Good morning, Got my coffee ready before I read and reply:-)
On 25/10/2016 12:42 πμ, Lukas Tribus wrote: > Hello, > > > Am 24.10.2016 um 22:32 schrieb Pavlos Parissis: >> >> IMHO: Ask the users to not perform reloads every 2miliseconds. It is >> insane. You may spend X hours on this which will make the code a bot more >> complex and cause possible breakages somewhere else. > > Not fixing *real world issues* because we don't agree with the use-case or > there is a design misconception somewhere else is dangerous. We don't have to > support every single obscure use-case out there, that's not what I am saying, > but systemd is a reality; as is docker and periodic reloads. > > You are talking about 2 milliseconds, but that is just the testcase here, > think about how long haproxy would need to start when it has to load > thousands of certificates. Probably more than a few seconds (I don't have any > clue), and it would be pretty easy to create a mess of processes, not because > of docker/cloud orchestration/whatever, but in SSH by hitting reload two > times in a row manually. > > I don't want to be scared of hitting reload two times even if I'm on a > systemd based box with heavy SSL traffic. In fact, I *do* wanna be able to > reload haproxy every 2 ms, not because I need it, but because the alternative > would mean I need to remember to be "always careful" about that "strange > issue with systemd which is not our fault" and make sure my colleague is not > doing the same thing I'm doing and we reload simultaneously. I don't want to > run my infrastructure like a house of cards. > > This is not limited to fancy new cloud orchestration technologies and it is > not a minor issue either. > > All valid points. The bottom line is to trust the reload process that wont cause unexpected behavior regardless the frequency of reloads and wallclock of a single reload. > >> I am pretty sure 90% of the cases which require so often reload are the >> ones which try to integrate HAProxy with docker stuff, where servers in the >> pools are treated as ephemeral nodes, appear and disappear very often and >> at high volume. > > Not sure if I understand you here correctly, but this sounds like you are > implying that we shouldn't spend time fixing issues related to docker (and > similar technologies). I have to disagree. > Οn the contrary, I have requested for ETA of DNS SRV functionality, which allows to extend and shrink the backend without reload, and I have also requested for the ability to add/remove servers via the socket. All these because I need to support docker on my environments:-) The high frequency of reloads on docker environment is the result of missing the above 2 functionalities. > > We may not like systemd and we may not like docker. But that doesn't mean > its not worth looking into those issues. > Οn the contrary, I *do* love systemd. I am not joking here. Cheers, Pavlos
signature.asc
Description: OpenPGP digital signature
