
1219 }
1220 return maxsock;
1221}
1222
Thayne McCombs8f0cc5c2021-01-07 21:35:52 -07001223/* Tests if it is possible to set the current process's RLIMIT_NOFILE to
Willy Tarreau304e17e2020-03-10 17:54:54 +01001224 * <maxsock>, then sets it back to the previous value. Returns non-zero if the
1225 * value is accepted, non-zero otherwise. This is used to determine if an
1226 * automatic limit may be applied or not. When it is not, the caller knows that
1227 * the highest we can do is the rlim_max at boot. In case of error, we return
1228 * that the setting is possible, so that we defer the error processing to the
1229 * final stage in charge of enforcing this.
1230 */
1231static int check_if_maxsock_permitted(int maxsock)
1232{
1233 struct rlimit orig_limit, test_limit;
1234 int ret;
1235
1236 if (getrlimit(RLIMIT_NOFILE, &orig_limit) != 0)
1237 return 1;
1238
1239 /* don't go further if we can't even set to what we have */
1240 if (setrlimit(RLIMIT_NOFILE, &orig_limit) != 0)
1241 return 1;
1242
1243 test_limit.rlim_max = MAX(maxsock, orig_limit.rlim_max);
1244 test_limit.rlim_cur = test_limit.rlim_max;
1245 ret = setrlimit(RLIMIT_NOFILE, &test_limit);
1246
1247 if (setrlimit(RLIMIT_NOFILE, &orig_limit) != 0)
1248 return 1;
1249
1250 return ret == 0;
1251}
1252
1253
William Lallemand73b85e72017-06-01 17:38:51 +02001254/*
Willy Tarreaubaaee002006-06-26 02:48:02 +02001255 * This function initializes all the necessary variables. It only returns
1256 * if everything is OK. If something fails, it exits.
1257 */
Willy Tarreau1b5af7c2016-12-21 18:19:57 +01001258static void init(int argc, char **argv)
Willy Tarreaubaaee002006-06-26 02:48:02 +02001259{
Willy Tarreaubaaee002006-06-26 02:48:02 +02001260 int arg_mode = 0; /* MODE_DEBUG, ... */
Willy Tarreaubaaee002006-06-26 02:48:02 +02001261 char *tmp;
1262 char *cfg_pidfile = NULL;
Willy Tarreau058e9072009-07-20 09:30:05 +02001263 int err_code = 0;
Maxime de Roucy0f503922016-05-13 23:52:55 +02001264 char *err_msg = NULL;
Willy Tarreau477ecd82010-01-03 21:12:30 +01001265 struct wordlist *wl;
Kevinm48936af2010-12-22 16:08:21 +00001266 char *progname;
Willy Tarreau576132e2011-09-10 19:26:56 +02001267 char *change_dir = NULL;
Christopher Fauletd7c91962015-04-30 11:48:27 +02001268 struct proxy *px;
Willy Tarreaue6945732016-12-21 19:57:00 +01001269 struct post_check_fct *pcf;
Willy Tarreauac350932019-03-01 15:43:14 +01001270 int ideal_maxconn;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001271
Christopher Faulete3a5e352017-10-24 13:53:54 +02001272 global.mode = MODE_STARTING;
William Lallemand00417412020-06-05 14:08:41 +02001273 old_argv = copy_argv(argc, argv);
1274 if (!old_argv) {
William Lallemanddf6c5a82020-06-04 17:40:23 +02001275 ha_alert("failed to copy argv.\n");
1276 exit(1);
1277 }
William Lallemand73b85e72017-06-01 17:38:51 +02001278
Christopher Fauletcd7879a2017-10-27 13:53:47 +02001279 if (!init_trash_buffers(1)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001280 ha_alert("failed to initialize trash buffers.\n");
Christopher Faulet748919a2017-07-26 14:59:46 +02001281 exit(1);
1282 }
David du Colombier7af46052012-05-16 14:16:48 +02001283
Emeric Brun2b920a12010-09-23 18:30:22 +02001284 /* NB: POSIX does not make it mandatory for gethostname() to NULL-terminate
1285 * the string in case of truncation, and at least FreeBSD appears not to do
1286 * it.
1287 */
1288 memset(hostname, 0, sizeof(hostname));
1289 gethostname(hostname, sizeof(hostname) - 1);
Dragan Dosen4f014152020-06-18 16:56:47 +02001290
1291 if ((localpeer = strdup(hostname)) == NULL) {
1292 ha_alert("Cannot allocate memory for local peer.\n");
1293 exit(EXIT_FAILURE);
1294 }
William Lallemanddaf4cd22018-04-17 16:46:13 +02001295 setenv("HAPROXY_LOCALPEER", localpeer, 1);
Emeric Brun2b920a12010-09-23 18:30:22 +02001296
William Lallemand24c928c2020-01-14 17:58:18 +01001297 /* we were in mworker mode, we should restart in mworker mode */
1298 if (getenv("HAPROXY_MWORKER_REEXEC") != NULL)
1299 global.mode |= MODE_MWORKER;
1300
Willy Tarreaubaaee002006-06-26 02:48:02 +02001301 /*
1302 * Initialize the previously static variables.
1303 */
Christopher Fauletcd7879a2017-10-27 13:53:47 +02001304
Willy Tarreau173d9952018-01-26 21:48:23 +01001305 totalconn = actconn = listeners = stopping = 0;
Cyril Bonté203ec5a2017-03-23 22:44:13 +01001306 killed = 0;
Christopher Fauletcd7879a2017-10-27 13:53:47 +02001307
Willy Tarreaubaaee002006-06-26 02:48:02 +02001308
1309#ifdef HAPROXY_MEMMAX
Willy Tarreau70060452015-12-14 12:46:07 +01001310 global.rlimit_memmax_all = HAPROXY_MEMMAX;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001311#endif
1312
Benoit GARNIERb413c2a2016-03-27 11:08:03 +02001313 tzset();
Willy Tarreauc4c80fb2021-04-11 15:00:34 +02001314 tv_init_process_date();
Willy Tarreaubaaee002006-06-26 02:48:02 +02001315 start_date = now;
1316
Willy Tarreau6c3a6812020-03-06 18:57:15 +01001317 ha_random_boot(argv);
Willy Tarreau84310e22014-02-14 11:59:04 +01001318
Willy Tarreau8ed669b2013-01-11 15:49:37 +01001319 if (init_acl() != 0)
1320 exit(1);
Willy Tarreaub6b3df32018-11-26 16:31:20 +01001321
Thierry FOURNIER6f1fd482015-01-23 14:06:13 +01001322 /* Initialise lua. */
1323 hlua_init();
Thierry FOURNIER6f1fd482015-01-23 14:06:13 +01001324
Christopher Fauletff2613e2016-11-09 11:36:17 +01001325 /* Initialize process vars */
1326 vars_init(&global.vars, SCOPE_PROC);
1327
Willy Tarreau43b78992009-01-25 15:42:27 +01001328 global.tune.options |= GTUNE_USE_SELECT; /* select() is always available */
Willy Tarreaue5733232019-05-22 19:24:06 +02001329#if defined(USE_POLL)
Willy Tarreau43b78992009-01-25 15:42:27 +01001330 global.tune.options |= GTUNE_USE_POLL;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001331#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001332#if defined(USE_EPOLL)
Willy Tarreau43b78992009-01-25 15:42:27 +01001333 global.tune.options |= GTUNE_USE_EPOLL;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001334#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001335#if defined(USE_KQUEUE)
Willy Tarreau43b78992009-01-25 15:42:27 +01001336 global.tune.options |= GTUNE_USE_KQUEUE;
Willy Tarreau1e63130a2007-04-09 12:03:06 +02001337#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001338#if defined(USE_EVPORTS)
Emmanuel Hocdet0ba4f482019-04-08 16:53:32 +00001339 global.tune.options |= GTUNE_USE_EVPORTS;
1340#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001341#if defined(USE_LINUX_SPLICE)
Willy Tarreau3ab68cf2009-01-25 16:03:28 +01001342 global.tune.options |= GTUNE_USE_SPLICE;
1343#endif
Nenad Merdanovic88afe032014-04-14 15:56:58 +02001344#if defined(USE_GETADDRINFO)
1345 global.tune.options |= GTUNE_USE_GAI;
1346#endif
Lukas Tribusa0bcbdc2016-09-12 21:42:20 +00001347#if defined(SO_REUSEPORT)
1348 global.tune.options |= GTUNE_USE_REUSEPORT;
1349#endif
Willy Tarreau76cc6992020-07-01 18:49:24 +02001350#ifdef USE_THREAD
1351 global.tune.options |= GTUNE_IDLE_POOL_SHARED;
1352#endif
William Dauchya5194602020-03-28 19:29:58 +01001353 global.tune.options |= GTUNE_STRICT_LIMITS;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001354
1355 pid = getpid();
1356 progname = *argv;
1357 while ((tmp = strchr(progname, '/')) != NULL)
1358 progname = tmp + 1;
1359
Kevinm48936af2010-12-22 16:08:21 +00001360 /* the process name is used for the logs only */
Eric Salama7cea6062020-10-02 11:58:19 +02001361 chunk_initlen(&global.log_tag, strdup(progname), strlen(progname), strlen(progname));
1362 if (b_orig(&global.log_tag) == NULL) {
1363 chunk_destroy(&global.log_tag);
1364 ha_alert("Cannot allocate memory for log_tag.\n");
1365 exit(EXIT_FAILURE);
1366 }
Kevinm48936af2010-12-22 16:08:21 +00001367
Willy Tarreaubaaee002006-06-26 02:48:02 +02001368 argc--; argv++;
1369 while (argc > 0) {
1370 char *flag;
1371
1372 if (**argv == '-') {
1373 flag = *argv+1;
1374
1375 /* 1 arg */
1376 if (*flag == 'v') {
1377 display_version();
Willy Tarreau7b066db2007-12-02 11:28:59 +01001378 if (flag[1] == 'v') /* -vv */
1379 display_build_opts();
Willy Tarreaubaaee002006-06-26 02:48:02 +02001380 exit(0);
1381 }
Willy Tarreaue5733232019-05-22 19:24:06 +02001382#if defined(USE_EPOLL)
Willy Tarreaubaaee002006-06-26 02:48:02 +02001383 else if (*flag == 'd' && flag[1] == 'e')
Willy Tarreau43b78992009-01-25 15:42:27 +01001384 global.tune.options &= ~GTUNE_USE_EPOLL;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001385#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001386#if defined(USE_POLL)
Willy Tarreaubaaee002006-06-26 02:48:02 +02001387 else if (*flag == 'd' && flag[1] == 'p')
Willy Tarreau43b78992009-01-25 15:42:27 +01001388 global.tune.options &= ~GTUNE_USE_POLL;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001389#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001390#if defined(USE_KQUEUE)
Willy Tarreau1e63130a2007-04-09 12:03:06 +02001391 else if (*flag == 'd' && flag[1] == 'k')
Willy Tarreau43b78992009-01-25 15:42:27 +01001392 global.tune.options &= ~GTUNE_USE_KQUEUE;
Willy Tarreau1e63130a2007-04-09 12:03:06 +02001393#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001394#if defined(USE_EVPORTS)
Emmanuel Hocdet0ba4f482019-04-08 16:53:32 +00001395 else if (*flag == 'd' && flag[1] == 'v')
1396 global.tune.options &= ~GTUNE_USE_EVPORTS;
1397#endif
Willy Tarreaue5733232019-05-22 19:24:06 +02001398#if defined(USE_LINUX_SPLICE)
Willy Tarreau3ab68cf2009-01-25 16:03:28 +01001399 else if (*flag == 'd' && flag[1] == 'S')
1400 global.tune.options &= ~GTUNE_USE_SPLICE;
1401#endif
Nenad Merdanovic88afe032014-04-14 15:56:58 +02001402#if defined(USE_GETADDRINFO)
1403 else if (*flag == 'd' && flag[1] == 'G')
1404 global.tune.options &= ~GTUNE_USE_GAI;
1405#endif
Lukas Tribusa0bcbdc2016-09-12 21:42:20 +00001406#if defined(SO_REUSEPORT)
1407 else if (*flag == 'd' && flag[1] == 'R')
1408 global.tune.options &= ~GTUNE_USE_REUSEPORT;
1409#endif
Emeric Brun850efd52014-01-29 12:24:34 +01001410 else if (*flag == 'd' && flag[1] == 'V')
1411 global.ssl_server_verify = SSL_SERVER_VERIFY_NONE;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001412 else if (*flag == 'V')
1413 arg_mode |= MODE_VERBOSE;
1414 else if (*flag == 'd' && flag[1] == 'b')
1415 arg_mode |= MODE_FOREGROUND;
Amaury Denoyelle7b01a8d2021-03-29 10:29:07 +02001416 else if (*flag == 'd' && flag[1] == 'D')
1417 arg_mode |= MODE_DIAG;
Willy Tarreau3eb10b82020-04-15 16:42:39 +02001418 else if (*flag == 'd' && flag[1] == 'W')
1419 arg_mode |= MODE_ZERO_WARNING;
Willy Tarreau6e064432012-05-08 15:40:42 +02001420 else if (*flag == 'd' && flag[1] == 'M')
1421 mem_poison_byte = flag[2] ? strtol(flag + 2, NULL, 0) : 'P';
Willy Tarreau3eed10e2016-11-07 21:03:16 +01001422 else if (*flag == 'd' && flag[1] == 'r')
1423 global.tune.options |= GTUNE_RESOLVE_DONTFAIL;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001424 else if (*flag == 'd')
1425 arg_mode |= MODE_DEBUG;
1426 else if (*flag == 'c')
1427 arg_mode |= MODE_CHECK;
William Lallemand095ba4c2017-06-01 17:38:50 +02001428 else if (*flag == 'D')
Willy Tarreau6bde87b2009-05-18 16:29:51 +02001429 arg_mode |= MODE_DAEMON;
Tim Duesterhusd6942c82017-11-20 15:58:35 +01001430 else if (*flag == 'W' && flag[1] == 's') {
Lukas Tribusf46bf952017-11-21 12:39:34 +01001431 arg_mode |= MODE_MWORKER | MODE_FOREGROUND;
Tim Duesterhusd6942c82017-11-20 15:58:35 +01001432#if defined(USE_SYSTEMD)
1433 global.tune.options |= GTUNE_USE_SYSTEMD;
1434#else
Christopher Faulet767a84b2017-11-24 16:50:31 +01001435 ha_alert("master-worker mode with systemd support (-Ws) requested, but not compiled. Use master-worker mode (-W) if you are not using Type=notify in your unit file or recompile with USE_SYSTEMD=1.\n\n");
Tim Duesterhusd6942c82017-11-20 15:58:35 +01001436 usage(progname);
1437#endif
1438 }
William Lallemand095ba4c2017-06-01 17:38:50 +02001439 else if (*flag == 'W')
1440 arg_mode |= MODE_MWORKER;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001441 else if (*flag == 'q')
1442 arg_mode |= MODE_QUIET;
Olivier Houchardf73629d2017-04-05 22:33:04 +02001443 else if (*flag == 'x') {
William Lallemand4f71d302020-06-04 23:41:29 +02001444 if (argc <= 1) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001445 ha_alert("Unix socket path expected with the -x flag\n\n");
William Lallemand45eff442017-06-19 15:57:55 +02001446 usage(progname);
Olivier Houchardf73629d2017-04-05 22:33:04 +02001447 }
William Lallemand4fc09692017-06-19 16:37:19 +02001448 if (old_unixsocket)
Christopher Faulet767a84b2017-11-24 16:50:31 +01001449 ha_warning("-x option already set, overwriting the value\n");
Olivier Houchardf73629d2017-04-05 22:33:04 +02001450 old_unixsocket = argv[1];
William Lallemand4fc09692017-06-19 16:37:19 +02001451
Olivier Houchardf73629d2017-04-05 22:33:04 +02001452 argv++;
1453 argc--;
1454 }
William Lallemande7361152018-10-26 14:47:36 +02001455 else if (*flag == 'S') {
1456 struct wordlist *c;
1457
William Lallemanda6b32492020-06-04 23:49:20 +02001458 if (argc <= 1) {
William Lallemande7361152018-10-26 14:47:36 +02001459 ha_alert("Socket and optional bind parameters expected with the -S flag\n");
1460 usage(progname);
1461 }
1462 if ((c = malloc(sizeof(*c))) == NULL || (c->s = strdup(argv[1])) == NULL) {
1463 ha_alert("Cannot allocate memory\n");
1464 exit(EXIT_FAILURE);
1465 }
Willy Tarreau2b718102021-04-21 07:32:39 +02001466 LIST_INSERT(&mworker_cli_conf, &c->list);
William Lallemande7361152018-10-26 14:47:36 +02001467
1468 argv++;
1469 argc--;
1470 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02001471 else if (*flag == 's' && (flag[1] == 'f' || flag[1] == 't')) {
1472 /* list of pids to finish ('f') or terminate ('t') */
1473
1474 if (flag[1] == 'f')
1475 oldpids_sig = SIGUSR1; /* finish then exit */
1476 else
1477 oldpids_sig = SIGTERM; /* terminate immediately */
Willy Tarreauc6ca1aa2015-10-08 11:32:32 +02001478 while (argc > 1 && argv[1][0] != '-') {
Chris Lane236062f2018-02-05 23:15:44 +00001479 char * endptr = NULL;
