OoO En cette soirée bien amorcée du vendredi 06 mai 2011, vers 22:46,
Baptiste bed...@gmail.com disait :
It seems that the CPU speed of your F5 3900 is 2.4GHz with 8G of
memory.
The F5 is using some Cavium chip to forward requests. The main
processor is mainly used for
Hi Willy!
I don't answer at everything but I have read carefully what you
said. Thanks for such precise tips.
OoO En cette nuit nuageuse du mardi 10 mai 2011, vers 00:31, Willy
Tarreau w...@1wt.eu disait :
I will also test with a 10G NIC next week. However, with such small
--
Vincent Bernat ☯ http://vincent.bernat.im
Don't comment bad code - rewrite it.
- The Elements of Programming Style (Kernighan Plauger)
Hi!
I have run some bench with stud + haproxy (1.5-dev7) and found that
stud with --write-proxy parameter adds 40 ms of latency. stunnel has
recently added (4.45) PROXY support too and enabling it does not add any
latency. Therefore, I think the problem does not lie in HAProxy but
maybe
. See here for the
relevant code:
https://github.com/bumptech/stud/blob/master/stud.c#L489
Any idea where the latency could lie?
The problem was stud did not disable Nagle's algorithm on the backend
side. Therefore, nothing to do with HAProxy.
--
Vincent Bernat ☯ http://vincent.bernat.im
:
https://github.com/bumptech/stud/commit/7ad212a3f8a1416b8ac997a54e2dd58840f75851
--
Vincent Bernat ☯ http://vincent.bernat.im
Make input easy to prepare and output self-explanatory.
- The Elements of Programming Style (Kernighan Plauger)
8881, 8882 or 8883.
--
Vincent Bernat ☯ http://vincent.bernat.im
prom_printf(Detected PenguinPages, getting out of here.\n);
2.0.38 /usr/src/linux/arch/sparc/mm/srmmu.c
-keepalive help working around servers misbehaving in HTTP close
| mode.
`
--
Vincent Bernat ☯ http://vincent.bernat.im
Make sure input cannot violate the limits of the program.
- The Elements of Programming Style (Kernighan Plauger)
but this seems more
difficult since the renegociation can be done automatically by OpenSSL
during a single SSL_read() (which is not possible in stud because of its
asynchronous nature).
However, maybe the connection can be closed right in the callback. I
need to try out.
--
Vincent Bernat ☯ http
not hinder the performance. However, the
benchmark was a bit artificial because each client will do 4 conn and
will disappear forever.
--
Vincent Bernat ☯ http://vincent.bernat.im
# Okay, what on Earth is this one supposed to be used for?
2.4.0 linux/drivers/char/cp437.uni
their dependencies got broken.
Memory usage can be divided by 10 with OpenSSL 1.0.0. You need to ensure
that you use a stud version using SSL_MODE_RELEASE_BUFFERS to take
advantage of it.
--
Vincent Bernat ☯ http://vincent.bernat.im
Follow each decision as closely as possible with its
smaller).
An active SSL connection can take a lot more memory than a session but I
don't know how much exactly. If you have long running connection, this
will be more an issue than session cache.
--
Vincent Bernat ☯ http://vincent.bernat.im
Watch out for off-by-one errors
patch to backport it.
https://gist.github.com/1272151/b1a61124d1568eb795fa82b24b875889cbd0005c
--
Vincent Bernat ☯ http://vincent.bernat.im
panic(floppy: Port bolixed.);
2.2.16 /usr/src/linux/include/asm-sparc/floppy.h
USE_SHARED_CACHE=1
9. You get your stud linked against OpenSSL 1.0.0e. Now, on your
server, install libssl1.0.0_1.0.0e-2ubuntu4~bpoXXX1.deb then
stud.
--
Vincent Bernat ☯ http://vincent.bernat.im
/*
* For moronic filesystems that do not allow holes in file.
* We may have
On Fri, 04 Nov 2011 09:41:00 +0100, Aleksandar Lazic wrote:
you must use
http://www.stunnel.org/static/stunnel.html
protocol = proxy
In this case, you need the latest stunnel (4.45).
. When running step 5 again
it seemed to jump into an endless making of openssl :/
Meaning that it is starting to do something but it never finish,
waited for ~20min.
Symlink seems a wrong idea. Why doesn't it seem to do the ./Configure properly?
