|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
// --------------------------------------------------------------------- |
|
4
|
|
|
// |
|
5
|
|
|
// Copyright (C) 2018-2024 Artem Rodygin |
|
6
|
|
|
// |
|
7
|
|
|
// You should have received a copy of the MIT License along with |
|
8
|
|
|
// this file. If not, see <https://opensource.org/licenses/MIT>. |
|
9
|
|
|
// |
|
10
|
|
|
// --------------------------------------------------------------------- |
|
11
|
|
|
|
|
12
|
|
|
namespace Linode\NodeBalancers; |
|
13
|
|
|
|
|
14
|
|
|
use Linode\Entity; |
|
15
|
|
|
use Linode\NodeBalancers\Repository\NodeBalancerNodeRepository; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* A NodeBalancer config represents the configuration of this NodeBalancer on a |
|
19
|
|
|
* single port. For example, a NodeBalancer Config on port 80 would typically |
|
20
|
|
|
* represent how this NodeBalancer response to HTTP requests. |
|
21
|
|
|
* |
|
22
|
|
|
* NodeBalancer configs have a list of backends, called "nodes," that they forward |
|
23
|
|
|
* requests between based on their configuration. |
|
24
|
|
|
* |
|
25
|
|
|
* @property int $id This config's unique ID |
|
26
|
|
|
* @property int $port The port this Config is for. These values must be unique across configs on a |
|
27
|
|
|
* single NodeBalancer (you can't have two configs for port 80, for example). While |
|
28
|
|
|
* some ports imply some protocols, no enforcement is done and you may configure your |
|
29
|
|
|
* NodeBalancer however is useful to you. For example, while port 443 is generally |
|
30
|
|
|
* used for HTTPS, you do not need SSL configured to have a NodeBalancer listening on |
|
31
|
|
|
* port 443. |
|
32
|
|
|
* @property string $protocol The protocol this port is configured to serve. |
|
33
|
|
|
* * The `http` and `tcp` protocols do not support `ssl_cert` and `ssl_key`. |
|
34
|
|
|
* * The `https` protocol is mutually required with `ssl_cert` and `ssl_key`. |
|
35
|
|
|
* Review our guide on Available Protocols for information on protocol features. |
|
36
|
|
|
* @property string $algorithm What algorithm this NodeBalancer should use for routing traffic to backends. |
|
37
|
|
|
* @property string $stickiness Controls how session stickiness is handled on this port. |
|
38
|
|
|
* * If set to `none` connections will always be assigned a backend based on the |
|
39
|
|
|
* algorithm configured. |
|
40
|
|
|
* * If set to `table` sessions from the same remote address will be routed to the |
|
41
|
|
|
* same |
|
42
|
|
|
* backend. |
|
43
|
|
|
* * For HTTP or HTTPS clients, `http_cookie` allows sessions to be |
|
44
|
|
|
* routed to the same backend based on a cookie set by the NodeBalancer. |
|
45
|
|
|
* @property string $check The type of check to perform against backends to ensure they are serving requests. |
|
46
|
|
|
* This is used to determine if backends are up or down. |
|
47
|
|
|
* * If `none` no check is performed. |
|
48
|
|
|
* * `connection` requires only a connection to the backend to succeed. |
|
49
|
|
|
* * `http` and `http_body` rely on the backend serving HTTP, and that |
|
50
|
|
|
* the response returned matches what is expected. |
|
51
|
|
|
* @property int $check_interval How often, in seconds, to check that backends are up and serving requests. |
|
52
|
|
|
* Must be greater than `check_timeout`. |
|
53
|
|
|
* @property int $check_timeout How long, in seconds, to wait for a check attempt before considering it failed. |
|
54
|
|
|
* Must be less than `check_interval`. |
|
55
|
|
|
* @property int $check_attempts How many times to attempt a check before considering a backend to be down. |
|
56
|
|
|
* @property string $check_path The URL path to check on each backend. If the backend does not respond to this |
|
57
|
|
|
* request it is considered to be down. |
