2010-05-09 20:37:12 +00:00
|
|
|
|
----------------------
|
|
|
|
|
|
HAProxy how-to
|
|
|
|
|
|
----------------------
|
2017-11-26 18:50:17 +00:00
|
|
|
|
version 1.9
|
2010-05-09 20:37:12 +00:00
|
|
|
|
willy tarreau
|
[RELEASE] Released version 1.9-dev1
Released version 1.9-dev1 with the following main changes :
- BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
- DOC: cache: update sections and fix some typos
- BUILD/MINOR: deviceatlas: enable thread support
- BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
- BUG/MEDIUM: ssl: don't allocate shctx several time
- BUG/MEDIUM: cache: bad computation of the remaining size
- BUILD: checks: don't include server.h
- BUG/MEDIUM: stream: fix session leak on applet-initiated connections
- BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header
- BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY
- BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
- BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
- BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
- BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
- BUG/MAJOR: thread/peers: fix deadlock on peers sync.
- BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed
- MINOR: config: report when "monitor fail" rules are misplaced
- BUG/MINOR: mworker: fix validity check for the pipe FDs
- BUG/MINOR: mworker: detach from tty when in daemon mode
- MINOR: threads: Fix pthread_setaffinity_np on FreeBSD.
- BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
- BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles
- BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
- BUG/MINOR: hpack: fix debugging output of pseudo header names
- BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
- BUG/MINOR: hpack: reject invalid header index
- BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
- BUG/MAJOR: h2: correctly check the request length when building an H1 request
- BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
- BUG/MINOR: h2: try to abort closed streams as soon as possible
- BUG/MINOR: h2: ":path" must not be empty
- BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
- BUG/MINOR: h2: the TE header if present may only contain trailers
- BUG/MEDIUM: h2: enforce the per-connection stream limit
- BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
- BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
- BUG/MINOR: h2: properly check PRIORITY frames
- BUG/MINOR: h2: reject response pseudo-headers from requests
- BUG/MEDIUM: h2: remove connection-specific headers from request
- BUG/MEDIUM: h2: do not accept upper case letters in request header names
- BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
- BUG/MINOR: action: Don't check http capture rules when no id is defined
- BUG/MAJOR: hpack: don't pretend large headers fit in empty table
- BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
- BUG/MEDIUM: mworker: also close peers sockets in the master
- BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
- BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
- BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
- BUG/MEDIUM: h2: fix handling of end of stream again
- MINOR: mworker: Update messages referencing exit-on-failure
- MINOR: mworker: Improve wording in `void mworker_wait()`
- CONTRIB: halog: Add help text for -s switch in halog program
- BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
- BUG/MEDIUM: threads/vars: Fix deadlock in register_name
- MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET
- DOC: notifications: add precisions about thread usage
- BUG/MEDIUM: lua/notification: memory leak
- MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data
- BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
- BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
- BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
- BUG/MEDIUM: h2: work around a connection API limitation
- BUG/MEDIUM: h2: debug incoming traffic in h2_wake()
- MINOR: h2: store the demux padding length in the h2c struct
- BUG/MEDIUM: h2: support uploading partial DATA frames
- MINOR: h2: don't demand that a DATA frame is complete before processing it
- BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame
- BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses
- BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses
- BUG/MEDIUM: h2: fix stream limit enforcement
- BUG/MINOR: stream-int: don't try to receive again after receiving an EOS
- MINOR: sample: add len converter
- BUG: MAJOR: lb_map: server map calculation broken
- BUG: MINOR: http: don't check http-request capture id when len is provided
- MINOR: sample: rename the "len" converter to "length"
- BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd
- DOC/MINOR: intro: typo, wording, formatting fixes
- MINOR: netscaler: respect syntax
- MINOR: netscaler: remove the use of cip_magic only used once
- MINOR: netscaler: rename cip_len to clarify its uage
- BUG/MEDIUM: netscaler: use the appropriate IPv6 header size
- BUG/MAJOR: netscaler: address truncated CIP header detection
- MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header
- MEDIUM: netscaler: do not analyze original IP packet size
- MEDIUM: netscaler: add support for standard NetScaler CIP protocol
- MINOR: spoe: add force-set-var option in spoe-agent configuration
- CONTRIB: iprange: Fix compiler warning in iprange.c
- CONTRIB: halog: Fix compiler warnings in halog.c
- BUG/MINOR: h2: properly report a stream error on RST_STREAM
- MINOR: mux: add flags to describe a mux's capabilities
- MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts
- BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly
- BUG/MEDIUM: checks: a server passed in maint state was not forced down.
- BUG/MEDIUM: lua: fix crash when using bogus mode in register_service()
- MINOR: http: adjust the list of supposedly cacheable methods
- MINOR: http: update the list of cacheable status codes as per RFC7231
- MINOR: http: start to compute the transaction's cacheability from the request
- BUG/MINOR: http: do not ignore cache-control: public
- BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses
- BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability
- MINOR: http: add a function to check request's cache-control header field
- BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache
- BUG/MEDIUM: cache: replace old object on store
- BUG/MEDIUM: cache: respect the request cache-control header
- BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie"
- BUG/MAJOR: connection: refine the situations where we don't send shutw()
- BUG/MEDIUM: checks: properly set servers to stopping state on 404
- BUG/MEDIUM: h2: properly handle and report some stream errors
- BUG/MEDIUM: h2: improve handling of frames received on closed streams
- DOC/MINOR: configuration: typo, formatting fixes
- BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
- BUG/MEDIUM: mworker: don't close stdio several time
- MINOR: don't close stdio anymore
- BUG/MEDIUM: http: don't automatically forward request close
- BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
- MINOR: h2: add a function to report pseudo-header names
- DEBUG: hpack: make hpack_dht_dump() expose the output file
- DEBUG: hpack: add more traces to the hpack decoder
- CONTRIB: hpack: add an hpack decoder
- MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
- BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames
- BUILD: ssl: silence a warning when building without NPN nor ALPN support
- CLEANUP: rbtree: remove
- BUG/MEDIUM: ssl: cache doesn't release shctx blocks
- BUG/MINOR: lua: Fix default value for pattern in Socket.receive
- DOC: lua: Fix typos in comments of hlua_socket_receive
- BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect
- BUG/MINOR: lua: Fix return value of Socket.settimeout
- MINOR: dns: Handle SRV record weight correctly.
- BUG/MEDIUM: mworker: execvp failure depending on argv[0]
- MINOR: hathreads: add support for gcc < 4.7
- BUILD/MINOR: ancient gcc versions atomic fix
- BUG/MEDIUM: stream: properly handle client aborts during redispatch
- MINOR: spoe: add register-var-names directive in spoe-agent configuration
- MINOR: spoe: Don't queue a SPOE context if nothing is sent
- DOC: clarify the scope of ssl_fc_is_resumed
- CONTRIB: debug: fix a few flags definitions
- BUG/MINOR: poll: too large size allocation for FD events
- MINOR: sample: add date_us sample
- BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely.
- MINOR: servers: Don't report duplicate dyncookies for disabled servers.
- MINOR: global/threads: move cpu_map at the end of the global struct
- MINOR: threads: add a MAX_THREADS define instead of LONGBITS
- MINOR: global: add some global activity counters to help debugging
- MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache
- BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num
- BUG/MEDIUM: fd: maintain a per-thread update mask
- MINOR: fd: add a bitmask to indicate that an FD is known by the poller
- BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
- BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
- BUG/MEDIUM: threads/mworker: fix a race on startup
- BUG/MINOR: mworker: only write to pidfile if it exists
- MINOR: threads: Fix build when we're not compiling with threads.
- BUG/MINOR: threads: always set an owner to the thread_sync pipe
- BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
- BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
- BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
- MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
- BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
- BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
- CLEANUP: sample: Fix comment encoding of sample.c
- CLEANUP: sample: Fix outdated comment about sample casts functions
- BUG/MINOR: sample: Fix output type of c_ipv62ip
- CLEANUP: Fix typo in ARGT_MSK6 comment
- CLEANUP: standard: Use len2mask4 in str2mask
- MINOR: standard: Add str2mask6 function
- MINOR: config: Add support for ARGT_MSK6
- MEDIUM: sample: Add IPv6 support to the ipmask converter
- MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters.
- BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
- MINOR: polling: make epoll and kqueue not depend on maxfd anymore
- MINOR: fd: don't report maxfd in alert messages
- MEDIUM: polling: start to move maxfd computation to the pollers
- CLEANUP: fd/threads: remove the now unused fdtab_lock
- MINOR: poll: more accurately compute the new maxfd in the loop
- CLEANUP: fd: remove the unused "new" field
- MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h
- MEDIUM: select: make use of hap_fd_* functions
- MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock
- MEDIUM: select: don't use the old FD state anymore
- MEDIUM: poll: don't use the old FD state anymore
- MINOR: fd: pass the iocb and owner to fd_insert()
- BUG/MINOR: threads: Update labels array because of changes in lock_label enum
- MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters.
- BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
- DOC: don't suggest using http-server-close
- MINOR: introduce proxy-v2-options for send-proxy-v2
- BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
- BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
- MINOR: spoe: Remove check on min_applets number when a SPOE context is queued
- MINOR: spoe: Always link a SPOE context with the applet processing it
- MINOR: spoe: Replace sending_rate by a frequency counter
- MINOR: spoe: Count the number of frames waiting for an ack for each applet
- MEDIUM: spoe: Use an ebtree to manage idle applets
- MINOR: spoa_example: Count the number of frames processed by each worker
- MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration
- MINOR: init: make stdout unbuffered
- MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams.
- MINOR: early data: Never remove the CO_FL_EARLY_DATA flag.
- MINOR: compiler: introduce offsetoff().
- MINOR: threads: Introduce double-width CAS on x86_64 and arm.
- MINOR: threads: add test and set/reset operations
- MINOR: pools/threads: Implement lockless memory pools.
- MAJOR: fd/threads: Make the fdcache mostly lockless.
- MEDIUM: fd/threads: Make sure we don't miss a fd cache entry.
- MAJOR: fd: compute the new fd polling state out of the fd lock
- MINOR: epoll: get rid of the now useless fd_compute_new_polled_status()
- MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status()
- MINOR: poll: get rid of the now useless fd_compute_new_polled_status()
- MINOR: select: get rid of the now useless fd_compute_new_polled_status()
- CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function
- MEDIUM: fd: make updt_fd_polling() use atomics
- MEDIUM: poller: use atomic ops to update the fdtab mask
- MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c
- BUG/MINOR: fd/threads: properly dereference fdcache as volatile
- MINOR: fd: remove the unneeded last CAS when adding an fd to the list
- MINOR: fd: reorder fd_add_to_fd_list()
- BUG/MINOR: time/threads: ensure the adjusted time is always correct
- BUG/MEDIUM: standard: Fix memory leak in str2ip2()
- MINOR: init: emit warning when -sf/-sd cannot parse argument
- BUILD: fd/threads: fix breakage build breakage without threads
- DOC: Describe routing impact of using interface keyword on bind lines
- DOC: Mention -Ws in the list of available options
- BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
- BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache.
- BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
- BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
- BUILD/MINOR: memory: stdint is needed for uintptr_t
- BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
- DOC: lua: new prototype for function "register_action()"
- DOC: cfgparse: Warn on option (tcp|http)log in backend
- BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
- MINOR: sample: add a new "concat" converter
- BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
- BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
- BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
- MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword.
- CLEANUP: cfgparse: Remove unused label end
- CLEANUP: spoe: Remove unused label retry
- CLEANUP: h2: Remove unused labels from mux_h2.c
- CLEANUP: pools: Remove unused end label in memory.h
- CLEANUP: standard: Fix typo in IPv6 mask example
- BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs
- BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
- MINOR: debug/pools: make DEBUG_UAF also detect underflows
- MINOR: stats: display the number of threads in the statistics.
- BUG/MINOR: h2: Set the target of dbuf_wait to h2c
- BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
- BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
- BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
- BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
- Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')"
- MINOR: ssl: extract full pkey info in load_certificate
- MINOR: ssl: add ssl_sock_get_pkey_algo function
- MINOR: ssl: add ssl_sock_get_cert_sig function
- MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key
- MINOR: connection: add proxy-v2-options authority
- MINOR: systemd: Add section for SystemD sandboxing to unit file
- MINOR: systemd: Add SystemD's Protect*= options to the unit file
- MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
- CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
- MINOR: h2: provide and use h2s_detach() and h2s_free()
- MEDIUM: h2: use a single buffer allocator
- MINOR/BUILD: fix Lua build on Mac OS X
- BUILD/MINOR: fix Lua build on Mac OS X (again)
- BUG/MINOR: session: Fix tcp-request session failure if handshake.
- CLEANUP: .gitignore: Ignore binaries from the contrib directory
- BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
- DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers()
- BUG/MEDIUM: h2: also arm the h2 timeout when sending
- BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd"
- CLEANUP: ssl: Remove a duplicated #include
- CLEANUP: cli: Remove a leftover debug message
- BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
- BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
- BUG/MINOR: force-persist and ignore-persist only apply to backends
- BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
- BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
- BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
- TESTS: Add a testcase for multi-port + multi-server listener issue
- CLEANUP: dns: remove duplicate code in src/dns.c
- BUG/MINOR: seemless reload: Fix crash when an interface is specified.
- BUG/MINOR: cli: Ensure all command outputs end with a LF
- BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
- BUILD: ssl: Fix build with OpenSSL without NPN capability
- BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
- BUG/MINOR: lua: return bad error messages
- CLEANUP: lua/syntax: lua is a name and not an acronym
- BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
- BUG/MINOR: tcp-check: use the server's service port as a fallback
- BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
- MINOR: log: stop emitting alerts when it's not possible to write on the socket
- BUILD/BUG: enable -fno-strict-overflow by default
- BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents
- DOC: log: more than 2 log servers are allowed
- MINOR: hash: add new function hash_crc32c
- MINOR: proxy-v2-options: add crc32c
- MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum
- REORG: compact "struct server"
- MINOR: samples: add crc32c converter
- BUG/MEDIUM: h2: properly account for DATA padding in flow control
- BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
- BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
- CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c
- BUG/MINOR: lua: the function returns anything
- BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
- CLEANUP: lua: typo fix in comments
- BUILD/MINOR: fix build when USE_THREAD is not defined
- MINOR: lua: allow socket api settimeout to accept integers, float, and doubles
- BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
- MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown"
- MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available
- BUILD/MINOR: cli: fix a build warning introduced by last commit
- BUG/MAJOR: h2: remove orphaned streams from the send list before closing
- MINOR: h2: always call h2s_detach() in h2_detach()
- MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
- BUG/MEDIUM: h2/threads: never release the task outside of the task handler
- BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
- BUILD/MINOR: threads: always export thread_sync_io_handler()
- MINOR: mux: add a "show_fd" function to dump debugging information for "show fd"
- MINOR: h2: implement a basic "show_fd" function
- MINOR: cli: report cache indexes in "show fd"
- BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
- BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
- BUG/MINOR: checks: check the conn_stream's readiness and not the connection
- BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
- BUG/MINOR: email-alert: Set the mailer port during alert initialization
- BUG/MINOR: cache: fix "show cache" output
- BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks
- BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
- BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk
- BUG/MINOR: spoe: Register the variable to set when an error occurred
- BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted
- MINOR: spoe: Add metrics in to know time spent in the SPOE
- MINOR: spoe: Add options to store processing times in variables
- MINOR: log: move 'log' keyword parsing in dedicated function
- MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries
- MINOR: spoe: Add loggers dedicated to the SPOE agent
- MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section
- MINOR: spoe: use agent's logger to log SPOE messages
- MINOR: spoe: Add counters to log info about SPOE agents
- BUG/MAJOR: cache: always initialize newly created objects
- MINOR: servers: Support alphanumeric characters for the server templates names
- BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
- BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
- BUG/MINOR: http: Return an error in proxy mode when url2sa fails
- MINOR: proxy: Add fe_defbe fetcher
- MINOR: config: Warn if resolvers has no nameservers
- BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
- MINOR: cli: Ensure the CLI always outputs an error when it should
- MEDIUM: sample: Extend functionality for field/word converters
- MINOR: export localpeer as an environment variable
- BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
- BUILD: sample: avoid build warning in sample.c
- BUG/CRITICAL: h2: fix incorrect frame length check
- DOC: lua: update the links to the config and Lua API
- BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
- BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
- BUG/MINOR: log: t_idle (%Ti) is not set for some requests
- BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
- MINOR: h2: detect presence of CONNECT and/or content-length
- BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
- BUG/MINOR: spoe: Fix counters update when processing is interrupted
- BUG/MINOR: spoe: Fix parsing of dontlog-normal option
- MEDIUM: cli: Add payload support
- MINOR: map: Add payload support to "add map"
- MINOR: ssl: Add payload support to "set ssl ocsp-response"
- BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
- MINOR: sample: Add strcmp sample converter
- MINOR: http: Add support for 421 Misdirected Request
- BUG/MINOR: config: disable http-reuse on TCP proxies
- MINOR: ssl: disable SSL sample fetches when unsupported
- MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'
- BUG/MINOR: checks: Fix check->health computation for flapping servers
- BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
- BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data
- MINOR: backend: implement random-based load balancing
- DOC/MINOR: clean up LUA documentation re: servers & array/table.
