Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-07-31 15:08:42 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add proxy and fastcgi docs

Matt Holt 2019-09-09 13:19:26 -06:00
parent 9d36e8d510
commit b8c8418390
1 changed files with 177 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

200
v2:-Documentation.md

@ -522,10 +522,62 @@ headers [<matcher>] [[+|-]<field> <value>] {
##### reverse_proxy ##### reverse_proxy
Reverse proxy (very much WIP). Proxies requests to one or more backends with configurable transport options.
``` ```
reverse_proxy [<matcher>] <to...> reverse_proxy [<matcher>] [<upstreams...>] {
# backends
to <upstreams...>
# load balancing
lb_policy <name> [<options...>]
lb_try_duration <duration>
lb_try_interval <interval>
# active health checking
health_path <path>
health_port <port>
health_interval <interval>
health_timeout <duration>
health_status <status>
health_body <regexp>
# passive health checking
max_fails <num>
fail_duration <duration>
max_conns <num>
unhealthy_status <status>
unhealthy_latency <duration>
# round trip
transport <name> {
...
}
```
HTTP transport options:
```
transport http {
read_buffer <size>
write_buffer <size>
dial_timeout <duration>
tls_client_auth <cert_file> <key_file>
tls_insecure_skip_verify
tls_timeout <duration>
keepalive [off|<duration>]
keepalive_idle_conns <max_count>
}
```
FastCGI transport options:
```
transport fastcgi {
root <path>
split <at>
env <key> <value>
}
``` ```
##### redir ##### redir
@ -1235,40 +1287,142 @@ This module executes placeholders in most of its properties. It does not call th
##### http.handlers.reverse_proxy ##### http.handlers.reverse_proxy
Reverse proxy. Still a WIP. Does not call the next handler in the chain. A highly flexible and configurable multi-host reverse proxy with load balancing, health checks, and pluggable transport and security options. Does not call the next handler in the chain.
Example:
```json ```json
{ {
"handler": "reverse_proxy", "handler": "reverse_proxy",
"try_interval": "20s", "transport": {
"load_balance_type": "round_robin", "protocol": "http",
"tls": {
"root_ca_pool": ["..."],
"client_certificate_file": "...",
"client_certificate_key_file": "...",
"insecure_skip_verify": false,
"handshake_timeout": "2s"
},
"keep_alive": {
"enabled": true,
"max_idle_conns": 1500,
"max_idle_conns_per_host": 50,
"idle_timeout": "2m"
},
"compression": true,
"max_conns_per_host": 100,
"dial_timeout": "2s",
"response_header_timeout": "10s",
"expect_continue_timeout": "5s",
"max_response_header_size": 1024,
"write_buffer_size": 4096,
"read_buffer_size": 4096
},
"circuit_breaker": {},
"load_balancing": {
"selection_policy": {
"policy": "header",
"header_name": "Server-ID"
},
"try_duration": "10s",
"try_interval": "250ms"
},
"health_checks": {
"active": {
"path": "/ok",
"port": 1234,
"interval": "10s",
"timeout": "2s",
"max_size": 1024,
"expect_status": 200,
"expect_body": ".*foobar.*"
},
"passive": {
"max_fails": 3,
"fail_duration": "1m",
"unhealthy_request_count": 100,
"unhealthy_status": [500, 502],
"unhealthy_latency": "5s"
}
},
"upstreams": [ "upstreams": [
{ {
"host": "http://localhost:8080", "dial": "localhost:7777"
"fast_health_check_dur": "100ms",
"health_check_dur": "10s"
}, },
{ {
"host": "http://localhost:8081", "dial": "localhost:7799",
"health_check_dur": "2s" "max_requests": 1000
}, },
{
"host": "http://localhost:8082",
"health_check_path": "health"
},
{
"host": "http://localhost:8083",
"circuit_breaker": {
"type": "status_ratio",
"threshold": 0.5
}
}
] ]
} }
``` ```
- `transport`: The module for round-tripping requests. See below for options.
- `circuit_breaker` (🏢 _Enterprise_): The module for short-circuiting before backends become unhealthy.
- `load_balancing`: Configures load balancing among a group of hosts.
- `load_balancing.selection_policy`: The module to use for selecting a host from a pool. See below for options.
- `load_balancing.try_duration`: How long to try selecting available backends for each request if the next available host is down. By default, this retry is disabled. Clients may hang for this long while the load balancer tries to find an available upstream host.
- `load_balancing.try_interval`: How long to wait between selecting the next host from the pool. Default is 250ms. Only relevant when a request to an upstream host fails. Be aware that setting this to 0 with a non-zero `try_duration` can cause the CPU to spin if all backends are down and latency is very low.
- `health_checks`: Configures active and passive health checks. Active health checks run in the background on a timer, whereas passive health checks monitor proxied requests.
- `health_checks.active.path`: The URI path to use for health checks.
- `health_checks.active.port`: The port to use (if different) for health checks.
- `health_checks.active.interval`: How frequently to perform active health checks.
- `health_checks.active.timeout`: How long to wait for a response from a backend before considering it unhealthy.
- `health_checks.active.max_size`: The maximum response body to download from the backend during a health check.
- `health_checks.active.expect_status`: The HTTP status code to expect from a healthy backend.
- `health_checks.active.expect_body`: A regular expression against which to match the response body of a healthy backend.
- `health_checks.passive.fail_duration`: How long to remember a failed request to a backend. A duration > 0 enables passive health checking. Default is 0.
- `health_checks.passive.max_fails`: The number of failed requests within the `fail_duration` window to consider a backend as "down". Must be >= 1; default is 1. Requires that `fail_duration` be > 0.
- `health_checks.passive.unhealthy_request_count`: Limits the number of simultaneous requests to a backend by marking the backend as "down" if it has this many concurrent requests or more.
- `health_checks.passive.unhealthy_status`: Count the request as failed if the response comes back with a status code.
- `health_checks.passive.unhealthy_latency`: Count the request as failed if the response takes at least this long to receive.
- `upstreams`: A list of backends (upstream hosts) to add to the pool. If there are multiple backends, requests will be load-balanced between them using the configured load balancing policy.
- `upstreams.[n].dial`: The network address of the upstream in [Caddy's network address syntax](#httpserverslisten). Addresses which represent more than one host will be expanded to multiple upstreams.
- `upstreams.[n].max_requests`: The maximum number of simultaneous requests to allow to this host. If set, overrides the global `health_checks.passive.unhealthy_request_count`.
Transport modules:
- **HTTP**: The HTTP transport module is the default, and sane parameters are used if not explicitly configured.
```json
{
"protocol": "http",
"tls": {
"root_ca_pool": ["..."],
"client_certificate_file": "cert.pem",
"client_certificate_key_file": "key.pem",
"insecure_skip_verify": false,
"handshake_timeout": "2s"
},
"keep_alive": {
"enabled": true,
"probe_interval": "500ms",
"max_idle_conns": 16,
"max_idle_conns_per_host": 4,
"idle_timeout": "2m"
},
"compression": true,
"max_conns_per_host": 0,
"dial_timeout": "5s",
"fallback_delay": "250ms",
"response_header_timeout": "5s",
"expect_continue_timeout": "5s",
"max_response_header_size": 1024,
"read_buffer_size": 4096,
"write_buffer_size": 4096,
}
```
- **FastCGI**: The FastCGI transport module is often used to proxy requests to PHP backends like php-fpm.
```json
{
"protocol": "fastcgi",
"root": "{http.vars.root}",
"split_path": ".php",
"env": [["key", "value"]]
}
```
##### http.handlers.subroute ##### http.handlers.subroute