|
58
|
|
|
* @property string $check_body This value must be present in the response body of the check in order for it to |
|
59
|
|
|
* pass. If this value is not present in the response body of a check request, the |
|
60
|
|
|
* backend is considered to be down. |
|
61
|
|
|
* @property bool $check_passive If true, any response from this backend with a `5xx` status code will be enough |
|
62
|
|
|
* for it to be considered unhealthy and taken out of rotation. |
|
63
|
|
|
* @property string $cipher_suite What ciphers to use for SSL connections served by this NodeBalancer. |
|
64
|
|
|
* * `legacy` is considered insecure and should only be used if necessary. |
|
65
|
|
|
* @property string $ssl_commonname The read-only common name automatically derived from the SSL certificate assigned |
|
66
|
|
|
* to this NodeBalancerConfig. Please refer to this field to verify that the |
|
67
|
|
|
* appropriate certificate is assigned to your NodeBalancerConfig. |
|
68
|
|
|
* @property string $ssl_fingerprint The read-only SHA1-encoded fingerprint automatically derived from the SSL |
|
69
|
|
|
* certificate assigned to this NodeBalancerConfig. Please refer to this field to |
|
70
|
|
|
* verify that the appropriate certificate is assigned to your NodeBalancerConfig. |
|
71
|
|
|
* @property null|string $ssl_cert The PEM-formatted public SSL certificate (or the combined PEM-formatted SSL |
|
72
|
|
|
* certificate and Certificate Authority chain) that should be served on this |
|
73
|
|
|
* NodeBalancerConfig's port. |
|
74
|
|
|
* Line breaks must be represented as "\n" in the string for requests (but not when |
|
75
|
|
|
* using the Linode CLI). |
|
76
|
|
|
* Diffie-Hellman Parameters can be included in this value to enable forward secrecy. |
|
77
|
|
|
* The contents of this field will not be shown in any responses that display |
|
78
|
|
|
* the NodeBalancerConfig. Instead, `<REDACTED>` will be printed where the field |
|
79
|
|
|
* appears. |
|
80
|
|
|
* The read-only `ssl_commonname` and `ssl_fingerprint` fields in a |
|
81
|
|
|
* NodeBalancerConfig |
|
82
|
|
|
* response are automatically derived from your certificate. Please refer to these |
|
83
|
|
|
* fields to |
|
84
|
|
|
* verify that the appropriate certificate was assigned to your NodeBalancerConfig. |
|
85
|
|
|
* @property null|string $ssl_key The PEM-formatted private key for the SSL certificate set in the `ssl_cert` field. |
|
86
|
|
|
* Line breaks must be represented as "\n" in the string for requests (but not when |
|
87
|
|
|
* using the Linode CLI). |
|
88
|
|
|
* The contents of this field will not be shown in any responses that display |
|
89
|
|
|
* the NodeBalancerConfig. Instead, `<REDACTED>` will be printed where the field |
|
90
|
|
|
* appears. |
|
91
|
|
|
* The read-only `ssl_commonname` and `ssl_fingerprint` fields in a |
|
92
|
|
|
* NodeBalancerConfig |
|
93
|
|
|
* response are automatically derived from your certificate. Please refer to these |
|
94
|
|
|
* fields to |
|
95
|
|
|
* verify that the appropriate certificate was assigned to your NodeBalancerConfig. |
|
96
|
|
|
* @property NodesStatus $nodes_status A structure containing information about the health of the backends for this port. |
|
97
|
|
|
* This information is updated periodically as checks are performed against backends. |
|
98
|
|
|
* @property string $proxy_protocol ProxyProtocol is a TCP extension that sends initial TCP connection information |
|
99
|
|
|
* such as source/destination IPs and ports to backend devices. This information |
|
100
|
|
|
* would be lost otherwise. Backend devices must be configured to work with |
|
101
|
|
|
* ProxyProtocol if enabled. |
|
102
|
|
|
* * If ommited, or set to `none`, the NodeBalancer doesn't send any auxilary data |
|
103
|
|
|
* over TCP connections. This is the default. |
