From b40542000dcd29057f734baf89226637c0a1ca6f Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Tue, 12 Oct 2021 18:57:43 +0200 Subject: [PATCH] MEDIUM: proxy: Warn about ambiguous use of named defaults sections It is now possible to designate the defaults section to use by adding a name of the corresponding defaults section and referencing it in the desired proxy section. However, this introduces an ambiguity. This named defaults section may still be implicitly used by other proxies if it is the last one defined. In this case for instance: default common ... default frt from common ... default bck from common ... frontend fe from frt ... backend be from bck ... listen stats ... Here, it is not really obvious the last section will use the 'bck' defaults section. And it is probably not the expected behaviour. To help users to properly configure their haproxy, a warning is now emitted if a defaults section is explicitly AND implicitly used. The configuration manual was updated accordingly. Because this patch adds a warning, it should probably not be backported to 2.4. However, if is is backported, it depends on commit "MINOR: proxy: Introduce proxy flags to replace disabled bitfield". --- doc/configuration.txt | 6 +++++- include/haproxy/proxy-t.h | 2 ++ src/cfgparse-listen.c | 10 ++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 5884507b51..01cf3192d1 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -3509,7 +3509,11 @@ any other section, its name must comply with the syntax imposed on all proxy names, and this name must be unique among the defaults sections. Please note that regardless of what is currently permitted, it is recommended to avoid duplicate section names in general and to respect the same syntax as for proxy -names. This rule might be enforced in a future version. +names. This rule might be enforced in a future version. In addition, a warning +is emitted if a defaults section is explicitly used by a proxy while it is also +implicitly used by another one because it is the last one defined. It is highly +encouraged to not mix both usages by always using explicit references or by +adding a last common defaults section reserved for all implicit uses. Note that it is even possible for a defaults section to take its initial settings from another one, and as such, inherit settings across multiple levels diff --git a/include/haproxy/proxy-t.h b/include/haproxy/proxy-t.h index c38c339c8c..b2285bbebd 100644 --- a/include/haproxy/proxy-t.h +++ b/include/haproxy/proxy-t.h @@ -203,6 +203,8 @@ enum PR_SRV_STATE_FILE { /* Proxy flags */ #define PR_FL_DISABLED 0x01 /* The proxy was disabled in the configuration (not at runtime) */ #define PR_FL_STOPPED 0x02 /* The proxy was stopped */ +#define PR_FL_EXPLICIT_REF 0x08 /* The default proxy is explicitly referenced by another proxy */ +#define PR_FL_IMPLICIT_REF 0x10 /* The default proxy is implicitly referenced by another proxy */ struct stream; diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c index f6589d18b8..cd3f92b621 100644 --- a/src/cfgparse-listen.c +++ b/src/cfgparse-listen.c @@ -316,6 +316,16 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) file, linenum, *err, args[arg+1], curr_defproxy->conf.file, curr_defproxy->conf.line); err_code |= ERR_ALERT | ERR_FATAL; } + curr_defproxy->flags |= PR_FL_EXPLICIT_REF; + } + else if (curr_defproxy) + curr_defproxy->flags |= PR_FL_IMPLICIT_REF; + + if (curr_defproxy && (curr_defproxy->flags & (PR_FL_EXPLICIT_REF|PR_FL_IMPLICIT_REF)) == (PR_FL_EXPLICIT_REF|PR_FL_IMPLICIT_REF)) { + ha_alert("parsing [%s:%d] : defaults section '%s' (declared at %s:%d) is explicitly referenced by another proxy and implicitly used here." + " To avoid any ambiguity don't mix both usage. Add a last defaults section not explicitly used or always use explicit references.\n", + file, linenum, curr_defproxy->id, curr_defproxy->conf.file, curr_defproxy->conf.line); + err_code |= ERR_WARN; } curproxy = parse_new_proxy(name, rc, file, linenum, curr_defproxy); -- 2.39.5