HAProxy 2.2-dev7 was released on 2020/05/05. It added 205 new commits
after version 2.2-dev6.

The most visible changes in this version is the rework of the health checks
that was started by Gaƫtan and completed by Christopher. I'll certainly say
a number of stupidities about all this so I won't enter into details, but the
main points to be aware of is that the health checks which for 18 years have
been the ugliest part of the internals have now become smart. They are now
all internally implemented on top of tcp-check rules, and that these ones
were improved to satisfy the new requirements. For now all this new stuff is
not yet fully exploited beyond what is needed for the checks but we can hope
a lot of new cool stuff in a near future.

In addition, HTTP checks now run over HTX and employ the muxes so they can
now run over HTTP/1 and HTTP/2, and can separately set headers and body.
All the elements may be extracted and processed for advanced checks. You
should refer to the documentation to figure all the details. Please beware
that the check configuration rules are subject to change a little bit before
the release but the main principle is already here.

Just before releasing I noticed one minor regtest failure on openssl 1.0.2
only, that I bisected to commit df38f88 ("MINOR: checks: Improve log message
of tcp-checks on success") (which sadly, doesn't have any commit message).
This failure is only about the logged message on check failure. I don't see
any obvious reason why this commit would only affect openssl 1.0.2 so I
guess the issue is somewhere else, and likely not much important.

Aside this there were a number of code cleanups, regtest additions and doc
updates. Among the other pending things I'm aware of is the support for
syslog over TCP and that should be all.

My personal feeling is that the rate of changes is still a bit high this
late in the cycle and that the level of issues remains high as well, and
I would appreciate it when it starts to calm down. I wouldn't be surprized
if we'd release in early June rather than end of May. But there's no rush
and that doesn't make a huge difference, provided it allows us to have an
excellent 2.2.

If you have painful checks in your configs, or some unusual ones, your
feedback will be welcome. If you're facing limitations with your HTTP
checks, it might be the right moment to give this one a try.

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : http://www.haproxy.org/download/2.2/src/
   Git repository   : http://git.haproxy.org/git/haproxy.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy.git
   Changelog        : http://www.haproxy.org/download/2.2/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Complete changelog :
Baptiste Assmann (3):
      MINOR: ist: add istadv() function
      MINOR: ist: add istissame() function
      MINOR: istbuf: add ist2buf() function