--
Vincent Bernat ☯ http://vincent.bernat.im
.
For example, with nginx, you need to configure a session cache.
--
Vincent Bernat ☯ http://vincent.bernat.im
Keep it right when you make it faster.
- The Elements of Programming Style (Kernighan Plauger)
Hi!
When haproxy is bound to an IP address managed by VRRP, this IP address
may be absent when haproxy starts. What is the best way to handle this?
1. Start haproxy only when the host is master.
2. Use transparent mode.
3. Patch haproxy to use IP_FREEBIND option.
On Mon, 12 Dec 2011 11:28:21 +0200, Graeme Donaldson wrote:
When haproxy is bound to an IP address managed by VRRP, this IP
address may
be absent when haproxy starts. What is the best way to handle this?
1. Start haproxy only when the host is master.
2. Use transparent mode.
3. Patch
On Mon, 12 Dec 2011 13:04:22 +0100, Sander Klein wrote:
I started doing this because there is no nonlocal_bind option for
IPv6 (or I didn't search well enough (-: )
From the source code, it seems that IPv4 non local bind sysctl also
applies to IPv6. Since 2.6.30.
Hmmm, then I'm going to
On Mon, 12 Dec 2011 13:23:11 +0100, Sander Klein wrote:
I started doing this because there is no nonlocal_bind option for
IPv6 (or I didn't search well enough (-: )
From the source code, it seems that IPv4 non local bind sysctl
also
applies to IPv6. Since 2.6.30.
Hmmm, then I'm going to
and stud have the same performance. For stunnel, you need
to use OpenSSL 1.0.0c or later to fix a performance problem. With
hyperthreading, I even got better results with stunnel.
If you use stunnel, use at least 4.45. It features sendproxy support.
--
Vincent Bernat ☯ http://vincent.bernat.im
think this would amend the difference with stud.
--
Vincent Bernat ☯ http://vincent.bernat.im
Make sure every module hides something.
- The Elements of Programming Style (Kernighan Plauger)
When enabling/disabling a server with POST to the stats page, the
order of the required params is important: the server name had to be
first. This patch allows to handle those parameters in any order.
---
src/proto_http.c | 45 +
1 files changed, 25
if the
parameters are already ordered.
Maybe, it's not worth it.
--
Vincent Bernat ☯ http://vincent.bernat.im
die_if_kernel(Whee... Hello Mr. Penguin, current-tss.kregs);
2.2.16 /usr/src/linux/arch/sparc/kernel/traps.c
how I understand it at least.
Yes. And solve session problem by using some kind of persistence, for
example source hashing load balancing algorithm.
--
Vincent Bernat ☯ http://vincent.bernat.im
panic (No CPUs found. System halted.\n);
2.4.3 linux/arch/parisc/kernel/setup.c
Default value for maxconn in the context of a proxy is 2000 and is
unrelated to any other value (like global ulimit-n or global
maxconn). Without an explicit a user may think that the default value
is either no limit or equal to the global maxconn value.
---
doc/configuration.txt |2 ++
1
❦ 27 juin 2012 20:13 CEST, Willy Tarreau w...@1wt.eu :
Default value for maxconn in the context of a proxy is 2000 and is
unrelated to any other value (like global ulimit-n or global
maxconn). Without an explicit a user may think that the default value
is either no limit or equal to the
❦ 25 juillet 2012 12:00 CEST, Stojan Rancic (Iprom) sto...@iprom.si :
is it possible to create a stats socket (or per-process stats socket)
when haproxy is configured with 'nbproc=2' or higher ?
Hi!
I am unsure if this is possible with a socket. However, you can do it
for the web interface.
With this option enabled, a TCPv6 socket will only listen for IPv6
packets. With this option absent, a TCPv6 socket will accept both IPv6
and IPv4 packets.
The system setting (net.ipv6.bindv6only) is ignored because many
people disagree with the default proposed by RFC 3493 (which is to
listen to
❦ 24 novembre 2012 12:01 CET, Vincent Bernat ber...@luffy.cx :
#ifdef TCP_FASTOPEN
-/* parse the defer-accept bind keyword */
+/* parse the tfo bind keyword */
static int bind_parse_tfo(char **args, int cur_arg, struct proxy *px, struct
bind_conf *conf, char **err)
I have embedded
❦ 12 décembre 2012 14:45 CET, Baptiste bed...@gmail.com :
Maybe some of you already experimented source port exhaustion.
