How Lua runs in HAProxy¶
HAProxy Lua running contexts¶
The Lua code executed in HAProxy can be processed in 2 main modes. The first one is the initialisation mode, and the second is the runtime mode.
In the initialisation mode, we can perform DNS solves, but we cannot perform socket I/O. In this initialisation mode, HAProxy still blocked during the execution of the Lua program.
In the runtime mode, we cannot perform DNS solves, but we can use sockets. The execution of the Lua code is multiplexed with the requests processing, so the Lua code seems to be run in blocking, but it is not the case.
The Lua code is loaded in one or more files. These files contains main code and functions. Lua have 7 execution context.
The Lua file body context. It is executed during the load of the Lua file in the HAProxy [global] section with the directive lua-load. It is executed in initialisation mode. This section is use for configuring Lua bindings in HAProxy.
The Lua init context. It is a Lua function executed just after the HAProxy configuration parsing. The execution is in initialisation mode. In this context the HAProxy environment are already initialized. It is useful to check configuration, or initializing socket connections or tasks. These functions are declared in the body context with the Lua function core.register_init(). The prototype of the function is a simple function without return value and without parameters, like this: function fcn().
The Lua task context. It is a Lua function executed after the start of the HAProxy scheduler, and just after the declaration of the task with the Lua function core.register_task(). This context can be concurrent with the traffic processing. It is executed in runtime mode. The prototype of the function is a simple function without return value and without parameters, like this: function fcn().
The action context. It is a Lua function conditionally executed. These actions are registered by the Lua directives “core.register_action()”. The prototype of the Lua called function is a function with doesn’t returns anything and that take an object of class TXN as entry. function fcn(txn).
The sample-fetch context. This function takes a TXN object as entry argument and returns a string. These types of function cannot execute any blocking function. They are useful to aggregate some of original HAProxy sample-fetches and return the result. The prototype of the function is function string fcn(txn). These functions can be registered with the Lua function core.register_fetches(). Each declared sample-fetch is prefixed by the string “lua.”.
Note
It is possible that this function cannot found the required data in the original HAProxy sample-fetches, in this case, it cannot return the result. This case is not yet supported
The converter context. It is a Lua function that takes a string as input and returns another string as output. These types of function are stateless, it cannot access to any context. They don’t execute any blocking function. The call prototype is function string fcn(string). This function can be registered with the Lua function core.register_converters(). Each declared converter is prefixed by the string “lua.”.
The filter context: It is a Lua object based on a class defining filter callback functions. Lua filters are registered using core.register_filter(). Each declared filter is prefixed by the string “lua.”.
HAProxy Lua Hello world¶
HAProxy configuration file (hello_world.conf):
global
lua-load hello_world.lua
listen proxy
bind 127.0.0.1:10001
tcp-request inspect-delay 1s
tcp-request content use-service lua.hello_world
HAProxy Lua file (hello_world.lua):
core.register_service("hello_world", "tcp", function(applet)
applet:send("hello world\n")
end)
How to start HAProxy for testing this configuration:
./haproxy -f hello_world.conf
On other terminal, you can test with telnet:
#:~ telnet 127.0.0.1 10001
hello world
Usage of load parameters¶
HAProxy lua-load(-per-thread) directives allow a list of parameters after the lua file name. These parameters are accessible through an array of args using this code local args = table.pack(…) in the body of loaded file.
Below, a new version of the hello world using load parameters
HAProxy configuration file (hello_world.conf):
global
lua-load hello_world.lua "this is not an hello world"
listen proxy
bind 127.0.0.1:10001
tcp-request inspect-delay 1s
tcp-request content use-service lua.hello_world
HAProxy Lua file (hello_world.lua):
local args = table.pack(...)
core.register_service("hello_world", "tcp", function(applet)
applet:send(args[1] .. "\n")
end)
Core class¶
-
class
core
()¶ The “core” class contains all the HAProxy core functions. These function are useful for the controlling of the execution flow, registering hooks, manipulating global maps or ACL, …
“core” class is basically provided with HAProxy. No require line is required to uses these function.
The “core” class is static, it is not possible to create a new object of this type.
-
core.
silent
¶ - Returns
integer
This attribute is an integer, it contains the value -1. It is a special value used to disable logging.
-
core.
emerg
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “emergency” (0).
-
core.
alert
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “alert” (1).
-
core.
crit
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “critical” (2).
-
core.
err
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “error” (3).
-
core.
warning
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “warning” (4).
-
core.
notice
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “notice” (5).
-
core.
info
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “info” (6).
-
core.
debug
¶ - Returns
integer
This attribute is an integer, it contains the value of the loglevel “debug” (7).
-
core.
proxies
¶ context: task, action, sample-fetch, converter
This attribute is a table of declared proxies (frontend and backends). Each proxy give an access to his list of listeners and servers. The table is indexed by proxy name, and each entry is of type Proxy class.
Warning
if you declared a frontend and backend with the same name, only one of them will be listed.
- See
- See
-
core.
backends
¶ context: task, action, sample-fetch, converter
This attribute is a table of declared proxies with backend capability. Each proxy give an access to his list of listeners and servers. The table is indexed by the backend name, and each entry is of type Proxy class.
- See
- See
-
core.
frontends
¶ context: task, action, sample-fetch, converter
This attribute is a table of declared proxies with frontend capability. Each proxy give an access to his list of listeners and servers. The table is indexed by the frontend name, and each entry is of type Proxy class.
- See
- See
-
core.
thread
¶ context: task, action, sample-fetch, converter, applet
This variable contains the executing thread number starting at 1. 0 is a special case for the common lua context. So, if thread is 0, Lua scope is shared by all threads, otherwise the scope is dedicated to a single thread. A program which needs to execute some parts exactly once regardless of the number of threads can check that core.thread is 0 or 1.
-
core.
log
(loglevel, msg)¶ context: body, init, task, action, sample-fetch, converter
This function sends a log. The log is sent, according with the HAProxy configuration file, on the default syslog server if it is configured and on the stderr if it is allowed.
- Arguments
loglevel (integer) – Is the log level associated with the message. It is a number between 0 and 7.
msg (string) – The log content.
- See
core.emerg
,core.alert
,core.crit
,core.err
,core.warning
,core.notice
,core.info
,core.debug
(log level definitions)- See
- See
- See
- See
-
core.
Debug
(msg)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
msg (string) – The log content.
- See
Does the same job than:
function Debug(msg)
core.log(core.debug, msg)
end
-
core.
Info
(msg)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
msg (string) – The log content.
- See
function Info(msg)
core.log(core.info, msg)
end
-
core.
Warning
(msg)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
msg (string) – The log content.
- See
function Warning(msg)
core.log(core.warning, msg)
end
-
core.
Alert
(msg)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
msg (string) – The log content.
- See
function Alert(msg)
core.log(core.alert, msg)
end
-
core.
add_acl
(filename, key)¶ context: init, task, action, sample-fetch, converter
Add the ACL key in the ACLs list referenced by the file filename.
- Arguments
filename (string) – the filename that reference the ACL entries.
key (string) – the key which will be added.
-
core.
del_acl
(filename, key)¶ context: init, task, action, sample-fetch, converter
Delete the ACL entry referenced by the key key in the list of ACLs referenced by filename.
- Arguments
filename (string) – the filename that reference the ACL entries.
key (string) – the key which will be deleted.
-
core.
del_map
(filename, key)¶ context: init, task, action, sample-fetch, converter
Delete the map entry indexed with the specified key in the list of maps referenced by his filename.
- Arguments
filename (string) – the filename that reference the map entries.
key (string) – the key which will be deleted.
-
core.
get_info
()¶ context: body, init, task, action, sample-fetch, converter
Returns HAProxy core information. We can find information like the uptime, the pid, memory pool usage, tasks number, …
These informations are also returned by the management socket via the command “show info”. See the management socket documentation for more information about the content of these variables.
- Returns
an array of values.
-
core.
now
()¶ context: body, init, task, action
This function returns the current time. The time returned is fixed by the HAProxy core and assures than the hour will be monotonic and that the system call ‘gettimeofday’ will not be called too. The time is refreshed between each Lua execution or resume, so two consecutive call to the function “now” will probably returns the same result.
- Returns
a table which contains two entries “sec” and “usec”. “sec” contains the current at the epoch format, and “usec” contains the current microseconds.
-
core.
http_date
(date)¶ context: body, init, task, action
This function take a string representing http date, and returns an integer containing the corresponding date with a epoch format. A valid http date me respect the format IMF, RFC850 or ASCTIME.
- Arguments
date (string) – a date http-date formatted
- Returns
integer containing epoch date
- See
- See
- See
- See
-
core.
imf_date
(date)¶ context: body, init, task, action
This function take a string representing IMF date, and returns an integer containing the corresponding date with a epoch format.
- Arguments
date (string) – a date IMF formatted
- Returns
integer containing epoch date
- See
The IMF format is like this:
Sun, 06 Nov 1994 08:49:37 GMT
-
core.
rfc850_date
(date)¶ context: body, init, task, action
This function take a string representing RFC850 date, and returns an integer containing the corresponding date with a epoch format.
- Arguments
date (string) – a date RFC859 formatted
- Returns
integer containing epoch date
- See
The RFC850 format is like this:
Sunday, 06-Nov-94 08:49:37 GMT
-
core.
asctime_date
(date)¶ context: body, init, task, action
This function take a string representing ASCTIME date, and returns an integer containing the corresponding date with a epoch format.
- Arguments
date (string) – a date ASCTIME formatted
- Returns
integer containing epoch date
- See
The ASCTIME format is like this:
Sun Nov 6 08:49:37 1994
-
core.
msleep
(milliseconds)¶ context: body, init, task, action
The core.msleep() stops the Lua execution between specified milliseconds.
- Arguments
milliseconds (integer) – the required milliseconds.
-
core.
register_action
(name, actions, func[, nb_args])¶ context: body
Register a Lua function executed as action. All the registered action can be used in HAProxy with the prefix “lua.”. An action gets a TXN object class as input.
- Arguments
name (string) – is the name of the action.
actions (table) – is a table of string describing the HAProxy actions facilities where to expose the new action. Expected facilities are: ‘tcp-req’, ‘tcp-res’, ‘http-req’ or ‘http-res’.
func (function) – is the Lua function called to work as an action.
nb_args (integer) – is the expected number of argument for the action. By default the value is 0.
The prototype of the Lua function used as argument is:
function(txn [, arg1 [, arg2]])
- txn (TXN class): this is a TXN object used for manipulating the
current request or TCP stream.
argX: this is argument provided through the HAProxy configuration file.
