Welcome! Log In Create A New Profile

Advanced

[PATCH][MINOR] Implement resovle-opts with 2 new options

Posted by Baptiste 
Hi all,

This patch adds a new keyword "resolve-opts" which can take a list of comma
separated options.
2 options have been implemented for now:
* prevent-dup-ip: (default and historical way of working for HAProxy)
ensure this server will be the single one configured to an IP address, when
sharing the same fqdn than other servers in the same backend
* allow-dup-ip: allow multiple servers (they must all have this option
enabled) sharing the same fqdn to get an IP which is already used by an
other

The resolve-opts is compatible with server, default-server and
server-template. The latest configured value will win.
IE:
backend foobar
default-server resolve-opts allow-dup-ip
server s1 www.domain.tld
server s2 www.domain.tld
server s3 www.domain.tld resolve-opts prevent-dup-ip

==> only s1 and s2 could share the same IP in common.

Note that if the DNS server returns 2 records, there is no guarantee that
IPA will be affected to s1 and s2 and IPB to s3.
That's because, for now, the resolution is "atomic" and linked to the
server itself and that because the algorithm still search a different IP
before allowing a failover to an already used one (if allowed to).

The first 3 patches are clean up and the code is in the 4th one.

Note that I may move the other resolve-* keywords into the resolve-opts
(older keywords will still be valid for backward compatibility).

Baptiste
On Thu, Jul 12, 2018 at 05:10:49PM +0200, Baptiste wrote:
> Hi all,
>
> This patch adds a new keyword "resolve-opts" which can take a list of comma
> separated options.
(...)

applied, thank you Baptiste.

Willy
Hi Willy,

Could you please also backport those patches to 1.8?
Actually, 1.8 broke a haproxy's default behavior (when multiple servers
shares the same hostname) and that this patch helps fixing.

here is the commit: 8e2d9430c0562ed74276d7f58e92706c384c0a36
Note the other patches have not been backported, and should have been:
84221b4e9010810cf93b7ad7a31d825fa9fc26bf
741e00a820ca23d3371a10587f5014c58ac14536
e56fffd896fc29f886d5c55dc0930dc7e454b3c8

Cheers




On Thu, Jul 12, 2018 at 5:57 PM, Willy Tarreau <[email protected]> wrote:

> On Thu, Jul 12, 2018 at 05:10:49PM +0200, Baptiste wrote:
> > Hi all,
> >
> > This patch adds a new keyword "resolve-opts" which can take a list of
> comma
> > separated options.
> (...)
>
> applied, thank you Baptiste.
>
> Willy
>
Willy Tarreau
Re: [PATCH][MINOR] Implement resovle-opts with 2 new options
August 08, 2018 11:20PM
Hi Baptiste,

On Wed, Aug 08, 2018 at 08:14:31PM +0200, Baptiste wrote:
> Hi Willy,
>
> Could you please also backport those patches to 1.8?
> Actually, 1.8 broke a haproxy's default behavior (when multiple servers
> shares the same hostname) and that this patch helps fixing.
>
> here is the commit: 8e2d9430c0562ed74276d7f58e92706c384c0a36

As you know usually we don't backport features (been burnt too much in
1.5), but here if it fixes a regression, I guess it's a bit different.
I've had a new look at the code and it looks safe.

However could you please explain a bit more what exactly changed and
how this broke, so that we can add the explanation in the backport
commit message ? It's important because if anyone later faces an issue,
we'll have to decide if we need to keep it or to revert, and in this
case to know what it's supposed to fix.

> Note the other patches have not been backported, and should have been:
> 84221b4e9010810cf93b7ad7a31d825fa9fc26bf
> 741e00a820ca23d3371a10587f5014c58ac14536
> e56fffd896fc29f886d5c55dc0930dc7e454b3c8

Thanks for the pointers. None of them was marked BUG, and no other one
was marked as depending on them, that's why they were not spotted during
the maintenance review cycle.

Just checked, the last two are only cleanups, adjustments for comments
or the removal of an unused macro, so they are not needed there at all.
The first one was just backported however.

Thanks!
Willy
On Wed, Aug 8, 2018 at 11:09 PM, Willy Tarreau <[email protected]> wrote:

> Hi Baptiste,
>
> On Wed, Aug 08, 2018 at 08:14:31PM +0200, Baptiste wrote:
> > Hi Willy,
> >
> > Could you please also backport those patches to 1.8?
> > Actually, 1.8 broke a haproxy's default behavior (when multiple servers
> > shares the same hostname) and that this patch helps fixing.
> >
> > here is the commit: 8e2d9430c0562ed74276d7f58e92706c384c0a36
>
> As you know usually we don't backport features (been burnt too much in
> 1.5), but here if it fixes a regression, I guess it's a bit different.
> I've had a new look at the code and it looks safe.
>
> However could you please explain a bit more what exactly changed and
> how this broke, so that we can add the explanation in the backport
> commit message ? It's important because if anyone later faces an issue,
> we'll have to decide if we need to keep it or to revert, and in this
> case to know what it's supposed to fix.
>
>
Until HAProxy 1.7, the DNS resolver was able to allocate the same IP
address to all (or a portion of) servers sharing the same hostname and
being in the same backend.
This behavior annoyed the people who wants to scale based on DNS response,
hence we introduced prevention of duplication of IP addresses for servers
sharing the same hostname and being in the same backend. So we fixed it in
1.8 with no possibility no "disable" this behavior.
There are still some use cases where people may want to use the same IP
address for multiple servers (they are running several instances of the
same application on a server but on different ports, they use the same dev
server several times in the backend, etc...).

So this patch doesn't change default behavior introduced in 1.8 while
allowing to change it when required.

Baptiste
Willy Tarreau
Re: [PATCH][MINOR] Implement resovle-opts with 2 new options
August 09, 2018 06:10AM
On Wed, Aug 08, 2018 at 11:42:48PM +0200, Baptiste wrote:
> Until HAProxy 1.7, the DNS resolver was able to allocate the same IP
> address to all (or a portion of) servers sharing the same hostname and
> being in the same backend.
> This behavior annoyed the people who wants to scale based on DNS response,
> hence we introduced prevention of duplication of IP addresses for servers
> sharing the same hostname and being in the same backend. So we fixed it in
> 1.8 with no possibility no "disable" this behavior.
> There are still some use cases where people may want to use the same IP
> address for multiple servers (they are running several instances of the
> same application on a server but on different ports, they use the same dev
> server several times in the backend, etc...).
>
> So this patch doesn't change default behavior introduced in 1.8 while
> allowing to change it when required.

Many thanks, now backported with a summary of this explanation.

Willy
Sorry, only registered users may post in this forum.

Click here to login