From c8cac04bd516a5af6fb5a6e967059a90f03c2a99 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Tue, 21 Sep 2021 14:31:29 +0200 Subject: [PATCH] MEDIUM: listener: deprecate "process" in favor of "thread" on bind lines The "process" directive on "bind" lines becomes quite confusing considering that the only allowed value is 1 for the process, and that threads are optional and come after the mandatory "1/". Let's introduce a new "thread" directive to directly configure thread numbers, and mark "process" as deprecated. Now "process" will emit a warning and will suggest how to be replaced with "thread" instead. The doc was updated accordingly (mostly a copy-paste of the previous description which was already up to date). This is marked as MEDIUM as it will impact users having "zero-warning" and "process" specified. --- doc/configuration.txt | 21 ++++++++++++++++++++- src/listener.c | 31 ++++++++++++++++++++++++++++++- 2 files changed, 50 insertions(+), 2 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 903225fe97..0242edf39e 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -14011,13 +14011,16 @@ process [/] all | odd | even | number[-[number]] - Ranges can be partially defined. The higher bound can be omitted. In such + Ranges can be partially defined. The higher bound can be omitted. In such a case, it is replaced by the corresponding maximum value. The main purpose is to have multiple bind lines sharing the same IP:port but not the same thread in a listener, so that the system can distribute the incoming connections into multiple queues, bypassing haproxy's internal queue load balancing. Currently Linux 3.9 and above is known for supporting this. + This directive is deprecated in favor of the more suited "thread" directive + below, and will be removed in 2.7. + proto Forces the multiplexer's protocol to use for the incoming connections. It must be compatible with the mode of the frontend (TCP or HTTP). It must also @@ -14095,6 +14098,22 @@ tfo need to build HAProxy with USE_TFO=1 if your libc doesn't define TCP_FASTOPEN. +thread + This restricts the list of threads on which this listener is allowed to run. + It does not enforce any of them but eliminates those which do not match. It + limits the threads allowed to process incoming connections for this listener. + For the unlikely case where several ranges are needed, this directive may be + repeated. must use the format: + + all | odd | even | number[-[number]] + + Ranges can be partially defined. The higher bound can be omitted. In such a + case, it is replaced by the corresponding maximum value. The main purpose is + to have multiple bind lines sharing the same IP:port but not the same thread + in a listener, so that the system can distribute the incoming connections + into multiple queues, bypassing haproxy's internal queue load balancing. + Currently Linux 3.9 and above is known for supporting this. + tls-ticket-keys Sets the TLS ticket keys file to load the keys from. The keys need to be 48 or 80 bytes long, depending if aes128 or aes256 is used, encoded with base64 diff --git a/src/listener.c b/src/listener.c index d0d334e8f5..9f408a622e 100644 --- a/src/listener.c +++ b/src/listener.c @@ -1504,7 +1504,11 @@ static int bind_parse_process(char **args, int cur_arg, struct proxy *px, struct } conf->settings.bind_thread |= thread; - return 0; + + memprintf(err, "'process %s' on 'bind' lines is deprecated and will be removed in 2.7.", args[cur_arg+1]); + if (slash) + memprintf(err, "%s Please use 'thread %s' instead.", *err, slash + 1); + return ERR_WARN; } /* parse the "proto" bind keyword */ @@ -1526,6 +1530,30 @@ static int bind_parse_proto(char **args, int cur_arg, struct proxy *px, struct b return 0; } +/* parse the "thread" bind keyword */ +static int bind_parse_thread(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err) +{ + char *slash; + unsigned long thread = 0; + + if ((slash = strchr(args[cur_arg + 1], '/')) != NULL) + *slash = 0; + + if (slash) { + *slash = '/'; + memprintf(err, "'%s': thread groups not supported", args[cur_arg+1]); + return ERR_ALERT | ERR_FATAL; + } + + if (parse_process_number(args[cur_arg+1], &thread, MAX_THREADS, NULL, err)) { + memprintf(err, "'%s' : %s", args[cur_arg+1], *err); + return ERR_ALERT | ERR_FATAL; + } + + conf->settings.bind_thread |= thread; + return 0; +} + /* config parser for global "tune.listener.multi-queue", accepts "on" or "off" */ static int cfg_parse_tune_listener_mq(char **args, int section_type, struct proxy *curpx, const struct proxy *defpx, const char *file, int line, @@ -1583,6 +1611,7 @@ static struct bind_kw_list bind_kws = { "ALL", { }, { { "nice", bind_parse_nice, 1 }, /* set nice of listening socket */ { "process", bind_parse_process, 1 }, /* set list of allowed process for this socket */ { "proto", bind_parse_proto, 1 }, /* set the proto to use for all incoming connections */ + { "thread", bind_parse_thread, 1 }, /* set list of allowed threads for this socket */ { /* END */ }, }}; -- 2.39.5