Here, an example of action registration. The action just send an ‘Hello world’ in the logs.
core.register_action("hello-world", { "tcp-req", "http-req" }, function(txn)
txn:Info("Hello world")
end)
This example code is used in HAProxy configuration like this:
frontend tcp_frt
mode tcp
tcp-request content lua.hello-world
frontend http_frt
mode http
http-request lua.hello-world
A second example using arguments
function hello_world(txn, arg)
txn:Info("Hello world for " .. arg)
end
core.register_action("hello-world", { "tcp-req", "http-req" }, hello_world, 2)
This example code is used in HAProxy configuration like this:
frontend tcp_frt
mode tcp
tcp-request content lua.hello-world everybody
-
core.
register_converters
(name, func)¶ context: body
Register a Lua function executed as converter. All the registered converters can be used in HAProxy with the prefix “lua.”. A converter gets a string as input and returns a string as output. The registered function can take up to 9 values as parameter. All the values are strings.
- Arguments
name (string) – is the name of the converter.
func (function) – is the Lua function called to work as converter.
The prototype of the Lua function used as argument is:
function(str, [p1 [, p2 [, ... [, p5]]]])
str (string): this is the input value automatically converted in string.
p1 .. p5 (string): this is a list of string arguments declared in the HAProxy configuration file. The number of arguments doesn’t exceed 5. The order and the nature of these is conventionally chosen by the developer.
-
core.
register_fetches
(name, func)¶ context: body
Register a Lua function executed as sample fetch. All the registered sample fetch can be used in HAProxy with the prefix “lua.”. A Lua sample fetch returns a string as output. The registered function can take up to 9 values as parameter. All the values are strings.
- Arguments
name (string) – is the name of the sample fetch.
func (function) – is the Lua function called to work as sample fetch.
The prototype of the Lua function used as argument is:
string function(txn, [p1 [, p2 [, ... [, p5]]]])
txn (TXN class): this is the txn object associated with the current request.
p1 .. p5 (string): this is a list of string arguments declared in the HAProxy configuration file. The number of arguments doesn’t exceed 5. The order and the nature of these is conventionally chosen by the developer.
Returns: A string containing some data, or nil if the value cannot be returned now.
lua example code:
core.register_fetches("hello", function(txn)
return "hello"
end)
HAProxy example configuration:
frontend example
http-request redirect location /%[lua.hello]
-
core.
register_filter
(name, Flt, func)¶ context: body
Register a Lua function used to declare a filter. All the registered filters can by used in HAProxy with the prefix “lua.”.
- Arguments
name (string) – is the name of the filter.
Flt (table) – is a Lua class containing the filter definition (id, flags, callbacks).
func (function) – is the Lua function called to create the Lua filter.
The prototype of the Lua function used as argument is:
function(flt, args)
- fltIs a filter object based on the class provided in
core.register_filter()
function.
- args: Is a table of strings containing all arguments provided through
the HAProxy configuration file, on the filter line.
It must return the filter to use or nil to ignore it. Here, an example of filter registration.
core.register_filter("my-filter", MyFilter, function(flt, args)
flt.args = args -- Save arguments
return flt
end)
This example code is used in HAProxy configuration like this:
frontend http
mode http
filter lua.my-filter arg1 arg2 arg3
- see
Filter()
-
core.
register_service
(name, mode, func)¶ context: body
Register a Lua function executed as a service. All the registered services can be used in HAProxy with the prefix “lua.”. A service gets an object class as input according with the required mode.
- Arguments
name (string) – is the name of the service.
mode (string) – is string describing the required mode. Only ‘tcp’ or ‘http’ are allowed.
func (function) – is the Lua function called to work as service.
The prototype of the Lua function used as argument is:
function(applet)
applet applet will be a AppletTCP class or a AppletHTTP class. It depends the type of registered applet. An applet registered with the ‘http’ value for the mode parameter will gets a AppletHTTP class. If the mode value is ‘tcp’, the applet will gets a AppletTCP class.
Warning
Applets of type ‘http’ cannot be called from ‘tcp-‘ rulesets. Only the ‘http-‘ rulesets are authorized, this means that is not possible to call a HTTP applet from a proxy in tcp mode. Applets of type ‘tcp’ can be called from anywhere.
Here, an example of service registration. The service just send an ‘Hello world’ as an http response.
core.register_service("hello-world", "http", function(applet)
local response = "Hello World !"
applet:set_status(200)
applet:add_header("content-length", string.len(response))
applet:add_header("content-type", "text/plain")
applet:start_response()
applet:send(response)
end)
This example code is used in HAProxy configuration like this:
frontend example
http-request use-service lua.hello-world
-
core.
register_init
(func)¶ context: body
Register a function executed after the configuration parsing. This is useful to check any parameters.
- Arguments
func (function) – is the Lua function called to work as initializer.
The prototype of the Lua function used as argument is:
function()
It takes no input, and no output is expected.
-
core.
register_task
(func)¶ context: body, init, task, action, sample-fetch, converter
Register and start independent task. The task is started when the HAProxy main scheduler starts. For example this type of tasks can be executed to perform complex health checks.
- Arguments
func (function) – is the Lua function called to work as initializer.
The prototype of the Lua function used as argument is:
function()
It takes no input, and no output is expected.
-
core.
register_cli
([path, ]usage, func)¶ context: body
Register a custom cli that will be available from haproxy stats socket.
- Arguments
path (array) – is the sequence of word for which the cli execute the Lua binding.
usage (string) – is the usage message displayed in the help.
func (function) – is the Lua function called to handle the CLI commands.
The prototype of the Lua function used as argument is:
function(AppletTCP, [arg1, [arg2, [...]]])
I/O are managed with the AppletTCP class object. Args are given as parameter. The args embed the registered path. If the path is declared like this:
core.register_cli({"show", "ssl", "stats"}, "Display SSL stats..", function(applet, arg1, arg2, arg3, arg4, arg5)
end)
And we execute this in the prompt:
> prompt
> show ssl stats all
Then, arg1, arg2 and arg3 will contains respectively “show”, “ssl” and “stats”. arg4 will contain “all”. arg5 contains nil.
-
core.
set_nice
(nice)¶ context: task, action, sample-fetch, converter
Change the nice of the current task or current session.
- Arguments
nice (integer) – the nice value, it must be between -1024 and 1024.
-
core.
set_map
(filename, key, value)¶ context: init, task, action, sample-fetch, converter
Set the value value associated to the key key in the map referenced by filename.
- Arguments
filename (string) – the Map reference
key (string) – the key to set or replace
value (string) – the associated value
-
core.
sleep
(int seconds)¶ context: body, init, task, action
The core.sleep() functions stop the Lua execution between specified seconds.
- Arguments
seconds (integer) – the required seconds.
-
core.
tcp
()¶ context: init, task, action
This function returns a new object of a socket class.
- Returns
A Socket class object.
-
core.
httpclient
()¶ context: init, task, action
This function returns a new object of a httpclient class.
- Returns
A HTTPClient class object.
-
core.
concat
()¶ context: body, init, task, action, sample-fetch, converter
This function returns a new concat object.
- Returns
A Concat class object.
-
core.
done
(data)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
data (any) – Return some data for the caller. It is useful with sample-fetches and sample-converters.
Immediately stops the current Lua execution and returns to the caller which may be a sample fetch, a converter or an action and returns the specified value (ignored for actions and init). It is used when the LUA process finishes its work and wants to give back the control to HAProxy without executing the remaining code. It can be seen as a multi-level “return”.
-
core.
yield
()¶ context: task, action, sample-fetch, converter
Give back the hand at the HAProxy scheduler. It is used when the LUA processing consumes a lot of processing time.
-
core.
parse_addr
(address)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
network – is a string describing an ipv4 or ipv6 address and optionally its network length, like this: “127.0.0.1/8” or “aaaa::1234/32”.
- Returns
a userdata containing network or nil if an error occurs.
Parse ipv4 or ipv6 addresses and its facultative associated network.
-
core.
match_addr
(addr1, addr2)¶ context: body, init, task, action, sample-fetch, converter
- Arguments
addr1 – is an address created with “core.parse_addr”.
addr2 – is an address created with “core.parse_addr”.
- Returns
boolean, true if the network of the addresses match, else returns false.
Match two networks. For example “127.0.0.1/32” matches “127.0.0.0/8”. The order of network is not important.
-
core.
tokenize
(str, separators[, noblank])¶ context: body, init, task, action, sample-fetch, converter
This function is useful for tokenizing an entry, or splitting some messages. :param string str: The string which will be split. :param string separators: A string containing a list of separators. :param boolean noblank: Ignore empty entries. :returns: an array of string.
For example:
local array = core.tokenize("This function is useful, for tokenizing an entry.", "., ", true)
print_r(array)
Returns this array:
(table) table: 0x21c01e0 [
1: (string) "This"
2: (string) "function"
3: (string) "is"
4: (string) "useful"
5: (string) "for"
6: (string) "tokenizing"
7: (string) "an"
8: (string) "entry"
]
Proxy class¶
-
class
Proxy
()¶ This class provides a way for manipulating proxy and retrieving information like statistics.
-
Proxy.
name
¶ Contain the name of the proxy.
-
Proxy.
uuid
¶ Contain the unique identifier of the proxy.
-
Proxy.
servers
¶ Contain a table with the attached servers. The table is indexed by server name, and each server entry is an object of type Server class.
-
Proxy.
stktable
¶ Contains a stick table object of type StickTable class attached to the proxy.
-
Proxy.
listeners
¶ Contain a table with the attached listeners. The table is indexed by listener name, and each each listeners entry is an object of type Listener class.
-
Proxy.
pause
(px)¶ Pause the proxy. See the management socket documentation for more information.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
-
Proxy.
resume
(px)¶ Resume the proxy. See the management socket documentation for more information.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
-
Proxy.
stop
(px)¶ Stop the proxy. See the management socket documentation for more information.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
-
Proxy.
shut_bcksess
(px)¶ Kill the session attached to a backup server. See the management socket documentation for more information.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
-
Proxy.
get_cap
(px)¶ Returns a string describing the capabilities of the proxy.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
- Returns
a string “frontend”, “backend”, “proxy” or “ruleset”.
-
Proxy.
get_mode
(px)¶ Returns a string describing the mode of the current proxy.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
- Returns
a string “tcp”, “http” or “unknown”
-
Proxy.
get_stats
(px)¶ Returns a table containing the proxy statistics. The statistics returned are not the same if the proxy is frontend or a backend.
- Arguments
px (class_proxy) – A Proxy class which indicates the manipulated proxy.
- Returns
a key/value table containing stats
Server class¶
-
class
Server
()¶ This class provides a way for manipulating servers and retrieving information.
-
Server.
name
¶ Contain the name of the server.
-
Server.
puid
¶ Contain the proxy unique identifier of the server.
-
Server.
is_draining
(sv)¶ Return true if the server is currently draining sticky connections.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
- Returns
a boolean
-
Server.
set_maxconn
(sv, weight)¶ Dynamically change the maximum connections of the server. See the management socket documentation for more information about the format of the string.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
maxconn (string) – A string describing the server maximum connections.