Here is a blog post giving some information about it:
http://blog.exceliance.fr/2012/12/12/haproxy-high-mysql-request-rate-and-tcp-source-port-exhaustion/
Great post!
❦ 5 janvier 2013 09:06 CET, Willy Tarreau w...@1wt.eu :
Did you get a significant performance gain with padlock ? I've not had
the chance to test one yet. I don't even know if it requires an engine
or not. At least with aes-ni, it's included in the native code, you
don't need the engine
❦ 10 janvier 2013 00:24 CET, Willy Tarreau w...@1wt.eu :
It depends how AES-NI is compiled in your OpenSSL. On Ubuntu, AES-NI
support is builtin and selected automatically. But if people are using
implementations from Intel for older versions of OpenSSL, the engine
needs to be selected by
Hi!
Actually, the Unix stats socket is global. It is possible to pin it to
some processes, but it is not possible to have one Unix socket per
process. Has someone already tried to add the appropriate code to
declare several Unix sockets?
Thanks.
--
printk(Entering UltraSMPenguin Mode...\n);
❦ 17 avril 2013 01:00 CEST, Willy Tarreau w...@1wt.eu :
I've just recompiled haproxy 1.5 with the latest commits.
The patch containing a box to filter proxies is useful but I think we
should remove the autofocus keyword from the generated html.
Currently, it prevents using the keyboard to
❦ 6 juin 2013 10:55 CEST, Willy Tarreau w...@1wt.eu :
Thank you very much for this work, I'm sure this will be appreciated a lot
and will improve user experience by definitely getting rid of the old bogus
versions.
BTW, I am not alone on this. Debian packages are also maintained by
Apollon
❦ 8 juin 2013 00:49 CEST, hapr...@serverphorums.com :
While it's great to have more Ubuntu packages, especially for the dev
version, I took a look at the Ubuntu ecosystem and basically all the
packages are missing the USE_ZLIB to enable gzip compression.
It will be added in the next upload.
❦ 8 juin 2013 00:49 CEST, hapr...@serverphorums.com :
While it's great to have more Ubuntu packages, especially for the dev
version, I took a look at the Ubuntu ecosystem and basically all the
packages are missing the USE_ZLIB to enable gzip compression.
Gzip compression has been added to
❦ 24 juin 2013 14:50 CEST, Hervé COMMOWICK herve.commow...@lizeo-group.com :
Something i do in my personal package is to include halog tool, which is
in contrib directory, would be great if you can include that too.
OK, will do.
--
printk(MASQUERADE: No route: Rusty's brain broke!\n);
❦ 2 juillet 2013 10:39 CEST, Hudec Peter phu...@cnc.sk :
But for Debian this version is in experimental now ;( I will look if some
already done for Wheezy.
It's really easy to backport the version in experimental for Wheezy:
dget
❦ 24 juillet 2013 11:07 CEST, Willy Tarreau w...@1wt.eu :
Indeed. I have no idea why we're observing these differences, and I
don't know if the libc uses heuristics to decide to memset() the
area or not.
Unless there is an alternative malloc hooked, the libc heavily relies on
the fact that
❦ 10 septembre 2013 10:18 CEST, Josip Lazic jo...@togs.biz :
Something i do in my personal package is to include halog tool, which is
in contrib directory, would be great if you can include that too.
OK, will do.
Do you know when you will be able to include halog? Thanks.
It has been
❦ 29 septembre 2013 18:30 CEST, Willy Tarreau w...@1wt.eu :
So maybe we should in fact stop setting PCREDIR to $(pcre-config --prefix),
which will result in PCRE_INC/PCRE_LIB remaining silent unless PCREDIR is
forced. I suspect the following patch should fix it :
diff --git a/Makefile
❦ 29 septembre 2013 22:27 CEST, Vincent Bernat ber...@luffy.cx :
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
haproxy: ...
$(AM_V_CCLD)$(LINK) $(haproxy_OBJECTS
❦ 30 septembre 2013 11:30 CEST, Willy Tarreau w...@1wt.eu :
I would use `pcre-config --libs` and `pcre-config --cflags` instead. The
user can still override this on make command line.
