congrats!
On Thu, Jun 19, 2014 at 12:54 PM, Willy Tarreau <w...@1wt.eu> wrote: > Hi everyone, > > The list has been unusually silent today, just as if everyone was waiting > for something to happen :-) > > Today is a great day, the reward of 4 years of hard work. I'm announcing > the > release of HAProxy 1.5.0. > > For people who don't follow the development versions, here are the most > noticeable features that 1.5 brings over 1.4 : > - native SSL support on both sides with SNI/NPN/ALPN and OCSP stapling. > - IPv6 and UNIX sockets are supported everywhere > - end-to-end HTTP keep-alive for better support of NTLM and improved > efficiency in static farms > - HTTP/1.1 response compression (deflate, gzip) to save bandwidth > - PROXY protocol versions 1 and 2 on both sides > - data sampling on everything in request or response, including payload > - ACLs can use any matching method with any input sample > - maps and dynamic ACLs updatable from the CLI > - stick-tables support counters to track activity on any input sample > - custom format for logs, unique-id, header rewriting, and redirects > - improved health checks (SSL, scripted TCP, check agent, ...) > - much more scalable configuration supports hundreds of thousands of > backends > and certificates without sweating > > Since dev26, a few bugs were fixed, and some low-importance things were > integrated. Basic OCSP stapling support from Dirkjan and Emeric was > finally merged. Sasha's header replace actions were merged as well. I've > added a few more info in the stats page (avg response times) and CSV > output (health check status), added support for PROXY v2 on the accept > side, and added the "capture" action on tcp-request in order to log > contents such as SNI or payload. Rémi's dh-param was finally integrated. > > People love numbers, so here are a few : > > From 1.4.0 to 1.5.0, we had : > - 1574 calendar days (4 yr 3 mon) > - 26 development versions (one every 2 months on average) > - 540 bugs fixed (387 added during 1.5, 153 affecting 1.4 as well) > - 2549 commits > - 683 unique commit dates (at least this many days worked) > - up to 24 commits per day > - 69712 lines removed, 122279 lines added > - many extremely useful bug reports (too many to list) > - 73 code/doc contributors : > > Adrian Bridgett, Alex Davies, Aman Gupta, Andreas Kohn, > Apollon Oikonomopoulos, Arnaud Cornet, Baptiste Assmann, Bertrand > Jacquin, > Bhaskar Maddala, Conrad Hoffmann, Cyril Bonté, Daniel Schultze, > David BERARD, David Cournapeau, David S, David du Colombier, Delta Yeh, > Dirkjan Bussink, Dmitry Sivachenko, Emeric Brun, Emmanuel Hocdet, > Evan Broder, Finn Arne Gangstad, Gabor Lekeny, Geoff Bucar, Wei Zhao, > Guillaume Castagnino, Guillaume de Lafond, Hervé COMMOWICK, > Hiroaki Nakamura, James Voth, Jamie Gloudon, Jarno Huuskonen, > Joe Williams, Joshua M. Clulow, Julien Vehent, Justin Karneges, > Kevin Hester, Kevin Musker, Kristoffer Grönlund, Krzysztof Piotr Oledzki, > Lukas Tribus, Marc-Antoine Perennou, Mark Lamourine, Mathieu Trudel, > Michael Scherer, Neil Prockter, Nenad Merdanovic, Nick Chalk, > Olivier Burgard, Oskar Stolc, Patrick Mézard, Pieter Baauw, > Prach Pongpanich, Rauf Kuliyev, Remi Gacogne, Sagi Bashari, Sasha Pachev, > Sean Carey, Sergiy Prykhodko, Simon Horman, Simone Gotti, > Stathis Voukelatos, Tait Clarridge, Thierry Fournier, Todd Lyons, > Vincent Bernat, William Lallemand, William Turner, Willy Tarreau, > Yuxans Yao, Yves Lafon. > > Additionally, we are very thankful to a few organisations who have > sponsored > the development of certain advanced features which required to dedicate a > person or a team for a significant amount of time (I hope I have not missed > any) : > - HAProxy Technologies (formerly Exceliance) > - Loadbalancer.org > - StackOverflow > - SmartFile > - SmugMug > - ImageShack > > Don't forget to offer a beer to your distro packagers who make your life > easier. It's hard to list them all, but if you don't build from sources, > you're likely running a package made and maintained by one of these people > : > - debian: Vincent Bernat, Apollon Oikonomopoulos, Prach Pongpanich > - Fedora: Ryan O'hara > - OpenSuSE: Marcus Rückert > - other? just report yourself! > > And last, I'd like to assign a special mention to our most active mailing > list supporters during that period who make the project a reality by off- > loading the support task from developers, and kindly help our 800 permanent > subscribers on a daily basis, BIG THANKS to you guys : > - Baptiste Assmann > - Lukas Tribus > - Cyril Bonté > - Jonathan Matthews > - Thomas Heil > > For the HAProxy development team here in France, it will be time to do > some errands and buy some Champagne to celebrate the event :-) > > Now the practical things. 