-
Server.
get_maxconn
(sv, weight)¶ This function returns an integer representing the server maximum connections.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
- Returns
an integer.
-
Server.
set_weight
(sv, weight)¶ Dynamically change the weight of the server. See the management socket documentation for more information about the format of the string.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
weight (string) – A string describing the server weight.
-
Server.
get_weight
(sv)¶ This function returns an integer representing the server weight.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
- Returns
an integer.
-
Server.
set_addr
(sv, addr[, port])¶ Dynamically change the address of the server. See the management socket documentation for more information about the format of the string.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
addr (string) – A string describing the server address.
-
Server.
get_addr
(sv)¶ Returns a string describing the address of the server.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
- Returns
A string
-
Server.
get_stats
(sv)¶ Returns server statistics.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
- Returns
a key/value table containing stats
-
Server.
shut_sess
(sv)¶ Shutdown all the sessions attached to the server. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
set_drain
(sv)¶ Drain sticky sessions. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
set_maint
(sv)¶ Set maintenance mode. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
set_ready
(sv)¶ Set normal mode. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
check_enable
(sv)¶ Enable health checks. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
check_disable
(sv)¶ Disable health checks. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
check_force_up
(sv)¶ Force health-check up. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
check_force_nolb
(sv)¶ Force health-check nolb mode. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
check_force_down
(sv)¶ Force health-check down. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
agent_enable
(sv)¶ Enable agent check. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
agent_disable
(sv)¶ Disable agent check. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
agent_force_up
(sv)¶ Force agent check up. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
-
Server.
agent_force_down
(sv)¶ Force agent check down. See the management socket documentation for more information about this function.
- Arguments
sv (class_server) – A Server class which indicates the manipulated server.
Listener class¶
-
Listener.
get_stats
(ls)¶ Returns server statistics.
- Arguments
ls (class_listener) – A Listener class which indicates the manipulated listener.
- Returns
a key/value table containing stats
Concat class¶
-
class
Concat
()¶ This class provides a fast way for string concatenation. The way using native Lua concatenation like the code below is slow for some reasons.
str = "string1"
str = str .. ", string2"
str = str .. ", string3"
For each concatenation, Lua: - allocates memory for the result, - catenates the two string copying the strings in the new memory block, - frees the old memory block containing the string which is no longer used.
This process does many memory move, allocation and free. In addition, the memory is not really freed, it is just marked as unused and waits for the garbage collector.
The Concat class provides an alternative way to concatenate strings. It uses the internal Lua mechanism (it does not allocate memory), but it doesn’t copy the data more than once.
On my computer, the following loops spends 0.2s for the Concat method and 18.5s for the pure Lua implementation. So, the Concat class is about 1000x faster than the embedded solution.
for j = 1, 100 do
c = core.concat()
for i = 1, 20000 do
c:add("#####")
end
end
for j = 1, 100 do
c = ""
for i = 1, 20000 do
c = c .. "#####"
end
end
-
Concat.
add
(concat, string)¶ This function adds a string to the current concatenated string.
- Arguments
concat (class_concat) – A Concat class which contains the currently built string.
string (string) – A new string to concatenate to the current built string.
-
Concat.
dump
(concat)¶ This function returns the concatenated string.
- Arguments
concat (class_concat) – A Concat class which contains the currently built string.
- Returns
the concatenated string
Fetches class¶
-
class
Fetches
()¶ This class contains a lot of internal HAProxy sample fetches. See the HAProxy “configuration.txt” documentation for more information. (chapters 7.3.2 to 7.3.6)
Warning
some sample fetches are not available in some context. These limitations are specified in this documentation when they’re useful.
Fetches are useful to:
get system time,
get environment variable,
get random numbers,
know backend status like the number of users in queue or the number of connections established,
get client information like ip source or destination,
deal with stick tables,
fetch established SSL information,
fetch HTTP information like headers or method.
function action(txn)
-- Get source IP
local clientip = txn.f:src()
end
Converters class¶
-
class
Converters
()¶ This class contains a lot of internal HAProxy sample converters. See the HAProxy documentation “configuration.txt” for more information about her usage. Its the chapter 7.3.1.
Converters provides stateful transformation. They are useful to:
convert input to base64,
apply hash on input string (djb2, crc32, sdbm, wt6),
format date,
json escape,
extract preferred language comparing two lists,
turn to lower or upper chars,
deal with stick tables.
Channel class¶
-
class
Channel
()¶ context: action, sample-fetch, convert, filter
HAProxy uses two buffers for the processing of the requests. The first one is used with the request data (from the client to the server) and the second is used for the response data (from the server to the client).
Each buffer contains two types of data. The first type is the incoming data waiting for a processing. The second part is the outgoing data already processed. Usually, the incoming data is processed, after it is tagged as outgoing data, and finally it is sent. The following functions provides tools for manipulating these data in a buffer.
The following diagram shows where the channel class function are applied.
Warning
It is not possible to read from the response in request action, and it is not possible to read from the request channel in response action.
Warning
It is forbidden to alter the Channels buffer from HTTP contexts. So only
Channel.input()
,Channel.output()
,Channel.may_recv()
,Channel.is_full()
andChannel.is_resp()
can be called from a HTTP context.All the functions provided by this class are available in the sample-fetches, actions and filters contexts. For filters, incoming data (offset and length) are relative to the filter. Some functions may yield, but only for actions. Yield is not possible for sample-fetches, converters and filters.
-
Channel.
append
(channel, string)¶ This function copies the string string at the end of incoming data of the channel buffer. The function returns the copied length on success or -1 if data cannot be copied.
Same that
Channel.insert(channel, string, channel:input())()
.- Arguments
channel (class_channel) – The manipulated Channel.
string (string) – The data to copy at the end of incoming data.
- Returns
an integer containing the amount of bytes copied or -1.
-
Channel.
data
(channel[, offset[, length]])¶ This function returns length bytes of incoming data from the channel buffer, starting at the offset offset. The data are not removed from the buffer.
By default, if no length is provided, all incoming data found, starting at the given offset, are returned. If length is set to -1, the function tries to retrieve a maximum of data and, if called by an action, it yields if necessary. It also waits for more data if the requested length exceeds the available amount of incoming data. Not providing an offset is the same as setting it to 0. A positive offset is relative to the beginning of incoming data of the channel buffer while negative offset is relative to the end.
If there is no incoming data and the channel can’t receive more data, a ‘nil’ value is returned.
- Arguments
channel (class_channel) – The manipulated Channel.
offset (integer) – optional The offset in incoming data to start to get data. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The expected length of data to retrieve. All incoming data by default. May be set to -1 to get a maximum of data.
- Returns
a string containing the data found or nil.
-
Channel.
forward
(channel, length)¶ This function forwards length bytes of data from the channel buffer. If the requested length exceeds the available amount of incoming data, and if called by an action, the function yields, waiting for more data to forward. It returns the amount of data forwarded.
- Arguments
channel (class_channel) – The manipulated Channel.
int (integer) – The amount of data to forward.
-
Channel.
input
(channel)¶ This function returns the length of incoming data in the channel buffer. When called by a filter, this value is relative to the filter.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
an integer containing the amount of available bytes.
-
Channel.
insert
(channel, string[, offset])¶ This function copies the string string at the offset offset in incoming data of the channel buffer. The function returns the copied length on success or -1 if data cannot be copied.
By default, if no offset is provided, the string is copied in front of incoming data. A positive offset is relative to the beginning of incoming data of the channel buffer while negative offset is relative to their end.
- Arguments
channel (class_channel) – The manipulated Channel.
string (string) – The data to copy into incoming data.
offset (integer) – optional The offset in incoming data where to copy data. 0 by default. May be negative to be relative to the end of incoming data.
- Returns
an integer containing the amount of bytes copied or -1.
-
Channel.
is_full
(channel)¶ This function returns true if the channel buffer is full.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
a boolean
-
Channel.
is_resp
(channel)¶ This function returns true if the channel is the response one.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
a boolean
-
Channel.
line
(channel[, offset[, length]])¶ This function parses length bytes of incoming data of the channel buffer, starting at offset offset, and returns the first line found, including the ‘\n’. The data are not removed from the buffer. If no line is found, all data are returned.
By default, if no length is provided, all incoming data, starting at the given offset, are evaluated. If length is set to -1, the function tries to retrieve a maximum of data and, if called by an action, yields if necessary. It also waits for more data if the requested length exceeds the available amount of incoming data. Not providing an offset is the same as setting it to 0. A positive offset is relative to the beginning of incoming data of the channel buffer while negative offset is relative to the end.
If there is no incoming data and the channel can’t receive more data, a ‘nil’ value is returned.
- Arguments
channel (class_channel) – The manipulated Channel.
offset (integer) – optional The offset in incoming data to start to parse data. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The length of data to parse. All incoming data by default. May be set to -1 to get a maximum of data.
- Returns
a string containing the line found or nil.
-
Channel.
may_recv
(channel)¶ This function returns true if the channel may still receive data.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
a boolean
-
Channel.
output
(channel)¶ This function returns the length of outgoing data of the channel buffer. When called by a filter, this value is relative to the filter.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
an integer containing the amount of available bytes.
-
Channel.
prepend
(channel, string)¶ This function copies the string string in front of incoming data of the channel buffer. The function returns the copied length on success or -1 if data cannot be copied.
Same that
Channel.insert(channel, string, 0)()
.- Arguments
channel (class_channel) – The manipulated Channel.
string (string) – The data to copy in front of incoming data.
- Returns
an integer containing the amount of bytes copied or -1.
-
Channel.
remove
(channel[, offset[, length]])¶ This function removes length bytes of incoming data of the channel buffer, starting at offset offset. This function returns number of bytes removed on success.
By default, if no length is provided, all incoming data, starting at the given offset, are removed. Not providing an offset is the same as setting it to 0. A positive offset is relative to the beginning of incoming data of the channel buffer while negative offset is relative to the end.
- Arguments
channel (class_channel) – The manipulated Channel.
offset (integer) – optional The offset in incoming data where to start to remove data. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The length of data to remove. All incoming data by default.
- Returns
an integer containing the amount of bytes removed.
-
Channel.
send
(channel, string)¶ This function requires immediate send of the string string. It means the string is copied at the beginning of incoming data of the channel buffer and immediately forwarded. Unless if the connection is close, and if called by an action, this function yields to copy and forward all the string.
- Arguments
channel (class_channel) – The manipulated Channel.
string (string) – The data to send.
- Returns
an integer containing the amount of bytes copied or -1.
-
Channel.
set
(channel, string[, offset[, length]])¶ This function replaces length bytes of incoming data of the channel buffer, starting at offset offset, by the string string. The function returns the copied length on success or -1 if data cannot be copied.