|
104
|
|
|
* * If set to `v1`, the human-readable header format (Version 1) is used. Requires |
|
105
|
|
|
* `tcp` protocol. |
|
106
|
|
|
* * If set to `v2`, the binary header format (Version 2) is used. Requires `tcp` |
|
107
|
|
|
* protocol. |
|
108
|
|
|
* @property int $nodebalancer_id The ID for the NodeBalancer this config belongs to. |
|
109
|
|
|
* @property NodeBalancerNodeRepositoryInterface $nodes NodeBalancer nodes. |
|
110
|
|
|
*/ |
|
111
|
|
|
class NodeBalancerConfig extends Entity |
|
112
|
|
|
{ |
|
113
|
|
|
// Available fields. |
|
114
|
|
|
public const FIELD_ID = 'id'; |
|
115
|
|
|
public const FIELD_PORT = 'port'; |
|
116
|
|
|
public const FIELD_PROTOCOL = 'protocol'; |
|
117
|
|
|
public const FIELD_ALGORITHM = 'algorithm'; |
|
118
|
|
|
public const FIELD_STICKINESS = 'stickiness'; |
|
119
|
|
|
public const FIELD_CHECK = 'check'; |
|
120
|
|
|
public const FIELD_CHECK_INTERVAL = 'check_interval'; |
|
121
|
|
|
public const FIELD_CHECK_TIMEOUT = 'check_timeout'; |
|
122
|
|
|
public const FIELD_CHECK_ATTEMPTS = 'check_attempts'; |
|
123
|
|
|
public const FIELD_CHECK_PATH = 'check_path'; |
|
124
|
|
|
public const FIELD_CHECK_BODY = 'check_body'; |
|
125
|
|
|
public const FIELD_CHECK_PASSIVE = 'check_passive'; |
|
126
|
|
|
public const FIELD_CIPHER_SUITE = 'cipher_suite'; |
|
127
|
|
|
public const FIELD_SSL_COMMONNAME = 'ssl_commonname'; |
|
128
|
|
|
public const FIELD_SSL_FINGERPRINT = 'ssl_fingerprint'; |
|
129
|
|
|
public const FIELD_SSL_CERT = 'ssl_cert'; |
|
130
|
|
|
public const FIELD_SSL_KEY = 'ssl_key'; |
|
131
|
|
|
public const FIELD_NODES_STATUS = 'nodes_status'; |
|
132
|
|
|
public const FIELD_PROXY_PROTOCOL = 'proxy_protocol'; |
|
133
|
|
|
public const FIELD_NODEBALANCER_ID = 'nodebalancer_id'; |
|
134
|
|
|
|
|
135
|
|
|
// Extra fields for POST/PUT requests. |
|
136
|
|
|
public const FIELD_NODES = 'nodes'; |
|
137
|
|
|
|
|
138
|
|
|
// `FIELD_PROTOCOL` values. |
|
139
|
|
|
public const PROTOCOL_HTTP = 'http'; |
|
140
|
|
|
public const PROTOCOL_HTTPS = 'https'; |
|
141
|
|
|
public const PROTOCOL_TCP = 'tcp'; |
|
142
|
|
|
|
|
143
|
|
|
// `FIELD_ALGORITHM` values. |
|
144
|
|
|
public const ALGORITHM_ROUNDROBIN = 'roundrobin'; |
|
145
|
|
|
public const ALGORITHM_LEASTCONN = 'leastconn'; |
|
146
|
|
|
public const ALGORITHM_SOURCE = 'source'; |
|
147
|
|
|
|
|
148
|
|
|
// `FIELD_STICKINESS` values. |
|
149
|
|
|
public const STICKINESS_NONE = 'none'; |
|
150
|
|
|
public const STICKINESS_TABLE = 'table'; |
|
151
|
|
|
public const STICKINESS_HTTP_COOKIE = 'http_cookie'; |
|
152
|
|
|
|
|
153
|
|
|
// `FIELD_CHECK` values. |
|
154
|
|
|
public const CHECK_NONE = 'none'; |
|
155
|
|
|
public const CHECK_CONNECTION = 'connection'; |
|
156
|
|
|
public const CHECK_HTTP = 'http'; |
|
157
|
|
|
public const CHECK_HTTP_BODY = 'http_body'; |
|
158
|
|
|
|
|
159
|
|
|
// `FIELD_CIPHER_SUITE` values. |
|
160
|
|
|
public const CIPHER_SUITE_RECOMMENDED = 'recommended'; |
|
161
|
|
|
public const CIPHER_SUITE_LEGACY = 'legacy'; |
|
162
|
|
|
|
|
163
|
|
|
// `FIELD_PROXY_PROTOCOL` values. |
|
164
|
|
|
public const PROXY_PROTOCOL_NONE = 'none'; |
|
165
|
|
|
public const PROXY_PROTOCOL_V1 = 'v1'; |
|
166
|
|
|
public const PROXY_PROTOCOL_V2 = 'v2'; |
|
167
|
|
|
|
|
168
|
|
|
/** |
|
169
|
|
|
* @codeCoverageIgnore This method was autogenerated. |
|
170
|
|
|
*/ |
|
171
|
|
|
public function __get(string $name): mixed |
|
172
|
|
|
{ |
|
173
|
|
|
return match ($name) { |
|
174
|
|
|
self::FIELD_NODES_STATUS => new NodesStatus($this->client, $this->data[$name]), |
|
175
|
|
|
self::FIELD_NODES => new NodeBalancerNodeRepository($this->client, $this->nodebalancer_id, $this->id), |
|
176
|
|
|
default => parent::__get($name), |
|
177
|
|
|
}; |
|
178
|
|
|
} |
|
179
|
|
|
} |
|
180
|
|
|
|
webinarium /
linode-api
