HAProxy Enterprise Documentation 2.5r1

Update Module Reference

The dynamic-update section uses the following syntax:

dynamic-update
    update id <id> url <url> [delay <delay> | xdelay <delay start next retry>] [timeout <timeout>] [retries <nb>] [modified | xmodified ] [source <addr>[:<port>]] [log] [dontlog-normal] [map] [purge <count> [<interval> [<id>]]] [tls-ticket-keys] [param*]

with the following parameters:

Parameter	Description
`id <id>`	`<id>` is the file name initially loaded by `map` or `acl`. The module uses the absolute file path. The file must exist when HAProxy Enterprise starts.
`url <url>`	`<url>` is where the file can be downloaded.
`delay <delay>`	`<delay>` is the download period; by default, its value is 5 minutes (5m). The minimum allowable delay is 1ms.
`xdelay <delay start next retry>`	`xdelay` provides more fine-tunable delay configuration than `delay`. `xdelay` settings are defined as follows: `<delay>` specifies the period between each attempt to download new data. Default: 5m `<start>` specifies the initial (first) download delay. Default: 5s `<next>` is not used in this module and its value is not important. However, its value must be present. This is to maintain the compatibility of `xdelay` parameters with other `lb-update`-like modules. Default: 10s `<retry>` determines the delay for the next attempt if the download fails. Default: 5s If after three attempts, the new version of the data can not be downloaded, the download is canceled until the next time interval defined by `<delay>`.
`timeout <timeout>`	`<timeout>` is the connection timeout to the download server; by default its value is 5 seconds (5s).
`retries <nb>`	`<nb>` is the number of tries to establish a connection to the download server. This defaults to the global `retries` value (3 if not otherwise specified).
`modified`	If set, enables the use of the time from the Last-Modified response HTTP header, i.e. checking whether or not to update the data using the If-Modified-Since request HTTP header.
`xmodified`	The same as `modified` except that the file modification time is set immediately after reading the file status. Note The first data download may be rejected if its modified time is older than the data loaded from the local file system.
`source <addr>[:<port>]`	Set the source address for outgoing connections. `<addr>` is the IPv4 address HAProxy Enterprise will bind to before connecting to a server. The default value of 0.0.0.0 means that the system will select the most appropriate address to reach its destination. `<port>` is an optional port. It is normally not needed but may be useful in some very specific contexts. The default value of zero means the system will select a free port. Note that port ranges are not supported.
`log`	Enables logging for the module using the log server specified in the `global` section of the configuration file.
`dontlog-normal`	Disables logging for successful updates.
`map`	Informs that the downloaded file must be interpreted as a `map` file. By default, the file is interpreted as an `acl` file.
`purge`	Note `purge` is only available for `map` and `acl` data types. The module allows you to delete patterns in one of the following two ways: when downloading the next set of data, old patterns are deleted as a separate purge task that works independently of the data download (It is temporarily stopped during the download of new data.) Warning This first method of purging (during the next data download) consumes at least twice as much memory to store patterns, as the module maintains both the currently used patterns and the patterns to be purged. You can use `purge` by providing only its `<count>` parameter to use the first method of purging: `purge <count>` Or you can provide two additional (optional) parameters `<interval>` and `<id>` to use the second method of purging: `purge <count> [<inverval> [<id>]]` Note If the `purge` parameter is not used then the purge operation performs in the first way (during the next data download). `purge` settings are defined as follows: `<count>` is the number of old and/or invalid patterns that can be purged at once. Allowed values for that parameter are between 1 and 100000. The default is 1000. `<interval>` is the frequency for calling the pattern purging task. The value is set in milliseconds (if not specified by another time unit). If you specify the interval as 0, the task will be executed as quickly as possible. When setting the interval to 0, it is not recommended to purge a large group at once (a `<count>` of 100 is the optimal number for interval 0). `<interval>` has no default, so a value must be specified. `<id>` assigns a specific id to the purge task. You can use `<id>` to group certain purging tasks, or you can assign each operation its own task. The default is 1000, which means that all purging operations will be performed in the common task which has an id of 1000. Note `<id>` is not a unique cleanup task identifier. The unambiguous task identifier is a combination of `<interval>` and `<id>`. If you have different values for `<interval>` and the same values for `<id>` specified in the update urls, different purge tasks will be generated.
`tls-ticket-keys`	Specifies that the downloaded file is a TLS ticket keys file (instead of an acl file).
`param` (additional server parameters)	A list of other server parameters. Useful to configure special SSL features. Available parameters are: `ciphers`, `crt`, `force-sslv3`, `force-tlsv10`, `force-tlsv11`, `force-tlsv12`, `no-sslv3`, `no-tlsv10`, `no-tlsv11`, `no-tlsv12`, `no-tls-tickets`, `verify`, `verifyhost` You can also apply any of the configuration parameters available to the `server` directive.

Next up

Update Module Runtime API

Update Module Reference

Your feedback is important to us!