Hi folks,
OK it's been a while since 1.4.8 was released, but a few bugs were pending
and a few features were requested too. So I have put everything I had pending
in the latest snapshot, which I will release as 1.4.9 if nothing new surfaces
by the end of the week-end.
The main bugs fixed are :
- if the stats timeout was set before the stats socket was declared in the
global section, the process would crash when parsing the config ;
- HTTP header parsing used to consider commas as delimitors even within quotes
- in case of memory shortage, it was possible that a listener was disabled and
left in a dirty state ;
- a close on an HTTP socket which contains unread data can result in truncated
responses under Linux. This has been observed only on POST requests with a
buggy client which used to add a CRLF after the end of posted data. I want
to particularly thank Dietrich Hasselhorn for the massive amount of tests
and captures he has done to troubleshoot this nasty issue.
- disabled servers could drain the requests in the proxy queue
- when a backend lost its last server, the log could be emitted as many times
as it had zero-weight servers.
- some info about the remaining number of servers was missing in the logs
- many typo fixes in the doc and config parser hints
That's about all for the fixes. Now there have been improvements :
- the ECV patch was finally merged, 18 months after its first incarnation !
It makes it possible to perform health checks based on the contents of a
page. All remaining bugs were fixed, including the fact that it still did
not work with responses that were spanned over multiple packets. Now the
check buffer size can be independantly configured. At least 5 persons
worked quite hard on this patch, so this is a real achievement.
- Judd Montgomery and Cyril Bonté's work to support setting servers up/down
from the stats interface has been merged. It's only enabled if a condition
on "stats admin" is true, so there is no risk of accidentely making it
appear. This is something that many people have been asking for in the past
and they did a really great work.
- LDAPv3 health checks are now supported (work done by Gabor Lekeny)
- MySQL checks now support a user name (work by Hervé Commowick)
- Mathieu Trudel's Cacti templates were merged
- When "option abortonclose" is set and a client disconnects while waiting
for the server, now we forward the close notification to the server. That
way the server can decide whether to continue or close. This is important
for servers dealing with long polling requests.
- A server configured as 0.0.0.0 would cause the connection to be processed
by the system and forwarded to any local address on the machine. Since this
is stupid and causes unexpected issues, now the connection is forwarded to
the original destination address, which makes it similar to how the
"transparent" keyword works.
- http-pretend-keepalive and httpclose can now be used simultaneously
- the cookie parser has been reworked in order to support spaces around the
equal sign, as well as various horrors inherent to the ambiguities left in
RFC2109 and RFC2965. It is now compatible with all that is explicitly and
implicitly permitted by both, as well as with the latest draft which is
about to become the new RFC. This fix will probably be backported to 1.3.
- cookie-based persistence now supports a new "preserve" keyword, which tells
haproxy not to remove/replace the server's cookie if any is set. This allows
servers to remove the persistence cookie themselves after a logout or when
they're going into an application maintenance mode.
- cookie-based persistence also supports expirable cookies, with a "maxidle"
and a "maxlife" settings. The idea is that with new handheld terminals, it
is becoming common to see browsers that are never closed and which stick
forever to the same server. This is particularly problematic after an
important server failure, because you could have many people on just a few
servers for days or weeks, even if there are idle servers left. These new
settings let us choose how long an terminal may remain silent without being
redispatched, as well as how long a session may last at all. New flags were
added to the logs ('U'pdate, 'E'xpired, 'O'ld) to indicate the cookie state.
Please note that this feature only relies on cookie data and does not make
use of stored cookies. It is possible that I'll backport that to 1.3 too
because there is some insisting demand for this, specially due to the rise
of iPhone terminals.
- a new ACL match was added : http_req_first. It returns true only for the
first request of a connection. This can help fix some situations where a
header needs to be added/changed only in the first request.
- halog has been improved to report stats per termination codes
Wow. That's all. I have not done the IPv6 version of the "forwardfor except"
that was discussed a few days ago because I realized that it required some
primitives to perform IPv6 mask matches and such things, which would have
delayed the release further. All that was already too much work for a stable
release (especially due to the ECV patch), next time I'll be more careful.
It is very possible that I missed a few things, eventhough I've been careful.
So if you have anything pending that is trivial enough not to cause regressions
and that you would like in 1.4, please ask before sunday evening.
The snapshot and its changelog are available here :
http://haproxy.1wt.eu/download/1.4/src/snapshot/
http://haproxy.1wt.eu/download/1.4/src/snapshot/CHANGELOG
http://haproxy.1wt.eu/download/1.4/src/snapshot/haproxy-ss-LATEST.tar.gz
After that, I'm planning on forward-porting all that into 1.5 and merging what
I have for 1.5 before a new -dev release. More info on this later.
Cheers,
Willy