By default, if no length is provided, all incoming data, starting at the given offset, are replaced. Not providing an offset is the same as setting it to 0. A positive offset is relative to the beginning of incoming data of the channel buffer while negative offset is relative to the end.
- Arguments
channel (class_channel) – The manipulated Channel.
string (string) – The data to copy into incoming data.
offset (integer) – optional The offset in incoming data where to start the data replacement. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The length of data to replace. All incoming data by default.
- Returns
an integer containing the amount of bytes copied or -1.
-
Channel.
dup
(channel)¶ DEPRECATED
This function returns all incoming data found in the channel buffer. The data are not removed from the buffer and can be reprocessed later.
If there is no incoming data and the channel can’t receive more data, a ‘nil’ value is returned.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
a string containing all data found or nil.
Warning
This function is deprecated.
Channel.data()
must be used instead.
-
Channel.
get
(channel)¶ DEPRECATED
This function returns all incoming data found in the channel buffer and remove them from the buffer.
If there is no incoming data and the channel can’t receive more data, a ‘nil’ value is returned.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
a string containing all the data found or nil.
Warning
This function is deprecated.
Channel.data()
must be used to retrieve data followed by a call toChannel:remove()
to remove data.local data = chn:data() chn:remove(0, data:len())
-
Channel.
getline
(channel)¶ DEPRECATED
This function returns the first line found in incoming data of the channel buffer, including the ‘\n’. The returned data are removed from the buffer. If no line is found, and if called by an action, this function yields to wait for more data, except if the channel can’t receive more data. In this case all data are returned.
If there is no incoming data and the channel can’t receive more data, a ‘nil’ value is returned.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
a string containing the line found or nil.
Warning
This function is deprecated.
Channel.line()
must be used to retrieve a line followed by a call toChannel:remove()
to remove data.local line = chn:line(0, -1) chn:remove(0, line:len())
-
Channel.
get_in_len
(channel)¶ DEPRECATED
This function returns the length of the input part of the buffer. When called by a filter, this value is relative to the filter.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
an integer containing the amount of available bytes.
Warning
This function is deprecated.
Channel.input()
must be used instead.
-
Channel.
get_out_len
(channel)¶ DEPRECATED
This function returns the length of the output part of the buffer. When called by a filter, this value is relative to the filter.
- Arguments
channel (class_channel) – The manipulated Channel.
- Returns
an integer containing the amount of available bytes.
Warning
This function is deprecated.
Channel.output()
must be used instead.
HTTP class¶
-
class
HTTP
()¶ This class contain all the HTTP manipulation functions.
-
HTTP.
req_get_headers
(http)¶ Returns a table containing all the request headers.
- Arguments
http (class_http) – The related http object.
- Returns
table of headers.
- See
This is the form of the returned table:
HTTP:req_get_headers()['<header-name>'][<header-index>] = "<header-value>"
local hdr = HTTP:req_get_headers()
hdr["host"][0] = "www.test.com"
hdr["accept"][0] = "audio/basic q=1"
hdr["accept"][1] = "audio/*, q=0.2"
hdr["accept"][2] = "*/*, q=0.1"
-
HTTP.
res_get_headers
(http)¶ Returns a table containing all the response headers.
- Arguments
http (class_http) – The related http object.
- Returns
table of headers.
- See
This is the form of the returned table:
HTTP:res_get_headers()['<header-name>'][<header-index>] = "<header-value>"
local hdr = HTTP:req_get_headers()
hdr["host"][0] = "www.test.com"
hdr["accept"][0] = "audio/basic q=1"
hdr["accept"][1] = "audio/*, q=0.2"
hdr["accept"][2] = "*.*, q=0.1"
-
HTTP.
req_add_header
(http, name, value)¶ Appends a HTTP header field in the request whose name is specified in “name” and whose value is defined in “value”.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
value (string) – The header value.
- See
-
HTTP.
res_add_header
(http, name, value)¶ Appends a HTTP header field in the response whose name is specified in “name” and whose value is defined in “value”.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
value (string) – The header value.
- See
-
HTTP.
req_del_header
(http, name)¶ Removes all HTTP header fields in the request whose name is specified in “name”.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
- See
-
HTTP.
res_del_header
(http, name)¶ Removes all HTTP header fields in the response whose name is specified in “name”.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
- See
-
HTTP.
req_set_header
(http, name, value)¶ This variable replace all occurrence of all header “name”, by only one containing the “value”.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
value (string) – The header value.
- See
This function does the same work as the following code:
function fcn(txn)
TXN.http:req_del_header("header")
TXN.http:req_add_header("header", "value")
end
-
HTTP.
res_set_header
(http, name, value)¶ This function replaces all occurrence of all header “name”, by only one containing the “value”.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
value (string) – The header value.
- See
-
HTTP.
req_rep_header
(http, name, regex, replace)¶ Matches the regular expression in all occurrences of header field “name” according to “regex”, and replaces them with the “replace” argument. The replacement value can contain back references like 1, 2, … This function works with the request.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
regex (string) – The match regular expression.
replace (string) – The replacement value.
- See
-
HTTP.
res_rep_header
(http, name, regex, string)¶ Matches the regular expression in all occurrences of header field “name” according to “regex”, and replaces them with the “replace” argument. The replacement value can contain back references like 1, 2, … This function works with the request.
- Arguments
http (class_http) – The related http object.
name (string) – The header name.
regex (string) – The match regular expression.
replace (string) – The replacement value.
- See
-
HTTP.
req_set_method
(http, method)¶ Rewrites the request method with the parameter “method”.
- Arguments
http (class_http) – The related http object.
method (string) – The new method.
-
HTTP.
req_set_path
(http, path)¶ Rewrites the request path with the “path” parameter.
- Arguments
http (class_http) – The related http object.
path (string) – The new path.
-
HTTP.
req_set_query
(http, query)¶ Rewrites the request’s query string which appears after the first question mark (“?”) with the parameter “query”.
- Arguments
http (class_http) – The related http object.
query (string) – The new query.
-
HTTP.
req_set_uri
(http, uri)¶ Rewrites the request URI with the parameter “uri”.
- Arguments
http (class_http) – The related http object.
uri (string) – The new uri.
-
HTTP.
res_set_status
(http, status[, reason])¶ Rewrites the response status code with the parameter “code”.
If no custom reason is provided, it will be generated from the status.
- Arguments
http (class_http) – The related http object.
status (integer) – The new response status code.
reason (string) – The new response reason (optional).
HTTPClient class¶
-
class
HTTPClient
()¶ The httpclient class allows issue of outbound HTTP requests through a simple API without the knowledge of HAProxy internals.
-
HTTPClient.
get
(httpclient, request)¶
-
HTTPClient.
head
(httpclient, request)¶
-
HTTPClient.
put
(httpclient, request)¶
-
HTTPClient.
post
(httpclient, request)¶
-
HTTPClient.
delete
(httpclient, request)¶ Send a HTTP request and wait for a response. GET, HEAD PUT, POST and DELETE methods can be used. The HTTPClient will send asynchronously the data and is able to send and receive more than HAProxy bufsize.
The HTTPClient interface is not able to decompress responses, it is not recommended to send an Accept-Encoding in the request so the response is received uncompressed.
- Arguments
httpclient (class) – Is the manipulated HTTPClient.
request (table) – Is a table containing the parameters of the request that will be send.
request.url (string) – Is a mandatory parameter for the request that contains the URL.
request.body (string) – Is an optional parameter for the request that contains the body to send.
request.headers (table) – Is an optional parameter for the request that contains the headers to send.
request.dst (string) – Is an optional parameter for the destination in haproxy address format.
request.timeout (integer) – Optional timeout parameter, set a “timeout server” on the connections.
- Returns
Lua table containing the response
local httpclient = core.httpclient()
local response = httpclient:post{url="http://127.0.0.1", body=body, dst="unix@/var/run/http.sock"}
response = {
status = 400,
reason = "Bad request",
headers = {
["content-type"] = { "text/html" },
["cache-control"] = { "no-cache", "no-store" },
},
body = "<html><body><h1>invalid request<h1></body></html>",
}
TXN class¶
-
class
TXN
()¶ The txn class contain all the functions relative to the http or tcp transaction (Note than a tcp stream is the same than a tcp transaction, but a HTTP transaction is not the same than a tcp stream).
The usage of this class permits to retrieve data from the requests, alter it and forward it.
All the functions provided by this class are available in the context sample-fetches, actions and filters.
-
TXN.
c
¶ - Returns
An Converters class.
This attribute contains a Converters class object.
-
TXN.
sc
¶ - Returns
An Converters class.
This attribute contains a Converters class object. The functions of this object returns always a string.
-
TXN.
f
¶ - Returns
An Fetches class.
This attribute contains a Fetches class object.
-
TXN.
sf
¶ - Returns
An Fetches class.
This attribute contains a Fetches class object. The functions of this object returns always a string.
-
TXN.
req
¶ - Returns
An Channel class.
This attribute contains a channel class object for the request buffer.
-
TXN.
res
¶ - Returns
An Channel class.
This attribute contains a channel class object for the response buffer.
-
TXN.
http
¶ - Returns
An HTTP class.
This attribute contains a HTTP class object. It is available only if the proxy has the “mode http” enabled.
-
TXN.
http_req
¶ - Returns
This attribute contains the request HTTPMessage class object. It is available only if the proxy has the “mode http” enabled and only in the filters context.
-
TXN.
http_res
¶ - Returns
This attribute contains the response HTTPMessage class object. It is available only if the proxy has the “mode http” enabled and only in the filters context.
-
TXN.
log
(TXN, loglevel, msg)¶ This function sends a log. The log is sent, according with the HAProxy configuration file, on the default syslog server if it is configured and on the stderr if it is allowed.
- Arguments
txn (class_txn) – The class txn object containing the data.
loglevel (integer) – Is the log level associated with the message. It is a number between 0 and 7.
msg (string) – The log content.
- See
core.emerg
,core.alert
,core.crit
,core.err
,core.warning
,core.notice
,core.info
,core.debug
(log level definitions)- See
- See
- See
- See
- See
-
TXN.
deflog
(TXN, msg)¶ Sends a log line with the default loglevel for the proxy associated with the transaction.
- Arguments
txn (class_txn) – The class txn object containing the data.
msg (string) – The log content.
- See
-
TXN.
Debug
(txn, msg)¶ - Arguments
txn (class_txn) – The class txn object containing the data.
msg (string) – The log content.
- See
Does the same job as:
function Debug(txn, msg)
TXN.log(txn, core.debug, msg)
end
-
TXN.
Info
(txn, msg)¶ - Arguments
txn (class_txn) – The class txn object containing the data.
msg (string) – The log content.
- See
Does the same job as:
function Info(txn, msg)
TXN.log(txn, core.info, msg)
end
-
TXN.