Willy Tarreauc6ca1aa2015-10-08 11:32:32 +02001480 oldpids = realloc(oldpids, (nb_oldpids + 1) * sizeof(int));
1481 if (!oldpids) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001482 ha_alert("Cannot allocate old pid : out of memory.\n");
Willy Tarreauc6ca1aa2015-10-08 11:32:32 +02001483 exit(1);
Willy Tarreaubaaee002006-06-26 02:48:02 +02001484 }
Willy Tarreauc6ca1aa2015-10-08 11:32:32 +02001485 argc--; argv++;
Chris Lane236062f2018-02-05 23:15:44 +00001486 errno = 0;
1487 oldpids[nb_oldpids] = strtol(*argv, &endptr, 10);
1488 if (errno) {
1489 ha_alert("-%2s option: failed to parse {%s}: %s\n",
1490 flag,
1491 *argv, strerror(errno));
1492 exit(1);
1493 } else if (endptr && strlen(endptr)) {
Willy Tarreau90807112020-02-25 08:16:33 +01001494 while (isspace((unsigned char)*endptr)) endptr++;
Aurélien Nephtali39b89882018-02-17 20:53:11 +01001495 if (*endptr != 0) {
Chris Lane236062f2018-02-05 23:15:44 +00001496 ha_alert("-%2s option: some bytes unconsumed in PID list {%s}\n",
1497 flag, endptr);
1498 exit(1);
Aurélien Nephtali39b89882018-02-17 20:53:11 +01001499 }
Chris Lane236062f2018-02-05 23:15:44 +00001500 }
Willy Tarreauc6ca1aa2015-10-08 11:32:32 +02001501 if (oldpids[nb_oldpids] <= 0)
1502 usage(progname);
1503 nb_oldpids++;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001504 }
1505 }
Willy Tarreaua088d312015-10-08 11:58:48 +02001506 else if (flag[0] == '-' && flag[1] == 0) { /* "--" */
1507 /* now that's a cfgfile list */
1508 argv++; argc--;
1509 while (argc > 0) {
Maxime de Roucy0f503922016-05-13 23:52:55 +02001510 if (!list_append_word(&cfg_cfgfiles, *argv, &err_msg)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001511 ha_alert("Cannot load configuration file/directory %s : %s\n",
1512 *argv,
1513 err_msg);
Willy Tarreaua088d312015-10-08 11:58:48 +02001514 exit(1);
1515 }
Willy Tarreaua088d312015-10-08 11:58:48 +02001516 argv++; argc--;
1517 }
1518 break;
1519 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02001520 else { /* >=2 args */
1521 argv++; argc--;
1522 if (argc == 0)
Willy Tarreau3bafcdc2011-09-10 19:20:23 +02001523 usage(progname);
Willy Tarreaubaaee002006-06-26 02:48:02 +02001524
1525 switch (*flag) {
Willy Tarreau576132e2011-09-10 19:26:56 +02001526 case 'C' : change_dir = *argv; break;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001527 case 'n' : cfg_maxconn = atol(*argv); break;
Willy Tarreau70060452015-12-14 12:46:07 +01001528 case 'm' : global.rlimit_memmax_all = atol(*argv); break;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001529 case 'N' : cfg_maxpconn = atol(*argv); break;
William Lallemanddaf4cd22018-04-17 16:46:13 +02001530 case 'L' :
Dragan Dosen4f014152020-06-18 16:56:47 +02001531 free(localpeer);
1532 if ((localpeer = strdup(*argv)) == NULL) {
1533 ha_alert("Cannot allocate memory for local peer.\n");
1534 exit(EXIT_FAILURE);
1535 }
William Lallemanddaf4cd22018-04-17 16:46:13 +02001536 setenv("HAPROXY_LOCALPEER", localpeer, 1);
Dragan Dosen13cd54c2020-06-18 18:24:05 +02001537 global.localpeer_cmdline = 1;
William Lallemanddaf4cd22018-04-17 16:46:13 +02001538 break;
Willy Tarreau5d01a632009-06-22 16:02:30 +02001539 case 'f' :
Maxime de Roucy0f503922016-05-13 23:52:55 +02001540 if (!list_append_word(&cfg_cfgfiles, *argv, &err_msg)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001541 ha_alert("Cannot load configuration file/directory %s : %s\n",
1542 *argv,
1543 err_msg);
Willy Tarreau5d01a632009-06-22 16:02:30 +02001544 exit(1);
1545 }
Willy Tarreau5d01a632009-06-22 16:02:30 +02001546 break;
Willy Tarreaubaaee002006-06-26 02:48:02 +02001547 case 'p' : cfg_pidfile = *argv; break;
Willy Tarreau3bafcdc2011-09-10 19:20:23 +02001548 default: usage(progname);
Willy Tarreaubaaee002006-06-26 02:48:02 +02001549 }
1550 }
1551 }
1552 else
Willy Tarreau3bafcdc2011-09-10 19:20:23 +02001553 usage(progname);
Willy Tarreaubaaee002006-06-26 02:48:02 +02001554 argv++; argc--;
1555 }
1556
Christopher Faulete3a5e352017-10-24 13:53:54 +02001557 global.mode |= (arg_mode & (MODE_DAEMON | MODE_MWORKER | MODE_FOREGROUND | MODE_VERBOSE
Amaury Denoyelle7b01a8d2021-03-29 10:29:07 +02001558 | MODE_QUIET | MODE_CHECK | MODE_DEBUG | MODE_ZERO_WARNING
1559 | MODE_DIAG));
Willy Tarreaubaaee002006-06-26 02:48:02 +02001560
William Lallemand944e6192018-11-21 15:48:31 +01001561 if (getenv("HAPROXY_MWORKER_WAIT_ONLY")) {
William Lallemandcb11fd22017-06-01 17:38:52 +02001562 unsetenv("HAPROXY_MWORKER_WAIT_ONLY");
William Lallemand944e6192018-11-21 15:48:31 +01001563 global.mode |= MODE_MWORKER_WAIT;
1564 global.mode &= ~MODE_MWORKER;
William Lallemandcb11fd22017-06-01 17:38:52 +02001565 }
1566
1567 if ((global.mode & MODE_MWORKER) && (getenv("HAPROXY_MWORKER_REEXEC") != NULL)) {
1568 atexit_flag = 1;
1569 atexit(reexec_on_failure);
1570 }
1571
Willy Tarreau576132e2011-09-10 19:26:56 +02001572 if (change_dir && chdir(change_dir) < 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001573 ha_alert("Could not change to directory %s : %s\n", change_dir, strerror(errno));
Willy Tarreau576132e2011-09-10 19:26:56 +02001574 exit(1);
1575 }
1576
Willy Tarreaubaaee002006-06-26 02:48:02 +02001577 global.maxsock = 10; /* reserve 10 fds ; will be incremented by socket eaters */
Willy Tarreau915e1eb2009-06-22 15:48:36 +02001578
William Lallemand944e6192018-11-21 15:48:31 +01001579 /* in wait mode, we don't try to read the configuration files */
1580 if (!(global.mode & MODE_MWORKER_WAIT)) {
Christopher Faulet4e366822021-01-12 18:57:38 +01001581 char *env_cfgfiles = NULL;
1582 int env_err = 0;
Willy Tarreauc4382422009-12-06 13:10:44 +01001583
William Lallemand944e6192018-11-21 15:48:31 +01001584 /* handle cfgfiles that are actually directories */
1585 cfgfiles_expand_directories();
1586
1587 if (LIST_ISEMPTY(&cfg_cfgfiles))
1588 usage(progname);
1589
1590
1591 list_for_each_entry(wl, &cfg_cfgfiles, list) {
1592 int ret;
1593
Christopher Faulet4e366822021-01-12 18:57:38 +01001594 if (env_err == 0) {
1595 if (!memprintf(&env_cfgfiles, "%s%s%s",
1596 (env_cfgfiles ? env_cfgfiles : ""),
1597 (env_cfgfiles ? ";" : ""), wl->s))
1598 env_err = 1;
1599 }
William Lallemand7b302d82019-05-20 11:15:37 +02001600
William Lallemand944e6192018-11-21 15:48:31 +01001601 ret = readcfgfile(wl->s);
1602 if (ret == -1) {
1603 ha_alert("Could not open configuration file %s : %s\n",
1604 wl->s, strerror(errno));
Christopher Faulet4e366822021-01-12 18:57:38 +01001605 free(env_cfgfiles);
William Lallemand944e6192018-11-21 15:48:31 +01001606 exit(1);
1607 }
1608 if (ret & (ERR_ABORT|ERR_FATAL))
1609 ha_alert("Error(s) found in configuration file : %s\n", wl->s);
1610 err_code |= ret;
Christopher Faulet4e366822021-01-12 18:57:38 +01001611 if (err_code & ERR_ABORT) {
1612 free(env_cfgfiles);
William Lallemand944e6192018-11-21 15:48:31 +01001613 exit(1);
Christopher Faulet4e366822021-01-12 18:57:38 +01001614 }
Willy Tarreauc4382422009-12-06 13:10:44 +01001615 }
Krzysztof Oledzkib304dc72007-10-14 23:40:01 +02001616
William Lallemand944e6192018-11-21 15:48:31 +01001617 /* do not try to resolve arguments nor to spot inconsistencies when
1618 * the configuration contains fatal errors caused by files not found
1619 * or failed memory allocations.
1620 */
1621 if (err_code & (ERR_ABORT|ERR_FATAL)) {
1622 ha_alert("Fatal errors found in configuration.\n");
Christopher Faulet4e366822021-01-12 18:57:38 +01001623 free(env_cfgfiles);
William Lallemand944e6192018-11-21 15:48:31 +01001624 exit(1);
1625 }
Christopher Faulet4e366822021-01-12 18:57:38 +01001626 if (env_err) {
1627 ha_alert("Could not allocate memory for HAPROXY_CFGFILES env variable\n");
1628 exit(1);
1629 }
1630 setenv("HAPROXY_CFGFILES", env_cfgfiles, 1);
1631 free(env_cfgfiles);
William Lallemand7b302d82019-05-20 11:15:37 +02001632
Willy Tarreaub83dc3d2017-04-19 11:24:07 +02001633 }
William Lallemandce83b4a2018-10-26 14:47:30 +02001634 if (global.mode & MODE_MWORKER) {
1635 int proc;
William Lallemand16dd1b32018-11-19 18:46:18 +01001636 struct mworker_proc *tmproc;
1637
William Lallemand482f9a92019-04-12 16:15:00 +02001638 setenv("HAPROXY_MWORKER", "1", 1);
1639
William Lallemand16dd1b32018-11-19 18:46:18 +01001640 if (getenv("HAPROXY_MWORKER_REEXEC") == NULL) {
1641
William Lallemandf3a86832019-04-01 11:29:58 +02001642 tmproc = calloc(1, sizeof(*tmproc));
William Lallemand16dd1b32018-11-19 18:46:18 +01001643 if (!tmproc) {
1644 ha_alert("Cannot allocate process structures.\n");
1645 exit(EXIT_FAILURE);
1646 }
William Lallemand8f7069a2019-04-12 16:09:23 +02001647 tmproc->options |= PROC_O_TYPE_MASTER; /* master */
William Lallemand16dd1b32018-11-19 18:46:18 +01001648 tmproc->reloads = 0;
1649 tmproc->relative_pid = 0;
1650 tmproc->pid = pid;
1651 tmproc->timestamp = start_date.tv_sec;
1652 tmproc->ipc_fd[0] = -1;
1653 tmproc->ipc_fd[1] = -1;
1654
1655 proc_self = tmproc;
1656
Willy Tarreau2b718102021-04-21 07:32:39 +02001657 LIST_APPEND(&proc_list, &tmproc->list);
William Lallemand16dd1b32018-11-19 18:46:18 +01001658 }
William Lallemandce83b4a2018-10-26 14:47:30 +02001659
1660 for (proc = 0; proc < global.nbproc; proc++) {
William Lallemandce83b4a2018-10-26 14:47:30 +02001661
William Lallemandf3a86832019-04-01 11:29:58 +02001662 tmproc = calloc(1, sizeof(*tmproc));
William Lallemandce83b4a2018-10-26 14:47:30 +02001663 if (!tmproc) {
1664 ha_alert("Cannot allocate process structures.\n");
1665 exit(EXIT_FAILURE);
1666 }
1667
William Lallemand8f7069a2019-04-12 16:09:23 +02001668 tmproc->options |= PROC_O_TYPE_WORKER; /* worker */
William Lallemandce83b4a2018-10-26 14:47:30 +02001669 tmproc->pid = -1;
1670 tmproc->reloads = 0;
William Lallemande3683302018-11-19 18:46:17 +01001671 tmproc->timestamp = -1;
William Lallemandce83b4a2018-10-26 14:47:30 +02001672 tmproc->relative_pid = 1 + proc;
William Lallemand550db6d2018-11-06 17:37:12 +01001673 tmproc->ipc_fd[0] = -1;
1674 tmproc->ipc_fd[1] = -1;
William Lallemandce83b4a2018-10-26 14:47:30 +02001675
1676 if (mworker_cli_sockpair_new(tmproc, proc) < 0) {
1677 exit(EXIT_FAILURE);
1678 }
1679
Willy Tarreau2b718102021-04-21 07:32:39 +02001680 LIST_APPEND(&proc_list, &tmproc->list);
William Lallemandce83b4a2018-10-26 14:47:30 +02001681 }
William Lallemand944e6192018-11-21 15:48:31 +01001682 }
1683 if (global.mode & (MODE_MWORKER|MODE_MWORKER_WAIT)) {
1684 struct wordlist *it, *c;
1685
William Lallemand1b663612018-10-26 14:47:33 +02001686 mworker_env_to_proc_list(); /* get the info of the children in the env */
William Lallemand8a022572018-10-26 14:47:35 +02001687
William Lallemande7361152018-10-26 14:47:36 +02001688
William Lallemand550db6d2018-11-06 17:37:12 +01001689 if (!LIST_ISEMPTY(&mworker_cli_conf)) {
William Lallemande7361152018-10-26 14:47:36 +02001690
William Lallemand550db6d2018-11-06 17:37:12 +01001691 if (mworker_cli_proxy_create() < 0) {
William Lallemande7361152018-10-26 14:47:36 +02001692 ha_alert("Can't create the master's CLI.\n");
1693 exit(EXIT_FAILURE);
1694 }
William Lallemande7361152018-10-26 14:47:36 +02001695
William Lallemand550db6d2018-11-06 17:37:12 +01001696 list_for_each_entry_safe(c, it, &mworker_cli_conf, list) {
1697
1698 if (mworker_cli_proxy_new_listener(c->s) < 0) {
1699 ha_alert("Can't create the master's CLI.\n");
1700 exit(EXIT_FAILURE);
1701 }
Willy Tarreau2b718102021-04-21 07:32:39 +02001702 LIST_DELETE(&c->list);
William Lallemand550db6d2018-11-06 17:37:12 +01001703 free(c->s);
1704 free(c);
1705 }
1706 }
William Lallemandce83b4a2018-10-26 14:47:30 +02001707 }
1708
Eric Salama5ba83352021-03-16 15:11:17 +01001709 if (!LIST_ISEMPTY(&mworker_cli_conf) && !(arg_mode & MODE_MWORKER)) {
1710 ha_warning("a master CLI socket was defined, but master-worker mode (-W) is not enabled.\n");
1711 }
1712
Willy Tarreauf42d7942020-10-20 11:54:49 +02001713 if (global.nbproc > 1 && !global.nbthread) {
1714 ha_warning("nbproc is deprecated!\n"
1715 " | For suffering many limitations, the 'nbproc' directive is now deprecated\n"
1716 " | and scheduled for removal in 2.5. Just comment it out: haproxy will use\n"
1717 " | threads and will run on all allocated processors. You may also switch to\n"
1718 " | 'nbthread %d' to keep the same number of processors. If you absolutely\n"
1719 " | want to run in multi-process mode, you can silence this warning by adding\n"
1720 " | 'nbthread 1', but then please report your use case to developers.\n",
1721 global.nbproc);
1722 }
1723
Willy Tarreaue90904d2021-02-12 14:08:31 +01001724 /* defaults sections are not needed anymore */
1725 proxy_destroy_all_defaults();
1726
Willy Tarreaubb925012009-07-23 13:36:36 +02001727 err_code |= check_config_validity();
Christopher Fauletc1692962019-08-12 09:51:07 +02001728 for (px = proxies_list; px; px = px->next) {
1729 struct server *srv;
1730 struct post_proxy_check_fct *ppcf;
1731 struct post_server_check_fct *pscf;
1732
Christopher Fauletd5bd8242020-11-02 16:20:13 +01001733 if (px->disabled)
1734 continue;
1735
Christopher Fauletc1692962019-08-12 09:51:07 +02001736 list_for_each_entry(pscf, &post_server_check_list, list) {
1737 for (srv = px->srv; srv; srv = srv->next)
1738 err_code |= pscf->fct(srv);
1739 }
1740 list_for_each_entry(ppcf, &post_proxy_check_list, list)
1741 err_code |= ppcf->fct(px);
1742 }
Willy Tarreaubb925012009-07-23 13:36:36 +02001743 if (err_code & (ERR_ABORT|ERR_FATAL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001744 ha_alert("Fatal errors found in configuration.\n");
Willy Tarreau915e1eb2009-06-22 15:48:36 +02001745 exit(1);
1746 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02001747
Carl Henrik Lundef91ac192020-02-27 16:45:50 +01001748 err_code |= pattern_finalize_config();
1749 if (err_code & (ERR_ABORT|ERR_FATAL)) {
1750 ha_alert("Failed to finalize pattern config.\n");
1751 exit(1);
1752 }
Willy Tarreau0f936722019-04-11 14:47:08 +02001753
Willy Tarreau70060452015-12-14 12:46:07 +01001754 /* recompute the amount of per-process memory depending on nbproc and
1755 * the shared SSL cache size (allowed to exist in all processes).
