Signed-off-by: Nenad Merdanovic
---
doc/configuration.txt | 12
1 file changed, 12 insertions(+)
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 85d94d9..4ecde15 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -14678,6 +14678,13 @@ set ssl ocsp-res
Until now, HAproxy needed to be restarted to change the TLS ticket
keys. With this patch, the TLS keys can be updated on a per-file
basis using the admin socket. Two new socket commands have been
introduced: "show tls-keys" and "set ssl tls-keys".
Signed-off-by: Nenad Merdanovic
---
include/prot
Within the listener struct we need to use a reference to the TLS
ticket keys which binds the actual keys with the filename. This will
make it possible to update the keys through the socket
Signed-off-by: Nenad Merdanovic
---
include/types/listener.h | 3 +--
include/types/ssl_sock.h | 8 ++
This patchset adds support for updating TLS ticket keys using the admin
socket.
Nenad Merdanovic (3):
MINOR: Add TLS ticket keys reference and use it in the listener struct
MEDIUM: Add support for updating TLS ticket keys via socket
DOC: Document new socket commands "show tls-keys" and "set
Hi Babtiste,
thanks a lot for your explanations! This totally makes sense, especially
from a HA and throughput perspective. My use case is different and I'll try
to explain how:
* 30 servers are generating emails
* 36 mail servers for sending out
* relatively cheap h/w: 2 bonded 1Gbit interfaces,
On 5/8/2015 8:39 AM, Ben Timby wrote:
> With some iptables rules you can use FTP active and passive mode via
> haproxy.
>
> The key is to assign unique passive port ranges to each backend then
> port forward those ranges. You must be able to configure each FTP server
> daemon with it's own range.
Wow, very nice, regular expressions sure are powerful :-)
Here is what I ended up with:
defaults
mode http
timeout connect 1s
timeout client 1s
timeout server 1s
listen HTTP-in
bind 127.0.0.1:80
reqrep .*(sid=[a-z0-9A-Z]*)&(sid_guid=[^&]*)&.*(strid=[0-9a-zA-Z]*)
\1&\2&\3&shopurl=search.as
With some iptables rules you can use FTP active and passive mode via
haproxy.
The key is to assign unique passive port ranges to each backend then port
forward those ranges. You must be able to configure each FTP server daemon
with it's own range.
You must also be able to configure your FTP daemo
On Fri, May 8, 2015 at 4:02 PM, Shawn Heisey wrote:
> I have a load balancer setup with both haproxy and LVS-NAT. The LVS-NAT
> is giving us high availability for FTP.
>
> When I tried migrating everything from CentOS 5, where it all works, to
> Ubuntu 14 (for the newer kernel and because I find
I have a load balancer setup with both haproxy and LVS-NAT. The LVS-NAT
is giving us high availability for FTP.
When I tried migrating everything from CentOS 5, where it all works, to
Ubuntu 14 (for the newer kernel and because I find debian-based systems
far easier to use), everything worked exc
Hi Frank,
My problem: The weight setting for a backend seems to be ignored when the
> max concurrent session setting is reached. I was expecting the connection
> to get queued for this backend but it seems to flip over to the host that
> has connections available.
>
This is expected.
The queue m
> On 8 мая 2015 г., at 4:54, Frank Schubert wrote:
>
> Hi,
>
> first of all let me thank you for an amazing piece of software. I like
> working with haproxy a lot!
>
> My problem: The weight setting for a backend seems to be ignored when the max
> concurrent session setting is reached. I was
12 matches
Mail list logo