Warning
(txn, msg)¶ - Arguments
txn (class_txn) – The class txn object containing the data.
msg (string) – The log content.
- See
Does the same job as:
function Warning(txn, msg)
TXN.log(txn, core.warning, msg)
end
-
TXN.
Alert
(txn, msg)¶ - Arguments
txn (class_txn) – The class txn object containing the data.
msg (string) – The log content.
- See
Does the same job as:
function Alert(txn, msg)
TXN.log(txn, core.alert, msg)
end
-
TXN.
get_priv
(txn)¶ Return Lua data stored in the current transaction (with the TXN.set_priv()) function. If no data are stored, it returns a nil value.
- Arguments
txn (class_txn) – The class txn object containing the data.
- Returns
the opaque data previously stored, or nil if nothing is available.
-
TXN.
set_priv
(txn, data)¶ Store any data in the current HAProxy transaction. This action replaces the old stored data.
- Arguments
txn (class_txn) – The class txn object containing the data.
data (opaque) – The data which is stored in the transaction.
-
TXN.
set_var
(TXN, var, value[, ifexist])¶ Converts a Lua type in a HAProxy type and store it in a variable <var>.
- Arguments
txn (class_txn) – The class txn object containing the data.
var (string) – The variable name according with the HAProxy variable syntax.
value (type) – The value associated to the variable. The type can be string or integer.
ifexist (boolean) – If this parameter is set to true the variable will only be set if it was defined elsewhere (i.e. used within the configuration). For global variables (using the “proc” scope), they will only be updated and never created. It is highly recommended to always set this to true.
-
TXN.
unset_var
(TXN, var)¶ Unset the variable <var>.
- Arguments
txn (class_txn) – The class txn object containing the data.
var (string) – The variable name according with the HAProxy variable syntax.
-
TXN.
get_var
(TXN, var)¶ Returns data stored in the variable <var> converter in Lua type.
- Arguments
txn (class_txn) – The class txn object containing the data.
var (string) – The variable name according with the HAProxy variable syntax.
-
TXN.
reply
([reply])¶ Return a new reply object
- Arguments
reply (table) – A table containing info to initialize the reply fields.
- Returns
A Reply class object.
The table used to initialized the reply object may contain following entries :
status : The reply status code. the code 200 is used by default.
reason : The reply reason. The reason corresponding to the status code is used by default.
headers : A list of headers, indexed by header name. Empty by default. For a given name, multiple values are possible, stored in an ordered list.
body : The reply body, empty by default.
local reply = txn:reply{
status = 400,
reason = "Bad request",
headers = {
["content-type"] = { "text/html" },
["cache-control"] = {"no-cache", "no-store" }
},
body = "<html><body><h1>invalid request<h1></body></html>"
}
-
TXN.
done
(txn[, reply])¶ This function terminates processing of the transaction and the associated session and optionally reply to the client for HTTP sessions.
- Arguments
txn (class_txn) – The class txn object containing the data.
reply (class_reply) – The class reply object to return to the client.
This functions can be used when a critical error is detected or to terminate processing after some data have been returned to the client (eg: a redirect). To do so, a reply may be provided. This object is optional and may contain a status code, a reason, a header list and a body. All these fields are optional. When not provided, the default values are used. By default, with an empty reply object, an empty HTTP 200 response is returned to the client. If no reply object is provided, the transaction is terminated without any reply. If a reply object is provided, it must not exceed the buffer size once converted into the internal HTTP representation. Because for now there is no easy way to be sure it fits, it is probably better to keep it reasonably small.
The reply object may be fully created in lua or the class Reply may be used to create it.
local reply = txn:reply()
reply:set_status(400, "Bad request")
reply:add_header("content-type", "text/html")
reply:add_header("cache-control", "no-cache")
reply:add_header("cache-control", "no-store")
reply:set_body("<html><body><h1>invalid request<h1></body></html>")
txn:done(reply)
txn:done{
status = 400,
reason = "Bad request",
headers = {
["content-type"] = { "text/html" },
["cache-control"] = { "no-cache", "no-store" },
},
body = "<html><body><h1>invalid request<h1></body></html>"
}
Warning
It does not make sense to call this function from sample-fetches. In this case the behavior is the same than core.done(): it finishes the Lua execution. The transaction is really aborted only from an action registered function.
- see
-
TXN.
set_loglevel
(txn, loglevel)¶ Is used to change the log level of the current request. The “loglevel” must be an integer between 0 and 7 or the special value -1 to disable logging.
- Arguments
txn (class_txn) – The class txn object containing the data.
loglevel (integer) – The required log level. This variable can be one of
- See
core.silent
,core.emerg
,core.alert
,core.crit
,core.err
,core.warning
,core.notice
,core.info
,core.debug
(log level definitions)
-
TXN.
set_tos
(txn, tos)¶ Is used to set the TOS or DSCP field value of packets sent to the client to the value passed in “tos” on platforms which support this.
- Arguments
txn (class_txn) – The class txn object containing the data.
tos (integer) – The new TOS os DSCP.
-
TXN.
set_mark
(txn, mark)¶ Is used to set the Netfilter MARK on all packets sent to the client to the value passed in “mark” on platforms which support it.
- Arguments
txn (class_txn) – The class txn object containing the data.
mark (integer) – The mark value.
-
TXN.
set_priority_class
(txn, prio)¶ This function adjusts the priority class of the transaction. The value should be within the range -2047..2047. Values outside this range will be truncated.
See the HAProxy configuration.txt file keyword “http-request” action “set-priority-class” for details.
-
TXN.
set_priority_offset
(txn, prio)¶ This function adjusts the priority offset of the transaction. The value should be within the range -524287..524287. Values outside this range will be truncated.
See the HAProxy configuration.txt file keyword “http-request” action “set-priority-offset” for details.
Reply class¶
-
class
Reply
()¶ context: action
This class represents a HTTP response message. It provides some methods to enrich it. Once converted into the internal HTTP representation, the response message must not exceed the buffer size. Because for now there is no easy way to be sure it fits, it is probably better to keep it reasonably small.
See tune.bufsize in the configuration manual for details.
local reply = txn:reply({status = 400}) -- default HTTP 400 reason-phase used
reply:add_header("content-type", "text/html")
reply:add_header("cache-control", "no-cache")
reply:add_header("cache-control", "no-store")
reply:set_body("<html><body><h1>invalid request<h1></body></html>")
- see
-
Reply.
status
¶ The reply status code. By default, the status code is set to 200.
- Returns
integer
-
Reply.
reason
¶ The reason string describing the status code.
- Returns
string
-
Reply.
headers
¶ A table indexing all reply headers by name. To each name is associated an ordered list of values.
- Returns
Lua table
{
["content-type"] = { "text/html" },
["cache-control"] = {"no-cache", "no-store" },
x_header_name = { "value1", "value2", ... }
...
}
-
Reply.
body
¶ The reply payload.
- Returns
string
-
Reply.
set_status
(REPLY, status[, reason])¶ Set the reply status code and optionally the reason-phrase. If the reason is not provided, the default reason corresponding to the status code is used.
- Arguments
reply (class_reply) – The related Reply object.
status (integer) – The reply status code.
reason (string) – The reply status reason (optional).
-
Reply.
add_header
(REPLY, name, value)¶ Add a header to the reply object. If the header does not already exist, a new entry is created with its name as index and a one-element list containing its value as value. Otherwise, the header value is appended to the ordered list of values associated to the header name.
- Arguments
reply (class_reply) – The related Reply object.
name (string) – The header field name.
value (string) – The header field value.
-
Reply.
del_header
(REPLY, name)¶ Remove all occurrences of a header name from the reply object.
- Arguments
reply (class_reply) – The related Reply object.
name (string) – The header field name.
-
Reply.
set_body
(REPLY, body)¶ Set the reply payload.
- Arguments
reply (class_reply) – The related Reply object.
body (string) – The reply payload.
Socket class¶
-
class
Socket
()¶ This class must be compatible with the Lua Socket class. Only the ‘client’ functions are available. See the Lua Socket documentation:
-
Socket.
close
(socket)¶ Closes a TCP object. The internal socket used by the object is closed and the local address to which the object was bound is made available to other applications. No further operations (except for further calls to the close method) are allowed on a closed Socket.
- Arguments
socket (class_socket) – Is the manipulated Socket.
Note: It is important to close all used sockets once they are not needed, since, in many systems, each socket uses a file descriptor, which are limited system resources. Garbage-collected objects are automatically closed before destruction, though.
-
Socket.
connect
(socket, address[, port])¶ Attempts to connect a socket object to a remote host.
In case of error, the method returns nil followed by a string describing the error. In case of success, the method returns 1.
- Arguments
socket (class_socket) – Is the manipulated Socket.
address (string) – can be an IP address or a host name. See below for more information.
port (integer) – must be an integer number in the range [1..64K].
- Returns
1 or nil.
An address field extension permits to use the connect() function to connect to other stream than TCP. The syntax containing a simpleipv4 or ipv6 address is the basically expected format. This format requires the port.
Other format accepted are a socket path like “/socket/path”, it permits to connect to a socket. Abstract namespaces are supported with the prefix “abns@”, and finally a file descriptor can be passed with the prefix “fd@”. The prefix “ipv4@”, “ipv6@” and “unix@” are also supported. The port can be passed int the string. The syntax “127.0.0.1:1234” is valid. In this case, the parameter port must not be set.
-
Socket.
connect_ssl
(socket, address, port)¶ Same behavior than the function socket:connect, but uses SSL.
- Arguments
socket (class_socket) – Is the manipulated Socket.
- Returns
1 or nil.
-
Socket.
getpeername
(socket)¶ Returns information about the remote side of a connected client object.
Returns a string with the IP address of the peer, followed by the port number that peer is using for the connection. In case of error, the method returns nil.
- Arguments
socket (class_socket) – Is the manipulated Socket.
- Returns
a string containing the server information.
-
Socket.
getsockname
(socket)¶ Returns the local address information associated to the object.
The method returns a string with local IP address and a number with the port. In case of error, the method returns nil.
- Arguments
socket (class_socket) – Is the manipulated Socket.
- Returns
a string containing the client information.
-
Socket.
receive
(socket[, pattern[, prefix]])¶ Reads data from a client object, according to the specified read pattern. Patterns follow the Lua file I/O format, and the difference in performance between all patterns is negligible.
- Arguments
socket (class_socket) – Is the manipulated Socket.
pattern (string|integer) – Describe what is required (see below).
prefix (string) – A string which will be prefix the returned data.
- Returns
a string containing the required data or nil.
Pattern can be any of the following:
- `*a`: reads from the socket until the connection is closed. No
end-of-line translation is performed;
- `*l`: reads a line of text from the Socket. The line is terminated by a
LF character (ASCII 10), optionally preceded by a CR character (ASCII 13). The CR and LF characters are not included in the returned line. In fact, all CR characters are ignored by the pattern. This is the default pattern.
