diff --git a/doc/management.txt b/doc/management.txt index 7a7c84869..82f89305b 100644 --- a/doc/management.txt +++ b/doc/management.txt @@ -2136,7 +2136,8 @@ del backend for example via a use_backend rule or in sample expressions. Some proxies options are also incompatible with runtime deletion. Currently, this is the case when deprecated dispatch or option transparent are used. Also, a backend - cannot be removed if there is a stick-table declared in it. + cannot be removed if there is a stick-table declared in it. Finally, it is + impossible for now to remove a backend if QUIC servers were present in it. This command is restricted and can only be issued on sockets configured for level "admin". Moreover, this feature is still considered in development so it diff --git a/src/server.c b/src/server.c index 211a6cf52..b7ea4a515 100644 --- a/src/server.c +++ b/src/server.c @@ -3741,6 +3741,10 @@ static int _srv_parse_init(struct server **srv, char **args, int *cur_arg, #ifdef USE_QUIC #ifdef HAVE_OPENSSL_QUIC_CLIENT_SUPPORT if (srv_is_quic(newsrv)) { + /* TODO QUIC is currently incompatible with dynamic + * backends deletion. Please fix this before removing + * QUIC BE experimental status. + */ if (!experimental_directives_allowed) { ha_alert("QUIC is experimental for server '%s'," " must be allowed via a global 'expose-experimental-directives'\n", @@ -3991,6 +3995,16 @@ static int _srv_parse_finalize(char **args, int cur_arg, } srv->ssl_ctx.alpn_len = strlen(srv->ssl_ctx.alpn_str); } + + /* Deletion of backend when QUIC servers were used is currently + * not implemented. This is because quic_conn instances + * directly references its parent proxy via + * member. + * + * TODO lift this restriction by ensuring safe access on proxy + * counters or via refcount. + */ + srv->proxy->flags |= PR_FL_NON_PURGEABLE; #else ha_alert("QUIC protocol selected but support not compiled in (check build options).\n"); return ERR_ALERT | ERR_FATAL;