PCRE_CFLAGS := $(shell pcre-config --cflags)
PCRE_LIBS := $(shell pcre-config --libs)
But these would
❦ 30 septembre 2013 13:01 CEST, Apollon Oikonomopoulos apoi...@gmail.com :
My version of pcre-config (8.30, also tested with 8.31) includes:
libS=
if test ${prefix}/lib/x86_64-linux-gnu != /usr/lib ; then
libS=-L${prefix}/lib/x86_64-linux-gnu
fi
Update:
Debian's 8.31
❦ 6 juin 2013 09:08 CEST, Vincent Bernat ber...@luffy.cx :
If you want to use prebuilt packages for HAProxy for Debian or Ubuntu,
here is what is available:
[...]
Hi!
You can now find the same information on this page:
http://haproxy.debian.net/
HAProxy 1.5 for Wheezy has also been added
❦ 22 février 2014 14:55 CET, Willy Tarreau w...@1wt.eu :
It depends if you have some servers in common or not. The system will
always allow multiple outgoing connections to share the same local
source ip:port as long as they don't go to the same destination ip:ports
since a connection is
❦ 23 février 2014 10:31 CET, Willy Tarreau w...@1wt.eu :
It depends if you have some servers in common or not. The system will
always allow multiple outgoing connections to share the same local
source ip:port as long as they don't go to the same destination ip:ports
since a connection is
❦ 23 février 2014 12:25 CET, Willy Tarreau w...@1wt.eu :
I suppose this is in combination with SO_REUSEADDR (otherwise, bind()
would fail). It's good to know:
tcpESTAB 0 0 192.168.116.1:3754474.125.132.104:80
tcpESTAB 0 0
❦ 6 mars 2014 16:15 CET, Jonathan Matthews cont...@jpluscplusm.com :
1) On restart/reload/disabled-server-now-enabled-via-admin-interface,
haproxy considers a server to be 1 health check away from going down,
but considers it *initially* up.
On reload, haproxy could wait for a whole round
❦ 17 avril 2014 08:59 CEST, Vincent Bernat ber...@luffy.cx :
Is there a 1.5~dev22 deb package for Ubuntu 14.04 (trusty)?
I've found the following ppa but it only has package for Ubuntu 13.10
and below.
https://launchpad.net/~vbernat/+archive/haproxy-1.5
I will update the repository
❦ 25 avril 2014 17:22 CEST, Willy Tarreau w...@1wt.eu :
- ssl: Add standardized DH parameters = 1024 bits
(I still don't understand what this is about, I'm clearly far from
being even an SSL novice). I have no idea whether it can be related
or not, but at least you're using SSL
❦ 26 avril 2014 10:20 CEST, Willy Tarreau w...@1wt.eu :
- ssl: Add standardized DH parameters = 1024 bits
(I still don't understand what this is about, I'm clearly far from
being even an SSL novice). I have no idea whether it can be related
or not, but at least you're using
❦ 26 avril 2014 12:51 CEST, Willy Tarreau w...@1wt.eu :
- leave the situation as it is now, and let users concerned with security
use a static 2048 bits (or larger) static DH parameter in the certificate
file ;
- recommit the patch I submitted as it is, and let users concerned with
the
. Ubuntu is providing debug symbols for almost
everything. Tracepoints are still interesting as they can be listed and
they are hand-picked.
From 504504f2f8c13f077f09e0906cd7e7d3ca405acc Mon Sep 17 00:00:00 2001
From: Vincent Bernat vinc...@bernat.im
Date: Wed, 7 May 2014 18:18:07 +0200
Subject: [PATCH
❦ 7 mai 2014 22:19 +0200, Willy Tarreau w...@1wt.eu :
Here is a proof of concept. To test, use `make TARGET=linux2628
USE_DTRACE=1`. On Linux, you need systemtap-sdt-dev or something like
that. Then, there is a quick example in example/haproxy.stp.
Interesting, but just for my
❦ 7 mai 2014 22:56 +0200, Vincent Bernat ber...@luffy.cx :
So the main interest of those probes are:
* low overhead, they can be left in production to be here when you
really need them
And you enable/disable them while the program is running.
