Mercurial > hg > nginx-site
changeset 1462:e69e4dbcc760
Documented OSS stream modules.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Tue, 21 Apr 2015 13:47:00 +0300 |
parents | 4e5cab61e548 |
children | 83e49a60c9ca |
files | xml/en/docs/stream/ngx_stream_core_module.xml xml/en/docs/stream/ngx_stream_proxy_module.xml xml/en/docs/stream/ngx_stream_ssl_module.xml xml/en/docs/stream/ngx_stream_upstream_module.xml |
diffstat | 4 files changed, 101 insertions(+), 67 deletions(-) [+] |
line wrap: on
line diff
--- a/xml/en/docs/stream/ngx_stream_core_module.xml +++ b/xml/en/docs/stream/ngx_stream_core_module.xml @@ -9,15 +9,16 @@ <module name="Module ngx_stream_core_module" link="/en/docs/stream/ngx_stream_core_module.html" lang="en" - rev="2"> + rev="3"> <section id="summary"> <para> -<note> -This module is available as part of our -<commercial_version>commercial subscription</commercial_version>. -</note> +The <literal>ngx_stream_core_module</literal> module +is available since version 1.9.0. +This module is not built by default, it should be enabled with the +<literal>--with-stream</literal> +configuration parameter. </para> </section> @@ -95,7 +96,7 @@ listen unix:/var/run/nginx.sock; </para> <para> -The <literal>ssl</literal> parameter (1.7.10) allows specifying that all +The <literal>ssl</literal> parameter allows specifying that all connections accepted on this port should work in SSL mode. </para> @@ -183,7 +184,6 @@ Different servers must listen on differe <default/> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Configures name servers used to resolve names of upstream servers @@ -209,6 +209,10 @@ The optional <literal>valid</literal> pa <example> resolver 127.0.0.1 [::1]:5353 valid=30s; </example> +<note> +This directive is available as part of our +<commercial_version>commercial subscription</commercial_version>. +</note> </para> </directive> @@ -219,13 +223,16 @@ resolver 127.0.0.1 [::1]:5353 valid=30s; <default>30s</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Sets a timeout for name resolution, for example: <example> resolver_timeout 5s; </example> +<note> +This directive is available as part of our +<commercial_version>commercial subscription</commercial_version>. +</note> </para> </directive>
--- a/xml/en/docs/stream/ngx_stream_proxy_module.xml +++ b/xml/en/docs/stream/ngx_stream_proxy_module.xml @@ -9,22 +9,15 @@ <module name="Module ngx_stream_proxy_module" link="/en/docs/stream/ngx_stream_proxy_module.html" lang="en" - rev="3"> + rev="4"> <section id="summary"> <para> -The <literal>ngx_stream_proxy_module</literal> module (1.7.7) allows passing +The <literal>ngx_stream_proxy_module</literal> module (1.9.0) allows passing connections to another server over TCP and UNIX-domain sockets. </para> -<para> -<note> -This module is available as part of our -<commercial_version>commercial subscription</commercial_version>. -</note> -</para> - </section> @@ -88,7 +81,6 @@ buffer used for reading data from the cl <default>on</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> When a connection to the proxied server cannot be established, determines @@ -109,7 +101,6 @@ and by <link id="proxy_next_upstream_tim <default>0</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Limits the time allowed to pass a connection to the @@ -125,7 +116,6 @@ The <literal>0</literal> value turns off <default>0</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Limits the number of possible tries for passing a connection to the @@ -169,7 +159,6 @@ In addition, an address can be specified <default>off</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Enables the SSL/TLS protocol for connections to a proxied server. @@ -183,7 +172,6 @@ Enables the SSL/TLS protocol for connect <default/> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Specifies a <value>file</value> with the certificate in the PEM format @@ -198,7 +186,6 @@ used for authentication to a proxied ser <default/> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Specifies a <value>file</value> with the secret key in the PEM format @@ -213,7 +200,6 @@ used for authentication to a proxied ser <default>DEFAULT</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Specifies