- MINOR: lua: Add server name & puid to LUA Server class.
- MINOR: lua: add get_maxconn and set_maxconn to LUA Server class.
- BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
- BUG/MEDIUM: task: Don't free a task that is about to be run.
- MINOR: fd: Make the lockless fd list work with multiple lists.
- BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
- MINOR: pollers: move polled_mask outside of struct fdtab.
- BUG/MINOR: lua: schedule socket task upon lua connect()
- BUG/MINOR: lua: ensure large proxy IDs can be represented
- BUG/MEDIUM: pollers/kqueue: use incremented position in event list
- BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL
- BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
- BUG/MEDIUM: ssl: properly protect SSL cert generation
- BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
- BUG/MINOR: spoe: Mistake in error message about SPOE configuration
- BUG/MEDIUM: spoe: Flags are not encoded in network order
- CLEANUP: spoe: Remove unused variables the agent structure
- DOC: spoe: fix a typo
- BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
- BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
- DOC: add some description of the pending rework of the buffer structure
- BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
- MINOR: lua: Improve error message
- BUG/MEDIUM: cache: don't cache when an Authorization header is present
- MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA
- BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
- BUG/BUILD: threads: unbreak build without threads
- BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
- BUG/MEDIUM: lua/socket: Length required read doesn't work
- MINOR: tasks: Change the task API so that the callback takes 3 arguments.
- MAJOR: tasks: Create a per-thread runqueue.
- MAJOR: tasks: Introduce tasklets.
- MINOR: tasks: Make the number of tasks to run at once configurable.
- MAJOR: applets: Use tasks, instead of rolling our own scheduler.
- BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
- MINOR: http: Log warning if (add|set)-header fails
- DOC: management: add the new wrew stats column
- MINOR: stats: also report the failed header rewrites warnings on the stats page
- BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue.
- BUG/MEDIUM: task: Don't forget to decrement max_processed after each task.
- MINOR: task: Also consider the task list size when getting global tasks.
- MINOR: dns: Implement `parse-resolv-conf` directive
- BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
- MINOR: task/notification: Is notifications registered ?
- BUG/MEDIUM: lua/socket: wrong scheduling for sockets
- BUG/MAJOR: lua: Dead lock with sockets
- BUG/MEDIUM: lua/socket: Notification error
- BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
- BUG/MEDIUM: lua/socket: Buffer error, may segfault
- DOC: contrib/modsecurity: few typo fixes
- DOC: SPOE.txt: fix a typo
- MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
- BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
- BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
- BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
- BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
- BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
- MINOR: task: Fix a compiler warning by adding a cast.
- MINOR: stats: also report the nice and number of calls for applets
- MINOR: applet: assign the same nice value to a new appctx as its owner task
- MINOR: task: Fix compiler warning.
- BUG/MEDIUM: tasks: Use the local runqueue when building without threads.
- MINOR: tasks: Don't define rqueue if we're building without threads.
- BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
- MINOR: lua: Increase debug information
- BUG/MEDIUM: threads: handle signal queue only in thread 0
- BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
- BUG/MINOR: signals: ha_sigmask macro for multithreading
- BUG/MAJOR: map: fix a segfault when using http-request set-map
- DOC: regression testing: Add a short starting guide.
- MINOR: tasks: Make sure we correctly init and deinit a tasklet.
- BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler.
- BUG/MINOR: lua: Segfaults with wrong usage of types.
- BUG/MAJOR: ssl: Random crash with cipherlist capture
- BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
- BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data
- MINOR: tests: First regression testing file.
- MINOR: reg-tests: Add reg-tests/README file.
- MINOR: reg-tests: Add a few regression testing files.
- DOC: Add new REGTEST tag info about reg testing.
- BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
- MINOR: Some spelling cleanup in the comments.
- BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
- MINOR: threads: Be sure to remove threads from all_threads_mask on exit
- REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS.
- REGTEST/MINOR: Set HAPROXY_PROGRAM default value.
- REGTEST/MINOR: Add levels to reg-tests target.
- BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table
- BUG/BUILD: threads: unbreak build without threads
- BUG/MAJOR: stick_table: Complete incomplete SEGV fix
- MINOR: stick-tables: make stktable_release() do nothing on NULL
- BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
- MINOR: startup: change session/process group settings
- MINOR: systemd: consider exit status 143 as successful
- REGTEST/MINOR: Wrong URI syntax.
- CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC
- CLEANUP: dns: inacurate comment about prefered IP score
- MINOR: dns: fix wrong score computation in dns_get_ip_from_response
- MINOR: dns: new DNS options to allow/prevent IP address duplication
- REGTEST/MINOR: Unexpected curl URL globling.
- BUG/MINOR: ssl: properly ref-count the tls_keys entries
- MINOR: h2: keep a count of the number of conn_streams attached to the mux
- BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
- MINOR: h2: add the mux and demux buffer lengths on "show fd"
- BUG/MEDIUM: h2: never leave pending data in the output buffer on close
- BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
- MINOR: tasklet: Set process to NULL.
- MINOR: buffer: implement a new file for low-level buffer manipulation functions
- MINOR: buffer: switch buffer sizes and offsets to size_t
- MINOR: buffer: add a few basic functions for the new API
- MINOR: buffer: Introduce b_sub(), b_add(), and bo_add()
- MINOR: buffer: Add b_set_data().
- MINOR: buffer: introduce b_realign_if_empty()
- MINOR: compression: pass the channel to http_compression_buffer_end()
- MINOR: channel: add a few basic functions for the new buffer API
- MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign()
- MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign()
- MEDIUM: channel: make channel_slow_realign() take a swap buffer
- MINOR: h2: use b_slow_realign() with the trash as a swap buffer
- MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code
- MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew}
- MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps()
- MINOR: buffer: remove bi_getblk() and bi_getblk_nc()
- MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data()
- MINOR: buffer: remove bi_ptr()
- MINOR: buffer: remove bo_ptr()
- MINOR: buffer: remove bo_end()
- MINOR: buffer: remove bi_end()
- MINOR: buffer: remove bo_contig_data()
- MINOR: buffer: merge b{i,o}_contig_space()
- MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk()
- MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset
- MINOR: buffer: replace bi_del() and bo_del() with b_del()
- MINOR: buffer: convert most b_ptr() calls to c_ptr()
- MINOR: h1: make h1_measure_trailers() take the byte count in argument
- MINOR: h2: clarify the fact that the send functions are unsigned
- MEDIUM: h2: prevent the various mux encoders from modifying the buffer
- MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore
- MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore
- MINOR: h1: make h1_measure_trailers() use an offset and a count
- MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop
- MEDIUM: h2: don't use b_ptr() nor b_end() anymore
- MINOR: buffer: get rid of b_end() and b_to_end()
- MINOR: buffer: make b_getblk_nc() take const pointers
- MINOR: buffer: make b_getblk_nc() take size_t for the block sizes
- MEDIUM: connection: make xprt->snd_buf() take the byte count in argument
- MEDIUM: mux: make mux->snd_buf() take the byte count in argument
- MEDIUM: connection: make xprt->rcv_buf() use size_t for the count
- MEDIUM: mux: make mux->rcv_buf() take a size_t for the count
- MINOR: connection: add a flags argument to rcv_buf()
- MINOR: connection: add a new receive flag : CO_RFL_BUF_WET
- MINOR: buffer: get rid of b_ptr() and convert its last users
- MINOR: buffer: use b_room() to determine available space in a buffer
- MINOR: buffer: replace buffer_not_empty() with b_data() or c_data()
- MINOR: buffer: replace buffer_empty() with b_empty() or c_empty()
- MINOR: buffer: make bo_putchar() use b_tail()
- MINOR: buffer: replace buffer_full() with channel_full()
- MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace()
- MINOR: buffer: replace buffer_pending() with ci_data()
- MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn))
- MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o)
- MINOR: buffer: use b_orig() to replace most references to b->data
- MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o.