--
panic (No CPUs found. System halted.\n
❦ 23 mai 2014 17:10 +0200, Ghislain gad...@aqueos.com :
/etc/apt/preferences.d/haproxy
Package: haproxy
Pin: origin haproxy.debian.net, version 1.5*
Pin-Priority: 995
Package: *
Pin: origin haproxy.debian.net
Pin-Priority: -10
For me, pinning on both origin and version doesn't work. I
❦ 23 mai 2014 20:22 +0300, pablo platt pablo.pl...@gmail.com :
Something like this for haproxy will bring confident and prevent
confusion and questions.
http://nginx.org/en/linux_packages.html
haproxy.debian.net is just a static page. We could host it on
haproxy.net if it helps (and apply
❦ 28 mai 2014 18:11 +0200, Willy Tarreau w...@1wt.eu :
Feedback welcome as usual,
When compiling with -Werror=format-security (which is a common settings
on a Debian-based distribution), we get:
src/dumpstats.c:3059:4: error: format not a string literal and no format
arguments
❦ 28 mai 2014 22:59 +0200, Willy Tarreau w...@1wt.eu :
When compiling with -Werror=format-security (which is a common settings
on a Debian-based distribution), we get:
src/dumpstats.c:3059:4: error: format not a string literal and no format
arguments [-Werror=format-security]
❦ 28 mai 2014 23:16 +0200, Willy Tarreau w...@1wt.eu :
src/dumpstats.c:3059:4: error: format not a string literal and no format
arguments [-Werror=format-security]
chunk_appendf(trash, srv_hlt_st[1]); /* DOWN (agent) */
^
srv_hlt_st[1] is DOWN %s/%s, so this is not even a
❦ 29 mai 2014 01:04 +0200, Willy Tarreau w...@1wt.eu :
const char * hello means hello is a pointer to a const char. You may want
to say const char * const hello. But gcc doesn't seem to handle it
either (but clang does).
Yes it does but it doesn't change its verdict. The test is really
❦ 23 juin 2014 18:14 +0200, Markus Rietzler w...@mrietzler.de :
to switch off tls compression (because of beast/crime attack) with tls
v1.0 and compression. can i deactivate it in haproxy too?
haproxy disables SSL compression and there is no flag to enable
it. However, disabling SSL
❦ 30 juin 2014 15:54 +0200, Klavs Klavsen k...@vsen.dk :
As far as I can gather - that would mean it will run out of ports, when
it hits about 64k connections being open.
But perhaps ports can be reused, if they are used against different
backends ? (ie. the max open connection amount in
❦ 6 juillet 2014 19:00 +0200, Pavlos Parissis pavlos.paris...@gmail.com :
It works and I can get up to 34K transactions/sec as reported by siege,
I am quite happy with that. But the statistics are not correct. The
stats pages reports 1/12th of sessions.
With your configuration, a request to
❦ 9 juillet 2014 14:28 GMT, Зайцев Сергей Александрович
s.zayt...@r-style.com :
I want to automatically udpate HaProxy's configuration depending on my
app's state. I mean, that when I have a number of components running,
I update my ZooKeeper configuration as soon as new node joins the
❦ 17 juillet 2014 16:36 +0400, Aleksandr Vinokurov aleksandr@gmail.com :
I'm asked to evaluate possible pitfalls about subj. Can you point me
to any info?
Without a POSIX layer like Cygwin, this is unlikely to work. With
Cygwin, poll() is mapped to select() so you won't be able to handle
❦ 23 juillet 2014 16:48 +0200, Nicolas Grilly nico...@vocationcity.com :
If I'm correct on the above, then I don't understand why the problem
is limited to connections during the 3WHS. Why established connections
are not lost? Why are they transferred correctly from the old to the
new
❦ 5 septembre 2014 20:38 +0300, Juho Mäkinen j...@unity3d.com :
Restricting the list to subscribed user (subonlypost) is not a
good thing either
May I ask why this is not a good thing? I see no valid reason why not
subscribed members should be allowed to post. The subscription
❦ 7 octobre 2014 14:18 +0200, Willy Tarreau w...@1wt.eu :
I waited about a month. Here is a pull request and you can see the
diff also https://github.com/haproxy/haproxy/pull/3
OK, I didn't notice that haproxy-* would automatically ignore doc/haproxy-*
simply because there are currently
❦ 25 novembre 2014 16:46 +0100, Emeric Brun eb...@haproxy.com :
Indeed on haproxy.com appliances, we made the choice to dedicate several
cores/CPUs for NICs interrupts (manual bind, no usage of irqbalance) and
to dedicate one other for the haproxy process with nbproc=1.
