Hi everyone,
this is the end of a harrassing week! I wanted to issue dev6 last monday
to have a calm week dedicated to bug fixes and documentation updates only
and it ended up completely differently with numerous painful bugs rising
at the same time while Thierry was testing his Lua update which uncovered
a mess at the applet layer (well, shared between applets and Lua). After
about 260 e-mails exchanged, thousands of tests and probably a lot of hair
lost due to head scratching we ended up fixing all the remaining ones last
night.
So this version comes with a number of important and less important fixes,
and still a few feature updates that despite the feature freeze were
desirable to have before the release.
Regarding the bugs first, all reported bugs and all the ones we found
during the Lua vs applet debugging were fixed in this version, including
the error on UDP sockets on FreeBSD, the issues causing Lua socket data
to be truncated, other issues causing the CLI to sometimes ignore client
disconnect and leak connections, and bugs affecting peers. The complete
changelog below lists 134 patches among which 35 bug fixes. A few of these
fixes will be backported to 1.5 as well.
22 patches concern doc updates, which is in line with our expectations for
an approaching release. I have still not found the time to write the last
missing doc piece allowing us to get rid of haproxy-{en,fr}.txt.
Now regarding the last-minute changes that were merged :
- server-state conservation across reload that we've long been talking
about was finally merged. Please check the backend directive
load-server-state-from-file in the doc.
- cpu-map is now supported on FreeBSD.
- 51degress device identification changed their API to support last
version (3.2). I didn't like this last-minute change but I understand
that sometimes it is better to do that before the release than being
forced to maintain an older API. The new implementation supports both
a fetch method (to inspect all headers) and a converter (to inspect
only a specific one). Please test this as the changes were important!
- DeviceAtlas also updated their module to support both a sample fetch
function and a converter. Please test this as well, the changes were
much smaller and I'm less worried though.
- Lua: change in the way actions are registered : instead of calling
random functions from haproxy, only registered ones may be accessed,
this is much safer to avoid namespace collisions over the long term
and to avoid mistakes due to similar looking function names.
- Lua: do not limit socket addresses to IPv4/IPv6, support the same
address classes as servers (including unix and abstract namespaces).
- Lua: add support for applet registration usable via the new
"use-service" directive. This allows a script to process contents
that are not limited to the size of a buffer anymore. It provides
easy mapping for TCP and HTTP manipulation so that servers are easy
to write. Thierry showed me that he could reimplement the haproxy
stats page entirely in Lua using this, so that was definitely something
to have before the release so that people don't feel limited anymore in
what they can do in Lua.
- TCP actions: "silent-drop". Finally it got merged as the actions
registration mechanism made it a no-brainer. It works like a deny except
that it tries to prevent the TCP RST from reaching the client, so that's
quite efficient against certain bots and scripts as their connections
remain established on their side only. It works on Linux and could
possibly work on other systems (not tested).
- As discussed today, tune.maxrewrite now defaults to 1024 with an upper
bound set to tune.bufsize/2. This remains compatible with existing configs
and wastes less space by default, allowing larger requests or responses to
be processed by default without using more resources.
- log: support for RFC5424 header format and structured data. The principle
is that each log server can be individually set to use RFC3164 (the common
one) or RFC5424 header format (the new one). When using this new format,
it is possible to pass some key-value pairs in a structed data block,
which is currently built using a new directive "log-format-sd". That's
important for people who capture a lot of fields and update them often.
Regarding pending things for the release (but non-critical so they may slip
a little bit), I've noted :
- doc updates ; [ Cyril I've just noticed your patch after this release ]
- removal of obsolete examples, write new simpler, clearer ones ;
- possibly minor code cleanups / files renaming to get rid of some
confusion now that we're not supposed to move large code blocks
anymore ;
- improvements in the processing of the Lua timeout which strikes after
4 seconds of existence instead of 4s of activity (initially these were
the same but with co-sockets it starts to make a difference).
I'd have loved to issue -final next monday but with Kernel Recipes this
week I won't have time to spend on the doc. Thus I'd like people to test
and report bugs if they still find any. If we fix significant bugs this
week, we issue dev7 early next week with -final the weak after once the
doc is finished. If there's no need for -dev7, we'll skip it. Conversely,
if people would like more time to test things or adjust certain parts
before the release, it's not too late to ask. We don't have a strict
schedule, it's just that there's no point delaying continuously, so we
can slip a little bit more if it ends up with greater quality.
Usual URLs below :
Site index : http://www.haproxy.org/
Sources : http://www.haproxy.org/download/1.6/src/devel/
Git repository : http://git.haproxy.org/git/haproxy.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy.git
Changelog : http://www.haproxy.org/download/1.6/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.com/haproxy-dconv/intro-1.6.html
Cyril's HTML doc :
http://cbonte.github.com/haproxy-dconv/configuration-1.6.html
Cheers,
Willy
