MINOR: server: define reverse-connect server

Implement reverse-connect server. This server type cannot instantiate
its own connection on transfer. Instead, it can only reuse connection
from its idle pool. These connections will be populated using the future
'tcp-request session attach-srv' rule.

A reverse-connect has no address. Instead, it uses a new custom server
notation with '@' character prefix. For the moment, only '@reverse' is
defined. An extra check is implemented to ensure server is used in a
HTTP proxy.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index b7f6f653736637681400fb56e7e86a18d9f03f31..5ebd2a5b271903ce3d3b5d7615c8bec2452a15f2 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -11437,6 +11437,13 @@ server <name> <address>[:[port]] [param*]
               variables. The "init-addr" setting can be used to modify the way
               IP addresses should be resolved upon startup.
 
+              Additionally, there is a special address notation defined for
+              servers which does not have any address assigned. Currently, only
+              '@reverse' is valid. This instantiates a server which can only be
+              used with reverse connect. This mode requires the proxy to be in
+              HTTP mode and the server to explicitly use HTTP/2, either through
+              'proto' or 'alpn' keywords.
+
     <port>    is an optional port specification. If set, all connections will
               be sent to this port. If unset, the same port the client
               connected to will be used. The port may also be prefixed by a "+"

diff --git a/include/haproxy/server-t.h b/include/haproxy/server-t.h
index f22d1fa49e24dc17c29e636193f14ae21ae954e6..0fdfd6abe004388016dd01c073e0fc9719c3c289 100644 (file)
--- a/include/haproxy/server-t.h
+++ b/include/haproxy/server-t.h
@@ -141,6 +141,7 @@ enum srv_initaddr {
 #define SRV_F_NON_STICK    0x0004        /* never add connections allocated to this server to a stick table */
 #define SRV_F_USE_NS_FROM_PP 0x0008      /* use namespace associated with connection if present */
 #define SRV_F_FORCED_ID    0x0010        /* server's ID was forced in the configuration */
+#define SRV_F_REVERSE      0x0020        /* reverse connect server which requires idle connection for transfers */
 #define SRV_F_AGENTPORT    0x0040        /* this server has a agent port configured */
 #define SRV_F_AGENTADDR    0x0080        /* this server has a agent addr configured */
 #define SRV_F_COOKIESET    0x0100        /* this server has a cookie configured, so don't generate dynamic cookies */

diff --git a/src/cfgparse.c b/src/cfgparse.c
index e81acda5d409d0060b8004502195a2a9ea4f2d0e..28e04b50f1e3d46de793a8adcd807b67025237c7 100644 (file)
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -4015,6 +4015,14 @@ out_uri_auth_compat:
                        if ((curproxy->mode != PR_MODE_HTTP) && (curproxy->options & PR_O_REUSE_MASK) != PR_O_REUSE_NEVR)
                                curproxy->options &= ~PR_O_REUSE_MASK;
 
+                       if ((curproxy->mode != PR_MODE_HTTP) && newsrv->flags & SRV_F_REVERSE) {
+                               ha_alert("%s '%s' : server %s uses reverse addressing which can only be used with HTTP mode.\n",
+                                          proxy_type_str(curproxy), curproxy->id, newsrv->id);
+                               cfgerr++;
+                               err_code |= ERR_FATAL | ERR_ALERT;
+                               goto out;
+                       }
+
                        newsrv = newsrv->next;
                }
 

diff --git a/src/server.c b/src/server.c
index 1118a2d4afad54f21ed952ea577614d081c91d04..0f5d9d09222823829b7be86790317ffad7cdad64 100644 (file)
--- a/src/server.c
+++ b/src/server.c
@@ -2765,6 +2765,22 @@ static int _srv_parse_init(struct server **srv, char **args, int *cur_arg,
                else
                        newsrv->tmpl_info.prefix = strdup(args[1]);
 
+               /* special address specifier */
+               if (args[*cur_arg][0] == '@') {
+                       if (strcmp(args[*cur_arg], "@reverse") == 0) {
+                               newsrv->flags |= SRV_F_REVERSE;
+                       }
+                       else {
+                               ha_alert("unknown server address specifier '%s'\n",
+                                        args[*cur_arg]);
+                               err_code |= ERR_ALERT | ERR_FATAL;
+                               goto out;
+                       }
+
+                       (*cur_arg)++;
+                       parse_flags &= ~SRV_PARSE_PARSE_ADDR;
+               }
+
                /* several ways to check the port component :
                 *  - IP    => port=+0, relative (IPv4 only)
                 *  - IP:   => port=+0, relative