1756 */
1757 if (global.rlimit_memmax_all) {
1758#if defined (USE_OPENSSL) && !defined(USE_PRIVATE_CACHE)
1759 int64_t ssl_cache_bytes = global.tune.sslcachesize * 200LL;
1760
1761 global.rlimit_memmax =
1762 ((((int64_t)global.rlimit_memmax_all * 1048576LL) -
1763 ssl_cache_bytes) / global.nbproc +
1764 ssl_cache_bytes + 1048575LL) / 1048576LL;
1765#else
1766 global.rlimit_memmax = global.rlimit_memmax_all / global.nbproc;
1767#endif
1768 }
1769
Willy Tarreaue5733232019-05-22 19:24:06 +02001770#ifdef USE_NS
KOVACS Krisztianb3e54fe2014-11-17 15:11:45 +01001771 err_code |= netns_init();
1772 if (err_code & (ERR_ABORT|ERR_FATAL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001773 ha_alert("Failed to initialize namespace support.\n");
KOVACS Krisztianb3e54fe2014-11-17 15:11:45 +01001774 exit(1);
1775 }
1776#endif
1777
Baptiste Assmann4215d7d2016-11-02 15:33:15 +01001778 /* Apply server states */
1779 apply_server_state();
1780
Olivier Houchardfbc74e82017-11-24 16:54:05 +01001781 for (px = proxies_list; px; px = px->next)
Baptiste Assmann4215d7d2016-11-02 15:33:15 +01001782 srv_compute_all_admin_states(px);
1783
Baptiste Assmann83cbaa52016-11-02 15:34:05 +01001784 /* Apply servers' configured address */
1785 err_code |= srv_init_addr();
1786 if (err_code & (ERR_ABORT|ERR_FATAL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001787 ha_alert("Failed to initialize server(s) addr.\n");
Baptiste Assmann83cbaa52016-11-02 15:34:05 +01001788 exit(1);
1789 }
1790
Willy Tarreau3eb10b82020-04-15 16:42:39 +02001791 if (warned & WARN_ANY && global.mode & MODE_ZERO_WARNING) {
1792 ha_alert("Some warnings were found and 'zero-warning' is set. Aborting.\n");
1793 exit(1);
1794 }
1795
Willy Tarreaubaaee002006-06-26 02:48:02 +02001796 if (global.mode & MODE_CHECK) {
Willy Tarreau8b15ba12012-02-02 17:48:18 +01001797 struct peers *pr;
1798 struct proxy *px;
1799
Willy Tarreaubebd2122020-04-15 16:06:11 +02001800 if (warned & WARN_ANY)
1801 qfprintf(stdout, "Warnings were found.\n");
1802
Frédéric Lécailleed2b4a62017-07-13 09:07:09 +02001803 for (pr = cfg_peers; pr; pr = pr->next)
Willy Tarreau8b15ba12012-02-02 17:48:18 +01001804 if (pr->peers_fe)
1805 break;
1806
Olivier Houchardfbc74e82017-11-24 16:54:05 +01001807 for (px = proxies_list; px; px = px->next)
Willy Tarreauc3914d42020-09-24 08:39:22 +02001808 if (!px->disabled && px->li_all)
Willy Tarreau8b15ba12012-02-02 17:48:18 +01001809 break;
1810
1811 if (pr || px) {
1812 /* At least one peer or one listener has been found */
1813 qfprintf(stdout, "Configuration file is valid\n");
Tim Duesterhus0a3b43d2020-06-14 00:37:42 +02001814 deinit_and_exit(0);
Willy Tarreau8b15ba12012-02-02 17:48:18 +01001815 }
1816 qfprintf(stdout, "Configuration file has no error but will not start (no listener) => exit(2).\n");
1817 exit(2);
Willy Tarreaubaaee002006-06-26 02:48:02 +02001818 }
Willy Tarreaue9b26022011-08-01 20:57:55 +02001819
Amaury Denoyelle5a6926d2021-03-30 17:34:24 +02001820 if (global.mode & MODE_DIAG) {
1821 cfg_run_diagnostics();
1822 }
1823
Willy Tarreau8263d2b2012-08-28 00:06:31 +02001824 /* now we know the buffer size, we can initialize the channels and buffers */
Willy Tarreau9b28e032012-10-12 23:49:43 +02001825 init_buffer();
Willy Tarreau8280d642009-09-23 23:37:52 +02001826
Willy Tarreaue6945732016-12-21 19:57:00 +01001827 list_for_each_entry(pcf, &post_check_list, list) {
1828 err_code |= pcf->fct();
1829 if (err_code & (ERR_ABORT|ERR_FATAL))
1830 exit(1);
1831 }
1832
Willy Tarreaubaaee002006-06-26 02:48:02 +02001833 if (cfg_maxconn > 0)
1834 global.maxconn = cfg_maxconn;
1835
Willy Tarreau4975d142021-03-13 11:00:33 +01001836 if (global.cli_fe)
1837 global.maxsock += global.cli_fe->maxconn;
Willy Tarreau8d687d82019-03-01 09:39:42 +01001838
1839 if (cfg_peers) {
1840 /* peers also need to bypass global maxconn */
1841 struct peers *p = cfg_peers;
1842
1843 for (p = cfg_peers; p; p = p->next)
1844 if (p->peers_fe)
1845 global.maxsock += p->peers_fe->maxconn;
1846 }
1847
Willy Tarreaubaaee002006-06-26 02:48:02 +02001848 if (cfg_pidfile) {
Willy Tarreaua534fea2008-08-03 12:19:50 +02001849 free(global.pidfile);
Willy Tarreaubaaee002006-06-26 02:48:02 +02001850 global.pidfile = strdup(cfg_pidfile);
1851 }
1852
Willy Tarreaud0256482015-01-15 21:45:22 +01001853 /* Now we want to compute the maxconn and possibly maxsslconn values.
Willy Tarreauac350932019-03-01 15:43:14 +01001854 * It's a bit tricky. Maxconn defaults to the pre-computed value based
1855 * on rlim_fd_cur and the number of FDs in use due to the configuration,
1856 * and maxsslconn defaults to DEFAULT_MAXSSLCONN. On top of that we can
1857 * enforce a lower limit based on memmax.
Willy Tarreaud0256482015-01-15 21:45:22 +01001858 *
1859 * If memmax is set, then it depends on which values are set. If
1860 * maxsslconn is set, we use memmax to determine how many cleartext
1861 * connections may be added, and set maxconn to the sum of the two.
1862 * If maxconn is set and not maxsslconn, maxsslconn is computed from
1863 * the remaining amount of memory between memmax and the cleartext
1864 * connections. If neither are set, then it is considered that all
1865 * connections are SSL-capable, and maxconn is computed based on this,
1866 * then maxsslconn accordingly. We need to know if SSL is used on the
1867 * frontends, backends, or both, because when it's used on both sides,
1868 * we need twice the value for maxsslconn, but we only count the
1869 * handshake once since it is not performed on the two sides at the
1870 * same time (frontend-side is terminated before backend-side begins).
1871 * The SSL stack is supposed to have filled ssl_session_cost and
Willy Tarreau474b96a2015-01-28 19:03:21 +01001872 * ssl_handshake_cost during its initialization. In any case, if
1873 * SYSTEM_MAXCONN is set, we still enforce it as an upper limit for
1874 * maxconn in order to protect the system.
Willy Tarreaud0256482015-01-15 21:45:22 +01001875 */
Willy Tarreauac350932019-03-01 15:43:14 +01001876 ideal_maxconn = compute_ideal_maxconn();
1877
Willy Tarreaud0256482015-01-15 21:45:22 +01001878 if (!global.rlimit_memmax) {
1879 if (global.maxconn == 0) {
Willy Tarreauac350932019-03-01 15:43:14 +01001880 global.maxconn = ideal_maxconn;
Willy Tarreaud0256482015-01-15 21:45:22 +01001881 if (global.mode & (MODE_VERBOSE|MODE_DEBUG))
1882 fprintf(stderr, "Note: setting global.maxconn to %d.\n", global.maxconn);
1883 }
1884 }
1885#ifdef USE_OPENSSL
1886 else if (!global.maxconn && !global.maxsslconn &&
1887 (global.ssl_used_frontend || global.ssl_used_backend)) {
1888 /* memmax is set, compute everything automatically. Here we want
1889 * to ensure that all SSL connections will be served. We take
1890 * care of the number of sides where SSL is used, and consider
1891 * the worst case : SSL used on both sides and doing a handshake
1892 * simultaneously. Note that we can't have more than maxconn
1893 * handshakes at a time by definition, so for the worst case of
1894 * two SSL conns per connection, we count a single handshake.
1895 */
1896 int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend;
1897 int64_t mem = global.rlimit_memmax * 1048576ULL;
Willy Tarreau304e17e2020-03-10 17:54:54 +01001898 int retried = 0;
Willy Tarreaud0256482015-01-15 21:45:22 +01001899
1900 mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry
1901 mem -= global.maxzlibmem;
1902 mem = mem * MEM_USABLE_RATIO;
1903
Willy Tarreau304e17e2020-03-10 17:54:54 +01001904 /* Principle: we test once to set maxconn according to the free
1905 * memory. If it results in values the system rejects, we try a
1906 * second time by respecting rlim_fd_max. If it fails again, we
1907 * go back to the initial value and will let the final code
1908 * dealing with rlimit report the error. That's up to 3 attempts.
1909 */
1910 do {
1911 global.maxconn = mem /
1912 ((STREAM_MAX_COST + 2 * global.tune.bufsize) + // stream + 2 buffers per stream
1913 sides * global.ssl_session_max_cost + // SSL buffers, one per side
1914 global.ssl_handshake_max_cost); // 1 handshake per connection max
Willy Tarreaud0256482015-01-15 21:45:22 +01001915
Willy Tarreau304e17e2020-03-10 17:54:54 +01001916 if (retried == 1)
1917 global.maxconn = MIN(global.maxconn, ideal_maxconn);
1918 global.maxconn = round_2dig(global.maxconn);
Willy Tarreau474b96a2015-01-28 19:03:21 +01001919#ifdef SYSTEM_MAXCONN
Willy Tarreau304e17e2020-03-10 17:54:54 +01001920 if (global.maxconn > SYSTEM_MAXCONN)
1921 global.maxconn = SYSTEM_MAXCONN;
Willy Tarreau474b96a2015-01-28 19:03:21 +01001922#endif /* SYSTEM_MAXCONN */
Willy Tarreau304e17e2020-03-10 17:54:54 +01001923 global.maxsslconn = sides * global.maxconn;
1924
1925 if (check_if_maxsock_permitted(compute_ideal_maxsock(global.maxconn)))
1926 break;
1927 } while (retried++ < 2);
1928
Willy Tarreaud0256482015-01-15 21:45:22 +01001929 if (global.mode & (MODE_VERBOSE|MODE_DEBUG))
1930 fprintf(stderr, "Note: setting global.maxconn to %d and global.maxsslconn to %d.\n",
1931 global.maxconn, global.maxsslconn);
1932 }
1933 else if (!global.maxsslconn &&
1934 (global.ssl_used_frontend || global.ssl_used_backend)) {
1935 /* memmax and maxconn are known, compute maxsslconn automatically.
1936 * maxsslconn being forced, we don't know how many of it will be
1937 * on each side if both sides are being used. The worst case is
1938 * when all connections use only one SSL instance because
1939 * handshakes may be on two sides at the same time.
1940 */
1941 int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend;
1942 int64_t mem = global.rlimit_memmax * 1048576ULL;
1943 int64_t sslmem;
1944
1945 mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry
1946 mem -= global.maxzlibmem;
1947 mem = mem * MEM_USABLE_RATIO;
1948
Willy Tarreau87b09662015-04-03 00:22:06 +02001949 sslmem = mem - global.maxconn * (int64_t)(STREAM_MAX_COST + 2 * global.tune.bufsize);
Willy Tarreaud0256482015-01-15 21:45:22 +01001950 global.maxsslconn = sslmem / (global.ssl_session_max_cost + global.ssl_handshake_max_cost);
1951 global.maxsslconn = round_2dig(global.maxsslconn);
1952
1953 if (sslmem <= 0 || global.maxsslconn < sides) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01001954 ha_alert("Cannot compute the automatic maxsslconn because global.maxconn is already too "
1955 "high for the global.memmax value (%d MB). The absolute maximum possible value "
1956 "without SSL is %d, but %d was found and SSL is in use.\n",
1957 global.rlimit_memmax,
1958 (int)(mem / (STREAM_MAX_COST + 2 * global.tune.bufsize)),
1959 global.maxconn);
Willy Tarreaud0256482015-01-15 21:45:22 +01001960 exit(1);
1961 }
1962
1963 if (global.maxsslconn > sides * global.maxconn)
1964 global.maxsslconn = sides * global.maxconn;
1965
1966 if (global.mode & (MODE_VERBOSE|MODE_DEBUG))
1967 fprintf(stderr, "Note: setting global.maxsslconn to %d\n", global.maxsslconn);
1968 }
1969#endif
1970 else if (!global.maxconn) {
1971 /* memmax and maxsslconn are known/unused, compute maxconn automatically */
1972 int sides = !!global.ssl_used_frontend + !!global.ssl_used_backend;
1973 int64_t mem = global.rlimit_memmax * 1048576ULL;
1974 int64_t clearmem;
Willy Tarreau304e17e2020-03-10 17:54:54 +01001975 int retried = 0;
Willy Tarreaud0256482015-01-15 21:45:22 +01001976
1977 if (global.ssl_used_frontend || global.ssl_used_backend)
1978 mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry
1979
1980 mem -= global.maxzlibmem;
1981 mem = mem * MEM_USABLE_RATIO;
1982
1983 clearmem = mem;
1984 if (sides)
1985 clearmem -= (global.ssl_session_max_cost + global.ssl_handshake_max_cost) * (int64_t)global.maxsslconn;
1986
Willy Tarreau304e17e2020-03-10 17:54:54 +01001987 /* Principle: we test once to set maxconn according to the free
1988 * memory. If it results in values the system rejects, we try a
1989 * second time by respecting rlim_fd_max. If it fails again, we
1990 * go back to the initial value and will let the final code
1991 * dealing with rlimit report the error. That's up to 3 attempts.
