Hi,

HAProxy 2.9-dev11 was released on 2023/11/24. It added 42 new commits
after version 2.9-dev10.

Some last-minute updates in this version:
  - a few fixes, mostly for QUIC (possible crash when using tcp-request
    connection rules; crash during retransmissions, memory leak under
    heavy load)

  - zero-copy support was finally enabled as well on the QUIC mux

  - reverse-http: outgoing connections are now evenly spread over the
    allowed threads; previously they would all be created from the same
    thread. While it was not a problem for small usages like application
    development, it was not well suited to application hosting.

  - the "log-sticky" balancing algorithm was finally renamed to "sticky"
    in case it spreads to tcp/http in the future.

  - the post_mortem struct I spoke about to aim at easing core dump
    analysis was finally created. It contains OS name and version,
    haproxy exact version, possibly later some of the dependencies
    versions, the threads mapping and some boot-time info such as
    FD/RAM limits and initial uid/gid. I think some more info will
    arrive in the future (capabilities etc), but the goal was to have
    something to start with. Some of the contents can be dumped using
    "show dev" that we may start to ask for along with tome bug reports.
    This is intended to evolve anyway, with the goal of always reducing
    the bug resolution time and effort. I think we'll backport it to 2.8
    in a next version once it settles to something we consider useful.

  - a new option "preserve-env" to the "external-check" directive to
    avoid stripping the environment variables for such checks; some
    scripts heavily depend on the environment and it was complicated
    for some users. The default behavior is of course unchanged.

  - a new "HTTP_3.0" ACL to complete the collection

  - some doc updates.

Christopher told me he saw one case where the H2 mux is still inefficient
in zero-copy mode, we'll check this soon. I still want to update the doc
regarding the tcp/http actions. Now after some discussion I have a better
idea of how to proceed, there will be a new "actions" section and all
actions will be marked yes/no regarding their compatibility with the
various rulesets. That's a tedious work but we can't stay forever with
something that encourages copy-pasting. William has some possible cleanups
in queue for something related to the cert callback used by WolfSSL.

I intend to emit another dev in the middle-end of next week (ideally before
Friday so that those who don't know what to do before the week-end have
something to play with), and I think unless we're facing a big last-minute
bug, we should be good for a release the week after (i.e. approx 5-6).

Please continue to test and report doubts and issues. Doc cleanups are
also welcome.

Please find the usual URLs below :
   Site index       : https://www.haproxy.org/
   Documentation    : https://docs.haproxy.org/
   Wiki             : https://github.com/haproxy/wiki/wiki
   Discourse        : https://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : https://www.haproxy.org/download/2.9/src/
   Git repository   : https://git.haproxy.org/git/haproxy.git/
   Git Web browsing : https://git.haproxy.org/?p=haproxy.git
   Changelog        : https://www.haproxy.org/download/2.9/src/CHANGELOG
   Dataplane API    : 
https://github.com/haproxytech/dataplaneapi/releases/latest
   Pending bugs     : https://www.haproxy.org/l/pending-bugs
   Reviewed bugs    : https://www.haproxy.org/l/reviewed-bugs
   Code reports     : https://www.haproxy.org/l/code-reports
   Latest builds    : https://www.haproxy.org/l/dev-packages

Willy
---
Complete changelog :
Amaury Denoyelle (10):
      BUG/MAJOR: quic: complete thread migration before tcp-rules
      MINOR: quic: remove unneeded QUIC specific stopping function
      MINOR: acl: define explicit HTTP_3.0
      DEBUG: connection/flags: update flags for reverse HTTP
      MINOR: rhttp: rename proto_reverse_connect
      MINOR: rhttp: large renaming to use rhttp prefix
      MINOR: rhttp: add count of active conns per thread
      MEDIUM: rhttp: support multi-thread active connect
      MINOR: listener: allow thread kw for rhttp bind
      DOC: rhttp: replace maxconn by nbconn

Christopher Faulet (3):
      BUG/MEDIUM: mux-h1: Don't set CO_SFL_MSG_MORE flag on last fast-forward 
send
      MEDIUM: mux-quic: Add consumer-side fast-forwarding support
      MAJOR: h3: Implement zero-copy support to send DATA frame

Eugene Dorfman (1):
      DOC: 51d: updated 51Degrees repo URL for v3.2.10

Frédéric Lécaille (5):
      BUG/MEDIUM: quic: Possible crash for connections to be killed
      MINOR: quic: Add traces to debug frames handling during retransmissions
      BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
      BUG/MINOR: quic: Possible leak of TX packets under heavy load
      BUG/MINOR: quic: Possible RX packet memory leak under heavy load

Ilya Shipitsin (2):
      CLEANUP: assorted typo fixes in the code and comments
      CI: limit codespell checks to main repo, not forks

William Lallemand (1):
      BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly

Willy Tarreau (20):
      BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind 
them
      BUILD: cache: fix build error on older compilers
      BUILD: log: silence a build warning when threads are disabled
      BUG/MINOR: server: do not leak default-server in defaults sections
      DEBUG: tinfo: store the pthread ID and the stack pointer in tinfo
      MINOR: debug: start to create a new struct post_mortem
      MINOR: debug: add OS/hardware info to the post_mortem struct
      MINOR: debug: report in port_mortem whether a container was detected
      MINOR: debug: report in post_mortem if the container techno used is docker
      MINOR: debug: detect CPU model and store it in post_mortem
      MINOR: debug: report any detected hypervisor in post_mortem
      MINOR: debug: collect some boot-time info related to the process
      MINOR: debug: copy the thread info into the post_mortem struct
      MINOR: debug: dump the mapping of the libs into post_mortem
      MINOR: debug: add the ability to enter components in the post_mortem 
struct
      MINOR: init: add info about the main program to the post_mortem struct
      DOC: management: document "show dev"
      DOC: install: update the list of openssl versions
      MINOR: ext-check: add an option to preserve environment variables
      MINOR: log/balance: rename "log-sticky" to "sticky"

---

Reply via email to