1.5 now enters in maintenance status and the > development continues with 1.6-dev0 which is the exact equivalent of > 1.5.0. The links have been updated below. Note the removal of /devel/ > for the sources and the introduction of haproxy-1.5.git since this is > not the development tree anymore : > > Site index : http://www.haproxy.org/ > Sources : http://www.haproxy.org/download/1.5/src/ > Git repository : http://git.haproxy.org/git/haproxy-1.5.git/ > Git Web browsing : http://git.haproxy.org/?p=haproxy-1.5.git > Changelog : http://www.haproxy.org/download/1.5/src/CHANGELOG > Cyril's HTML doc : > http://cbonte.github.com/haproxy-dconv/configuration-1.5.html > > I'm figuring that tomorrow is Friday. Guys, be reasonable, don't forget the > good old principle of not upgrading on Fridays, try to hold on till monday > if you can :-) > > BTW, since I've got this question off-list a number of times now, yes we're > going to release updated HAPEE packages very soon, please keep an eye on > it : > > https://www.haproxy.com/products/haproxy-enterprise-edition/ > > And finally the changelog since 1.5-dev26. > > Have fun an as usual, please report anything abnormal you'd face up, but > after checking the doc. > > Willy > > -------- > 2014/06/19 : 1.5.0 > - MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'. > - MEDIUM: ssl: basic OCSP stapling support. > - MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl > ocsp-response' > - MEDIUM: ssl: add 300s supported time skew on OCSP response update. > - MINOR: checks: mysql-check: Add support for v4.1+ authentication > - MEDIUM: ssl: Add the option to use standardized DH parameters >= > 1024 bits > - MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange > by using the cipher description. > - MEDIUM: http: add actions "replace-header" and "replace-values" in > http-req/resp > - MEDIUM: Break out check establishment into connect_chk() > - MEDIUM: Add port_to_str helper > - BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin > and server-fin) in defaults section. > - BUG/MEDIUM: Fix unhandled connections problem with systemd daemon > mode and SO_REUSEPORT. > - MINOR: regex: fix a little configuration memory leak. > - MINOR: regex: Create JIT compatible function that return match > strings > - MEDIUM: regex: replace all standard regex function by own functions > - MEDIUM: regex: Remove null terminated strings. > - MINOR: regex: Use native PCRE API. > - MINOR: missing regex.h include > - DOC: Add Exim as Proxy Protocol implementer. > - BUILD: don't use type "uint" which is not portable > - BUILD: stats: workaround stupid and bogus -Werror=format-security > behaviour > - BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new > transaction > - CLEANUP: http: don't clear CF_READ_NOEXP twice > - DOC: fix proxy protocol v2 decoder example > - DOC: fix remaining occurrences of "pattern extraction" > - MINOR: log: allow the HTTP status code to be logged even in TCP > frontends > - MINOR: logs: don't limit HTTP header captures to HTTP frontends > - MINOR: sample: improve sample_fetch_string() to report partial > contents > - MINOR: capture: extend the captures to support non-header keys > - MINOR: tcp: prepare support for the "capture" action > - MEDIUM: tcp: add a new tcp-request capture directive > - MEDIUM: session: allow shorter retry delay if timeout connect is > small > - MEDIUM: session: don't apply the retry delay when redispatching > - MEDIUM: session: redispatch earlier when possible > - MINOR: config: warn when tcp-check rules are used without option > tcp-check > - BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN > protocol > - DOC: proxy protocol example parser was still wrong > - DOC: minor updates to the proxy protocol doc > - CLEANUP: connection: merge proxy proto v2 header and address block > - MEDIUM: connection: add support for proxy protocol v2 in accept-proxy > - MINOR: tools: add new functions to quote-encode strings > - DOC: clarify the CSV format > - MEDIUM: stats: report the last check and last agent's output on the > CSV status > - MINOR: freq_ctr: introduce a new averaging method > - MEDIUM: session: maintain per-backend and per-server time statistics > - MEDIUM: stats: report per-backend and per-server time stats in HTML > and CSV outputs > - BUG/MINOR: http: fix typos in previous patch > - DOC: remove the ultra-obsolete TODO file > - DOC: update roadmap > - DOC: minor updates to the README > - DOC: mention the maxconn limitations with the select poller > - DOC: commit a few old design thoughts files > ---- > > >
