HAProxy 2.3-dev2 was released on 2020/07/31. It added 44 new commits
after version 2.3-dev1.

As usual in the early cycle, many of them are fixes that also affect the
latest stable branch, but given that there were enough to crash the process
in various ways, those starting to play with 2.3-dev will probably express
a noticeable preference for this one :-)

Aside bugs, we're starting to get more cleanups in the code, doc and CI.
Lua 5.4 support was now added (it builds and a few tests were run, we'll
see over the long term). The TCP rulesets expiration date didn't mix well
with Lua because that last one could have a longer one and cause loops,
or a shorter one and cause other issues. Now a dedicated expiration date
is used in these rulesets and we might extend this to other places which
were abusing the initial ana_timeout field which was originally meant to
wait for data having to be analysed, and quickly abused by tarpits and
others requiring a timer. A few optimizations at the connection layer were
performed to save a few useless syscalls, and a few debugging entries were
added to help us better spot abnomalies.

We've had some design discussions with a few developers, observing that
certain historic designs are still resisting the recent evolutions, namely
at the connection layer, and really need to be dismantled and seriously
reworked. These are the ones responsible for the bugs that take us ages
to figure and fix. Thus, it should be expected that the next few versions
will start to be a bit more chaotic.

I'd also like to start changing a few defaults next week. We've seen that
setting a server's pool-low-conn to roughly twice the number of threads
yielded very good performance with high connection reuse rate and low
overall connection count. That could become a default. I'd also like to
enable edge-triggered epoll by default (it's off for now but I've been
running it for a while since it was added in 2.2 and didn't see any issue
yet). I'd also like to do more extensive testing on tune.sched.low-latency
to see when it improves performance and when it lowers it, and decide if
we should enable it by default or not, depending on the more commonly
expected case.

Another point to discuss is the "log-send-hostname" directive. Historically
haproxy has been sending logs without hostnames, until Joe Williams added
configurable support for this 10 years ago. Nowadays it seems that all those
dealing with logs prefer to centralize them and seeing "localhost" or even
nothing in their logs becomes confusing. The "log-send-hostname" directive
allows to place the current host name in the logs, where it's expected by
the syslog standard. The thing is, this option is not "on"/"off", but it
is on when present, and either uses the hostname or the optional argument.
So we don't have any elegant way to disable it. Thus I think it would make
sense to enable it by default but we need to find a way to disable it
(including passing "none" in the optional field normally dedicated to the
host if everyone agrees). Or maybe "no log-send-hostname" would work like
for many positional options. I'm interested in getting feedback on this
so that we can change it before the last minute and we have time to see
any issue it could cause.

And the last point for today is that this week I took some time to move
the wiki to its own repository so that it's now possible to grant access
to more contributors (https://github.com/haproxy/wiki/wiki). It was kept
as a regular github wiki so that we can benefit from the easy editor in
the browser for those less familiar with Git. My view on this tool is
that anyone who regularly participates to the project, for example by
responding others' questions here or on Discourse, or by maintaining
packages for a distro, is trustable enough to have a write access there.
The only thing I'm asking for is to take care of not destroying others'
contents (and ask for help if it happens by mistake). But it's a wiki so
it's expected to be somewhat of a bazaar anyway. If some are interested,
just drop me a private e-mail and I'll send you an invite (I haven't
found how to simply request an access for a user).

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Wiki             : https://github.com/haproxy/wiki/wiki
   Sources          : http://www.haproxy.org/download/2.3/src/
   Git repository   : http://git.haproxy.org/git/haproxy.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy.git
   Changelog        : http://www.haproxy.org/download/2.3/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Complete changelog :
Baruch Siach (1):
      BUILD: tools: fix build with static only toolchains

Christopher Faulet (19):
      BUG/MAJOR: dns: Make the do-resolve action thread-safe
      BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
      MEDIUM: htx: Add a flag on a HTX message when no more data are expected
      BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are 
      BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
      BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
      BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
      MEDIUM: lua: Add support for the Lua 5.4
      BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
      BUG/MINOR: lua: Abort execution of actions that yield on a final 
      MINOR: tcp-rules: Return an internal error if an action yields on a final 
      BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval 
      BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action 
      MEDIUM: tcp-rules: Use a dedicated expiration date for tcp ruleset
      MEDIUM: lua: Set the analyse expiration date with smaller wake_time only
      BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
      MINOR: connection: Preinstall the mux for non-ssl connect
      MINOR: stream-int: Be sure to have a mux to do sends and receives
      BUG/MINOR: lua: Fix a possible null pointer deref on lua ctx

Emeric Brun (1):
      BUG/MEDIUM: resolve: fix init resolving for ring and peers section.

Ilya Shipitsin (5):
      CI : travis-ci : prepare for using stock OpenSSL
      CI: travis-ci : switch to stock openssl when openssl-1.1.1 is used
      CI: travis-ci: use better name for Coverity scan job
      CI: travis-ci: use proper linking flags for SLZ build
      CLEANUP: assorted typo fixes in the code and comments

Jackie Tapia (1):
      DOC: Use gender neutral language

Jerome Magnin (2):
      BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
      BUG/MAJOR: dns: don't treat Authority records as an error

Lukas Tribus (1):
      DOC: ssl: req_ssl_sni needs implicit TLS

William Lallemand (1):
      BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()

Willy Tarreau (13):
      BUG/MEDIUM: arg: empty args list must be dropped
      BUG/MAJOR: tasks: don't requeue global tasks into the local queue
      MINOR: tasks/debug: make the thread affinity BUG_ON check a bit stricter
      MINOR: tasks/debug: add a few BUG_ON() to detect use of wrong timer queue
      MINOR: tasks/debug: add a BUG_ON() check to detect requeued task on free
      CLEANUP: dns: remove 45 "return" statements from 
      BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
      SCRIPTS: announce-release: add the link to the wiki in the announce 
      BUG/MEDIUM: backend: always attach the transport before installing the mux
      BUG/MEDIUM: tcp-checks: always attach the transport before installing the 
      MINOR: connection: avoid a useless recvfrom() on outgoing connections
      MINOR: mux-h1: do not even try to receive if the connection is not fully 
set up
      MINOR: mux-h1: do not try to receive on backend before sending a request


Reply via email to