1992 */
1993 do {
1994 global.maxconn = clearmem / (STREAM_MAX_COST + 2 * global.tune.bufsize);
1995 if (retried == 1)
1996 global.maxconn = MIN(global.maxconn, ideal_maxconn);
1997 global.maxconn = round_2dig(global.maxconn);
Willy Tarreau474b96a2015-01-28 19:03:21 +01001998#ifdef SYSTEM_MAXCONN
Willy Tarreau304e17e2020-03-10 17:54:54 +01001999 if (global.maxconn > SYSTEM_MAXCONN)
2000 global.maxconn = SYSTEM_MAXCONN;
Willy Tarreau474b96a2015-01-28 19:03:21 +01002001#endif /* SYSTEM_MAXCONN */
Willy Tarreaud0256482015-01-15 21:45:22 +01002002
Willy Tarreau304e17e2020-03-10 17:54:54 +01002003 if (clearmem <= 0 || !global.maxconn) {
2004 ha_alert("Cannot compute the automatic maxconn because global.maxsslconn is already too "
2005 "high for the global.memmax value (%d MB). The absolute maximum possible value "
2006 "is %d, but %d was found.\n",
2007 global.rlimit_memmax,
Christopher Faulet767a84b2017-11-24 16:50:31 +01002008 (int)(mem / (global.ssl_session_max_cost + global.ssl_handshake_max_cost)),
Willy Tarreau304e17e2020-03-10 17:54:54 +01002009 global.maxsslconn);
2010 exit(1);
2011 }
2012
2013 if (check_if_maxsock_permitted(compute_ideal_maxsock(global.maxconn)))
2014 break;
2015 } while (retried++ < 2);
Willy Tarreaud0256482015-01-15 21:45:22 +01002016
2017 if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) {
2018 if (sides && global.maxsslconn > sides * global.maxconn) {
2019 fprintf(stderr, "Note: global.maxsslconn is forced to %d which causes global.maxconn "
2020 "to be limited to %d. Better reduce global.maxsslconn to get more "
2021 "room for extra connections.\n", global.maxsslconn, global.maxconn);
2022 }
2023 fprintf(stderr, "Note: setting global.maxconn to %d\n", global.maxconn);
2024 }
Willy Tarreau66aa61f2009-01-18 21:44:07 +01002025 }
2026
Willy Tarreaua409f302020-03-10 17:08:53 +01002027 global.maxsock = compute_ideal_maxsock(global.maxconn);
2028 global.hardmaxconn = global.maxconn;
Willy Tarreaua4818db2020-06-19 16:20:59 +02002029 if (!global.maxpipes)
2030 global.maxpipes = compute_ideal_maxpipes();
Willy Tarreaubaaee002006-06-26 02:48:02 +02002031
Olivier Houchard88698d92019-04-16 19:07:22 +02002032 /* update connection pool thresholds */
2033 global.tune.pool_low_count = ((long long)global.maxsock * global.tune.pool_low_ratio + 99) / 100;
2034 global.tune.pool_high_count = ((long long)global.maxsock * global.tune.pool_high_ratio + 99) / 100;
2035
Willy Tarreauc8d5b952019-02-27 17:25:52 +01002036 proxy_adjust_all_maxconn();
2037
Willy Tarreau1db37712007-06-03 17:16:49 +02002038 if (global.tune.maxpollevents <= 0)
2039 global.tune.maxpollevents = MAX_POLL_EVENTS;
2040
Willy Tarreau060a7612021-03-10 11:06:26 +01002041 if (global.tune.runqueue_depth <= 0) {
2042 /* tests on various thread counts from 1 to 64 have shown an
2043 * optimal queue depth following roughly 1/sqrt(threads).
2044 */
2045 int s = my_flsl(global.nbthread);
2046 s += (global.nbthread / s); // roughly twice the sqrt.
2047 global.tune.runqueue_depth = RUNQUEUE_DEPTH * 2 / s;
2048 }
Olivier Houchard1599b802018-05-24 18:59:04 +02002049
Willy Tarreau6f4a82c2009-03-21 20:43:57 +01002050 if (global.tune.recv_enough == 0)
2051 global.tune.recv_enough = MIN_RECV_AT_ONCE_ENOUGH;
2052
Willy Tarreau27a674e2009-08-17 07:23:33 +02002053 if (global.tune.maxrewrite >= global.tune.bufsize / 2)
2054 global.tune.maxrewrite = global.tune.bufsize / 2;
2055
Willy Tarreaubaaee002006-06-26 02:48:02 +02002056 if (arg_mode & (MODE_DEBUG | MODE_FOREGROUND)) {
2057 /* command line debug mode inhibits configuration mode */
William Lallemand095ba4c2017-06-01 17:38:50 +02002058 global.mode &= ~(MODE_DAEMON | MODE_QUIET);
Willy Tarreau772f0dd2012-10-26 16:04:28 +02002059 global.mode |= (arg_mode & (MODE_DEBUG | MODE_FOREGROUND));
2060 }
2061
William Lallemand095ba4c2017-06-01 17:38:50 +02002062 if (arg_mode & MODE_DAEMON) {
Willy Tarreau772f0dd2012-10-26 16:04:28 +02002063 /* command line daemon mode inhibits foreground and debug modes mode */
2064 global.mode &= ~(MODE_DEBUG | MODE_FOREGROUND);
William Lallemand095ba4c2017-06-01 17:38:50 +02002065 global.mode |= arg_mode & MODE_DAEMON;
Willy Tarreaubaaee002006-06-26 02:48:02 +02002066 }
Willy Tarreau772f0dd2012-10-26 16:04:28 +02002067
2068 global.mode |= (arg_mode & (MODE_QUIET | MODE_VERBOSE));
Willy Tarreaubaaee002006-06-26 02:48:02 +02002069
William Lallemand095ba4c2017-06-01 17:38:50 +02002070 if ((global.mode & MODE_DEBUG) && (global.mode & (MODE_DAEMON | MODE_QUIET))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002071 ha_warning("<debug> mode incompatible with <quiet> and <daemon>. Keeping <debug> only.\n");
William Lallemand095ba4c2017-06-01 17:38:50 +02002072 global.mode &= ~(MODE_DAEMON | MODE_QUIET);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002073 }
2074
William Lallemand095ba4c2017-06-01 17:38:50 +02002075 if ((global.nbproc > 1) && !(global.mode & (MODE_DAEMON | MODE_MWORKER))) {
Willy Tarreaubaaee002006-06-26 02:48:02 +02002076 if (!(global.mode & (MODE_FOREGROUND | MODE_DEBUG)))
Christopher Faulet767a84b2017-11-24 16:50:31 +01002077 ha_warning("<nbproc> is only meaningful in daemon mode or master-worker mode. Setting limit to 1 process.\n");
Willy Tarreaubaaee002006-06-26 02:48:02 +02002078 global.nbproc = 1;
2079 }
2080
2081 if (global.nbproc < 1)
2082 global.nbproc = 1;
2083
Christopher Fauletbe0faa22017-08-29 15:37:10 +02002084 if (global.nbthread < 1)
2085 global.nbthread = 1;
2086
Christopher Faulet3ef26392017-08-29 16:46:57 +02002087 /* Realloc trash buffers because global.tune.bufsize may have changed */
Christopher Fauletcd7879a2017-10-27 13:53:47 +02002088 if (!init_trash_buffers(0)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002089 ha_alert("failed to initialize trash buffers.\n");
Christopher Faulet3ef26392017-08-29 16:46:57 +02002090 exit(1);
2091 }
2092
Christopher Faulet96d44832017-11-14 22:02:30 +01002093 if (!init_log_buffers()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002094 ha_alert("failed to initialize log buffers.\n");
Christopher Faulet96d44832017-11-14 22:02:30 +01002095 exit(1);
2096 }
2097
Willy Tarreauef1d1f82007-04-16 00:25:25 +02002098 /*
2099 * Note: we could register external pollers here.
2100 * Built-in pollers have been registered before main().
2101 */
Willy Tarreau4f60f162007-04-08 16:39:58 +02002102
Willy Tarreau43b78992009-01-25 15:42:27 +01002103 if (!(global.tune.options & GTUNE_USE_KQUEUE))
Willy Tarreau1e63130a2007-04-09 12:03:06 +02002104 disable_poller("kqueue");
2105
Emmanuel Hocdet0ba4f482019-04-08 16:53:32 +00002106 if (!(global.tune.options & GTUNE_USE_EVPORTS))
2107 disable_poller("evports");
2108
Willy Tarreau43b78992009-01-25 15:42:27 +01002109 if (!(global.tune.options & GTUNE_USE_EPOLL))
Willy Tarreau4f60f162007-04-08 16:39:58 +02002110 disable_poller("epoll");
2111
Willy Tarreau43b78992009-01-25 15:42:27 +01002112 if (!(global.tune.options & GTUNE_USE_POLL))
Willy Tarreau4f60f162007-04-08 16:39:58 +02002113 disable_poller("poll");
2114
Willy Tarreau43b78992009-01-25 15:42:27 +01002115 if (!(global.tune.options & GTUNE_USE_SELECT))
Willy Tarreau4f60f162007-04-08 16:39:58 +02002116 disable_poller("select");
2117
2118 /* Note: we could disable any poller by name here */
2119
Christopher Fauletb3f4e142016-03-07 12:46:38 +01002120 if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) {
Willy Tarreau2ff76222007-04-09 19:29:56 +02002121 list_pollers(stderr);
Christopher Fauletb3f4e142016-03-07 12:46:38 +01002122 fprintf(stderr, "\n");
2123 list_filters(stderr);
2124 }
Willy Tarreau2ff76222007-04-09 19:29:56 +02002125
Willy Tarreau4f60f162007-04-08 16:39:58 +02002126 if (!init_pollers()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002127 ha_alert("No polling mechanism available.\n"
2128 " It is likely that haproxy was built with TARGET=generic and that FD_SETSIZE\n"
2129 " is too low on this platform to support maxconn and the number of listeners\n"
2130 " and servers. You should rebuild haproxy specifying your system using TARGET=\n"
2131 " in order to support other polling systems (poll, epoll, kqueue) or reduce the\n"
2132 " global maxconn setting to accommodate the system's limitation. For reference,\n"
2133 " FD_SETSIZE=%d on this system, global.maxconn=%d resulting in a maximum of\n"
2134 " %d file descriptors. You should thus reduce global.maxconn by %d. Also,\n"
2135 " check build settings using 'haproxy -vv'.\n\n",
2136 FD_SETSIZE, global.maxconn, global.maxsock, (global.maxsock + 1 - FD_SETSIZE) / 2);
Willy Tarreau4f60f162007-04-08 16:39:58 +02002137 exit(1);
2138 }
Willy Tarreau2ff76222007-04-09 19:29:56 +02002139 if (global.mode & (MODE_VERBOSE|MODE_DEBUG)) {
2140 printf("Using %s() as the polling mechanism.\n", cur_poller.name);
Willy Tarreau4f60f162007-04-08 16:39:58 +02002141 }
2142
Krzysztof Piotr Oledzki48cb2ae2009-10-02 22:51:14 +02002143 if (!global.node)
2144 global.node = strdup(hostname);
2145
Willy Tarreau02b092f2020-10-07 18:36:54 +02002146 /* stop disabled proxies */
2147 for (px = proxies_list; px; px = px->next) {
Willy Tarreauc3914d42020-09-24 08:39:22 +02002148 if (px->disabled)
Willy Tarreau02b092f2020-10-07 18:36:54 +02002149 stop_proxy(px);
2150 }
2151
Thierry FOURNIERa4a0f3d2015-01-23 12:08:30 +01002152 if (!hlua_post_init())
2153 exit(1);
Thomas Holmes6abded42015-05-12 16:23:58 +01002154
Maxime de Roucy0f503922016-05-13 23:52:55 +02002155 free(err_msg);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002156}
2157
Cyril Bonté203ec5a2017-03-23 22:44:13 +01002158void deinit(void)
Willy Tarreaubaaee002006-06-26 02:48:02 +02002159{
Olivier Houchardfbc74e82017-11-24 16:54:05 +01002160 struct proxy *p = proxies_list, *p0;
Willy Tarreaudeb9ed82010-01-03 21:03:22 +01002161 struct wordlist *wl, *wlb;
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002162 struct uri_auth *uap, *ua = NULL;
William Lallemand0f99e342011-10-12 17:50:54 +02002163 struct logsrv *log, *logb;
Willy Tarreaucdb737e2016-12-21 18:43:10 +01002164 struct build_opts_str *bol, *bolb;
Tim Duesterhusfdf904a2020-07-04 11:49:48 +02002165 struct post_deinit_fct *pdf, *pdfb;
Tim Duesterhus17e363f2020-07-04 11:49:47 +02002166 struct proxy_deinit_fct *pxdf, *pxdfb;
Tim Duesterhus0837eb12020-07-04 11:49:49 +02002167 struct server_deinit_fct *srvdf, *srvdfb;
Tim Duesterhusf0c25d22020-09-10 19:46:41 +02002168 struct per_thread_init_fct *tif, *tifb;
2169 struct per_thread_deinit_fct *tdf, *tdfb;
2170 struct per_thread_alloc_fct *taf, *tafb;
2171 struct per_thread_free_fct *tff, *tffb;
Tim Duesterhus34bef072020-07-04 11:49:50 +02002172 struct post_server_check_fct *pscf, *pscfb;
Tim Duesterhusfc854942020-09-10 19:46:42 +02002173 struct post_check_fct *pcf, *pcfb;
Tim Duesterhus53508d62020-09-10 19:46:40 +02002174 struct post_proxy_check_fct *ppcf, *ppcfb;
Willy Tarreauae7bc4a2020-09-23 16:46:22 +02002175 int cur_fd;
2176
2177 /* At this point the listeners state is weird:
2178 * - most listeners are still bound and referenced in their protocol
2179 * - some might be zombies that are not in their proto anymore, but
2180 * still appear in their proxy's listeners with a valid FD.
2181 * - some might be stopped and still appear in their proxy as FD #-1
2182 * - among all of them, some might be inherited hence shared and we're
2183 * not allowed to pause them or whatever, we must just close them.
2184 * - finally some are not listeners (pipes, logs, stdout, etc) and
2185 * must be left intact.
2186 *
2187 * The safe way to proceed is to unbind (and close) whatever is not yet
2188 * unbound so that no more receiver/listener remains alive. Then close
2189 * remaining listener FDs, which correspond to zombie listeners (those
2190 * belonging to disabled proxies that were in another process).
2191 * objt_listener() would be cleaner here but not converted yet.