the enabled ciphers for connections to a proxied server. @@ -233,7 +219,6 @@ The full list can be viewed using the <default/> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Specifies a <value>file</value> with revoked certificates (CRL) @@ -249,7 +234,6 @@ the certificate of the proxied server. <default>host from proxy_pass</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Allows to override the server name used to @@ -271,7 +255,6 @@ By default, the host part of the <link i <default/> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Specifies a <value>file</value> with passphrases for @@ -288,7 +271,6 @@ Passphrases are tried in turn when loadi <default>off</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Enables or disables passing of the server name through @@ -305,7 +287,6 @@ when establishing a connection with the <default>on</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Determines whether SSL sessions can be reused when working with @@ -328,7 +309,6 @@ appear in the logs, try disabling sessio <default>SSLv3 TLSv1 TLSv1.1 TLSv1.2</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Enables the specified protocols for connections to a proxied server. @@ -342,7 +322,6 @@ Enables the specified protocols for conn <default/> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Specifies a <value>file</value> with trusted CA certificates in the PEM format @@ -358,7 +337,6 @@ the certificate of the proxied server. <default>off</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Enables or disables verification of the proxied server certificate. @@ -372,7 +350,6 @@ Enables or disables verification of the <default>1</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Sets the verification depth in the proxied server certificates chain.
--- a/xml/en/docs/stream/ngx_stream_ssl_module.xml +++ b/xml/en/docs/stream/ngx_stream_ssl_module.xml @@ -9,21 +9,17 @@ <module name="Module ngx_stream_ssl_module" link="/en/docs/stream/ngx_stream_ssl_module.html" lang="en" - rev="2"> + rev="3"> <section id="summary"> <para> -The <literal>ngx_stream_ssl_module</literal> module (1.7.10) +The <literal>ngx_stream_ssl_module</literal> module (1.9.0) provides the necessary support for a stream proxy server to work with the SSL/TLS protocol. -</para> - -<para> -<note> -This module is available as part of our -<commercial_version>commercial subscription</commercial_version>. -</note> +This module is not built by default, it should be enabled with the +<literal>--with-stream_ssl_module</literal> +configuration parameter. </para> </section> @@ -63,7 +59,7 @@ for the given server. <para> The value <literal>engine</literal>:<value>name</value>:<value>id</value> -can be specified instead of the <value>file</value> (1.7.9), +can be specified instead of the <value>file</value>, which loads a secret key with a specified <value>id</value> from the OpenSSL engine <value>name</value>. </para>
--- a/xml/en/docs/stream/ngx_stream_upstream_module.xml +++ b/xml/en/docs/stream/ngx_stream_upstream_module.xml @@ -9,24 +9,17 @@ <module name="Module ngx_stream_upstream_module" link="/en/docs/stream/ngx_stream_upstream_module.html" lang="en" - rev="5"> + rev="6"> <section id="summary"> <para> -The <literal>ngx_stream_upstream_module</literal> module (1.7.7) +The <literal>ngx_stream_upstream_module</literal> module (1.9.0) is used to define groups of servers that can be referenced by the <link doc="ngx_stream_proxy_module.xml" id="proxy_pass"/> directive. </para> -<para> -<note> -This module is available as part of our -<commercial_version>commercial subscription</commercial_version>. -</note> -</para> - </section> @@ -34,22 +27,46 @@ This module is available as part of our <para> <example> -resolver 10.0.0.1; - upstream <emphasis>backend</emphasis> { - zone upstream_backend 64k; - hash $remote_addr consistent; - server backend1.example.com:12345 weight=5; - server 127.0.0.1:12345 max_fails=3 fail_timeout=30s; - server unix:/tmp/backend2; - server backend3.example.com:12345 resolve; + server backend1.example.com:12345 weight=5; + server backend2.example.com:12345; + server unix:/tmp/backend3; + + server backup1.example.com:12345 