Hi all,
Yes, this is it! 1.3.16-rc1. After almost 11 months of development!
There are new features I often forget about after being used to them in
the dev tree, but fortunately there are people who remind me those were
not in 1.3.15 when I suggest them to use those ;-)
I may forget a lot of them, but from memories and changelog :
- absolute/relative redirection on ACL matching, with ability to
set/clear a cookie and drop the query string
- support for a domain name on the persistence cookie
- support for URI hash depth and length limits
- monotonic internal clock which becomes insensible to system time
variations (caused by ntpdate and early buggy dual-core opterons)
- permit renaming of x-forwarded-for header
- tcp request content inspection with ability to detect SSL version
and data length at the moment, but it's easy to add new matches.
- better ACL type checking (permanent, layer4, layer7, req, rep, ...)
with better error detection and reporting at load time.
- "show sess" on the unix socket reports the whole sessions list
- "show errors" on the unix socket reports a full capture of last
invalid request and response for each proxy
- support for Linux 2.6.27 TCP splicing avoiding memory copies for
much improved bandwidth when used with the proper NICs.
- support for interface binding on "bind" and "source" statements,
allowing several interfaces to be used at once on the same LAN
- support for process - proxy affinity, allowing users of nbproc > 1
to specify which frontend/backend runs on which process.
- measure and report of session rate per frontend, backend and server
- support for session rate limiting per frontend
- quite a few more ACL matching criteria
- fully up-to-date configuration documentation
Other more technical changes which have an impact on contributions and
future evolutions :
- better layering between sockets, buffers, sessions, and protocol
analysers (eg: HTTP)
- much improved scheduler with a separate wait queue and run queue
supporting tasks renicing (only used for stats and checks at the moment)
- support for configuration keyword registration within modules
- maintain a global session list in order to ease debugging
- make stats look more like an internal application and less like a hack
- buffers now have send limits and can automatically forward any arbitrary
amount of data without waking the task up
- support for pipe pools (initially for splicing)
- several documented regression tests
- documentation of some internal parts
A lot of small optimisations have been performed on the I/O subsystem and
on the scheduler. The overall performance gain from 1.3.15 is around 10-15%
depending on the workload, with the same configuration.
A lot of cleanups have been done, but I'm conscious that there is still a
lot of work to be done in this area.
Last but not least, I have added a small log parser that I've written for
handling large volumes of logs (gigabytes to tens of gigabytes). This one
can search, count, sort and graph errors, response times and percentiles
at speeds between 2 and 4 millions lines a second on a 3 GHz machine, which
translates into about 1 gigabyte per second. Of course logs are better in
RAM at these speeds. My primary usage is as a helpful tool for digging
anomalies by hand. It is located in contrib/halog. It awfully lacks any
documentation, the curious will have to read the source :-)
Obviously after all these changes, there are bugs, possibly many ones. That's
the reason why I released it as "-rc1". I'll wait a bit (several days to a
few weeks) to get some feedback and fix reported bugs. Anyway, it has been
running in production on a very big site with splicing enabled for about 1
month, and is running on my various servers too. I've got reports of other
people running this branch in production. I'm not particularly afraid of
stability now, but it is fairly possible that some new features are buggy.
I've successfully built it on Linux/x86, Solaris/sparc and OpenBSD/vax (took
quite some time BTW).
Source and pre-built binaries for Linux and Solaris can be found here :
http://haproxy.1wt.eu/download/1.3/src/Beta/
The binaries were built in debug mode and not stripped, in case someone
manages to get a core, it could help.
Have fun !
Willy