- number: causes the method to read a specified number of bytes from the
Socket. Prefix is an optional string to be concatenated to the beginning of any received data before return.
empty: If the pattern is left empty, the default option is *l.
If successful, the method returns the received pattern. In case of error, the method returns nil followed by an error message which can be the string ‘closed’ in case the connection was closed before the transmission was completed or the string ‘timeout’ in case there was a timeout during the operation. Also, after the error message, the function returns the partial result of the transmission.
Important note: This function was changed severely. It used to support multiple patterns (but I have never seen this feature used) and now it doesn’t anymore. Partial results used to be returned in the same way as successful results. This last feature violated the idea that all functions should return nil on error. Thus it was changed too.
-
Socket.
send
(socket, data[, start[, end]])¶ Sends data through client object.
- Arguments
socket (class_socket) – Is the manipulated Socket.
data (string) – The data that will be sent.
start (integer) – The start position in the buffer of the data which will be sent.
end (integer) – The end position in the buffer of the data which will be sent.
- Returns
see below.
Data is the string to be sent. The optional arguments i and j work exactly like the standard string.sub Lua function to allow the selection of a substring to be sent.
If successful, the method returns the index of the last byte within [start, end] that has been sent. Notice that, if start is 1 or absent, this is effectively the total number of bytes sent. In case of error, the method returns nil, followed by an error message, followed by the index of the last byte within [start, end] that has been sent. You might want to try again from the byte following that. The error message can be ‘closed’ in case the connection was closed before the transmission was completed or the string ‘timeout’ in case there was a timeout during the operation.
Note: Output is not buffered. For small strings, it is always better to concatenate them in Lua (with the ‘..’ operator) and send the result in one call instead of calling the method several times.
-
Socket.
setoption
(socket, option[, value])¶ Just implemented for compatibility, this cal does nothing.
-
Socket.
settimeout
(socket, value[, mode])¶ Changes the timeout values for the object. All I/O operations are blocking. That is, any call to the methods send, receive, and accept will block indefinitely, until the operation completes. The settimeout method defines a limit on the amount of time the I/O methods can block. When a timeout time has elapsed, the affected methods give up and fail with an error code.
The amount of time to wait is specified as the value parameter, in seconds.
The timeout modes are not implemented, the only settable timeout is the inactivity time waiting for complete the internal buffer send or waiting for receive data.
- Arguments
socket (class_socket) – Is the manipulated Socket.
value (float) – The timeout value. Use floating point to specify milliseconds.
Regex class¶
-
class
Regex
()¶ This class allows the usage of HAProxy regexes because classic lua doesn’t provides regexes. This class inherits the HAProxy compilation options, so the regexes can be libc regex, pcre regex or pcre JIT regex.
The expression matching number is limited to 20 per regex. The only available option is case sensitive.
Because regexes compilation is a heavy process, it is better to define all your regexes in the body context and use it during the runtime.
-- Create the regex
st, regex = Regex.new("needle (..) (...)", true);
-- Check compilation errors
if st == false then
print "error: " .. regex
end
-- Match the regexes
print(regex:exec("Looking for a needle in the haystack")) -- true
print(regex:exec("Lokking for a cat in the haystack")) -- false
-- Extract words
st, list = regex:match("Looking for a needle in the haystack")
print(st) -- true
print(list[1]) -- needle in the
print(list[2]) -- in
print(list[3]) -- the
-
Regex.
new
(regex, case_sensitive)¶ Create and compile a regex.
- Arguments
regex (string) – The regular expression according with the libc or pcre standard
case_sensitive (boolean) – Match is case sensitive or not.
- Returns
boolean status and Regex class or string containing fail reason.
-
Regex.
exec
(regex, str)¶ Execute the regex.
- Arguments
regex (class_regex) – A Regex class object.
str (string) – The input string will be compared with the compiled regex.
- Returns
a boolean status according with the match result.
-
Regex.
match
(regex, str)¶ Execute the regex and return matched expressions.
- Arguments
map (class_map) – A Regex class object.
str (string) – The input string will be compared with the compiled regex.
- Returns
a boolean status according with the match result, and a table containing all the string matched in order of declaration.
Map class¶
-
class
Map
()¶ This class permits to do some lookups in HAProxy maps. The declared maps can be modified during the runtime through the HAProxy management socket.
default = "usa"
-- Create and load map
geo = Map.new("geo.map", Map._ip);
-- Create new fetch that returns the user country
core.register_fetches("country", function(txn)
local src;
local loc;
src = txn.f:fhdr("x-forwarded-for");
if (src == nil) then
src = txn.f:src()
if (src == nil) then
return default;
end
end
-- Perform lookup
loc = geo:lookup(src);
if (loc == nil) then
return default;
end
return loc;
end);
-
Map.
_int
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.int
is also available for compatibility.
-
Map.
_ip
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.ip
is also available for compatibility.
-
Map.
_str
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.str
is also available for compatibility.
-
Map.
_beg
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.beg
is also available for compatibility.
-
Map.
_sub
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.sub
is also available for compatibility.
-
Map.
_dir
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.dir
is also available for compatibility.
-
Map.
_dom
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.dom
is also available for compatibility.
-
Map.
_end
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
-
Map.
_reg
¶ See the HAProxy configuration.txt file, chapter “Using ACLs and fetching samples” and subchapter “ACL basics” to understand this pattern matching method.
Note that
Map.reg
is also available for compatibility.
-
Map.
new
(file, method)¶ Creates and load a map.
-
Map.
lookup
(map, str)¶ Perform a lookup in a map.
- Arguments
map (class_map) – Is the class Map object.
str (string) – Is the string used as key.
- Returns
a string containing the result or nil if no match.
-
Map.
slookup
(map, str)¶ Perform a lookup in a map.
- Arguments
map (class_map) – Is the class Map object.
str (string) – Is the string used as key.
- Returns
a string containing the result or empty string if no match.
AppletHTTP class¶
-
class
AppletHTTP
()¶ This class is used with applets that requires the ‘http’ mode. The http applet can be registered with the core.register_service() function. They are used for processing an http request like a server in back of HAProxy.
This is an hello world sample code:
core.register_service("hello-world", "http", function(applet)
local response = "Hello World !"
applet:set_status(200)
applet:add_header("content-length", string.len(response))
applet:add_header("content-type", "text/plain")
applet:start_response()
applet:send(response)
end)
-
AppletHTTP.
c
¶ - Returns
This attribute contains a Converters class object.
-
AppletHTTP.
sc
¶ - Returns
This attribute contains a Converters class object. The functions of this object always return a string.
-
AppletHTTP.
f
¶ - Returns
This attribute contains a Fetches class object. Note that the applet execution place cannot access to a valid HAProxy core HTTP transaction, so some sample fetches related to the HTTP dependent values (hdr, path, …) are not available.
-
AppletHTTP.
sf
¶ - Returns
This attribute contains a Fetches class object. The functions of this object always return a string. Note that the applet execution place cannot access to a valid HAProxy core HTTP transaction, so some sample fetches related to the HTTP dependent values (hdr, path, …) are not available.
-
AppletHTTP.
method
¶ - Returns
string
The attribute method returns a string containing the HTTP method.
-
AppletHTTP.
version
¶ - Returns
string
The attribute version, returns a string containing the HTTP request version.
-
AppletHTTP.
path
¶ - Returns
string
The attribute path returns a string containing the HTTP request path.
-
AppletHTTP.
qs
¶ - Returns
string
The attribute qs returns a string containing the HTTP request query string.
-
AppletHTTP.
length
¶ - Returns
integer
The attribute length returns an integer containing the HTTP body length.
-
AppletHTTP.
headers
¶ - Returns
table
The attribute headers returns a table containing the HTTP headers. The header names are always in lower case. As the header name can be encountered more than once in each request, the value is indexed with 0 as first index value. The table has this form:
AppletHTTP.headers['<header-name>'][<header-index>] = "<header-value>"
AppletHTTP.headers["host"][0] = "www.test.com"
AppletHTTP.headers["accept"][0] = "audio/basic q=1"
AppletHTTP.headers["accept"][1] = "audio/*, q=0.2"
AppletHTTP.headers["accept"][2] = "*/*, q=0.1"
-
AppletHTTP.
set_status
(applet, code[, reason])¶ This function sets the HTTP status code for the response. The allowed code are from 100 to 599.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
code (integer) – the status code returned to the client.
reason (string) – the status reason returned to the client (optional).
-
AppletHTTP.
add_header
(applet, name, value)¶ This function adds a header in the response. Duplicated headers are not collapsed. The special header content-length is used to determinate the response length. If it does not exist, a transfer-encoding: chunked is set, and all the write from the function AppletHTTP:send() become a chunk.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
name (string) – the header name
value (string) – the header value
-
AppletHTTP.
start_response
(applet)¶ This function indicates to the HTTP engine that it can process and send the response headers. After this called we cannot add headers to the response; We cannot use the AppletHTTP:send() function if the AppletHTTP:start_response() is not called.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
-
AppletHTTP.
getline
(applet)¶ This function returns a string containing one line from the http body. If the data returned doesn’t contains a final ‘\n’ its assumed than its the last available data before the end of stream.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
- Returns
a string. The string can be empty if we reach the end of the stream.
-
AppletHTTP.
receive
(applet[, size])¶ Reads data from the HTTP body, according to the specified read size. If the size is missing, the function tries to read all the content of the stream until the end. If the size is bigger than the http body, it returns the amount of data available.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
size (integer) – the required read size.
- Returns
always return a string,the string can be empty is the connection is closed.
-
AppletHTTP.
send
(applet, msg)¶ Send the message msg on the http request body.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
msg (string) – the message to send.
-
AppletHTTP.
get_priv
(applet)¶ Return Lua data stored in the current transaction. If no data are stored, it returns a nil value.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
- Returns
the opaque data previously stored, or nil if nothing is available.
- See
-
AppletHTTP.
set_priv
(applet, data)¶ Store any data in the current HAProxy transaction. This action replaces the old stored data.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
data (opaque) – The data which is stored in the transaction.
- See
-
AppletHTTP.
set_var
(applet, var, value[, ifexist])¶ Converts a Lua type in a HAProxy type and store it in a variable <var>.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
var (string) – The variable name according with the HAProxy variable syntax.
value (type) – The value associated to the variable. The type ca be string or integer.
ifexist (boolean) –
If this parameter is set to true the variable will only be set if it was defined elsewhere (i.e. used within the configuration). For global variables (using the “proc” scope), they will only be updated and never created.
It is highly recommended to always set this to true.
- See
- See
-
AppletHTTP.
unset_var
(applet, var)¶ Unset the variable <var>.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
var (string) – The variable name according with the HAProxy variable syntax.
- See
- See
-
AppletHTTP.
get_var
(applet, var)¶ Returns data stored in the variable <var> converter in Lua type.