backup; + server backup2.example.com:12345 backup; } server { listen 12346; proxy_pass <emphasis>backend</emphasis>; +} +</example> +</para> + +<para> +Dynamically configurable group, +available as part of our +<commercial_version>commercial subscription</commercial_version>: +<example> +resolver 10.0.0.1; + +upstream <emphasis>dynamic</emphasis> { + zone upstream_dynamic 64k; + + server backend1.example.com:12345 weight=5; + server backend2.example.com:12345 fail_timeout=5s slow_start=30s; + server 192.0.2.1:12345 max_fails=3; + server backend3.example.com:12345 resolve; + + server backup1.example.com:12345 backup; + server backup2.example.com:12345 backup; +} + +server { + listen 12346; + proxy_pass <emphasis>dynamic</emphasis>; health_check; } </example> @@ -177,6 +194,15 @@ when the primary servers are unavailable marks the server as permanently unavailable. </tag-desc> +</list> +</para> + +<para> +Additionally, +the following parameters are available as part of our +<commercial_version>commercial subscription</commercial_version>: +<list type="tag"> + <tag-name id="max_conns"> <literal>max_conns</literal>=<value>number</value> </tag-name> @@ -193,7 +219,7 @@ Default value is zero, meaning there is monitors changes of the IP addresses that correspond to a domain name of the server, and automatically modifies the upstream configuration -without the need of restarting nginx (1.7.10). +without the need of restarting nginx. <para> In order for this parameter to work, the <link doc="ngx_stream_core_module.xml" id="resolver"/> directive @@ -243,13 +269,17 @@ are ignored, and such a server will neve <syntax><value>name</value> <value>size</value></syntax> <default/> <context>upstream</context> -<appeared-in>1.7.10</appeared-in> <para> Defines the <value>name</value> and <value>size</value> of the shared memory zone that keeps the group’s configuration and run-time state that are shared between worker processes. -Such groups allow changing the group membership +</para> + +<para> +Additionally, +as part of our <commercial_version>commercial subscription</commercial_version>, +such groups allow changing the group membership or modifying the settings of a particular server without the need of restarting nginx. The configuration is accessible via a special location @@ -316,7 +346,6 @@ weighted round-robin balancing method. <literal>last_byte</literal></syntax> <default/> <context>upstream</context> -<appeared-in>1.7.11</appeared-in> <para> Specifies that a group should use a load balancing method where a connection @@ -335,6 +364,13 @@ If the <literal>last_byte</literal> is s time to receive the last byte of data is used. </para> +<para> +<note> +This directive is available as part of our +<commercial_version>commercial subscription</commercial_version>. +</note> +</para> + </directive> @@ -342,7 +378,6 @@ time to receive the last byte of data is <syntax>[<value>parameters</value>]</syntax> <default/> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Enables periodic health checks of the servers in a @@ -423,6 +458,13 @@ a single failure of any check will make considered unhealthy. </para> +<para> +<note> +This directive is available as part of our +<commercial_version>commercial subscription</commercial_version>. +</note> +</para> + </directive> @@ -431,7 +473,6 @@ considered unhealthy. <default>5s</default> <context>stream</context> <context>server</context> -<appeared-in>1.7.10</appeared-in> <para> Overrides the @@ -439,6 +480,13 @@ Overrides the value for health checks. </para> +<para> +<note> +This directive is available as part of our +<commercial_version>commercial subscription</commercial_version>. +</note> +</para> + </directive> @@ -446,7 +494,6 @@ value for health checks. <syntax block="yes"><value>name</value> </syntax> <default/> <context>stream</context> -<appeared-in>1.7.10</appeared-in> <para> Defines the named test set used to verify server responses to health checks. @@ -530,6 +577,13 @@ bytes of data obtained from the server a </note> </para> +<para> +<note> +This directive is available as part of our +<commercial_version>commercial subscription</commercial_version>. +</note> +</para> + </directive> </section>