2192 */
2193 protocol_unbind_all();
2194
2195 for (cur_fd = 0; cur_fd < global.maxsock; cur_fd++) {
Willy Tarreau1a3770c2020-10-14 12:13:51 +02002196 if (!fdtab || !fdtab[cur_fd].owner)
Willy Tarreauae7bc4a2020-09-23 16:46:22 +02002197 continue;
2198
Willy Tarreaua74cb382020-10-15 21:29:49 +02002199 if (fdtab[cur_fd].iocb == &sock_accept_iocb) {
Willy Tarreauae7bc4a2020-09-23 16:46:22 +02002200 struct listener *l = fdtab[cur_fd].owner;
2201
2202 BUG_ON(l->state != LI_INIT);
2203 unbind_listener(l);
2204 }
2205 }
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002206
Willy Tarreau24f4efa2010-08-27 17:56:48 +02002207 deinit_signals();
Willy Tarreaubaaee002006-06-26 02:48:02 +02002208 while (p) {
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002209 /* build a list of unique uri_auths */
2210 if (!ua)
2211 ua = p->uri_auth;
2212 else {
2213 /* check if p->uri_auth is unique */
2214 for (uap = ua; uap; uap=uap->next)
2215 if (uap == p->uri_auth)
2216 break;
2217
Willy Tarreauaccc4e12008-06-24 11:14:45 +02002218 if (!uap && p->uri_auth) {
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002219 /* add it, if it is */
2220 p->uri_auth->next = ua;
2221 ua = p->uri_auth;
2222 }
William Lallemand0f99e342011-10-12 17:50:54 +02002223 }
2224
Willy Tarreau4d2d0982007-05-14 00:39:29 +02002225 p0 = p;
Willy Tarreaubaaee002006-06-26 02:48:02 +02002226 p = p->next;
Amaury Denoyelle27fefa12021-03-24 16:13:20 +01002227 free_proxy(p0);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002228 }/* end while(p) */
Willy Tarreaudd815982007-10-16 12:25:14 +02002229
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002230 while (ua) {
Tim Duesterhus00f00cf2020-09-10 19:46:38 +02002231 struct stat_scope *scope, *scopep;
2232
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002233 uap = ua;
2234 ua = ua->next;
2235
Willy Tarreaua534fea2008-08-03 12:19:50 +02002236 free(uap->uri_prefix);
2237 free(uap->auth_realm);
Krzysztof Piotr Oledzki48cb2ae2009-10-02 22:51:14 +02002238 free(uap->node);
2239 free(uap->desc);
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002240
Krzysztof Piotr Oledzki8c8bd452010-01-29 19:29:32 +01002241 userlist_free(uap->userlist);
Amaury Denoyelle68fd7e42021-03-25 17:15:52 +01002242 free_act_rules(&uap->http_req_rules);
Krzysztof Piotr Oledzki8c8bd452010-01-29 19:29:32 +01002243
Tim Duesterhus00f00cf2020-09-10 19:46:38 +02002244 scope = uap->scope;
2245 while (scope) {
2246 scopep = scope;
2247 scope = scope->next;
2248
2249 free(scopep->px_id);
2250 free(scopep);
2251 }
2252
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002253 free(uap);
2254 }
2255
Krzysztof Piotr Oledzki96105042010-01-29 17:50:44 +01002256 userlist_free(userlist);
2257
David Carlier834cb2e2015-09-25 12:02:25 +01002258 cfg_unregister_sections();
2259
Christopher Faulet0132d062017-07-26 15:33:35 +02002260 deinit_log_buffers();
David Carlier834cb2e2015-09-25 12:02:25 +01002261
Willy Tarreau05554e62016-12-21 20:46:26 +01002262 list_for_each_entry(pdf, &post_deinit_list, list)
2263 pdf->fct();
2264
Willy Tarreau61cfdf42021-02-20 10:46:51 +01002265 ha_free(&global.log_send_hostname);
Dragan Dosen43885c72015-10-01 13:18:13 +02002266 chunk_destroy(&global.log_tag);
Willy Tarreau61cfdf42021-02-20 10:46:51 +01002267 ha_free(&global.chroot);
2268 ha_free(&global.pidfile);
2269 ha_free(&global.node);
2270 ha_free(&global.desc);
2271 ha_free(&oldpids);
2272 ha_free(&old_argv);
2273 ha_free(&localpeer);
2274 ha_free(&global.server_state_base);
2275 ha_free(&global.server_state_file);
Olivier Houchard3f795f72019-04-17 22:51:06 +02002276 task_destroy(idle_conn_task);
Olivier Houchard9ea5d362019-02-14 18:29:09 +01002277 idle_conn_task = NULL;
Krzysztof Piotr Oledzki8001d612008-05-31 13:53:23 +02002278
William Lallemand0f99e342011-10-12 17:50:54 +02002279 list_for_each_entry_safe(log, logb, &global.logsrvs, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002280 LIST_DELETE(&log->list);
Amaury Denoyelled688e012021-04-20 17:05:47 +02002281 free(log->conf.file);
William Lallemand0f99e342011-10-12 17:50:54 +02002282 free(log);
2283 }
Willy Tarreau477ecd82010-01-03 21:12:30 +01002284 list_for_each_entry_safe(wl, wlb, &cfg_cfgfiles, list) {
Maxime de Roucy0f503922016-05-13 23:52:55 +02002285 free(wl->s);
Willy Tarreau2b718102021-04-21 07:32:39 +02002286 LIST_DELETE(&wl->list);
Willy Tarreau477ecd82010-01-03 21:12:30 +01002287 free(wl);
2288 }
2289
Willy Tarreaucdb737e2016-12-21 18:43:10 +01002290 list_for_each_entry_safe(bol, bolb, &build_opts_list, list) {
2291 if (bol->must_free)
2292 free((void *)bol->str);
Willy Tarreau2b718102021-04-21 07:32:39 +02002293 LIST_DELETE(&bol->list);
Willy Tarreaucdb737e2016-12-21 18:43:10 +01002294 free(bol);
2295 }
2296
Tim Duesterhus17e363f2020-07-04 11:49:47 +02002297 list_for_each_entry_safe(pxdf, pxdfb, &proxy_deinit_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002298 LIST_DELETE(&pxdf->list);
Tim Duesterhus17e363f2020-07-04 11:49:47 +02002299 free(pxdf);
2300 }
2301
Tim Duesterhusfdf904a2020-07-04 11:49:48 +02002302 list_for_each_entry_safe(pdf, pdfb, &post_deinit_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002303 LIST_DELETE(&pdf->list);
Tim Duesterhusfdf904a2020-07-04 11:49:48 +02002304 free(pdf);
2305 }
2306
Tim Duesterhus0837eb12020-07-04 11:49:49 +02002307 list_for_each_entry_safe(srvdf, srvdfb, &server_deinit_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002308 LIST_DELETE(&srvdf->list);
Tim Duesterhus0837eb12020-07-04 11:49:49 +02002309 free(srvdf);
2310 }
2311
Tim Duesterhusfc854942020-09-10 19:46:42 +02002312 list_for_each_entry_safe(pcf, pcfb, &post_check_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002313 LIST_DELETE(&pcf->list);
Tim Duesterhusfc854942020-09-10 19:46:42 +02002314 free(pcf);
2315 }
2316
Tim Duesterhus34bef072020-07-04 11:49:50 +02002317 list_for_each_entry_safe(pscf, pscfb, &post_server_check_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002318 LIST_DELETE(&pscf->list);
Tim Duesterhus34bef072020-07-04 11:49:50 +02002319 free(pscf);
2320 }
2321
Tim Duesterhus53508d62020-09-10 19:46:40 +02002322 list_for_each_entry_safe(ppcf, ppcfb, &post_proxy_check_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002323 LIST_DELETE(&ppcf->list);
Tim Duesterhus53508d62020-09-10 19:46:40 +02002324 free(ppcf);
2325 }
2326
Tim Duesterhusf0c25d22020-09-10 19:46:41 +02002327 list_for_each_entry_safe(tif, tifb, &per_thread_init_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002328 LIST_DELETE(&tif->list);
Tim Duesterhusf0c25d22020-09-10 19:46:41 +02002329 free(tif);
2330 }
2331
2332 list_for_each_entry_safe(tdf, tdfb, &per_thread_deinit_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002333 LIST_DELETE(&tdf->list);
Tim Duesterhusf0c25d22020-09-10 19:46:41 +02002334 free(tdf);
2335 }
2336
2337 list_for_each_entry_safe(taf, tafb, &per_thread_alloc_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002338 LIST_DELETE(&taf->list);
Tim Duesterhusf0c25d22020-09-10 19:46:41 +02002339 free(taf);
2340 }
2341
2342 list_for_each_entry_safe(tff, tffb, &per_thread_free_list, list) {
Willy Tarreau2b718102021-04-21 07:32:39 +02002343 LIST_DELETE(&tff->list);
Tim Duesterhusf0c25d22020-09-10 19:46:41 +02002344 free(tff);
2345 }
2346
Christopher Fauletff2613e2016-11-09 11:36:17 +01002347 vars_prune(&global.vars, NULL, NULL);
Willy Tarreau2455ceb2018-11-26 15:57:34 +01002348 pool_destroy_all();
Krzysztof Piotr Oledzkia643baf2008-05-29 23:53:44 +02002349 deinit_pollers();
Willy Tarreaubaaee002006-06-26 02:48:02 +02002350} /* end deinit() */
2351
Willy Tarreauf3ca5a02020-06-15 18:43:46 +02002352__attribute__((noreturn)) void deinit_and_exit(int status)
Tim Duesterhus26540552020-06-14 00:37:41 +02002353{
2354 deinit();
2355 exit(status);
2356}
William Lallemand72160322018-11-06 17:37:16 +01002357
Willy Tarreau918ff602011-07-25 16:33:49 +02002358/* Runs the polling loop */
Willy Tarreau3ebd55e2020-03-03 14:59:56 +01002359void run_poll_loop()
Willy Tarreau4f60f162007-04-08 16:39:58 +02002360{
Willy Tarreau2ae84e42019-05-28 16:44:05 +02002361 int next, wake;
Willy Tarreau4f60f162007-04-08 16:39:58 +02002362
Willy Tarreaub0b37bc2008-06-23 14:00:57 +02002363 tv_update_date(0,1);
Willy Tarreau4f60f162007-04-08 16:39:58 +02002364 while (1) {
Willy Tarreauc49ba522019-12-11 08:12:23 +01002365 wake_expired_tasks();
2366
William Lallemand1aab50b2018-06-07 09:46:01 +02002367 /* check if we caught some signals and process them in the
2368 first thread */
Willy Tarreaua7ad4ae2020-06-19 12:06:34 +02002369 if (signal_queue_len && tid == 0) {
2370 activity[tid].wake_signal++;
William Lallemand1aab50b2018-06-07 09:46:01 +02002371 signal_process_queue();
Willy Tarreaua7ad4ae2020-06-19 12:06:34 +02002372 }
2373
2374 /* Process a few tasks */
2375 process_runnable_tasks();
Willy Tarreau29857942009-05-10 09:01:21 +02002376
Willy Tarreau7067b3a2019-06-02 11:11:29 +02002377 /* also stop if we failed to cleanly stop all tasks */
2378 if (killed > 1)
2379 break;
2380
Willy Tarreau10146c92015-04-13 20:44:19 +02002381 /* expire immediately if events are pending */
Willy Tarreau2ae84e42019-05-28 16:44:05 +02002382 wake = 1;
Olivier Houchard305d5ab2019-07-24 18:07:06 +02002383 if (thread_has_tasks())
Willy Tarreaud80cb4e2018-01-20 19:30:13 +01002384 activity[tid].wake_tasks++;
Olivier Houchard79321b92018-07-26 17:55:11 +02002385 else {
Olivier Houchardb23a61f2019-03-08 18:51:17 +01002386 _HA_ATOMIC_OR(&sleeping_thread_mask, tid_bit);
2387 __ha_barrier_atomic_store();
Willy Tarreau95abd5b2020-03-23 09:33:32 +01002388 if (thread_has_tasks()) {
Olivier Houchard79321b92018-07-26 17:55:11 +02002389 activity[tid].wake_tasks++;
Olivier Houchardb23a61f2019-03-08 18:51:17 +01002390 _HA_ATOMIC_AND(&sleeping_thread_mask, ~tid_bit);
Olivier Houchard79321b92018-07-26 17:55:11 +02002391 } else
Willy Tarreau2ae84e42019-05-28 16:44:05 +02002392 wake = 0;
Olivier Houchard79321b92018-07-26 17:55:11 +02002393 }
Willy Tarreau10146c92015-04-13 20:44:19 +02002394
Willy Tarreau4f46a352020-03-23 09:27:28 +01002395 if (!wake) {
Willy Tarreaud7a6b2f2020-05-13 13:51:01 +02002396 int i;
2397
2398 if (stopping) {
Willy Tarreau1db42732021-04-06 11:44:07 +02002399 if (_HA_ATOMIC_OR_FETCH(&stopping_thread_mask, tid_bit) == tid_bit) {
Willy Tarreaud6455742020-05-13 14:30:25 +02002400 /* notify all threads that stopping was just set */
2401 for (i = 0; i < global.nbthread; i++)
Willy Tarreau369a2ef2020-06-29 19:23:19 +02002402 if (((all_threads_mask & ~stopping_thread_mask) >> i) & 1)
Willy Tarreaud6455742020-05-13 14:30:25 +02002403 wake_thread(i);
2404 }
Willy Tarreaud7a6b2f2020-05-13 13:51:01 +02002405 }
Willy Tarreau4f46a352020-03-23 09:27:28 +01002406
2407 /* stop when there's nothing left to do */
2408 if ((jobs - unstoppable_jobs) == 0 &&
Willy Tarreaud7a6b2f2020-05-13 13:51:01 +02002409 (stopping_thread_mask & all_threads_mask) == all_threads_mask) {
2410 /* wake all threads waiting on jobs==0 */
2411 for (i = 0; i < global.nbthread; i++)
2412 if (((all_threads_mask & ~tid_bit) >> i) & 1)
2413 wake_thread(i);
Willy Tarreau4f46a352020-03-23 09:27:28 +01002414 break;
Willy Tarreaud7a6b2f2020-05-13 13:51:01 +02002415 }
Willy Tarreau4f46a352020-03-23 09:27:28 +01002416 }
2417
Willy Tarreauc49ba522019-12-11 08:12:23 +01002418 /* If we have to sleep, measure how long */
2419 next = wake ? TICK_ETERNITY : next_timer_expiry();
2420
Willy Tarreau58b458d2008-06-29 22:40:23 +02002421 /* The poller will ensure it returns around <next> */
Willy Tarreau2ae84e42019-05-28 16:44:05 +02002422 cur_poller.poll(&cur_poller, next, wake);
Emeric Brun64cc49c2017-10-03 14:46:45 +02002423
Willy Tarreaud80cb4e2018-01-20 19:30:13 +01002424 activity[tid].loops++;
Willy Tarreau4f60f162007-04-08 16:39:58 +02002425 }
2426}
2427
Christopher Faulet1d17c102017-08-29 15:38:48 +02002428static void *run_thread_poll_loop(void *data)
2429{
Willy Tarreau082b6282019-05-22 14:42:12 +02002430 struct per_thread_alloc_fct *ptaf;
Christopher Faulet1d17c102017-08-29 15:38:48 +02002431 struct per_thread_init_fct *ptif;
2432 struct per_thread_deinit_fct *ptdf;
Willy Tarreau082b6282019-05-22 14:42:12 +02002433 struct per_thread_free_fct *ptff;
Willy Tarreau34a150c2019-06-11 09:16:41 +02002434 static int init_left = 0;
Willy Tarreauaf613e82020-06-05 08:40:51 +02002435 __decl_thread(static pthread_mutex_t init_mutex = PTHREAD_MUTEX_INITIALIZER);
2436 __decl_thread(static pthread_cond_t init_cond = PTHREAD_COND_INITIALIZER);
Christopher Faulet1d17c102017-08-29 15:38:48 +02002437
Willy Tarreaub4f7cc32019-05-03 09:27:30 +02002438 ha_set_tid((unsigned long)data);
Willy Tarreaud022e9c2019-09-24 08:25:15 +02002439 sched = &task_per_thread[tid];
Willy Tarreau91e6df02019-05-03 17:21:18 +02002440
Willy Tarreauf6178242019-05-21 19:46:58 +02002441#if (_POSIX_TIMERS > 0) && defined(_POSIX_THREAD_CPUTIME)
Willy Tarreau91e6df02019-05-03 17:21:18 +02002442#ifdef USE_THREAD
Willy Tarreau8323a372019-05-20 18:57:53 +02002443 pthread_getcpuclockid(pthread_self(), &ti->clock_id);
Willy Tarreau624dcbf2019-05-20 20:23:06 +02002444#else
Willy Tarreau8323a372019-05-20 18:57:53 +02002445 ti->clock_id = CLOCK_THREAD_CPUTIME_ID;
Willy Tarreau91e6df02019-05-03 17:21:18 +02002446#endif
Willy Tarreau663fda42019-05-21 15:14:08 +02002447#endif
Willy Tarreau6ec902a2019-06-07 14:41:11 +02002448 /* Now, initialize one thread init at a time. This is better since
2449 * some init code is a bit tricky and may release global resources
2450 * after reallocating them locally. This will also ensure there is
2451 * no race on file descriptors allocation.
2452 */
Willy Tarreau34a150c2019-06-11 09:16:41 +02002453#ifdef USE_THREAD
2454 pthread_mutex_lock(&init_mutex);
2455#endif
2456 /* The first thread must set the number of threads left */
2457 if (!init_left)
2458 init_left = global.nbthread;
2459 init_left--;
Willy Tarreau91e6df02019-05-03 17:21:18 +02002460
Willy Tarreauc4c80fb2021-04-11 15:00:34 +02002461 tv_init_thread_date();
Christopher Faulet1d17c102017-08-29 15:38:48 +02002462
Willy Tarreau082b6282019-05-22 14:42:12 +02002463 /* per-thread alloc calls performed here are not allowed to snoop on
2464 * other threads, so they are free to initialize at their own rhythm
2465 * as long as they act as if they were alone. None of them may rely
2466 * on resources initialized by the other ones.
2467 */
2468 list_for_each_entry(ptaf, &per_thread_alloc_list, list) {
2469 if (!ptaf->fct()) {
2470 ha_alert("failed to allocate resources for thread %u.\n", tid);
2471 exit(1);
2472 }
2473 }
2474
Willy Tarreau3078e9f2019-05-20 10:50:43 +02002475 /* per-thread init calls performed here are not allowed to snoop on
2476 * other threads, so they are free to initialize at their own rhythm
2477 * as long as they act as if they were alone.
2478 */
Christopher Faulet1d17c102017-08-29 15:38:48 +02002479 list_for_each_entry(ptif, &per_thread_init_list, list) {
2480 if (!ptif->fct()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002481 ha_alert("failed to initialize thread %u.\n", tid);
Christopher Faulet1d17c102017-08-29 15:38:48 +02002482 exit(1);
2483 }
2484 }
2485
Willy Tarreau71092822019-06-10 09:51:04 +02002486 /* enabling protocols will result in fd_insert() calls to be performed,
2487 * we want all threads to have already allocated their local fd tables
Willy Tarreau34a150c2019-06-11 09:16:41 +02002488 * before doing so, thus only the last thread does it.