- MINOR: channel: remove almost all references to buf->i and buf->o
- MINOR: channel: Add co_set_data().
- MEDIUM: channel: adapt to the new buffer API
- MINOR: checks: adapt to the new buffer API
- MEDIUM: h2: update to the new buffer API
- MINOR: buffer: remove unused bo_add()
- MEDIUM: spoe: use the new buffer API for the SPOE buffer
- MINOR: stats: adapt to the new buffers API
- MINOR: cli: use the new buffer API
- MINOR: cache: use the new buffer API
- MINOR: stream-int: use the new buffer API
- MINOR: stream: use wrappers instead of directly manipulating buffers
- MINOR: backend: use new buffer API
- MEDIUM: http: use wrappers instead of directly manipulating buffers states
- MINOR: filters: convert to the new buffer API
- MINOR: payload: convert to the new buffer API
- MEDIUM: h1: port to new buffer API.
- MINOR: flt_trace: adapt to the new buffer API
- MEDIUM: compression: start to move to the new buffer API
- MINOR: lua: use the wrappers instead of directly manipulating buffer states
- MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API
- MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API
- MAJOR: start to change buffer API
- MINOR: buffer: remove the check for output on b_del()
- MINOR: buffer: b_set_data() doesn't truncate output data anymore
- MINOR: buffer: rename the "data" field to "area"
- MEDIUM: buffers: move "output" from struct buffer to struct channel
- MINOR: buffer: replace bi_fast_delete() with b_del()
- MINOR: buffer: replace b{i,o}_put* with b_put*
- MINOR: buffer: add a new file for ist + buffer manipulation functions
- MINOR: checks: use b_putist() instead of b_putstr()
- MINOR: buffers: remove b_putstr()
- CLEANUP: buffer: minor cleanups to buffer.h
- MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2()
- MINOR: buffer: replace buffer_replace2() with b_rep_blk()
- MINOR: buffer: rename the data length member to '->data'
- MAJOR: buffer: finalize buffer detachment
- MEDIUM: chunks: make the chunk struct's fields match the buffer struct
- MAJOR: chunks: replace struct chunk with struct buffer
- DOC: buffers: document the new buffers API
- DOC: buffers: remove obsolete docs about buffers
- MINOR: tasklets: Don't attempt to add a tasklet in the list twice.
- MINOR: connections/mux: Add a new "subscribe" method.
- MEDIUM: connections/mux: Revamp the send direction.
- MINOR: connection: simplify subscription by adding a registration function
- BUG/MINOR: http: Set brackets for the unlikely macro at the right place
- BUG/MINOR: build: Fix compilation with debug mode enabled
- BUILD: Generate sha256 checksums in publish-release
- MINOR: debug: Add check for CO_FL_WILL_UPDATE
- MINOR: debug: Add checks for conn_stream flags
- MINOR: ist: Add the function isteqi
- BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
- BUG/MEDIUM: mux_h2: Call h2_send() before updating polling.
- MINOR: buffers: simplify b_contig_space()
- MINOR: buffers: split b_putblk() into __b_putblk()
- MINOR: buffers: add b_xfer() to transfer data between buffers
- DOC: add some design notes about the new layering model
- MINOR: conn_stream: add a new CS_FL_REOS flag
- MINOR: conn_stream: add an rx buffer to the conn_stream
- MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function
- MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake()
- MINOR: h2: make each H2 stream support an intermediary input buffer
- MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer
- MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer
- MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf()
- MEDIUM: h2: move headers and data frame decoding to their respective parsers
- MEDIUM: buffers: make b_xfer() automatically swap buffers when possible
- MEDIUM: h2: perform a single call to the data layer in demux()
- MEDIUM: h2: don't call data_cb->recv() anymore
- MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen
- MEDIUM: h2: use the default conn_stream's receive function
- DOC: add more design feedback on the new layering model
- MINOR: h2: add the error code and the max/last stream IDs to "show fd"
- BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
- BUG/MEDIUM: stats: don't ask for more data as long as we're responding
- BUG/MINOR: servers: Don't make "server" in a frontend fatal.
- BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue
- BUG/MEDIUM: tasks: Decrement rqueue_size at the right time.
- BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask
- BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive.
- MINOR: signal: don't pass the signal number anymore as the wakeup reason
- MINOR: tasks: extend the state bits from 8 to 16 and remove the reason
- MINOR: tasks: Add a flag that tells if we're in the global runqueue.
- BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size.
- MINOR: queue: centralize dequeuing code a bit better
- MEDIUM: queue: make pendconn_free() work on the stream instead
- DOC: queue: document the expected locking model for the server's queue
- MINOR: queue: make sure pendconn->strm->pend_pos is always valid
- MINOR: queue: use a distinct variable for the assigned server and the queue
- MINOR: queue: implement pendconn queue locking functions
- MEDIUM: queue: get rid of the pendconn lock
- MINOR: tasks: Make active_tasks_mask volatile.
- MINOR: tasks: Make global_tasks_mask volatile.
- MINOR: pollers: Add a way to wake a thread sleeping in the poller.
- MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code.
- BUG/MEDIUM: threads/sync: use sched_yield when available
- MINOR: ssl: BoringSSL matches OpenSSL 1.1.0
- BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
- BUG/MINOR: config: stick-table is not supported in defaults section
- BUILD/MINOR: threads: unbreak build with threads disabled
- BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
- BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
- MINOR: threads: move "nbthread" parsing to hathreads.c
- BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
- MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
- BUILD/MINOR: compiler: fix offsetof() on older compilers
- SCRIPTS: git-show-backports: add missing quotes to "echo"
- MINOR: threads: add more consistency between certain variables in no-thread case
- MEDIUM: hathreads: implement a more flexible rendez-vous point
- BUG/MEDIUM: cli: make "show fd" thread-safe
2018-08-02 16:12:50 +00:00
|
|
|
|
2018/08/02
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
|
|
|
|
|
|
2010-05-09 20:37:12 +00:00
|
|
|
|
1) How to build it
|
|
|
|
|
|
------------------
|
|
|
|
|
|
|
2017-11-26 18:50:17 +00:00
|
|
|
|
This is a development version, so it is expected to break from time to time,
|
|
|
|
|
|
to add and remove features without prior notification and it should not be used
|
|
|
|
|
|
in production. If you are not used to build from sources or if you are not used
|
|
|
|
|
|
to follow updates then it is recommended that instead you use the packages provided
|
|
|
|
|
|
by your software vendor or Linux distribution. Most of them are taking this task
|
2015-10-13 16:52:22 +00:00
|
|
|
|
seriously and are doing a good job at backporting important fixes. If for any
|
|
|
|
|
|
reason you'd prefer a different version than the one packaged for your system,
|
|
|
|
|
|
you want to be certain to have all the fixes or to get some commercial support,
|
|
|
|
|
|
other choices are available at :
|
2014-06-19 13:26:32 +00:00
|
|
|
|
|
|
|
|
|
|
http://www.haproxy.com/
|
|
|
|
|
|
|
2005-12-18 00:33:16 +00:00
|
|
|
|
To build haproxy, you will need :
|
2010-05-09 20:37:12 +00:00
|
|
|
|
- GNU make. Neither Solaris nor OpenBSD's make work with the GNU Makefile.
|
2014-05-10 07:12:46 +00:00
|
|
|
|
If you get many syntax errors when running "make", you may want to retry
|
|
|
|
|
|
with "gmake" which is the name commonly used for GNU make on BSD systems.
|
2014-06-19 13:26:32 +00:00
|
|
|
|
- GCC between 2.95 and 4.8. Others may work, but not tested.
|
2005-12-18 00:33:16 +00:00
|
|
|
|
- GNU ld
|
|
|
|
|
|
|
|
|
|
|
|
Also, you might want to build with libpcre support, which will provide a very
|
2010-05-09 20:37:12 +00:00
|
|
|
|
efficient regex implementation and will also fix some badness on Solaris' one.