Christopher Faulet (136):
      BUG/MINOR: http-ana: Throw a 500 error if after-response ruleset fails on 
      BUG/MINOR: check: Update server address and port to execute an external 
      MINOR: mini-clist: Add functions to iterate backward on a list
      MINOR: checks: Add a way to send custom headers and payload during http 
      BUG/MINOR: checks: Respect the no-check-ssl option
      BUG/MEDIUM: server/checks: Init server check during config validity check
      CLEANUP: checks: Don't export anymore init_check and 
      BUG/MINOR: checks: Forbid tcp-check lines in default section as documented
      MINOR: checks: Stop xform buffers to null-terminated string for tcp-check 
      MINOR: checks: Simplify functions to get step id and comment
      MEDIUM: proxy/checks: Register a keyword to parse tcp-check rules
      MEDIUM: checks: Add implicit tcp-check connect rule
      MAJOR: checks: Refactor and simplify the tcp-check loop
      MINOR: checks: Add the sni option for tcp-check connect rules
      MINOR: checks: Add the via-socks4 option for tcp-check connect rules
      MINOR: checks: Add the alpn option for tcp-check connect rules
      MINOR: ssl: Export a generic function to parse an alpn string
      MINOR: checks: Add the default option for tcp-check connect rules
      MINOR: checks: Add the addr option for tcp-check connect rule
      MEDIUM: checks: Support expression to set the port
      MEDIUM: checks: Support log-format strings for tcp-check send rules
      MINOR: log: Don't depends on a stream to process samples in log-format 
      MINOR: log: Don't systematically set LW_REQ when a sample expr is added
      MEDIUM: checks: Add a shared list of tcp-check rules
      MINOR: sample: add htonl converter
      MINOR: sample: add cut_crlf converter
      MINOR: sample: add ltrim converter
      MINOR: sample: add rtrim converter
      MINOR: checks: Use a name for the healthcheck status enum
      MINOR: checks: Add option to tcp-check expect rules to customize error 
      MINOR: checks: Merge tcp-check comment rules with the others at config 
      MINOR: checks: Add a sample fetch to extract a block from the input check 
      MEDIUM: checks: Add on-error/on-success option on tcp-check expect rules
      MEDIUM: checks: Add status-code sample expression on tcp-check expect 
      MINOR: checks: Relax the default option for tcp-check connect rules
      MEDIUM: checks: Add a list of vars to set before executing a tpc-check 
      MINOR: checks: Export the tcpcheck_eval_ret enum
      MINOR: checks: Use dedicated function to handle onsuccess/onerror messages
      MINOR: checks: Support custom functions to eval a tcp-check expect rules
      MEDIUM: checks: Implement redis check using tcp-check rules
      MEDIUM: checks: Implement ssl-hello check using tcp-check rules
      MEDIUM: checks: Implement smtp check using tcp-check rules
      MEDIUM: checks: Implement postgres check using tcp-check rules
      MEDIUM: checks: Implement MySQL check using tcp-check rules
      MEDIUM: checks: Implement LDAP check using tcp-check rules
      MEDIUM: checks: Implement SPOP check using tcp-check rules
      MINOR: server/checks: Move parsing of agent keywords in checks.c
      MINOR: server/checks: Move parsing of server check keywords in checks.c
      MEDIUM: checks: Implement agent check using tcp-check rules
      REGTEST: Adapt regtests about checks to recent changes
      MINOR: Produce tcp-check info message for pure tcp-check rules only
      MINOR: checks: Add an option to set success status of tcp-check expect 
      MINOR: checks: Improve log message of tcp-checks on success
      MINOR: proxy/checks: Move parsing of httpchk option in checks.c
      MINOR: proxy/checks: Move parsing of tcp-check option in checks.c
      MINOR: proxy/checks: Register a keyword to parse http-check rules
      MINOR: proxy/checks: Move parsing of external-check option in checks.c
      MINOR: proxy/checks: Register a keyword to parse external-check rules
      MEDIUM: checks: Use a shared ruleset to store tcp-check rules
      MINOR: checks: Use an indirect string to represent the expect matching 
      MINOR: checks: Introduce flags to configure in tcp-check expect rules
      MINOR: standard: Add my_memspn and my_memcspn
      MINOR: checks: Add a reverse non-comment rule iterator to get last rule
      MAJOR: checks: Implement HTTP check using tcp-check rules
      MINOR: checks: Make resume conditions more explicit in tcpcheck_main()
      MINOR: connection: Add macros to know if a conn or a cs uses an HTX mux
      MEDIUM: checks: Refactor how data are received in tcpcheck_main()
      MINOR: checks/obj_type: Add a new object type for checks
      BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
      MINOR: checks: Use the check as origin when a session is created
      MINOR: checks: Add a mux proto to health-check and tcp-check connect rule
      MINOR: connection: Add a function to install a mux for a health-check
      MAJOR: checks: Use the best mux depending on the protocol for health 
      MEDIUM: checks: Implement default TCP check using tcp-check rules
      MINOR: checks: Remove unused code about pure TCP checks
      CLEANUP: checks: Reorg checks.c file to be more readable
      REGTEST: Fix reg-tests about health-checks to adapt them to recent changes
      MINOR: ist: Add a function to retrieve the ist pointer
      MINOR: checks: Use ist API as far as possible
      BUG/MEDIUM: checks: Be sure to subscribe for sends if outgoing data 
      MINOR: checks: Use a tree instead of a list to store tcp-check rulesets
      BUG/MINOR: checks: Send the right amount of outgoing data for HTTP checks
      REGTEST: Add scripts to test based tcp-check health-checks
      Revert "MEDIUM: checks: capture groups in expect regexes"
      DOC: Add documentation about comments for tcp-check and http-check 
      DOC: Fix the tcp-check and http-check directives layout
      BUG/MEDIUM: checks: Use the mux protocol specified on the server line
      MINOR: checks: Support mux protocol definition for tcp and http health 
      BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to 
use it
      MINOR: checks: Support list of status codes on http-check expect rules
      BUG/MEDIUM: checks: Unsubscribe to mux events when a conn-stream is 
      REGTEST: Add a script to validate agent checks
      BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
      BUG/MEDIUM: checks: unsubscribe for events on the old conn-stream on 
      BUG/MINOR: checks: Only use ssl_sock_is_ssl() if compiled with SSL support
      BUG/MINOR: checks/server: use_ssl member must be signed
      BUG/MEDIUM: sessions: Always pass the mux context as argument to destroy 
a mux
      BUG/MEDIUM: checks: Destroy the conn-stream before the session
      BUG/MINOR: checks: Fix PostgreSQL regex on the authentication packet
      MINOR: checks: Support HTTP/2 version (without '.0') for http-check send 
      MINOR: checks: Use ver keyword to specify the HTTP version for http checks
      BUG/MINOR: checks: Remove wrong variable redeclaration
      BUG/MINOR: checks: Properly handle truncated mysql server messages
      CLEANUP: checks: Remove unused code when ldap server message is parsed
      MINOR: checks: Make the use of the check's server more explicit on connect
      BUG/MINOR: checks: Avoid incompatible cast when a binary string is parsed
      BUG/MINOR: checks: Remove bad call to free() when an expect rule is parsed
      BUG/MINOR: checks: Don't lose warning on proxy capability
      BUG/MINOR: checks: Set the output buffer length before calling 
      MINOR: http-htx: Export functions to update message authority and host
      MINOR: checks: Don't support multiple host header for http-check send rule
      MINOR: checks: Skip some headers for http-check send rules
      MINOR: checks: Keep the Host header and the request uri synchronized
      CLEANUP: checks: Fix checks includes
      DOC: Fix send rules in the http-check connect example
      DOC: Add more info about request formatting in http-check send description
      REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect 
      BUG/MEDIUM: mux-fcgi: Return from detach if server don't keep the 
      BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of 
      BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
      BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are 
      BUG/MINOR: sample: Set the correct type when a binary is converted to a 
      MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP 
      DOC: Document the log-format parameter for tcp-check send/send-binary 
      MINOR: checks: Add support of payload-based sample fetches
      MINOR: checks: Add support of be_id, be_name, srv_id and srv_name sample 
      MINOR: checks: Add support of server side ssl sample fetches
      MINOR: checks: Add support of HTTP response sample fetches
      MINOR: http-htx: Support different methods to look for header names
      MINOR: checks: Set by default expect rule status to UNKNOWN during parsing
      BUG/MINOR: checks: Support multiple HTTP expect rules
      REGTEST: checks: Fix sync condition for agent-check
      MEDIUM: checks: Support matching on headers for http-check expect rules
      BUG/MINOR: da: Fix HTX message prefetch
      BUG/MINOR: wurfl: Fix HTX message prefetch
      BUG/MINOR: 51d: Fix HTX message prefetch