Willy Tarreau71092822019-06-10 09:51:04 +02002489 */
Willy Tarreau34a150c2019-06-11 09:16:41 +02002490 if (init_left == 0)
Willy Tarreaue4d7c9d2019-06-10 10:14:52 +02002491 protocol_enable_all();
Willy Tarreau6ec902a2019-06-07 14:41:11 +02002492
Willy Tarreau34a150c2019-06-11 09:16:41 +02002493#ifdef USE_THREAD
2494 pthread_cond_broadcast(&init_cond);
2495 pthread_mutex_unlock(&init_mutex);
2496
2497 /* now wait for other threads to finish starting */
2498 pthread_mutex_lock(&init_mutex);
2499 while (init_left)
2500 pthread_cond_wait(&init_cond, &init_mutex);
2501 pthread_mutex_unlock(&init_mutex);
2502#endif
Willy Tarreau3078e9f2019-05-20 10:50:43 +02002503
Willy Tarreaua45a8b52019-12-06 16:31:45 +01002504#if defined(PR_SET_NO_NEW_PRIVS) && defined(USE_PRCTL)
2505 /* Let's refrain from using setuid executables. This way the impact of
2506 * an eventual vulnerability in a library remains limited. It may
2507 * impact external checks but who cares about them anyway ? In the
2508 * worst case it's possible to disable the option. Obviously we do this
2509 * in workers only. We can't hard-fail on this one as it really is
2510 * implementation dependent though we're interested in feedback, hence
2511 * the warning.
2512 */
2513 if (!(global.tune.options & GTUNE_INSECURE_SETUID) && !master) {
2514 static int warn_fail;
Willy Tarreau18515722021-04-06 11:57:41 +02002515 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1 && !_HA_ATOMIC_FETCH_ADD(&warn_fail, 1)) {
Willy Tarreaua45a8b52019-12-06 16:31:45 +01002516 ha_warning("Failed to disable setuid, please report to developers with detailed "
2517 "information about your operating system. You can silence this warning "
2518 "by adding 'insecure-setuid-wanted' in the 'global' section.\n");
2519 }
2520 }
2521#endif
2522
Willy Tarreaud96f1122019-12-03 07:07:36 +01002523#if defined(RLIMIT_NPROC)
2524 /* all threads have started, it's now time to prevent any new thread
2525 * or process from starting. Obviously we do this in workers only. We
2526 * can't hard-fail on this one as it really is implementation dependent
2527 * though we're interested in feedback, hence the warning.
2528 */
2529 if (!(global.tune.options & GTUNE_INSECURE_FORK) && !master) {
2530 struct rlimit limit = { .rlim_cur = 0, .rlim_max = 0 };
2531 static int warn_fail;
2532
Willy Tarreau18515722021-04-06 11:57:41 +02002533 if (setrlimit(RLIMIT_NPROC, &limit) == -1 && !_HA_ATOMIC_FETCH_ADD(&warn_fail, 1)) {
Willy Tarreaud96f1122019-12-03 07:07:36 +01002534 ha_warning("Failed to disable forks, please report to developers with detailed "
2535 "information about your operating system. You can silence this warning "
2536 "by adding 'insecure-fork-wanted' in the 'global' section.\n");
2537 }
2538 }
2539#endif
Christopher Faulet1d17c102017-08-29 15:38:48 +02002540 run_poll_loop();
2541
2542 list_for_each_entry(ptdf, &per_thread_deinit_list, list)
2543 ptdf->fct();
2544
Willy Tarreau082b6282019-05-22 14:42:12 +02002545 list_for_each_entry(ptff, &per_thread_free_list, list)
2546 ptff->fct();
2547
Christopher Fauletcd7879a2017-10-27 13:53:47 +02002548#ifdef USE_THREAD
Olivier Houchardb23a61f2019-03-08 18:51:17 +01002549 _HA_ATOMIC_AND(&all_threads_mask, ~tid_bit);
Christopher Fauletcd7879a2017-10-27 13:53:47 +02002550 if (tid > 0)
2551 pthread_exit(NULL);
Christopher Faulet1d17c102017-08-29 15:38:48 +02002552#endif
Christopher Fauletcd7879a2017-10-27 13:53:47 +02002553 return NULL;
2554}
Christopher Faulet1d17c102017-08-29 15:38:48 +02002555
William Dauchyf9af9d72019-11-17 15:47:16 +01002556/* set uid/gid depending on global settings */
2557static void set_identity(const char *program_name)
2558{
2559 if (global.gid) {
2560 if (getgroups(0, NULL) > 0 && setgroups(0, NULL) == -1)
2561 ha_warning("[%s.main()] Failed to drop supplementary groups. Using 'gid'/'group'"
2562 " without 'uid'/'user' is generally useless.\n", program_name);
2563
2564 if (setgid(global.gid) == -1) {
2565 ha_alert("[%s.main()] Cannot set gid %d.\n", program_name, global.gid);
2566 protocol_unbind_all();
2567 exit(1);
2568 }
2569 }
2570
2571 if (global.uid && setuid(global.uid) == -1) {
2572 ha_alert("[%s.main()] Cannot set uid %d.\n", program_name, global.uid);
2573 protocol_unbind_all();
2574 exit(1);
2575 }
2576}
2577
Willy Tarreaubaaee002006-06-26 02:48:02 +02002578int main(int argc, char **argv)
2579{
2580 int err, retry;
2581 struct rlimit limit;
Willy Tarreau269ab312012-09-05 08:02:48 +02002582 int pidfd = -1;
Willy Tarreaubaaee002006-06-26 02:48:02 +02002583
Olivier Houchard5fa300d2018-02-03 15:15:21 +01002584 setvbuf(stdout, NULL, _IONBF, 0);
Willy Tarreau5794fb02018-11-25 18:43:29 +01002585
Willy Tarreauff9c9142019-02-07 10:39:36 +01002586 /* this can only safely be done here, though it's optimized away by
2587 * the compiler.
2588 */
2589 if (MAX_PROCS < 1 || MAX_PROCS > LONGBITS) {
2590 ha_alert("MAX_PROCS value must be between 1 and %d inclusive; "
2591 "HAProxy was built with value %d, please fix it and rebuild.\n",
2592 LONGBITS, MAX_PROCS);
2593 exit(1);
2594 }
2595
Willy Tarreaubf696402019-03-01 10:09:28 +01002596 /* take a copy of initial limits before we possibly change them */
2597 getrlimit(RLIMIT_NOFILE, &limit);
Willy Tarreau2bd0f812020-10-13 15:36:08 +02002598
2599 if (limit.rlim_max == RLIM_INFINITY)
2600 limit.rlim_max = limit.rlim_cur;
Willy Tarreaubf696402019-03-01 10:09:28 +01002601 rlim_fd_cur_at_boot = limit.rlim_cur;
2602 rlim_fd_max_at_boot = limit.rlim_max;
2603
Willy Tarreau5794fb02018-11-25 18:43:29 +01002604 /* process all initcalls in order of potential dependency */
2605 RUN_INITCALLS(STG_PREPARE);
2606 RUN_INITCALLS(STG_LOCK);
2607 RUN_INITCALLS(STG_ALLOC);
2608 RUN_INITCALLS(STG_POOL);
2609 RUN_INITCALLS(STG_REGISTER);
2610 RUN_INITCALLS(STG_INIT);
2611
Emeric Bruncf20bf12010-10-22 16:06:11 +02002612 init(argc, argv);
Willy Tarreau24f4efa2010-08-27 17:56:48 +02002613 signal_register_fct(SIGQUIT, dump, SIGQUIT);
2614 signal_register_fct(SIGUSR1, sig_soft_stop, SIGUSR1);
2615 signal_register_fct(SIGHUP, sig_dump_state, SIGHUP);
William Lallemand73b85e72017-06-01 17:38:51 +02002616 signal_register_fct(SIGUSR2, NULL, 0);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002617
Willy Tarreaue437c442010-03-17 18:02:46 +01002618 /* Always catch SIGPIPE even on platforms which define MSG_NOSIGNAL.
2619 * Some recent FreeBSD setups report broken pipes, and MSG_NOSIGNAL
2620 * was defined there, so let's stay on the safe side.
Willy Tarreaubaaee002006-06-26 02:48:02 +02002621 */
Willy Tarreau24f4efa2010-08-27 17:56:48 +02002622 signal_register_fct(SIGPIPE, NULL, 0);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002623
Willy Tarreaudc23a922011-02-16 11:10:36 +01002624 /* ulimits */
2625 if (!global.rlimit_nofile)
2626 global.rlimit_nofile = global.maxsock;
2627
2628 if (global.rlimit_nofile) {
Willy Tarreaue5cfdac2019-03-01 10:32:05 +01002629 limit.rlim_cur = global.rlimit_nofile;
2630 limit.rlim_max = MAX(rlim_fd_max_at_boot, limit.rlim_cur);
2631
Willy Tarreaudc23a922011-02-16 11:10:36 +01002632 if (setrlimit(RLIMIT_NOFILE, &limit) == -1) {
Willy Tarreauef635472016-06-21 11:48:18 +02002633 getrlimit(RLIMIT_NOFILE, &limit);
William Dauchy0fec3ab2019-10-27 20:08:11 +01002634 if (global.tune.options & GTUNE_STRICT_LIMITS) {
2635 ha_alert("[%s.main()] Cannot raise FD limit to %d, limit is %d.\n",
2636 argv[0], global.rlimit_nofile, (int)limit.rlim_cur);
Jerome Magnin50f757c2021-01-12 20:19:38 +01002637 exit(1);
William Dauchy0fec3ab2019-10-27 20:08:11 +01002638 }
2639 else {
2640 /* try to set it to the max possible at least */
2641 limit.rlim_cur = limit.rlim_max;
2642 if (setrlimit(RLIMIT_NOFILE, &limit) != -1)
2643 getrlimit(RLIMIT_NOFILE, &limit);
Willy Tarreau164dd0b2016-06-21 11:51:59 +02002644
William Dauchya5194602020-03-28 19:29:58 +01002645 ha_warning("[%s.main()] Cannot raise FD limit to %d, limit is %d.\n",
William Dauchy0fec3ab2019-10-27 20:08:11 +01002646 argv[0], global.rlimit_nofile, (int)limit.rlim_cur);
2647 global.rlimit_nofile = limit.rlim_cur;
2648 }
Willy Tarreaudc23a922011-02-16 11:10:36 +01002649 }
2650 }
2651
2652 if (global.rlimit_memmax) {
2653 limit.rlim_cur = limit.rlim_max =
Willy Tarreau70060452015-12-14 12:46:07 +01002654 global.rlimit_memmax * 1048576ULL;
Willy Tarreaudc23a922011-02-16 11:10:36 +01002655#ifdef RLIMIT_AS
2656 if (setrlimit(RLIMIT_AS, &limit) == -1) {
William Dauchy0fec3ab2019-10-27 20:08:11 +01002657 if (global.tune.options & GTUNE_STRICT_LIMITS) {
2658 ha_alert("[%s.main()] Cannot fix MEM limit to %d megs.\n",
2659 argv[0], global.rlimit_memmax);
Jerome Magnin50f757c2021-01-12 20:19:38 +01002660 exit(1);
William Dauchy0fec3ab2019-10-27 20:08:11 +01002661 }
2662 else
William Dauchya5194602020-03-28 19:29:58 +01002663 ha_warning("[%s.main()] Cannot fix MEM limit to %d megs.\n",
William Dauchy0fec3ab2019-10-27 20:08:11 +01002664 argv[0], global.rlimit_memmax);
Willy Tarreaudc23a922011-02-16 11:10:36 +01002665 }
2666#else
2667 if (setrlimit(RLIMIT_DATA, &limit) == -1) {
William Dauchy0fec3ab2019-10-27 20:08:11 +01002668 if (global.tune.options & GTUNE_STRICT_LIMITS) {
2669 ha_alert("[%s.main()] Cannot fix MEM limit to %d megs.\n",
2670 argv[0], global.rlimit_memmax);
Jerome Magnin50f757c2021-01-12 20:19:38 +01002671 exit(1);
William Dauchy0fec3ab2019-10-27 20:08:11 +01002672 }
2673 else
William Dauchya5194602020-03-28 19:29:58 +01002674 ha_warning("[%s.main()] Cannot fix MEM limit to %d megs.\n",
William Dauchy0fec3ab2019-10-27 20:08:11 +01002675 argv[0], global.rlimit_memmax);
Willy Tarreaudc23a922011-02-16 11:10:36 +01002676 }
2677#endif
2678 }
2679
Olivier Houchardf73629d2017-04-05 22:33:04 +02002680 if (old_unixsocket) {
William Lallemand85b0bd92017-06-01 17:38:53 +02002681 if (strcmp("/dev/null", old_unixsocket) != 0) {
Willy Tarreau42961742020-08-28 18:42:45 +02002682 if (sock_get_old_sockets(old_unixsocket) != 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002683 ha_alert("Failed to get the sockets from the old process!\n");
William Lallemand85b0bd92017-06-01 17:38:53 +02002684 if (!(global.mode & MODE_MWORKER))
2685 exit(1);
2686 }
Olivier Houchardf73629d2017-04-05 22:33:04 +02002687 }
2688 }
William Lallemand85b0bd92017-06-01 17:38:53 +02002689 get_cur_unixsocket();
2690
Willy Tarreaubaaee002006-06-26 02:48:02 +02002691 /* We will loop at most 100 times with 10 ms delay each time.
2692 * That's at most 1 second. We only send a signal to old pids
2693 * if we cannot grab at least one port.
2694 */
2695 retry = MAX_START_RETRIES;
2696 err = ERR_NONE;
2697 while (retry >= 0) {
2698 struct timeval w;
Willy Tarreaue91bff22020-09-02 11:11:43 +02002699 err = protocol_bind_all(retry == 0 || nb_oldpids == 0);
Willy Tarreaue13e9252007-12-20 23:05:50 +01002700 /* exit the loop on no error or fatal error */
2701 if ((err & (ERR_RETRYABLE|ERR_FATAL)) != ERR_RETRYABLE)
Willy Tarreaubaaee002006-06-26 02:48:02 +02002702 break;
Willy Tarreaubb545b42010-08-25 12:58:59 +02002703 if (nb_oldpids == 0 || retry == 0)
Willy Tarreaubaaee002006-06-26 02:48:02 +02002704 break;
2705
2706 /* FIXME-20060514: Solaris and OpenBSD do not support shutdown() on
2707 * listening sockets. So on those platforms, it would be wiser to
2708 * simply send SIGUSR1, which will not be undoable.
2709 */
Willy Tarreaubb545b42010-08-25 12:58:59 +02002710 if (tell_old_pids(SIGTTOU) == 0) {
2711 /* no need to wait if we can't contact old pids */
2712 retry = 0;
2713 continue;
2714 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02002715 /* give some time to old processes to stop listening */
2716 w.tv_sec = 0;
2717 w.tv_usec = 10*1000;
2718 select(0, NULL, NULL, NULL, &w);
2719 retry--;
2720 }
2721
Willy Tarreaue91bff22020-09-02 11:11:43 +02002722 /* Note: protocol_bind_all() sends an alert when it fails. */
Willy Tarreau0a3b9d92009-02-04 17:05:23 +01002723 if ((err & ~ERR_WARN) != ERR_NONE) {
Willy Tarreaue91bff22020-09-02 11:11:43 +02002724 ha_alert("[%s.main()] Some protocols failed to start their listeners! Exiting.\n", argv[0]);
Willy Tarreauf68da462009-06-09 14:36:00 +02002725 if (retry != MAX_START_RETRIES && nb_oldpids) {
2726 protocol_unbind_all(); /* cleanup everything we can */
Willy Tarreaubaaee002006-06-26 02:48:02 +02002727 tell_old_pids(SIGTTIN);
Willy Tarreauf68da462009-06-09 14:36:00 +02002728 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02002729 exit(1);
2730 }
2731
William Lallemand944e6192018-11-21 15:48:31 +01002732 if (!(global.mode & MODE_MWORKER_WAIT) && listeners == 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002733 ha_alert("[%s.main()] No enabled listener found (check for 'bind' directives) ! Exiting.\n", argv[0]);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002734 /* Note: we don't have to send anything to the old pids because we
2735 * never stopped them. */
2736 exit(1);
2737 }
2738
Willy Tarreaue91bff22020-09-02 11:11:43 +02002739 /* Ok, all listeners should now be bound, close any leftover sockets
Olivier Houchardf73629d2017-04-05 22:33:04 +02002740 * the previous process gave us, we don't need them anymore
2741 */
2742 while (xfer_sock_list != NULL) {
2743 struct xfer_sock_list *tmpxfer = xfer_sock_list->next;
2744 close(xfer_sock_list->fd);
2745 free(xfer_sock_list->iface);
2746 free(xfer_sock_list->namespace);
2747 free(xfer_sock_list);
2748 xfer_sock_list = tmpxfer;
2749 }
Willy Tarreaudd815982007-10-16 12:25:14 +02002750
Willy Tarreaubaaee002006-06-26 02:48:02 +02002751 /* prepare pause/play signals */
Willy Tarreau24f4efa2010-08-27 17:56:48 +02002752 signal_register_fct(SIGTTOU, sig_pause, SIGTTOU);
2753 signal_register_fct(SIGTTIN, sig_listen, SIGTTIN);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002754
Willy Tarreaubaaee002006-06-26 02:48:02 +02002755 /* MODE_QUIET can inhibit alerts and warnings below this line */
2756
PiBa-NL149a81a2017-12-25 21:03:31 +01002757 if (getenv("HAPROXY_MWORKER_REEXEC") != NULL) {
2758 /* either stdin/out/err are already closed or should stay as they are. */
2759 if ((global.mode & MODE_DAEMON)) {
2760 /* daemon mode re-executing, stdin/stdout/stderr are already closed so keep quiet */
2761 global.mode &= ~MODE_VERBOSE;
2762 global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */
2763 }
2764 } else {
2765 if ((global.mode & MODE_QUIET) && !(global.mode & MODE_VERBOSE)) {
2766 /* detach from the tty */
William Lallemande1340412017-12-28 16:09:36 +01002767 stdio_quiet(-1);
PiBa-NL149a81a2017-12-25 21:03:31 +01002768 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02002769 }
2770
2771 /* open log & pid files before the chroot */
William Lallemand80293002017-11-06 11:00:03 +01002772 if ((global.mode & MODE_DAEMON || global.mode & MODE_MWORKER) && global.pidfile != NULL) {
Willy Tarreaubaaee002006-06-26 02:48:02 +02002773 unlink(global.pidfile);
2774 pidfd = open(global.pidfile, O_CREAT | O_WRONLY | O_TRUNC, 0644);
2775 if (pidfd < 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002776 ha_alert("[%s.main()] Cannot create pidfile %s\n", argv[0], global.pidfile);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002777 if (nb_oldpids)
2778 tell_old_pids(SIGTTIN);
Willy Tarreaudd815982007-10-16 12:25:14 +02002779 protocol_unbind_all();
Willy Tarreaubaaee002006-06-26 02:48:02 +02002780 exit(1);
2781 }
Willy Tarreaubaaee002006-06-26 02:48:02 +02002782 }
2783
Willy Tarreaub38651a2007-03-24 17:24:39 +01002784 if ((global.last_checks & LSTCHK_NETADM) && global.uid) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002785 ha_alert("[%s.main()] Some configuration options require full privileges, so global.uid cannot be changed.\n"
2786 "", argv[0]);
Willy Tarreaudd815982007-10-16 12:25:14 +02002787 protocol_unbind_all();
Willy Tarreaub38651a2007-03-24 17:24:39 +01002788 exit(1);
2789 }
2790
Jackie Tapia749f74c2020-07-22 18:59:40 -05002791 /* If the user is not root, we'll still let them try the configuration
2792 * but we inform them that unexpected behaviour may occur.