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
|
|
|
|
|
To build haproxy, you have to choose your target OS amongst the following ones
|
|
|
|
|
|
and assign it to the TARGET variable :
|
|
|
|
|
|
|
2008-05-25 08:32:50 +00:00
|
|
|
|
- linux22 for Linux 2.2
|
|
|
|
|
|
- linux24 for Linux 2.4 and above (default)
|
|
|
|
|
|
- linux24e for Linux 2.4 with support for a working epoll (> 0.21)
|
|
|
|
|
|
- linux26 for Linux 2.6 and above
|
2014-06-19 13:26:32 +00:00
|
|
|
|
- linux2628 for Linux 2.6.28, 3.x, and above (enables splice and tproxy)
|
2008-05-25 08:32:50 +00:00
|
|
|
|
- solaris for Solaris 8 or 10 (others untested)
|
2014-06-19 13:26:32 +00:00
|
|
|
|
- freebsd for FreeBSD 5 to 10 (others untested)
|
2015-10-13 16:52:22 +00:00
|
|
|
|
- netbsd for NetBSD
|
2013-04-02 06:17:43 +00:00
|
|
|
|
- osx for Mac OS/X
|
2016-09-27 17:22:21 +00:00
|
|
|
|
- openbsd for OpenBSD 5.7 and above
|
2014-04-02 18:44:43 +00:00
|
|
|
|
- aix51 for AIX 5.1
|
2012-06-06 14:15:03 +00:00
|
|
|
|
- aix52 for AIX 5.2
|
2009-06-14 16:27:54 +00:00
|
|
|
|
- cygwin for Cygwin
|
2015-10-19 23:01:16 +00:00
|
|
|
|
- haiku for Haiku
|
2014-06-19 13:26:32 +00:00
|
|
|
|
- generic for any other OS or version.
|
2008-05-25 08:32:50 +00:00
|
|
|
|
- custom to manually adjust every setting
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
|
|
|
|
|
You may also choose your CPU to benefit from some optimizations. This is
|
|
|
|
|
|
particularly important on UltraSparc machines. For this, you can assign
|
|
|
|
|
|
one of the following choices to the CPU variable :
|
|
|
|
|
|
|
|
|
|
|
|
- i686 for intel PentiumPro, Pentium 2 and above, AMD Athlon
|
|
|
|
|
|
- i586 for intel Pentium, AMD K6, VIA C3.
|
|
|
|
|
|
- ultrasparc : Sun UltraSparc I/II/III/IV processor
|
2014-07-10 18:24:25 +00:00
|
|
|
|
- native : use the build machine's specific processor optimizations. Use with
|
|
|
|
|
|
extreme care, and never in virtualized environments (known to break).
|
|
|
|
|
|
- generic : any other processor or no CPU-specific optimization. (default)
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
2008-05-25 08:32:50 +00:00
|
|
|
|
Alternatively, you may just set the CPU_CFLAGS value to the optimal GCC options
|
|
|
|
|
|
for your platform.
|
|
|
|
|
|
|
2009-04-11 17:45:50 +00:00
|
|
|
|
You may want to build specific target binaries which do not match your native
|
|
|
|
|
|
compiler's target. This is particularly true on 64-bit systems when you want
|
|
|
|
|
|
to build a 32-bit binary. Use the ARCH variable for this purpose. Right now
|
2010-11-28 06:41:00 +00:00
|
|
|
|
it only knows about a few x86 variants (i386,i486,i586,i686,x86_64), two
|
|
|
|
|
|
generic ones (32,64) and sets -m32/-m64 as well as -march=<arch> accordingly.
|
2009-04-11 17:45:50 +00:00
|
|
|
|
|
2005-12-18 00:33:16 +00:00
|
|
|
|
If your system supports PCRE (Perl Compatible Regular Expressions), then you
|
|
|
|
|
|
really should build with libpcre which is between 2 and 10 times faster than
|
|
|
|
|
|
other libc implementations. Regex are used for header processing (deletion,
|
|
|
|
|
|
rewriting, allow, deny). The only inconvenient of libpcre is that it is not
|
|
|
|
|
|
yet widely spread, so if you build for other systems, you might get into
|
|
|
|
|
|
trouble if they don't have the dynamic library. In this situation, you should
|
|
|
|
|
|
statically link libpcre into haproxy so that it will not be necessary to
|
2008-05-25 08:32:50 +00:00
|
|
|
|
install it on target systems. Available build options for PCRE are :
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
2008-05-25 08:32:50 +00:00
|
|
|
|
- USE_PCRE=1 to use libpcre, in whatever form is available on your system
|
2005-12-18 00:33:16 +00:00
|
|
|
|
(shared or static)
|
|
|
|
|
|
|
2008-05-25 08:32:50 +00:00
|
|
|
|
- USE_STATIC_PCRE=1 to use a static version of libpcre even if the dynamic
|
|
|
|
|
|
one is available. This will enhance portability.
|
|
|
|
|
|
|
2012-12-11 23:38:22 +00:00
|
|
|
|
- with no option, use your OS libc's standard regex implementation (default).
|
2008-05-25 08:32:50 +00:00
|
|
|
|
Warning! group references on Solaris seem broken. Use static-pcre whenever
|
|
|
|
|
|
possible.
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
2015-09-28 20:36:21 +00:00
|
|
|
|
If your system doesn't provide PCRE, you are encouraged to download it from
|
|
|
|
|
|
http://www.pcre.org/ and build it yourself, it's fast and easy.
|
|
|
|
|
|
|
2011-03-23 19:00:53 +00:00
|
|
|
|
Recent systems can resolve IPv6 host names using getaddrinfo(). This primitive
|
|
|
|
|
|
is not present in all libcs and does not work in all of them either. Support in
|
|
|
|
|
|
glibc was broken before 2.3. Some embedded libs may not properly work either,
|
|
|
|
|
|
thus, support is disabled by default, meaning that some host names which only
|
|
|
|
|
|
resolve as IPv6 addresses will not resolve and configs might emit an error
|
|
|
|
|
|
during parsing. If you know that your OS libc has reliable support for
|
|
|
|
|
|
getaddrinfo(), you can add USE_GETADDRINFO=1 on the make command line to enable
|
|
|
|
|
|
it. This is the recommended option for most Linux distro packagers since it's
|
|
|
|
|
|
working fine on all recent mainstream distros. It is automatically enabled on
|
|
|
|
|
|
Solaris 8 and above, as it's known to work.
|
|
|
|
|
|
|
2014-05-10 07:12:46 +00:00
|
|
|
|
It is possible to add native support for SSL using the GNU makefile, by passing
|
|
|
|
|
|
"USE_OPENSSL=1" on the make command line. The libssl and libcrypto will
|
|
|
|
|
|
automatically be linked with haproxy. Some systems also require libz, so if the
|
|
|
|
|
|
build fails due to missing symbols such as deflateInit(), then try again with
|
|
|
|
|
|
"ADDLIB=-lz".