On a related topic,
❦ 8 décembre 2014 11:30 -0600, Vivek Malik vivek.ma...@gmail.com :
I am using rand(x) in configuration to make some routing decisions. I
am basically load balancing between backends and using the following
configuration
use_backend bk_1 { rand(100) le 50 }
default_backend bk_2
However,
❦ 8 décembre 2014 23:20 +0100, Vincent Bernat ber...@luffy.cx :
Assuming that RAND_MAX is always a power of two - 1, 32 could be
replaced by a precomputed value of ffs(RAND_MAX+1)-1.
ebtree defines a fls64() function which seems best suited (RAND_MAX+1
could overflow). Here is a proposed
is an updated patch:
From ec4e0abebcb2258cba550820b316d30137310a52 Mon Sep 17 00:00:00 2001
From: Vincent Bernat vinc...@bernat.im
Date: Wed, 10 Dec 2014 10:31:37 +0100
Subject: [PATCH] BUG/MEDIUM: sample: fix random number upper-bound
random() will generate a number between 0 and RAND_MAX. POSIX mandates
❦ 11 décembre 2014 17:03 GMT, David Adams dr...@yahoo.com :
I tried this. I ran it like this:
/usr/local/sbin/haproxy -db -f /etc/haproxy/haproxy.cfg
which obviously didn't return as the process ran. Then at the
crashtime (a few seconds past 17:00), that process terminated and the
❦ 12 décembre 2014 02:08 GMT, David Adams dr...@yahoo.com :
I ran strace on it just before CRASHTIME. It stopped on cue, with an
exit code of 134.
The strace output is here: haproxy strace - Pastebin.com
As you'll see, it looks very strange - immediately after a series of
futex calls
❦ 22 janvier 2015 11:47 +0800, hu.zhang hu.zh...@dev.bessystem.com :
Thank you for your quick reply. I did a test in this way. I found the
maximum connection time into 3S. Our client is particularly concerned
about the http response time. Do you have another way to add/remove
the servers?
/20a4d774095eecfd8cb9
--
Vincent Bernat — vincent.ber...@exoscale.ch
❬❱ http://www.exoscale.ch
❦ 16 février 2015 14:31 +0100, Lukas Tribus luky...@hotmail.com :
As I understand wikipedia - it is discouraged to use ECMP for
loadbalancing.. Load balancing by per-packet multipath routing is
generally deprecated due to the impact of rapidly changing latency,
packet reordering..
Nobody
❦ 16 février 2015 14:07 +0100, Klavs Klavsen k...@vsen.dk :
You use ECMP for load-balancing between different servers in a
single PoP/DC and anycast to route the request to the nearest PoP/DC.
As I understand wikipedia - it is discouraged to use ECMP for
loadbalancing.. Load balancing by
❦ 10 mars 2015 15:48 GMT, Jonathan Matthews cont...@jpluscplusm.com :
http://backports.debian.org/wheezy-backports/overview/ reports that
it's up to date with 1.5, but is only making 1.5.8 available. Does
anyone have any insight into why this might be and how/if one might
help the situation?
❦ 24 mars 2015 07:45 -0400, jeff saremi jeffsar...@hotmail.com :
#!/bin/sh
pidfile=/data/haproxy.pidhaproxy -db \
-f /haproxy-1.5.8/haproxy.cfg -p $pidfile \
-sf $(cat $pidfile)
The shell does variable substitution first, then execute the
line. Hence, $pidfile is expanded to , not
❦ 24 février 2015 15:17 +0100, Nenad Merdanovic nmer...@anine.io :
+tls-ticket-keys keyfile
+ Sets the TLS ticket keys file to load the keys from. The keys need to be 48
+ bytes long, encoded with base64 (ex. openssl rand -base64 48). Number of
keys
+ is specified by the TLS_TICKETS_NO
❦ 25 février 2015 16:17 +0100, Mathieu Sergent mathieu.sergent...@gmail.com :
I want to know if a MIB for HAProxy is available ?
IT depends what you call a MIB.