Willy Tarreau4e30ed72009-02-04 18:02:48 +01002793 */
2794 if ((global.last_checks & LSTCHK_NETADM) && getuid())
Christopher Faulet767a84b2017-11-24 16:50:31 +01002795 ha_warning("[%s.main()] Some options which require full privileges"
2796 " might not work well.\n"
2797 "", argv[0]);
Willy Tarreau4e30ed72009-02-04 18:02:48 +01002798
William Lallemand095ba4c2017-06-01 17:38:50 +02002799 if ((global.mode & (MODE_MWORKER|MODE_DAEMON)) == 0) {
2800
2801 /* chroot if needed */
2802 if (global.chroot != NULL) {
2803 if (chroot(global.chroot) == -1 || chdir("/") == -1) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002804 ha_alert("[%s.main()] Cannot chroot(%s).\n", argv[0], global.chroot);
William Lallemand095ba4c2017-06-01 17:38:50 +02002805 if (nb_oldpids)
2806 tell_old_pids(SIGTTIN);
2807 protocol_unbind_all();
2808 exit(1);
2809 }
Willy Tarreauf223cc02007-10-15 18:57:08 +02002810 }
Willy Tarreauf223cc02007-10-15 18:57:08 +02002811 }
2812
William Lallemand944e6192018-11-21 15:48:31 +01002813 if (nb_oldpids && !(global.mode & MODE_MWORKER_WAIT))
Willy Tarreaubb545b42010-08-25 12:58:59 +02002814 nb_oldpids = tell_old_pids(oldpids_sig);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002815
William Lallemand27edc4b2019-05-07 17:49:33 +02002816 /* send a SIGTERM to workers who have a too high reloads number */
2817 if ((global.mode & MODE_MWORKER) && !(global.mode & MODE_MWORKER_WAIT))
2818 mworker_kill_max_reloads(SIGTERM);
2819
William Lallemand8a361b52017-06-20 11:20:33 +02002820 if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL)) {
2821 nb_oldpids = 0;
Willy Tarreau61cfdf42021-02-20 10:46:51 +01002822 ha_free(&oldpids);
William Lallemand8a361b52017-06-20 11:20:33 +02002823 }
2824
2825
Willy Tarreaubaaee002006-06-26 02:48:02 +02002826 /* Note that any error at this stage will be fatal because we will not
2827 * be able to restart the old pids.
2828 */
2829
William Dauchyf9af9d72019-11-17 15:47:16 +01002830 if ((global.mode & (MODE_MWORKER | MODE_DAEMON)) == 0)
2831 set_identity(argv[0]);
Willy Tarreau636848a2019-04-15 19:38:50 +02002832
Willy Tarreaubaaee002006-06-26 02:48:02 +02002833 /* check ulimits */
2834 limit.rlim_cur = limit.rlim_max = 0;
2835 getrlimit(RLIMIT_NOFILE, &limit);
2836 if (limit.rlim_cur < global.maxsock) {
William Dauchy0fec3ab2019-10-27 20:08:11 +01002837 if (global.tune.options & GTUNE_STRICT_LIMITS) {
2838 ha_alert("[%s.main()] FD limit (%d) too low for maxconn=%d/maxsock=%d. "
2839 "Please raise 'ulimit-n' to %d or more to avoid any trouble.\n",
2840 argv[0], (int)limit.rlim_cur, global.maxconn, global.maxsock,
2841 global.maxsock);
Jerome Magnin50f757c2021-01-12 20:19:38 +01002842 exit(1);
William Dauchy0fec3ab2019-10-27 20:08:11 +01002843 }
2844 else
2845 ha_alert("[%s.main()] FD limit (%d) too low for maxconn=%d/maxsock=%d. "
William Dauchya5194602020-03-28 19:29:58 +01002846 "Please raise 'ulimit-n' to %d or more to avoid any trouble.\n",
William Dauchy0fec3ab2019-10-27 20:08:11 +01002847 argv[0], (int)limit.rlim_cur, global.maxconn, global.maxsock,
2848 global.maxsock);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002849 }
2850
William Lallemand944e6192018-11-21 15:48:31 +01002851 if (global.mode & (MODE_DAEMON | MODE_MWORKER | MODE_MWORKER_WAIT)) {
Willy Tarreau0b9c02c2009-02-04 22:05:05 +01002852 struct proxy *px;
Willy Tarreauf83d3fe2015-05-01 19:13:41 +02002853 struct peers *curpeers;
Willy Tarreaubaaee002006-06-26 02:48:02 +02002854 int ret = 0;
2855 int proc;
William Lallemande1340412017-12-28 16:09:36 +01002856 int devnullfd = -1;
Willy Tarreaubaaee002006-06-26 02:48:02 +02002857
William Lallemand095ba4c2017-06-01 17:38:50 +02002858 /*
2859 * if daemon + mworker: must fork here to let a master
2860 * process live in background before forking children
2861 */
William Lallemand73b85e72017-06-01 17:38:51 +02002862
2863 if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL)
2864 && (global.mode & MODE_MWORKER)
2865 && (global.mode & MODE_DAEMON)) {
William Lallemand095ba4c2017-06-01 17:38:50 +02002866 ret = fork();
2867 if (ret < 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01002868 ha_alert("[%s.main()] Cannot fork.\n", argv[0]);
William Lallemand095ba4c2017-06-01 17:38:50 +02002869 protocol_unbind_all();
2870 exit(1); /* there has been an error */
William Lallemandbfd8eb52018-07-04 15:31:23 +02002871 } else if (ret > 0) { /* parent leave to daemonize */
William Lallemand095ba4c2017-06-01 17:38:50 +02002872 exit(0);
William Lallemandbfd8eb52018-07-04 15:31:23 +02002873 } else /* change the process group ID in the child (master process) */
2874 setsid();
William Lallemand095ba4c2017-06-01 17:38:50 +02002875 }
William Lallemande20b6a62017-06-01 17:38:55 +02002876
William Lallemande20b6a62017-06-01 17:38:55 +02002877
William Lallemanddeed7802017-11-06 11:00:04 +01002878 /* if in master-worker mode, write the PID of the father */
2879 if (global.mode & MODE_MWORKER) {
2880 char pidstr[100];
Willy Tarreau76a80c72019-06-22 07:41:38 +02002881 snprintf(pidstr, sizeof(pidstr), "%d\n", (int)getpid());
Willy Tarreau46ec48b2018-01-23 19:20:19 +01002882 if (pidfd >= 0)
Willy Tarreau2e8ab6b2020-03-14 11:03:20 +01002883 DISGUISE(write(pidfd, pidstr, strlen(pidstr)));
William Lallemanddeed7802017-11-06 11:00:04 +01002884 }
2885
Willy Tarreaubaaee002006-06-26 02:48:02 +02002886 /* the father launches the required number of processes */
William Lallemand944e6192018-11-21 15:48:31 +01002887 if (!(global.mode & MODE_MWORKER_WAIT)) {
William Lallemand9a1ee7a2019-04-01 11:30:02 +02002888 if (global.mode & MODE_MWORKER)
2889 mworker_ext_launch_all();
William Lallemand944e6192018-11-21 15:48:31 +01002890 for (proc = 0; proc < global.nbproc; proc++) {
2891 ret = fork();
2892 if (ret < 0) {
2893 ha_alert("[%s.main()] Cannot fork.\n", argv[0]);
2894 protocol_unbind_all();
2895 exit(1); /* there has been an error */
2896 }
Willy Tarreau52bf8392020-03-08 00:42:37 +01002897 else if (ret == 0) { /* child breaks here */
2898 ha_random_jump96(relative_pid);
William Lallemand944e6192018-11-21 15:48:31 +01002899 break;
Willy Tarreau52bf8392020-03-08 00:42:37 +01002900 }
William Lallemand944e6192018-11-21 15:48:31 +01002901 if (pidfd >= 0 && !(global.mode & MODE_MWORKER)) {
2902 char pidstr[100];
2903 snprintf(pidstr, sizeof(pidstr), "%d\n", ret);
Willy Tarreau2e8ab6b2020-03-14 11:03:20 +01002904 DISGUISE(write(pidfd, pidstr, strlen(pidstr)));
William Lallemand944e6192018-11-21 15:48:31 +01002905 }
2906 if (global.mode & MODE_MWORKER) {
2907 struct mworker_proc *child;
William Lallemandce83b4a2018-10-26 14:47:30 +02002908
William Lallemand220567e2018-11-21 18:04:53 +01002909 ha_notice("New worker #%d (%d) forked\n", relative_pid, ret);
William Lallemand944e6192018-11-21 15:48:31 +01002910 /* find the right mworker_proc */
2911 list_for_each_entry(child, &proc_list, list) {
2912 if (child->relative_pid == relative_pid &&
William Lallemand8f7069a2019-04-12 16:09:23 +02002913 child->reloads == 0 && child->options & PROC_O_TYPE_WORKER) {
William Lallemand944e6192018-11-21 15:48:31 +01002914 child->timestamp = now.tv_sec;
2915 child->pid = ret;
William Lallemand1dc69632019-06-12 19:11:33 +02002916 child->version = strdup(haproxy_version);
William Lallemand944e6192018-11-21 15:48:31 +01002917 break;
2918 }
William Lallemandce83b4a2018-10-26 14:47:30 +02002919 }
2920 }
William Lallemandbc193052018-09-11 10:06:26 +02002921
William Lallemand944e6192018-11-21 15:48:31 +01002922 relative_pid++; /* each child will get a different one */
2923 pid_bit <<= 1;
2924 }
2925 } else {
2926 /* wait mode */
2927 global.nbproc = 1;
2928 proc = 1;
Willy Tarreaubaaee002006-06-26 02:48:02 +02002929 }
Willy Tarreaufc6c0322012-11-16 16:12:27 +01002930
2931#ifdef USE_CPU_AFFINITY
2932 if (proc < global.nbproc && /* child */
Willy Tarreauff9c9142019-02-07 10:39:36 +01002933 proc < MAX_PROCS && /* only the first 32/64 processes may be pinned */
Christopher Fauletcb6a9452017-11-22 16:50:41 +01002934 global.cpu_map.proc[proc]) /* only do this if the process has a CPU map */
Pieter Baauwcaa6a1b2015-09-17 21:26:40 +02002935#ifdef __FreeBSD__
Olivier Houchard97148f62017-08-16 17:29:11 +02002936 {
2937 cpuset_t cpuset;
2938 int i;
Christopher Fauletcb6a9452017-11-22 16:50:41 +01002939 unsigned long cpu_map = global.cpu_map.proc[proc];
Olivier Houchard97148f62017-08-16 17:29:11 +02002940
2941 CPU_ZERO(&cpuset);
2942 while ((i = ffsl(cpu_map)) > 0) {
2943 CPU_SET(i - 1, &cpuset);
Cyril Bontéd400ab32018-03-12 21:47:39 +01002944 cpu_map &= ~(1UL << (i - 1));
Olivier Houchard97148f62017-08-16 17:29:11 +02002945 }
2946 ret = cpuset_setaffinity(CPU_LEVEL_WHICH, CPU_WHICH_PID, -1, sizeof(cpuset), &cpuset);
2947 }
David Carlier2d0493a2020-12-02 21:14:51 +00002948#elif defined(__linux__) || defined(__DragonFly__)
Christopher Fauletcb6a9452017-11-22 16:50:41 +01002949 sched_setaffinity(0, sizeof(unsigned long), (void *)&global.cpu_map.proc[proc]);
Willy Tarreaufc6c0322012-11-16 16:12:27 +01002950#endif
Pieter Baauwcaa6a1b2015-09-17 21:26:40 +02002951#endif
Willy Tarreaubaaee002006-06-26 02:48:02 +02002952 /* close the pidfile both in children and father */
Willy Tarreau269ab312012-09-05 08:02:48 +02002953 if (pidfd >= 0) {
2954 //lseek(pidfd, 0, SEEK_SET); /* debug: emulate eglibc bug */
2955 close(pidfd);
2956 }
Willy Tarreaud137dd32010-08-25 12:49:05 +02002957
2958 /* We won't ever use this anymore */
Willy Tarreau61cfdf42021-02-20 10:46:51 +01002959 ha_free(&global.pidfile);
Willy Tarreaubaaee002006-06-26 02:48:02 +02002960
Willy Tarreauedaff0a2015-05-01 17:01:08 +02002961 if (proc == global.nbproc) {
William Lallemand944e6192018-11-21 15:48:31 +01002962 if (global.mode & (MODE_MWORKER|MODE_MWORKER_WAIT)) {
PiBa-NLbaf6ea42017-11-28 23:26:08 +01002963
2964 if ((!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) &&
2965 (global.mode & MODE_DAEMON)) {
2966 /* detach from the tty, this is required to properly daemonize. */
William Lallemande1340412017-12-28 16:09:36 +01002967 if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL))
2968 stdio_quiet(-1);
2969
PiBa-NLbaf6ea42017-11-28 23:26:08 +01002970 global.mode &= ~MODE_VERBOSE;
2971 global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */
PiBa-NLbaf6ea42017-11-28 23:26:08 +01002972 }
2973
William Lallemandb3f2be32018-09-11 10:06:18 +02002974 mworker_loop();
William Lallemand1499b9b2017-06-07 15:04:47 +02002975 /* should never get there */
2976 exit(EXIT_FAILURE);
Willy Tarreauedaff0a2015-05-01 17:01:08 +02002977 }
William Lallemandcf4e4962017-06-08 19:05:48 +02002978#if defined(USE_OPENSSL) && !defined(OPENSSL_NO_DH)
Grant Zhang872f9c22017-01-21 01:10:18 +00002979 ssl_free_dh();
2980#endif
William Lallemand1499b9b2017-06-07 15:04:47 +02002981 exit(0); /* parent must leave */
Willy Tarreauedaff0a2015-05-01 17:01:08 +02002982 }
2983
William Lallemandcb11fd22017-06-01 17:38:52 +02002984 /* child must never use the atexit function */
2985 atexit_flag = 0;
2986
William Lallemandbc193052018-09-11 10:06:26 +02002987 /* close useless master sockets */
2988 if (global.mode & MODE_MWORKER) {
2989 struct mworker_proc *child, *it;
2990 master = 0;
2991
William Lallemand309dc9a2018-10-26 14:47:45 +02002992 mworker_cli_proxy_stop();
2993
William Lallemandbc193052018-09-11 10:06:26 +02002994 /* free proc struct of other processes */
2995 list_for_each_entry_safe(child, it, &proc_list, list) {
William Lallemandce83b4a2018-10-26 14:47:30 +02002996 /* close the FD of the master side for all
2997 * workers, we don't need to close the worker
2998 * side of other workers since it's done with
2999 * the bind_proc */
Tim Duesterhus742e0f92018-11-25 20:03:39 +01003000 if (child->ipc_fd[0] >= 0)
3001 close(child->ipc_fd[0]);
William Lallemandce83b4a2018-10-26 14:47:30 +02003002 if (child->relative_pid == relative_pid &&
3003 child->reloads == 0) {
3004 /* keep this struct if this is our pid */
3005 proc_self = child;
William Lallemandbc193052018-09-11 10:06:26 +02003006 continue;
William Lallemandce83b4a2018-10-26 14:47:30 +02003007 }
Willy Tarreau2b718102021-04-21 07:32:39 +02003008 LIST_DELETE(&child->list);
Tim Duesterhus9b7a9762019-05-16 20:23:22 +02003009 mworker_free_child(child);
3010 child = NULL;
William Lallemandbc193052018-09-11 10:06:26 +02003011 }
3012 }
Willy Tarreau1605c7a2018-01-23 19:01:49 +01003013
William Lallemande1340412017-12-28 16:09:36 +01003014 if (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) {
3015 devnullfd = open("/dev/null", O_RDWR, 0);
3016 if (devnullfd < 0) {
3017 ha_alert("Cannot open /dev/null\n");
3018 exit(EXIT_FAILURE);
3019 }
3020 }
3021
William Lallemand095ba4c2017-06-01 17:38:50 +02003022 /* Must chroot and setgid/setuid in the children */
3023 /* chroot if needed */
3024 if (global.chroot != NULL) {
3025 if (chroot(global.chroot) == -1 || chdir("/") == -1) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01003026 ha_alert("[%s.main()] Cannot chroot1(%s).\n", argv[0], global.chroot);
William Lallemand095ba4c2017-06-01 17:38:50 +02003027 if (nb_oldpids)
3028 tell_old_pids(SIGTTIN);
3029 protocol_unbind_all();
3030 exit(1);
3031 }
3032 }
3033
Willy Tarreau61cfdf42021-02-20 10:46:51 +01003034 ha_free(&global.chroot);
William Dauchyf9af9d72019-11-17 15:47:16 +01003035 set_identity(argv[0]);
William Lallemand095ba4c2017-06-01 17:38:50 +02003036
William Lallemand7f80eb22017-05-26 18:19:55 +02003037 /* pass through every cli socket, and check if it's bound to
3038 * the current process and if it exposes listeners sockets.