- Arguments
applet (class_AppletHTTP) – An AppletHTTP class
var (string) – The variable name according with the HAProxy variable syntax.
- See
- See
AppletTCP class¶
-
class
AppletTCP
()¶ This class is used with applets that requires the ‘tcp’ mode. The tcp applet can be registered with the core.register_service() function. They are used for processing a tcp stream like a server in back of HAProxy.
-
AppletTCP.
c
¶ - Returns
This attribute contains a Converters class object.
-
AppletTCP.
sc
¶ - Returns
This attribute contains a Converters class object. The functions of this object always return a string.
-
AppletTCP.
f
¶ - Returns
This attribute contains a Fetches class object.
-
AppletTCP.
sf
¶ - Returns
This attribute contains a Fetches class object.
-
AppletTCP.
getline
(applet)¶ This function returns a string containing one line from the stream. If the data returned doesn’t contains a final ‘\n’ its assumed than its the last available data before the end of stream.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
- Returns
a string. The string can be empty if we reach the end of the stream.
-
AppletTCP.
receive
(applet[, size])¶ Reads data from the TCP stream, according to the specified read size. If the size is missing, the function tries to read all the content of the stream until the end.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
size (integer) – the required read size.
- Returns
always return a string, the string can be empty if the connection is closed.
-
AppletTCP.
send
(appletmsg)¶ Send the message on the stream.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
msg (string) – the message to send.
-
AppletTCP.
get_priv
(applet)¶ Return Lua data stored in the current transaction. If no data are stored, it returns a nil value.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
- Returns
the opaque data previously stored, or nil if nothing is available.
- See
-
AppletTCP.
set_priv
(applet, data)¶ Store any data in the current HAProxy transaction. This action replaces the old stored data.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
data (opaque) – The data which is stored in the transaction.
- See
-
AppletTCP.
set_var
(applet, var, value[, ifexist])¶ Converts a Lua type in a HAProxy type and stores it in a variable <var>.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
var (string) – The variable name according with the HAProxy variable syntax.
value (type) – The value associated to the variable. The type can be string or integer.
ifexist (boolean) –
If this parameter is set to true the variable will only be set if it was defined elsewhere (i.e. used within the configuration). For global variables (using the “proc” scope), they will only be updated and never created.
It is highly recommended to always set this to true.
- See
- See
-
AppletTCP.
unset_var
(applet, var)¶ Unsets the variable <var>.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
var (string) – The variable name according with the HAProxy variable syntax.
- See
- See
-
AppletTCP.
get_var
(applet, var)¶ Returns data stored in the variable <var> converter in Lua type.
- Arguments
applet (class_AppletTCP) – An AppletTCP class
var (string) – The variable name according with the HAProxy variable syntax.
- See
- See
StickTable class¶
-
class
StickTable
()¶ context: task, action, sample-fetch
This class can be used to access the HAProxy stick tables from Lua.
-
StickTable.
info
()¶ Returns stick table attributes as a Lua table. See HAProxy documentation for “stick-table” for canonical info, or check out example below.
- Returns
Lua table
Assume our table has IPv4 key and gpc0 and conn_rate “columns”:
{
expire=<int>, # Value in ms
size=<int>, # Maximum table size
used=<int>, # Actual number of entries in table
data={ # Data columns, with types as key, and periods as values
(-1 if type is not rate counter)
conn_rate=<int>,
gpc0=-1
},
length=<int>, # max string length for string table keys, key length
# otherwise
nopurge=<boolean>, # purge oldest entries when table is full
type="ip" # can be "ip", "ipv6", "integer", "string", "binary"
}
-
StickTable.
lookup
(key)¶ Returns stick table entry for given <key>
- Arguments
key (string) – Stick table key (IP addresses and strings are supported)
- Returns
Lua table
-
StickTable.
dump
([filter])¶ Returns all entries in stick table. An optional filter can be used to extract entries with specific data values. Filter is a table with valid comparison operators as keys followed by data type name and value pairs. Check out the HAProxy docs for “show table” for more details. For the reference, the supported operators are:
“eq”, “ne”, “le”, “lt”, “ge”, “gt”
For large tables, execution of this function can take a long time (for HAProxy standards). That’s also true when filter is used, so take care and measure the impact.
- Arguments
filter (table) – Stick table filter
- Returns
Stick table entries (table)
See below for example filter, which contains 4 entries (or comparisons). (Maximum number of filter entries is 4, defined in the source code)
local filter = {
{"gpc0", "gt", 30}, {"gpc1", "gt", 20}}, {"conn_rate", "le", 10}
}
Action class¶
-
class
Act
()¶ context: action
This class contains all return codes an action may return. It is the lua equivalent to HAProxy “ACT_RET_*” code.
core.register_action("deny", { "http-req" }, function (txn)
return act.DENY
end)
-
act.
CONTINUE
¶ This attribute is an integer (0). It instructs HAProxy to continue the current ruleset processing on the message. It is the default return code for a lua action.
- Returns
integer
-
act.
STOP
¶ This attribute is an integer (1). It instructs HAProxy to stop the current ruleset processing on the message.
-
act.
YIELD
¶ This attribute is an integer (2). It instructs HAProxy to temporarily pause the message processing. It will be resumed later on the same rule. The corresponding lua script is re-executed for the start.
-
act.
ERROR
¶ This attribute is an integer (3). It triggers an internal errors The message processing is stopped and the transaction is terminated. For HTTP streams, an HTTP 500 error is returned to the client.
- Returns
integer
-
act.
DONE
¶ This attribute is an integer (4). It instructs HAProxy to stop the message processing.
- Returns
integer
-
act.
DENY
¶ This attribute is an integer (5). It denies the current message. The message processing is stopped and the transaction is terminated. For HTTP streams, an HTTP 403 error is returned to the client if the deny is returned during the request analysis. During the response analysis, a HTTP 502 error is returned and the server response is discarded.
- Returns
integer
-
act.
ABORT
¶ This attribute is an integer (6). It aborts the current message. The message processing is stopped and the transaction is terminated. For HTTP streams, HAProxy assumes a response was already sent to the client. From the Lua actions point of view, when this code is used, the transaction is terminated with no reply.
- Returns
integer
-
act.
INVALID
¶ This attribute is an integer (7). It triggers an internal errors. The message processing is stopped and the transaction is terminated. For HTTP streams, an HTTP 400 error is returned to the client if the error is returned during the request analysis. During the response analysis, a HTTP 502 error is returned and the server response is discarded.
- Returns
integer
-
act:wake_time
(milliseconds)¶ context: action
Set the script pause timeout to the specified time, defined in milliseconds.
- Arguments
milliseconds (integer) – the required milliseconds.
This function may be used when a lua action returns act.YIELD, to force its wake-up at most after the specified number of milliseconds.
Filter class¶
-
class
filter
()¶ context: filter
This class contains return codes some filter callback functions may return. It also contains configuration flags and some helper functions. To understand how the filter API works, see doc/internal/filters.txt documentation.
-
filter.
CONTINUE
¶ This attribute is an integer (1). It may be returned by some filter callback functions to instruct this filtering step is finished for this filter.
-
filter.
WAIT
¶ This attribute is an integer (0). It may be returned by some filter callback functions to instruct the filtering must be paused, waiting for more data or for an external event depending on this filter.
-
filter.
ERROR
¶ This attribute is an integer (-1). It may be returned by some filter callback functions to trigger an error.
-
filter.
FLT_CFG_FL_HTX
¶ This attribute is a flag corresponding to the filter flag FLT_CFG_FL_HTX. When it is set for a filter, it means the filter is able to filter HTTP streams.
-
filter.
register_data_filter
(chn)¶ context: filter
Enable the data filtering on the channel chn for the current filter. It may be called at any time from any callback functions proceeding the data analysis.
- Arguments
chn (class_Channel) – A Channel class.
-
filter.
unregister_data_filter
(chn)¶ context: filter
Disable the data filtering on the channel chn for the current filter. It may be called at any time from any callback functions.
- Arguments
chn (class_Channel) – A Channel class.
-
filter.
wake_time
(milliseconds)¶ context: filter
Set the script pause timeout to the specified time, defined in milliseconds.
- Arguments
milliseconds (integer) – the required milliseconds.
This function may be used from any lua filter callback function to force its wake-up at most after the specified number of milliseconds. Especially, when filter.CONTINUE is returned.
A filters is declared using core.register_filter()
function. The
provided class will be used to instantiate filters. It may define following
attributes:
- id: The filter identifier. It is a string that identifies the filter and is
optional.
flags: The filter flags. Only
filter.FLT_CFG_FL_HTX
may be set for now.
Such filter class must also define all required callback functions in the
following list. Note that Filter.new()
must be defined otherwise the
filter is ignored. Others are optional.
-
FILTER.
new
()¶
Called to instantiate a new filter. This function must be defined.
- returns
a Lua object that will be used as filter instance for the current stream.
-
-
FILTER.
start_analyze
(flt, txn, chn)¶
Called when the analysis starts on the channel chn.
-
-
FILTER.
end_analyze
(flt, txn, chn)¶
Called when the analysis ends on the channel chn.
-
-
FILTER.
http_headers
(flt, txn, http_msg)¶
Called just before the HTTP payload analysis and after any processing on the HTTP message http_msg. This callback functions is only called for HTTP streams.
-
-
FILTER.
http_payload
(flt, txn, http_msg)¶
Called during the HTTP payload analysis on the HTTP message http_msg. This callback functions is only called for HTTP streams.
-
-
FILTER.
http_end
(flt, txn, http_msg)¶
Called after the HTTP payload analysis on the HTTP message http_msg. This callback functions is only called for HTTP streams.
-
-
FILTER.
tcp_payload
(flt, txn, chn)¶
Called during the TCP payload analysis on the channel chn.
-
Here is a full example:
Trace = {}
Trace.id = "Lua trace filter"
Trace.flags = filter.FLT_CFG_FL_HTX;
Trace.__index = Trace
function Trace:new()
local trace = {}
setmetatable(trace, Trace)
trace.req_len = 0
trace.res_len = 0
return trace
end
function Trace:start_analyze(txn, chn)
if chn:is_resp() then
print("Start response analysis")
else
print("Start request analysis")
end
filter.register_data_filter(self, chn)
end
function Trace:end_analyze(txn, chn)
if chn:is_resp() then
print("End response analysis: "..self.res_len.." bytes filtered")
else
print("End request analysis: "..self.req_len.." bytes filtered")
end
end
function Trace:http_headers(txn, http_msg)
stline = http_msg:get_stline()
if http_msg.channel:is_resp() then
print("response:")
print(stline.version.." "..stline.code.." "..stline.reason)
else
print("request:")
print(stline.method.." "..stline.uri.." "..stline.version)
end
for n, hdrs in pairs(http_msg:get_headers()) do
for i,v in pairs(hdrs) do
print(n..": "..v)
end
end
return filter.CONTINUE
end
function Trace:http_payload(txn, http_msg)
body = http_msg:body(-20000)
if http_msg.channel:is_resp() then
self.res_len = self.res_len + body:len()
else
self.req_len = self.req_len + body:len()
end
end
core.register_filter("trace", Trace, function(trace, args)
return trace
end)
HTTPMessage class¶
-
class
HTTPMessage
()¶ context: filter
This class contains all functions to manipulate a HTTP message. For now, this class is only available from a filter context.