|
2012-09-10 07:07:41 +00:00
|
|
|
|
|
2015-09-28 20:36:21 +00:00
|
|
|
|
Your are strongly encouraged to always use an up-to-date version of OpenSSL, as
|
|
|
|
|
|
found on https://www.openssl.org/ as vulnerabilities are occasionally found and
|
|
|
|
|
|
you don't want them on your systems. HAProxy is known to build correctly on all
|
2017-07-18 04:58:16 +00:00
|
|
|
|
currently supported branches (0.9.8, 1.0.0, 1.0.1, 1.0.2 and 1.1.0 at the time
|
|
|
|
|
|
of writing). Branch 1.0.2 is currently recommended for the best combination of
|
|
|
|
|
|
features and stability. Asynchronous engines require OpenSSL 1.1.0 though. It's
|
|
|
|
|
|
worth mentionning that some OpenSSL derivatives are also reported to work but
|
|
|
|
|
|
may occasionally break. Patches to fix them are welcome but please read the
|
|
|
|
|
|
CONTRIBUTING file first.
|
2015-09-28 20:36:21 +00:00
|
|
|
|
|
2013-05-19 14:28:17 +00:00
|
|
|
|
To link OpenSSL statically against haproxy, build OpenSSL with the no-shared
|
|
|
|
|
|
keyword and install it to a local directory, so your system is not affected :
|
|
|
|
|
|
|
|
|
|
|
|
$ export STATICLIBSSL=/tmp/staticlibssl
|
|
|
|
|
|
$ ./config --prefix=$STATICLIBSSL no-shared
|
|
|
|
|
|
$ make && make install_sw
|
|
|
|
|
|
|
2013-09-30 22:28:03 +00:00
|
|
|
|
When building haproxy, pass that path via SSL_INC and SSL_LIB to make and
|
|
|
|
|
|
include additional libs with ADDLIB if needed (in this case for example libdl):
|
2014-05-10 07:12:46 +00:00
|
|
|
|
|
2013-09-30 22:28:03 +00:00
|
|
|
|
$ make TARGET=linux26 USE_OPENSSL=1 SSL_INC=$STATICLIBSSL/include SSL_LIB=$STATICLIBSSL/lib ADDLIB=-ldl
|
2013-05-19 14:28:17 +00:00
|
|
|
|
|
2015-09-28 20:36:21 +00:00
|
|
|
|
It is also possible to include native support for zlib to benefit from HTTP
|
MEDIUM: HTTP compression (zlib library support)
This commit introduces HTTP compression using the zlib library.
http_response_forward_body has been modified to call the compression
functions.
This feature includes 3 algorithms: identity, gzip and deflate:
* identity: this is mostly for debugging, and it was useful for
developping the compression feature. With Content-Length in input, it
is making each chunk with the data available in the current buffer.
With chunks in input, it is rechunking, the output chunks will be
bigger or smaller depending of the size of the input chunk and the
size of the buffer. Identity does not apply any change on data.
* gzip: same as identity, but applying a gzip compression. The data
are deflated using the Z_NO_FLUSH flag in zlib. When there is no more
data in the input buffer, it flushes the data in the output buffer
(Z_SYNC_FLUSH). At the end of data, when it receives the last chunk in
input, or when there is no more data to read, it writes the end of
data with Z_FINISH and the ending chunk.
* deflate: same as gzip, but with deflate algorithm and zlib format.
Note that this algorithm has ambiguous support on many browsers and
no support at all from recent ones. It is strongly recommended not
to use it for anything else than experimentation.
You can't choose the compression ratio at the moment, it will be set to
Z_BEST_SPEED (1), as tests have shown very little benefit in terms of
compression ration when going above for HTML contents, at the cost of
a massive CPU impact.
Compression will be activated depending of the Accept-Encoding request
header. With identity, it does not take care of that header.
To build HAProxy with zlib support, use USE_ZLIB=1 in the make
parameters.
This work was initially started by David Du Colombier at Exceliance.
2012-10-23 08:25:10 +00:00
|
|
|
|
compression. For this, pass "USE_ZLIB=1" on the "make" command line and ensure
|
MAJOR: compression: integrate support for libslz
This library is designed to emit a zlib-compatible stream with no
memory usage and to favor resource savings over compression ratio.
While zlib requires 256 kB of RAM per compression context (and can only
support 4000 connections per GB of RAM), the stateless compression
offered by libslz does not need to retain buffers between subsequent
calls. In theory this slightly reduces the compression ratio but in
practice it does not have that much of an effect since the zlib
window is limited to 32kB.
Libslz is available at :
http://git.1wt.eu/web?p=libslz.git
It was designed for web compression and provides a lot of savings
over zlib in haproxy. Here are the preliminary results on a single
core of a core2-quad 3.0 GHz in 32-bit for only 300 concurrent
sessions visiting the home page of www.haproxy.org (76 kB) with
the default 16kB buffers :
BW In BW Out BW Saved Ratio memory VSZ/RSS
zlib 237 Mbps 92 Mbps 145 Mbps 2.58 84M / 69M
slz 733 Mbps 380 Mbps 353 Mbps 1.93 5.9M / 4.2M
So while the compression ratio is lower, the bandwidth savings are
much more important due to the significantly lower compression cost
which allows to consume even more data from the servers. In the
example above, zlib became the bottleneck at 24% of the output
bandwidth. Also the difference in memory usage is obvious.
More tests run on a single core of a core i5-3320M, with 500 concurrent
users and the default 16kB buffers :
At 100% CPU (no limit) :
BW In BW Out BW Saved Ratio memory VSZ/RSS hits/s
zlib 480 Mbps 188 Mbps 292 Mbps 2.55 130M / 101M 744
slz 1700 Mbps 810 Mbps 890 Mbps 2.10 23.7M / 9.7M 2382
At 85% CPU (limited) :
BW In BW Out BW Saved Ratio memory VSZ/RSS hits/s
zlib 1240 Mbps 976 Mbps 264 Mbps 1.27 130M / 100M 1738
slz 1600 Mbps 976 Mbps 624 Mbps 1.64 23.7M / 9.7M 2210
The most important benefit really happens when the CPU usage is
limited by "maxcompcpuusage" or the BW limited by "maxcomprate" :
in order to preserve resources, haproxy throttles the compression
ratio until usage is within limits. Since slz is much cheaper, the
average compression ratio is much higher and the input bandwidth
is quite higher for one Gbps output.
Other tests made with some reference files :
BW In BW Out BW Saved Ratio hits/s
daniels.html zlib 1320 Mbps 163 Mbps 1157 Mbps 8.10 1925
slz 3600 Mbps 580 Mbps 3020 Mbps 6.20 5300
tv.com/listing zlib 980 Mbps 124 Mbps 856 Mbps 7.90 310
slz 3300 Mbps 553 Mbps 2747 Mbps 5.97 1100
jquery.min.js zlib 430 Mbps 180 Mbps 250 Mbps 2.39 547
slz 1470 Mbps 764 Mbps 706 Mbps 1.92 1815
bootstrap.min.css zlib 790 Mbps 165 Mbps 625 Mbps 4.79 777
slz 2450 Mbps 650 Mbps 1800 Mbps 3.77 2400
So on top of saving a lot of memory, slz is constantly 2.5-3.5 times
faster than zlib and results in providing more savings for a fixed CPU
usage. For links smaller than 100 Mbps, zlib still provides a better
compression ratio, at the expense of a much higher CPU usage.
Larger input files provide slightly higher bandwidth for both libs, at
the expense of a bit more memory usage for zlib (it converges to 256kB
per connection).
2015-03-29 01:32:06 +00:00
|
|
|
|
that zlib is present on the system. Alternatively it is possible to use libslz
|
|
|
|
|
|
for a faster, memory less, but slightly less efficient compression, by passing
|
|
|
|
|
|
"USE_SLZ=1".
|
MEDIUM: HTTP compression (zlib library support)
This commit introduces HTTP compression using the zlib library.
http_response_forward_body has been modified to call the compression
functions.
This feature includes 3 algorithms: identity, gzip and deflate:
* identity: this is mostly for debugging, and it was useful for
developping the compression feature. With Content-Length in input, it
is making each chunk with the data available in the current buffer.