3039 * Caution: the GTUNE_SOCKET_TRANSFER is now set after the fork.
3040 * */
3041
Willy Tarreau4975d142021-03-13 11:00:33 +01003042 if (global.cli_fe) {
William Lallemand7f80eb22017-05-26 18:19:55 +02003043 struct bind_conf *bind_conf;
3044
Willy Tarreau4975d142021-03-13 11:00:33 +01003045 list_for_each_entry(bind_conf, &global.cli_fe->conf.bind, by_fe) {
William Lallemand7f80eb22017-05-26 18:19:55 +02003046 if (bind_conf->level & ACCESS_FD_LISTENERS) {
Willy Tarreaue26993c2020-09-03 07:18:55 +02003047 if (!bind_conf->settings.bind_proc || bind_conf->settings.bind_proc & (1UL << proc)) {
William Lallemand7f80eb22017-05-26 18:19:55 +02003048 global.tune.options |= GTUNE_SOCKET_TRANSFER;
3049 break;
3050 }
3051 }
3052 }
3053 }
3054
Willy Tarreau0b9c02c2009-02-04 22:05:05 +01003055 /* we might have to unbind some proxies from some processes */
Olivier Houchardfbc74e82017-11-24 16:54:05 +01003056 px = proxies_list;
Willy Tarreau0b9c02c2009-02-04 22:05:05 +01003057 while (px != NULL) {
Willy Tarreauc3914d42020-09-24 08:39:22 +02003058 if (px->bind_proc && !px->disabled) {
Willy Tarreau337c8352020-09-24 10:51:29 +02003059 if (!(px->bind_proc & (1UL << proc)))
3060 stop_proxy(px);
Willy Tarreau0b9c02c2009-02-04 22:05:05 +01003061 }
3062 px = px->next;
3063 }
3064
Emeric Brunc47ba592020-10-07 10:13:10 +02003065 /* we might have to unbind some log forward proxies from some processes */
3066 px = cfg_log_forward;
3067 while (px != NULL) {
Willy Tarreauc3914d42020-09-24 08:39:22 +02003068 if (px->bind_proc && !px->disabled) {
Willy Tarreau337c8352020-09-24 10:51:29 +02003069 if (!(px->bind_proc & (1UL << proc)))
3070 stop_proxy(px);
Emeric Brunc47ba592020-10-07 10:13:10 +02003071 }
3072 px = px->next;
3073 }
3074
Willy Tarreauf83d3fe2015-05-01 19:13:41 +02003075 /* we might have to unbind some peers sections from some processes */
Frédéric Lécailleed2b4a62017-07-13 09:07:09 +02003076 for (curpeers = cfg_peers; curpeers; curpeers = curpeers->next) {
Willy Tarreauf83d3fe2015-05-01 19:13:41 +02003077 if (!curpeers->peers_fe)
3078 continue;
3079
3080 if (curpeers->peers_fe->bind_proc & (1UL << proc))
3081 continue;
3082
3083 stop_proxy(curpeers->peers_fe);
3084 /* disable this peer section so that it kills itself */
Willy Tarreau47c8c022015-09-28 16:39:25 +02003085 signal_unregister_handler(curpeers->sighandler);
Olivier Houchard3f795f72019-04-17 22:51:06 +02003086 task_destroy(curpeers->sync_task);
Willy Tarreau47c8c022015-09-28 16:39:25 +02003087 curpeers->sync_task = NULL;
Olivier Houchard3f795f72019-04-17 22:51:06 +02003088 task_destroy(curpeers->peers_fe->task);
Willy Tarreau47c8c022015-09-28 16:39:25 +02003089 curpeers->peers_fe->task = NULL;
Willy Tarreauf83d3fe2015-05-01 19:13:41 +02003090 curpeers->peers_fe = NULL;
3091 }
3092
William Lallemand2e8fad92018-11-13 16:18:23 +01003093 /*
3094 * This is only done in daemon mode because we might want the
3095 * logs on stdout in mworker mode. If we're NOT in QUIET mode,
3096 * we should now close the 3 first FDs to ensure that we can
3097 * detach from the TTY. We MUST NOT do it in other cases since
3098 * it would have already be done, and 0-2 would have been
3099 * affected to listening sockets
Willy Tarreaubaaee002006-06-26 02:48:02 +02003100 */
William Lallemand2e8fad92018-11-13 16:18:23 +01003101 if ((global.mode & MODE_DAEMON) &&
3102 (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE))) {
Willy Tarreaubaaee002006-06-26 02:48:02 +02003103 /* detach from the tty */
William Lallemande1340412017-12-28 16:09:36 +01003104 stdio_quiet(devnullfd);
Willy Tarreau106cb762008-11-16 07:40:34 +01003105 global.mode &= ~MODE_VERBOSE;
Willy Tarreaubaaee002006-06-26 02:48:02 +02003106 global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */
3107 }
3108 pid = getpid(); /* update child's pid */
William Lallemandbfd8eb52018-07-04 15:31:23 +02003109 if (!(global.mode & MODE_MWORKER)) /* in mworker mode we don't want a new pgid for the children */
3110 setsid();
Willy Tarreau2ff76222007-04-09 19:29:56 +02003111 fork_poller();
Willy Tarreaubaaee002006-06-26 02:48:02 +02003112 }
3113
William Dauchye039f262019-11-17 15:47:15 +01003114 /* try our best to re-enable core dumps depending on system capabilities.
3115 * What is addressed here :
3116 * - remove file size limits
3117 * - remove core size limits
3118 * - mark the process dumpable again if it lost it due to user/group
3119 */
3120 if (global.tune.options & GTUNE_SET_DUMPABLE) {
3121 limit.rlim_cur = limit.rlim_max = RLIM_INFINITY;
3122
3123#if defined(RLIMIT_FSIZE)
3124 if (setrlimit(RLIMIT_FSIZE, &limit) == -1) {
3125 if (global.tune.options & GTUNE_STRICT_LIMITS) {
3126 ha_alert("[%s.main()] Failed to set the raise the maximum "
3127 "file size.\n", argv[0]);
Jerome Magnin50f757c2021-01-12 20:19:38 +01003128 exit(1);
William Dauchye039f262019-11-17 15:47:15 +01003129 }
3130 else
3131 ha_warning("[%s.main()] Failed to set the raise the maximum "
William Dauchya5194602020-03-28 19:29:58 +01003132 "file size.\n", argv[0]);
William Dauchye039f262019-11-17 15:47:15 +01003133 }
3134#endif
3135
3136#if defined(RLIMIT_CORE)
3137 if (setrlimit(RLIMIT_CORE, &limit) == -1) {
3138 if (global.tune.options & GTUNE_STRICT_LIMITS) {
3139 ha_alert("[%s.main()] Failed to set the raise the core "
3140 "dump size.\n", argv[0]);
Jerome Magnin50f757c2021-01-12 20:19:38 +01003141 exit(1);
William Dauchye039f262019-11-17 15:47:15 +01003142 }
3143 else
3144 ha_warning("[%s.main()] Failed to set the raise the core "
William Dauchya5194602020-03-28 19:29:58 +01003145 "dump size.\n", argv[0]);
William Dauchye039f262019-11-17 15:47:15 +01003146 }
3147#endif
3148
3149#if defined(USE_PRCTL)
3150 if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1)
3151 ha_warning("[%s.main()] Failed to set the dumpable flag, "
3152 "no core will be dumped.\n", argv[0]);
3153#endif
3154 }
3155
Christopher Faulete3a5e352017-10-24 13:53:54 +02003156 global.mode &= ~MODE_STARTING;
Willy Tarreau4f60f162007-04-08 16:39:58 +02003157 /*
3158 * That's it : the central polling loop. Run until we stop.
3159 */
Christopher Faulet1d17c102017-08-29 15:38:48 +02003160#ifdef USE_THREAD
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003161 {
William Lallemand1aab50b2018-06-07 09:46:01 +02003162 sigset_t blocked_sig, old_sig;
Willy Tarreauc40efc12019-05-03 09:22:44 +02003163 int i;
3164
William Lallemand1aab50b2018-06-07 09:46:01 +02003165 /* ensure the signals will be blocked in every thread */
3166 sigfillset(&blocked_sig);
3167 sigdelset(&blocked_sig, SIGPROF);
3168 sigdelset(&blocked_sig, SIGBUS);
3169 sigdelset(&blocked_sig, SIGFPE);
3170 sigdelset(&blocked_sig, SIGILL);
3171 sigdelset(&blocked_sig, SIGSEGV);
3172 pthread_sigmask(SIG_SETMASK, &blocked_sig, &old_sig);
3173
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003174 /* Create nbthread-1 thread. The first thread is the current process */
David Carliera92c5ce2019-09-13 05:03:12 +01003175 ha_thread_info[0].pthread = pthread_self();
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003176 for (i = 1; i < global.nbthread; i++)
David Carliera92c5ce2019-09-13 05:03:12 +01003177 pthread_create(&ha_thread_info[i].pthread, NULL, &run_thread_poll_loop, (void *)(long)i);
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003178
Christopher Faulet62519022017-10-16 15:49:32 +02003179#ifdef USE_CPU_AFFINITY
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003180 /* Now the CPU affinity for all threads */
Willy Tarreau7764a572019-07-16 15:10:34 +02003181 if (global.cpu_map.proc_t1[relative_pid-1])
3182 global.cpu_map.thread[0] &= global.cpu_map.proc_t1[relative_pid-1];
3183
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003184 for (i = 0; i < global.nbthread; i++) {
Christopher Fauletcb6a9452017-11-22 16:50:41 +01003185 if (global.cpu_map.proc[relative_pid-1])
Willy Tarreau81492c92019-05-03 09:41:23 +02003186 global.cpu_map.thread[i] &= global.cpu_map.proc[relative_pid-1];
Christopher Faulet62519022017-10-16 15:49:32 +02003187
Willy Tarreau421f02e2018-01-20 18:19:22 +01003188 if (i < MAX_THREADS && /* only the first 32/64 threads may be pinned */
Willy Tarreau81492c92019-05-03 09:41:23 +02003189 global.cpu_map.thread[i]) {/* only do this if the thread has a THREAD map */
David Carlier5e4c8e22019-09-13 05:12:58 +01003190#if defined(__APPLE__)
3191 int j;
3192 unsigned long cpu_map = global.cpu_map.thread[i];
3193
3194 while ((j = ffsl(cpu_map)) > 0) {
3195 thread_affinity_policy_data_t cpu_set = { j - 1 };
3196 thread_port_t mthread = pthread_mach_thread_np(ha_thread_info[i].pthread);
3197 thread_policy_set(mthread, THREAD_AFFINITY_POLICY, (thread_policy_t)&cpu_set, 1);
3198 cpu_map &= ~(1UL << (j - 1));
3199 }
3200#else
Olivier Houchard829aa242017-12-01 18:19:43 +01003201#if defined(__FreeBSD__) || defined(__NetBSD__)
3202 cpuset_t cpuset;
3203#else
3204 cpu_set_t cpuset;
3205#endif
3206 int j;
Willy Tarreau81492c92019-05-03 09:41:23 +02003207 unsigned long cpu_map = global.cpu_map.thread[i];
Olivier Houchard829aa242017-12-01 18:19:43 +01003208
3209 CPU_ZERO(&cpuset);
3210
3211 while ((j = ffsl(cpu_map)) > 0) {
3212 CPU_SET(j - 1, &cpuset);
Cyril Bontéd400ab32018-03-12 21:47:39 +01003213 cpu_map &= ~(1UL << (j - 1));
Olivier Houchard829aa242017-12-01 18:19:43 +01003214 }
David Carliera92c5ce2019-09-13 05:03:12 +01003215 pthread_setaffinity_np(ha_thread_info[i].pthread,
Olivier Houchard829aa242017-12-01 18:19:43 +01003216 sizeof(cpuset), &cpuset);
David Carlier5e4c8e22019-09-13 05:12:58 +01003217#endif
Olivier Houchard829aa242017-12-01 18:19:43 +01003218 }
Christopher Faulet1d17c102017-08-29 15:38:48 +02003219 }
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003220#endif /* !USE_CPU_AFFINITY */
3221
William Lallemand1aab50b2018-06-07 09:46:01 +02003222 /* when multithreading we need to let only the thread 0 handle the signals */
William Lallemandd3801c12018-09-11 10:06:23 +02003223 haproxy_unblock_signals();
William Lallemand1aab50b2018-06-07 09:46:01 +02003224
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003225 /* Finally, start the poll loop for the first thread */
Willy Tarreaub4f7cc32019-05-03 09:27:30 +02003226 run_thread_poll_loop(0);
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003227
3228 /* Wait the end of other threads */
3229 for (i = 1; i < global.nbthread; i++)
David Carliera92c5ce2019-09-13 05:03:12 +01003230 pthread_join(ha_thread_info[i].pthread, NULL);
Christopher Faulet1d17c102017-08-29 15:38:48 +02003231
Christopher Fauletb79a94c2017-05-30 15:34:30 +02003232#if defined(DEBUG_THREAD) || defined(DEBUG_FULL)
3233 show_lock_stats();
3234#endif
Christopher Faulet1d17c102017-08-29 15:38:48 +02003235 }
Christopher Fauletcd7879a2017-10-27 13:53:47 +02003236#else /* ! USE_THREAD */
William Lallemandd3801c12018-09-11 10:06:23 +02003237 haproxy_unblock_signals();
Willy Tarreaub4f7cc32019-05-03 09:27:30 +02003238 run_thread_poll_loop(0);
Christopher Faulet62519022017-10-16 15:49:32 +02003239#endif
Christopher Faulet1d17c102017-08-29 15:38:48 +02003240
Tim Duesterhus0a3b43d2020-06-14 00:37:42 +02003241 deinit_and_exit(0);
Willy Tarreaubaaee002006-06-26 02:48:02 +02003242}
3243
Willy Tarreaubaaee002006-06-26 02:48:02 +02003244/*
3245 * Local variables:
3246 * c-indent-level: 8
3247 * c-basic-offset: 8
3248 * End:
3249 */