Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Any new feature request, you can post here #5

Open
yaoweibin opened this Issue · 27 comments

7 participants

@yaoweibin
Owner

Hi, folks,

If you have any new feature request, you can post here.

@ghost

I have a couple requests:

  1. access|error log support in the tcp:server context. primarily I would like to see access logs to the extent of being able to map an incoming request to the backend it was proxied too.
  2. more extensive health checks. Specifically an HTTPS version of check_http_send. I would also like to do string matching on what is fetched from check_http(s)_send.
  3. fair queue and CARP support for upstreams. a. http://nginx.localdomain.pl/wiki/UpstreamFair. Our traffic types are highly variable so round robin is less than optimal. Using a more granular hash would me highly preferred; i.e. specific host address or host:tcp_session opposed to the class-c network. b. CARP: your own code :) http://code.google.com/p/nginx-upstream-carp/. This is just a nice to have. I was introduced to carp a couple years ago and liked the way it worked. The predictability was nice for troubleshooting.
@yaoweibin
Owner

Thanks for your suggestion
1. This module have poor function with log. At present, you can set the error.log to info level to see some meaningful log information. I'll consider to add a access_log module.
2. Does the SSL check feature not feed your request? HTTPS handshake have a huge part code.
3. How about the ip_hash? I may add the least busy chosen upstream method at first.

@ghost

We have a multi-tier site. I need to be able to check that the upstream server is actually getting valid data from it's backend. If it is serving 400s or 500s I need it pulled from rotation. The client connections being load balanced are ssl terminating on the upstreams (we do not want to off-load the SSL to nginx due scale concerns). If there was a way to decouple the health check from the upstream port config I could use check_http_send to do a content check on port 80 for up/down status and proxy SSL traffic to port 443. If the check and proxy ports must be the same I will need to do the content check with https.

  • note: syntax: proxy_pass host:port seems to be incorrect, I get: [warn]: upstream "proxy-pt" may not have port 12345 in /etc/nginx/nginx.conf:57 if I try to specify a port on the proxy_pass line.

ip_hash does work and is what I am starting with. The concern I have is that we some clients that will be very high utilization from a single IP (several hosts behind a firewall) for long periods of time. With basic round robin or a simple hash it is fairly likely that a single upstream host will get hammered.

@dese

Hi, awesome module. Support for nginx's Limit Requests & Limit Zone would be great :)

@x-gn

hou about :
access|error log support in the tcp:server context. primarily I would like to see access logs to the extent of being able to map an incoming request to the backend it was proxied too.

has it support the access log now ?

@yaoweibin
Owner
@x-gn

hi , how can i get the version of develop ,not the stable release version ? could you share me the download link ?

@yaoweibin
Owner
@x-gn

thanks ! i have got the develop source by git, but how can i deploy ?

@yaoweibin
Owner
@x-gn

ok, i did just like follow:
cd nginx-0.8.46
patch -p1 < /root/nginx_tcp_proxy_module_develop/tcp.patch
./configure --prefix=/usr/local/nginx --add-module=/root/nginx_tcp_proxy_module_develop
when i configure it above, i got the error :
: No such file or directorye_develop/config: line 13: auto/feature

plz help me

@yaoweibin
Owner
@x-gn

yes

@x-gn

hi,yaoweibin, any news ?

@yaoweibin
Owner
@x-gn

ls -l /root/nginx_tcp_proxy_module_develop/config :
-rw-r--r-- 1 root root 2337 Mar 17 16:40 /root/nginx_tcp_proxy_module_develop/config

@yaoweibin
Owner
@x-gn

OK,could you share me your version? my email is : xgnster@gmail.com

@yaoweibin
Owner
@avetisk

Hi,

In the context of tcp { upstream { server { ... }}}, it would be awesome to give a UNIX socket instead of address:port.

e.g: listen unix:/path/to/socket;

@yaoweibin
Owner

It supports the UNIX socket. It can't be?

@avetisk

You're right. I had a typo in my conf file...

@iwanbk

Can it support transparent proxy?

@yaoweibin
Owner
@splitice

proxy_bind support. I attempted to add it myself but unfortunately the nginx code is just too awesome for my mortal mind to understand.

@emka

support for basic auth using the directives at http://wiki.nginx.org/HttpAuthBasicModule would be amazing

@splitice

Thanks for proxy_bind support :)

Possible ideas for expansion:

Basically all the things ive ever thought of doing with your module but been unable to do.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.