Damien Claisse (1):
      MINOR: log: Add "Tu" timer

Dragan Dosen (1):
      BUG/MEDIUM: ssl: fix the id length check within 

Emmanuel Hocdet (1):
      MINOR: ssl: add ssl-skip-self-issued-ca global option

Gaetan Rivet (21):
      MINOR: server: respect warning and alert semantic
      BUG/MINOR: checks: chained expect will not properly wait for enough data
      MINOR: checks: Use an enum to describe the tcp-check rule type
      MINOR: checks: Simplify connection flag parsing in tcp-check connect
      MEDIUM: checks: rewind to the first inverse expect rule of a chain on new 
      MINOR: checks: simplify tcp expect config parser
      MINOR: checks: add min-recv tcp-check expect option
      MINOR: checks: add linger option to tcp connect
      MINOR: checks: define a tcp expect type
      MEDIUM: checks: rewrite tcp-check expect block
      MINOR: checks: add rbinary expect match type
      MEDIUM: checks: capture groups in expect regexes
      MINOR: checks: Don't use a static tcp rule list head
      MEDIUM: checks: Use a non-comment rule iterator to get next rule
      MINOR: checks: Set the tcp-check rule index during parsing
      MINOR: checks: define tcp-check send type
      MINOR: checks: define a tcp-check connect type
      MEDIUM: checks: Associate a session to each tcp-check healthcheck
      MINOR: checks/vars: Add a check scope for variables
      MEDIUM: checks: Parse custom action rules in tcp-checks
      MINOR: checks: Add support to set-var and unset-var rules in tcp-checks

Ilya Shipitsin (3):
      CI: run weekly OpenSSL "no-deprecated" builds
      CLEANUP: log: fix comment of parse_logformat_string()
      CI: cirrus-ci: remove reg-tests/checks/tcp-check-ssl.vtc on CentOS 6

Jerome Magnin (4):
      BUG/MINOR: ssl: default settings for ssl server options are not used
      MINOR: config: add a global directive to set default SSL curves
      DOC: option logasap does not depend on mode
      DOC: give a more accurate description of what check does

Joseph C. Sible (1):
      MINOR: lua: allow changing port with set_addr

Olivier Doucet (1):
      DOC: Improve documentation on http-request set-src

Olivier Houchard (1):
      BUG/MEDIUM: http-ana: Handle NTLM messages correctly.

Tim Duesterhus (1):
      MINOR: version: Show uname output in display_version()

William Dauchy (2):
      BUG/MEDIUM: connections: force connections cleanup on server changes
      CLEANUP: connections: align function declaration

William Lallemand (7):
      MINOR: ssl/cli: disallow SSL options for directory in 'add ssl crt-list'
      MINOR: ssl/cli: restrain certificate path when inserting into a directory
      DOC: internals: update the SSL architecture schema
      MINOR: contrib: make the peers wireshark dissector a plugin
      REGTEST: ssl: test the client certificate authentication
      REGTEST: ssl: remove curl from the "add ssl crt-list" test
      REGTEST: ssl: improve the "set ssl cert" test

Willy Tarreau (22):
      BUG/MINOR: tools: fix the i386 version of the div64_32 function
      BUG/MINOR: mux-fcgi/trace: fix wrong set of trace flags in 
      BUG/MINOR: http: make url_decode() optionally convert '+' to SP
      MEDIUM: memory: make pool_gc() run under thread isolation
      BUG/MEDIUM: mux-h1: make sure we always have a timeout on front 
      BUG/MEDIUM: capture: capture-req/capture-res converters crash without a 
      BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
      BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a 
      BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a 
      CLEANUP: http: add a few comments on certain functions' assumptions about 
      BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a 
      CLEANUP: ssl: silence a build warning when threads are disabled
      BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
      MINOR: threads: export the POSIX thread ID in panic dumps
      BUG/MINOR: debug: properly use long long instead of long for the thread ID
      BUG/MEDIUM: shctx: really check the lock's value while waiting
      BUG/MEDIUM: shctx: bound the number of loops that can happen around the 
      MINOR: stream: report the list of active filters on stream crashes
      BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
      BUG/MINOR: threads: fix multiple use of argument inside 
      DOC: update intro.txt for 2.2
      DOC: intro: add a contacts section


Reply via email to