With chunks in input, it is rechunking, the output chunks will be
bigger or smaller depending of the size of the input chunk and the
size of the buffer. Identity does not apply any change on data.
* gzip: same as identity, but applying a gzip compression. The data
are deflated using the Z_NO_FLUSH flag in zlib. When there is no more
data in the input buffer, it flushes the data in the output buffer
(Z_SYNC_FLUSH). At the end of data, when it receives the last chunk in
input, or when there is no more data to read, it writes the end of
data with Z_FINISH and the ending chunk.
* deflate: same as gzip, but with deflate algorithm and zlib format.
Note that this algorithm has ambiguous support on many browsers and
no support at all from recent ones. It is strongly recommended not
to use it for anything else than experimentation.
You can't choose the compression ratio at the moment, it will be set to
Z_BEST_SPEED (1), as tests have shown very little benefit in terms of
compression ration when going above for HTML contents, at the cost of
a massive CPU impact.
Compression will be activated depending of the Accept-Encoding request
header. With identity, it does not take care of that header.
To build HAProxy with zlib support, use USE_ZLIB=1 in the make
parameters.
This work was initially started by David Du Colombier at Exceliance.
2012-10-23 08:25:10 +00:00
|
|
|
|
|
2015-09-28 20:36:21 +00:00
|
|
|
|
Zlib is commonly found on most systems, otherwise updates can be retrieved from
|
|
|
|
|
|
http://www.zlib.net/. It is easy and fast to build. Libslz can be downloaded
|
|
|
|
|
|
from http://1wt.eu/projects/libslz/ and is even easier to build.
|
|
|
|
|
|
|
2005-12-18 00:33:16 +00:00
|
|
|
|
By default, the DEBUG variable is set to '-g' to enable debug symbols. It is
|
|
|
|
|
|
not wise to disable it on uncommon systems, because it's often the only way to
|
|
|
|
|
|
get a complete core when you need one. Otherwise, you can set DEBUG to '-s' to
|
|
|
|
|
|
strip the binary.
|
|
|
|
|
|
|
|
|
|
|
|
For example, I use this to build for Solaris 8 :
|
|
|
|
|
|
|
2008-05-25 08:32:50 +00:00
|
|
|
|
$ make TARGET=solaris CPU=ultrasparc USE_STATIC_PCRE=1
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
2008-05-25 08:32:50 +00:00
|
|
|
|
And I build it this way on OpenBSD or FreeBSD :
|
2006-03-19 19:56:52 +00:00
|
|
|
|
|
2014-05-10 07:12:46 +00:00
|
|
|
|
$ gmake TARGET=freebsd USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
|
2006-03-19 19:56:52 +00:00
|
|
|
|
|
2012-12-11 23:38:22 +00:00
|
|
|
|
And on a classic Linux with SSL and ZLIB support (eg: Red Hat 5.x) :
|
|
|
|
|
|
|
2014-07-10 18:24:25 +00:00
|
|
|
|
$ make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
|
2012-12-11 23:38:22 +00:00
|
|
|
|
|
|
|
|
|
|
And on a recent Linux >= 2.6.28 with SSL and ZLIB support :
|
2012-09-10 07:07:41 +00:00
|
|
|
|
|
2014-07-10 18:24:25 +00:00
|
|
|
|
$ make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
|
2012-09-10 07:07:41 +00:00
|
|
|
|
|
MEDIUM: HTTP compression (zlib library support)
This commit introduces HTTP compression using the zlib library.
http_response_forward_body has been modified to call the compression
functions.
This feature includes 3 algorithms: identity, gzip and deflate:
* identity: this is mostly for debugging, and it was useful for
developping the compression feature. With Content-Length in input, it
is making each chunk with the data available in the current buffer.
With chunks in input, it is rechunking, the output chunks will be
bigger or smaller depending of the size of the input chunk and the
size of the buffer. Identity does not apply any change on data.
* gzip: same as identity, but applying a gzip compression. The data
are deflated using the Z_NO_FLUSH flag in zlib. When there is no more
data in the input buffer, it flushes the data in the output buffer
(Z_SYNC_FLUSH). At the end of data, when it receives the last chunk in
input, or when there is no more data to read, it writes the end of
data with Z_FINISH and the ending chunk.
* deflate: same as gzip, but with deflate algorithm and zlib format.
Note that this algorithm has ambiguous support on many browsers and
no support at all from recent ones. It is strongly recommended not
to use it for anything else than experimentation.
You can't choose the compression ratio at the moment, it will be set to
Z_BEST_SPEED (1), as tests have shown very little benefit in terms of
compression ration when going above for HTML contents, at the cost of
a massive CPU impact.
Compression will be activated depending of the Accept-Encoding request
header. With identity, it does not take care of that header.
To build HAProxy with zlib support, use USE_ZLIB=1 in the make
parameters.
This work was initially started by David Du Colombier at Exceliance.
2012-10-23 08:25:10 +00:00
|
|
|
|
In order to build a 32-bit binary on an x86_64 Linux system with SSL support
|
|
|
|
|
|
without support for compression but when OpenSSL requires ZLIB anyway :
|
2009-04-11 17:45:50 +00:00
|
|
|
|
|
2012-09-10 07:07:41 +00:00
|
|
|
|
$ make TARGET=linux26 ARCH=i386 USE_OPENSSL=1 ADDLIB=-lz
|
2009-04-11 17:45:50 +00:00
|
|
|
|
|
2014-05-08 22:44:48 +00:00
|
|
|
|
The SSL stack supports session cache synchronization between all running
|
|
|
|
|
|
processes. This involves some atomic operations and synchronization operations
|
|
|
|
|
|
which come in multiple flavors depending on the system and architecture :
|
|
|
|
|
|
|
|
|
|
|
|
Atomic operations :
|
|
|
|
|
|
- internal assembler versions for x86/x86_64 architectures
|
|
|
|
|
|
|
|
|
|
|
|
- gcc builtins for other architectures. Some architectures might not
|
|
|
|
|
|
be fully supported or might require a more recent version of gcc.
|
|
|
|
|
|
If your architecture is not supported, you willy have to either use
|
|
|
|
|
|
pthread if supported, or to disable the shared cache.
|
|
|
|
|
|
|
|
|
|
|
|
- pthread (posix threads). Pthreads are very common but inter-process
|
|
|
|
|
|
support is not that common, and some older operating systems did not
|
|
|
|
|
|
report an error when enabling multi-process mode, so they used to
|
|
|
|
|
|
silently fail, possibly causing crashes. Linux's implementation is
|
|
|
|
|
|
fine. OpenBSD doesn't support them and doesn't build. FreeBSD 9 builds
|
|
|
|
|
|
and reports an error at runtime, while certain older versions might
|
|
|
|
|
|
silently fail. Pthreads are enabled using USE_PTHREAD_PSHARED=1.
|
|
|
|
|
|
|
|
|
|
|
|
Synchronization operations :
|
|
|
|
|
|
- internal spinlock : this mode is OS-independant, light but will not
|
|
|
|
|
|
scale well to many processes. However, accesses to the session cache
|
|
|
|
|
|
are rare enough that this mode could certainly always be used. This
|
|
|
|
|
|
is the default mode.
|
|
|
|
|
|
|
|
|
|
|
|
- Futexes, which are Linux-specific highly scalable light weight mutexes
|
|
|
|
|
|
implemented in user-space with some limited assistance from the kernel.
|
|
|
|
|
|
This is the default on Linux 2.6 and above and is enabled by passing
|
|
|
|
|
|
USE_FUTEX=1
|
|
|
|
|
|
|
|
|
|
|
|
- pthread (posix threads). See above.
|
|
|
|
|
|
|
|
|
|
|
|
If none of these mechanisms is supported by your platform, you may need to
|
|
|
|
|
|
build with USE_PRIVATE_CACHE=1 to totally disable SSL cache sharing. Then
|
|
|
|
|
|
it is better not to run SSL on multiple processes.
|
|
|
|
|
|
|
2005-12-18 00:33:16 +00:00
|
|
|
|
If you need to pass other defines, includes, libraries, etc... then please
|
|
|
|
|
|
check the Makefile to see which ones will be available in your case, and
|
2014-05-10 07:12:46 +00:00
|
|
|
|
use the USE_* variables in the Makefile.
|
2005-12-18 00:33:16 +00:00
|
|
|
|
|
2010-01-28 19:52:05 +00:00
|
|
|
|
AIX 5.3 is known to work with the generic target. However, for the binary to
|
|
|
|
|
|
also run on 5.2 or earlier, you need to build with DEFINE="-D_MSGQSUPPORT",
|
2014-06-19 13:26:32 +00:00
|
|
|
|
otherwise __fd_select() will be used while not being present in the libc, but
|
|
|
|
|
|
this is easily addressed using the "aix52" target. If you get build errors
|
|
|
|
|
|
because of strange symbols or section mismatches, simply remove -g from
|
|
|
|
|
|
DEBUG_CFLAGS.
|
2010-01-28 19:52:05 +00:00
|
|
|
|
|
2013-04-02 06:14:29 +00:00
|
|
|
|
You can easily define your own target with the GNU Makefile. Unknown targets
|
|
|
|
|
|
are processed with no default option except USE_POLL=default. So you can very
|
|
|
|
|
|
well use that property to define your own set of options. USE_POLL can even be
|
|
|
|
|
|
disabled by setting USE_POLL="". For example :
|
|
|
|
|
|
|
|
|
|
|
|
$ gmake TARGET=tiny USE_POLL="" TARGET_CFLAGS=-fomit-frame-pointer
|
|
|
|
|
|
|
2010-05-09 20:37:12 +00:00
|
|
|
|
|
2016-11-08 13:57:29 +00:00
|
|
|
|
1.1) Device Detection
|
|
|
|
|
|
---------------------
|
2015-06-01 12:21:47 +00:00
|
|
|
|
|
2016-11-08 13:57:29 +00:00
|
|
|
|
HAProxy supports several device detection modules relying on third party
|
|
|
|
|
|
products. Some of them may provide free code, others free libs, others free
|
|
|
|
|
|
evaluation licenses. Please read about their respective details in the
|
|
|
|
|
|
following files :
|
2015-06-01 12:21:47 +00:00
|
|
|
|
|
2016-11-08 13:57:29 +00:00
|
|
|
|
doc/DeviceAtlas-device-detection.txt for DeviceAtlas
|
|
|
|
|
|
doc/51Degrees-device-detection.txt for 51Degrees
|
|
|
|
|
|
doc/WURFL-device-detection.txt for Scientiamobile WURFL
|
2015-06-02 12:10:28 +00:00
|
|
|
|
|
2016-11-04 09:55:08 +00:00
|
|
|
|
|
2010-05-09 20:37:12 +00:00
|
|
|
|
2) How to install it
|
|
|
|
|
|
--------------------
|
|
|
|
|
|
|
|
|
|
|
|
To install haproxy, you can either copy the single resulting binary to the
|
|
|
|
|
|
place you want, or run :
|
|
|
|
|
|
|
|
|
|
|
|
$ sudo make install
|
|
|
|
|
|
|
|
|
|
|
|
If you're packaging it for another system, you can specify its root directory
|
|
|
|
|
|
in the usual DESTDIR variable.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3) How to set it up
|
|
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
|
|
|
|
There is some documentation in the doc/ directory :
|
|
|
|
|
|
|
2015-08-18 19:51:36 +00:00
|
|
|
|
- intro.txt : this is an introduction to haproxy, it explains what it is
|
|
|
|
|
|
what it is not. Useful for beginners or to re-discover it when planning
|
|
|
|
|
|
for an upgrade.
|
|
|
|
|
|
|
2010-05-09 20:37:12 +00:00
|
|
|
|
- architecture.txt : this is the architecture manual. It is quite old and
|
|
|
|
|
|
does not tell about the nice new features, but it's still a good starting
|
|
|
|
|
|
point when you know what you want but don't know how to do it.
|
|
|
|
|
|
|
|
|
|
|
|
- configuration.txt : this is the configuration manual. It recalls a few
|
|
|
|
|
|
essential HTTP basic concepts, and details all the configuration file
|
|
|
|
|
|
syntax (keywords, units). It also describes the log and stats format. It
|
|
|
|
|
|
is normally always up to date. If you see that something is missing from
|
2014-04-22 22:57:08 +00:00
|
|
|
|
it, please report it as this is a bug. Please note that this file is
|
|
|
|
|
|
huge and that it's generally more convenient to review Cyril Bont<6E>'s
|
|
|
|
|
|
HTML translation online here :
|
|
|
|
|
|
|
2015-10-13 16:52:22 +00:00
|
|
|
|
http://cbonte.github.io/haproxy-dconv/configuration-1.6.html
|
2010-05-09 20:37:12 +00:00
|
|
|
|
|
2015-10-13 14:32:20 +00:00
|
|
|
|
- management.txt : it explains how to start haproxy, how to manage it at
|
|
|
|
|
|
runtime, how to manage it on multiple nodes, how to proceed with seamless
|
|
|
|
|
|
upgrades.
|
2010-05-09 20:37:12 +00:00
|
|
|
|
|
|
|
|
|
|
- gpl.txt / lgpl.txt : the copy of the licenses covering the software. See
|
|
|
|
|
|
the 'LICENSE' file at the top for more information.
|
|
|
|
|
|
|
|
|
|
|
|
- the rest is mainly for developers.
|
|
|
|
|
|
|
|
|
|
|
|
There are also a number of nice configuration examples in the "examples"
|
|
|
|
|
|
directory as well as on several sites and articles on the net which are linked
|
|
|
|
|
|
to from the haproxy web site.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
4) How to report a bug
|
|
|
|
|
|
----------------------
|
|
|
|
|
|
|
|
|
|
|
|
It is possible that from time to time you'll find a bug. A bug is a case where
|
|
|
|
|
|
what you see is not what is documented. Otherwise it can be a misdesign. If you
|
|
|
|
|
|
find that something is stupidly design, please discuss it on the list (see the
|
|
|
|
|
|
"how to contribute" section below). If you feel like you're proceeding right
|
|
|
|
|
|
and haproxy doesn't obey, then first ask yourself if it is possible that nobody
|
|
|
|
|
|
before you has even encountered this issue. If it's unlikely, the you probably
|
|
|
|
|
|
have an issue in your setup. Just in case of doubt, please consult the mailing
|
|
|
|
|
|
list archives :
|
|
|
|
|
|
|
|
|
|
|
|
http://marc.info/?l=haproxy
|
|
|
|
|
|
|
|
|
|
|
|
Otherwise, please try to gather the maximum amount of information to help
|
|
|
|
|
|
reproduce the issue and send that to the mailing list :
|
|
|
|
|
|
|
|
|
|
|
|
haproxy@formilux.org
|
|
|
|
|
|
|
|
|
|
|
|
Please include your configuration and logs. You can mask your IP addresses and
|
|
|
|
|
|
passwords, we don't need them. But it's essential that you post your config if
|
|
|
|
|
|
you want people to guess what is happening.
|
|
|
|
|
|
|
|
|
|
|
|
Also, keep in mind that haproxy is designed to NEVER CRASH. If you see it die
|
|
|
|
|
|
without any reason, then it definitely is a critical bug that must be reported
|
|
|
|
|
|
and urgently fixed. It has happened a couple of times in the past, essentially
|
|
|
|
|
|
on development versions running on new architectures. If you think your setup
|
|
|
|
|
|
is fairly common, then it is possible that the issue is totally unrelated.
|
|
|
|
|
|
Anyway, if that happens, feel free to contact me directly, as I will give you
|
|
|
|
|
|
instructions on how to collect a usable core file, and will probably ask for
|
|
|
|
|
|
other captures that you'll not want to share with the list.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
5) How to contribute
|
|
|
|
|
|
--------------------
|
|
|
|
|
|
|
2015-09-20 20:31:42 +00:00
|
|
|
|
Please carefully read the CONTRIBUTING file that comes with the sources. It is
|
|
|
|
|
|
mandatory.
|
2010-05-09 20:37:12 +00:00
|
|
|
|
|
2005-12-18 00:33:16 +00:00
|
|
|
|
-- end
|