Aloha (the packaged HAProxy by HAProxy Tech) comes with a MIB:
https://www.haproxy.com/download/aloha/mibs/EXCELIANCE-MIB.txt
But
❦ 7 mai 2015 13:11 +0100, Neil - HAProxy List
maillist-hapr...@iamafreeman.com :
I'm after a 'definitivish' reference for setting up conntrack
I've been hit by having too small table on some new VMs as ubuntu, by
default, sizes the table by memory size.
Before that I was completely
❦ 5 avril 2015 09:33 GMT, Cohen Galit galit.co...@comverse.com :
Hello HAProxy team,
How can I perform a graceful shutdown to HAProxy?
I mean, not by killing process with pid.
You can send the USR1 signal. HAProxy will stop once all connections
have been closed.
--
The devil can cite
❦ 23 juin 2015 11:32 +0200, Hoggins! fucks...@wheres5.com :
On my opinion, the problem is not the antispam filter, it's the right to
communicate on that mailing-list. How come a mail such as
3207947...@qq.com is allowed to post things about those damn LED bulbs ?
Isn't there a simple way to
❦ 1 juin 2015 12:24 +0200, Willy Tarreau w...@1wt.eu :
Yep, there's the git tree here and you can get a snapshot there :
http://git.1wt.eu/web?p=libslz.git
http://git.1wt.eu/web?p=libslz.git;a=snapshot;sf=tgz
For some reason, I am unable to clone the repository:
$ GIT_CURL_VERBOSE=1
❦ 1 juin 2015 09:46 +0200, Willy Tarreau w...@1wt.eu :
- support for stateless zip compression with libslz (merged) : this
doesn't waste memory anymore and compresses about 3 times faster
than zlib, at a lower compression ratio.
Do you not provide a shared library on purpose? Will
❦ 1 juin 2015 12:24 +0200, Willy Tarreau w...@1wt.eu :
On Mon, Jun 01, 2015 at 11:32:18AM +0200, Vincent Bernat wrote:
??? 1 juin 2015 09:46 +0200, Willy Tarreau w...@1wt.eu :
- support for stateless zip compression with libslz (merged) : this
doesn't waste memory anymore
❦ 22 juillet 2015 17:22 +0530, Sachin Shetty sshe...@egnyte.com :
We have started using Http trailers in http chunked request. Http trailers
are pretty well defined in the spec but seems like not widely used.
Are they supported by browsers? Last time I checked, this was not the
case (at least
❦ 23 juillet 2015 08:41 +0200, Willy Tarreau w...@1wt.eu :
I suppose that either -ldl could be added to OPTIONS_LDFLAGS append,
like this is done for -lm. Or USE_DL section could be moved towards the
end. I think the first solution is better since libdl seems to be a
dependency of lua.
❦ 11 juillet 2015 14:20 +0200, Lukas Tribus luky...@hotmail.com :
Thanks for the detailed repro. This bug is fixed in release 1.5.10 by commit
ed061c0590 (BUG/MEDIUM: config: do not propagate processes between stopped
processes) [1].
Quoting from the commit:
Immo Goltz reported a case of
❦ 13 juillet 2015 19:58 +0200, Vincent Bernat ber...@luffy.cx :
I suppose that either -ldl could be added to OPTIONS_LDFLAGS append,
like this is done for -lm. Or USE_DL section could be moved towards the
end. I think the first solution is better since libdl seems to be a
dependency of lua
❦ 13 juillet 2015 19:16 +0200, bjun...@gmail.com bjun...@gmail.com :
make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_LUA=yes
LUA_LIB=/opt/lua53/lib/ LUA_INC=/opt/lua53/include/ LDFLAGS=-ldl
resulting error:
.
.
.
gcc -ldl -o haproxy src/haproxy.o src/sessionhash.o
❦ 21 juillet 2015 00:55 +0200, thierry.fourn...@arpalert.org :
On my computer (debian), the classic command line build used on the
last dev version with your patch uses the -ldl two times:
make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 \
USE_LUA=1
❦ 29 octobre 2015 15:16 -0400, Chris Riley :
> Reloading haproxy: [ALERT] 301/141300 (25939) : Starting proxy
> haproxy-stats: cannot bind socket [192.168.10.27:80]
> [ALERT] 301/141300 (25939) : Starting proxy haproxy-fe1: cannot bind
> socket [192.168.200.100:80]
>
1 - 100 of 285 matches
Mail list logo