-
HTTPMessage.
add_header
(http_msg, name, value)¶ Appends a HTTP header field in the HTTP message http_msg whose name is specified in name and whose value is defined in value.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
name (string) – The header name.
value (string) – The header value.
-
HTTPMessage.
append
(http_msg, string)¶ This function copies the string string at the end of incoming data of the HTTP message http_msg. The function returns the copied length on success or -1 if data cannot be copied.
Same that
HTTPMessage.insert(http_msg, string, http_msg:input())()
.- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
string (string) – The data to copy at the end of incoming data.
- Returns
an integer containing the amount of bytes copied or -1.
-
HTTPMessage.
body
(http_msgl[, offset[, length]])¶ This function returns length bytes of incoming data from the HTTP message http_msg, starting at the offset offset. The data are not removed from the buffer.
By default, if no length is provided, all incoming data found, starting at the given offset, are returned. If length is set to -1, the function tries to retrieve a maximum of data. Because it is called in the filter context, it never yield. Not providing an offset is the same as setting it to 0. A positive offset is relative to the beginning of incoming data of the http_message buffer while negative offset is relative to their end.
If there is no incoming data and the HTTP message can’t receive more data, a ‘nil’ value is returned.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
offset (integer) – optional The offset in incoming data to start to get data. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The expected length of data to retrieve. All incoming data by default. May be set to -1 to get a maximum of data.
- Returns
a string containing the data found or nil.
-
HTTPMessage.
eom
(http_msg)¶ This function returns true if the end of message is reached for the HTTP message http_msg.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
- Returns
an integer containing the amount of available bytes.
-
HTTPMessage.
del_header
(http_msg, name)¶ Removes all HTTP header fields in the HTTP message http_msg whose name is specified in name.
- Arguments
http_msg (class_httpmessage) – The manipulated http message.
name (string) – The header name.
-
HTTPMessage.
get_headers
(http_msg)¶ Returns a table containing all the headers of the HTTP message http_msg.
- Arguments
http_msg (class_httpmessage) – The manipulated http message.
- Returns
table of headers.
This is the form of the returned table:
http_msg:get_headers()['<header-name>'][<header-index>] = "<header-value>"
local hdr = http_msg:get_headers()
hdr["host"][0] = "www.test.com"
hdr["accept"][0] = "audio/basic q=1"
hdr["accept"][1] = "audio/*, q=0.2"
hdr["accept"][2] = "*.*, q=0.1"
-
HTTPMessage.
get_stline
(http_msg)¶ Returns a table containing the start-line of the HTTP message http_msg.
- Arguments
http_msg (class_httpmessage) – The manipulated http message.
- Returns
the start-line.
This is the form of the returned table:
-- for the request :
{"method" = string, "uri" = string, "version" = string}
-- for the response:
{"version" = string, "code" = string, "reason" = string}
-
HTTPMessage.
forward
(http_msg, length)¶ This function forwards length bytes of data from the HTTP message http_msg. Because it is called in the filter context, it never yields. Only available incoming data may be forwarded, event if the requested length exceeds the available amount of incoming data. It returns the amount of data forwarded.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
int (integer) – The amount of data to forward.
-
HTTPMessage.
input
(http_msg)¶ This function returns the length of incoming data in the HTTP message http_msg from the filter point of view.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
- Returns
an integer containing the amount of available bytes.
-
HTTPMessage.
insert
(http_msg, string[, offset])¶ This function copies the string string at the offset offset in incoming data of the HTTP message http_msg. The function returns the copied length on success or -1 if data cannot be copied.
By default, if no offset is provided, the string is copied in front of incoming data. A positive offset is relative to the beginning of incoming data of the HTTP message while negative offset is relative to their end.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
string (string) – The data to copy into incoming data.
offset (integer) – optional The offset in incoming data where to copy data. 0 by default. May be negative to be relative to the end of incoming data.
- Returns
an integer containing the amount of bytes copied or -1.
-
HTTPMessage.
is_full
(http_msg)¶ This function returns true if the HTTP message http_msg is full.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
- Returns
a boolean
-
HTTPMessage.
is_resp
(http_msg)¶ This function returns true if the HTTP message http_msg is the response one.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
- Returns
a boolean
-
HTTPMessage.
may_recv
(http_msg)¶ This function returns true if the HTTP message http_msg may still receive data.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
- Returns
a boolean
-
HTTPMessage.
output
(http_msg)¶ This function returns the length of outgoing data of the HTTP message http_msg.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
- Returns
an integer containing the amount of available bytes.
-
HTTPMessage.
prepend
(http_msg, string)¶ This function copies the string string in front of incoming data of the HTTP message http_msg. The function returns the copied length on success or -1 if data cannot be copied.
Same that
HTTPMessage.insert(http_msg, string, 0)()
.- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
string (string) – The data to copy in front of incoming data.
- Returns
an integer containing the amount of bytes copied or -1.
-
HTTPMessage.
remove
(http_msg[, offset[, length]])¶ This function removes length bytes of incoming data of the HTTP message http_msg, starting at offset offset. This function returns number of bytes removed on success.
By default, if no length is provided, all incoming data, starting at the given offset, are removed. Not providing an offset is the same that setting it to 0. A positive offset is relative to the beginning of incoming data of the HTTP message while negative offset is relative to the end.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
offset (integer) – optional The offset in incoming data where to start to remove data. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The length of data to remove. All incoming data by default.
- Returns
an integer containing the amount of bytes removed.
-
HTTPMessage.
rep_header
(http_msg, name, regex, replace)¶ Matches the regular expression in all occurrences of header field name according to regex regex, and replaces them with the string replace. The replacement value can contain back references like 1, 2, … This function acts on whole header lines, regardless of the number of values they may contain.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
name (string) – The header name.
regex (string) – The match regular expression.
replace (string) – The replacement value.
-
HTTPMessage.
rep_value
(http_msg, name, regex, replace)¶ Matches the regular expression on every comma-delimited value of header field name according to regex regex, and replaces them with the string replace. The replacement value can contain back references like 1, 2, …
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
name (string) – The header name.
regex (string) – The match regular expression.
replace (string) – The replacement value.
-
HTTPMessage.
send
(http_msg, string)¶ This function requires immediate send of the string string. It means the string is copied at the beginning of incoming data of the HTTP message http_msg and immediately forwarded. Because it is called in the filter context, it never yields.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
string (string) – The data to send.
- Returns
an integer containing the amount of bytes copied or -1.
-
HTTPMessage.
set
(http_msg, string[, offset[, length]])¶ This function replaces length bytes of incoming data of the HTTP message http_msg, starting at offset offset, by the string string. The function returns the copied length on success or -1 if data cannot be copied.
By default, if no length is provided, all incoming data, starting at the given offset, are replaced. Not providing an offset is the same as setting it to 0. A positive offset is relative to the beginning of incoming data of the HTTP message while negative offset is relative to the end.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
string (string) – The data to copy into incoming data.
offset (integer) – optional The offset in incoming data where to start the data replacement. 0 by default. May be negative to be relative to the end of incoming data.
length (integer) – optional The length of data to replace. All incoming data by default.
- Returns
an integer containing the amount of bytes copied or -1.
-
HTTPMessage.
set_eom
(http_msg)¶ This function set the end of message for the HTTP message http_msg.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
-
HTTPMessage.
set_header
(http_msg, name, value)¶ This variable replace all occurrence of all header matching the name name, by only one containing the value value.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
name (string) – The header name.
value (string) – The header value.
This function does the same work as the following code:
http_msg:del_header("header")
http_msg:add_header("header", "value")
-
HTTPMessage.
set_method
(http_msg, method)¶ Rewrites the request method with the string method. The HTTP message http_msg must be the request.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
method (string) – The new method.
-
HTTPMessage.
set_path
(http_msg, path)¶ Rewrites the request path with the string path. The HTTP message http_msg must be the request.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
method (string) – The new method.
-
HTTPMessage.
set_query
(http_msg, query)¶ Rewrites the request’s query string which appears after the first question mark (“?”) with the string query. The HTTP message http_msg must be the request.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
query (string) – The new query.
-
HTTPMessage.
set_status
(http_msg, status[, reason])¶ Rewrites the response status code with the integer code and optional the reason reason. If no custom reason is provided, it will be generated from the status. The HTTP message http_msg must be the response.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
status (integer) – The new response status code.
reason (string) – The new response reason (optional).
-
HTTPMessage.
set_uri
(http_msg, uri)¶ Rewrites the request URI with the string uri. The HTTP message http_msg must be the request.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
uri (string) – The new uri.
-
HTTPMessage.
unset_eom
(http_msg)¶ This function remove the end of message for the HTTP message http_msg.
- Arguments
http_msg (class_httpmessage) – The manipulated HTTP message.
CertCache class¶
-
class
CertCache
()¶ This class allows to update an SSL certificate file in the memory of the current HAProxy process. It will do the same as “set ssl cert” + “commit ssl cert” over the HAProxy CLI.
-
CertCache.
set
(certificate)¶ This function updates a certificate in memory.
- Arguments
certificate (table) – A table containing the fields to update.
certificate.filename (string) – The mandatory filename of the certificate to update, it must already exist in memory.
certificate.crt (string) – A certificate in the PEM format. It can also contain a private key.
certificate.key (string) – A private key in the PEM format.
certificate.ocsp (string) – An OCSP response in base64. (cf management.txt)
certificate.issuer (string) – The certificate of the OCSP issuer.
certificate.sctl (string) – An SCTL file.
CertCache.set{filename="certs/localhost9994.pem.rsa", crt=crt}
External Lua libraries¶
A lot of useful lua libraries can be found here:
Lua toolbox has been superseded by https://luarocks.org/ The old lua toolbox source code is still available here https://github.com/catwell/lua-toolbox (DEPRECATED)
Redis client library:
This is an example about the usage of the Redis library within HAProxy. Note that each call to any function of this library can throw an error if the socket connection fails.
-- load the redis library
local redis = require("redis");
function do_something(txn)
-- create and connect new tcp socket
local tcp = core.tcp();
tcp:settimeout(1);
tcp:connect("127.0.0.1", 6379);
-- use the redis library with this new socket
local client = redis.connect({socket=tcp});
client:ping();
end
OpenSSL: