Re: missing documentation on 51degrees samples
Ping? -Patrick On 2016/10/7 13:27, Patrick Hemmer wrote: > The documentation doesn't mention the sample fetcher `51d.all`, nor > the converter `51d.single`. The only place they're mentioned is the > repo README. > > Also the documentation for `51degrees-property-name-list` indicates it > takes an optional single string argument (`[]`), rather than > multiple string arguments (`...`). This led me to expect it > was comma delimited, which ended up not working. > > -Patrick
deviceatlas issues
After using the addon, I've run across a few issues trying to get it running. The first are mostly documentation issues: 1. The example for `da-csv-conv` has `da-csv()` instead of `da-csv-conv()`. 2. The documentation lists the parameter `deviceatlas-separator`. The param is really `deviceatlas-property-separator`. 3. The deviceatlas library seems to provide a `da-csv-fetch`, which isn't in the documentation at all. 4. Documentation on ` deviceatlas-log-level` doesn't indicate the maximum level. And is just not very descriptive in general. I tried changing the value and saw no change in any logging. But I also ran across an issue when I try to use a personalized enterprise data file in that all lookups seem to fail. The resulting `da-csv-conv()` just returns empty fields. The fields I'm using are basic ones like browserName,browserVersion,osName,osVersion. The free file (20160203_compact.json) works fine. The web UI for controlling the file indicates the fields are selected, and when I grep the json file, I get fields results as "sbrowserName","sbrowserVersion". So not sure why it doesn't work. -Patrick
External resources: [...] updates (v1.5)
Hi everyone! After a lot of time I noticed a strange string in the stats web interface for v1.6 and v1.7 (demo.haproxy.org). The HTML External resources: http://www.haproxy.org/;>Primary site http://www.haproxy.org/#down;>Updates (v1.5) http://www.haproxy.org/#docs;>Online manual What about changing http://www.haproxy.org/#down;>Updates (v1.5) to http://www.haproxy.org/#down;>Updates Or... am I missing something? Ciao! .marcoc
Re: SC session state with googlebot
Sorry everyone, forget about this message , just a misconfiguration ... Le 01/12/2016 à 15:25, Arnall a écrit : Hello everyone, i have a special case in our logs with googlebot, with some static files, we have a SC-- session state and of course a 503 status code : 66.249.76.63:55140 frontend_web frontend_web/ -1/-1/-1/-1/5 503 212 - \- SC-- 2179/2175/0/0/0 0/0 {|static.hostname.tld|Mozilla/5.0_(compatible;_Googlebot/2.1;_+http://www.google.com/bot.html)|XX} "GET /img/xx.png HTTP/1.1" i have the same thing for almost all kind of files served by static.hostname.tld (.css .js .woff etc ... ), only with Googlebot ( no problem for regular users or bingbot etc... ) Is it coming from our backends ? I've read the documentation about SC in chapter 8.5 but i really don't know how this combination googlebot+static.hostname.tld could lead to this ... If you have any hint ... Thanks !
SC session state with googlebot
Hello everyone, i have a special case in our logs with googlebot, with some static files, we have a SC-- session state and of course a 503 status code : 66.249.76.63:55140 frontend_web frontend_web/ -1/-1/-1/-1/5 503 212 - \- SC-- 2179/2175/0/0/0 0/0 {|static.hostname.tld|Mozilla/5.0_(compatible;_Googlebot/2.1;_+http://www.google.com/bot.html)|XX} "GET /img/xx.png HTTP/1.1" i have the same thing for almost all kind of files served by static.hostname.tld (.css .js .woff etc ... ), only with Googlebot ( no problem for regular users or bingbot etc... ) Is it coming from our backends ? I've read the documentation about SC in chapter 8.5 but i really don't know how this combination googlebot+static.hostname.tld could lead to this ... If you have any hint ... Thanks !
multiproc ssl recommendations
Hi, Similar to what Christian asked about a few days ago I would like help to summarize the recommendations for running a haproxy as a SSL LB on a multi cpu, multi core machine. I have a machine with two sockets equipped with Intel Xeon E5-2680 v4. 56 cores in total with HT enabled, 28 with HT disabled. Summary(correct me where I'm wrong): Hyperthreading - should be disabled As for network IRQ pinning, should I not pin the NIC to core 0 of each CPU? Should I split it up between the cores when doing SSL termination on most cores? global nbproc 28 # equal to the number of none HT cores (28 in my case) # cpu-map's equal to the number of non HT cores. # (didn't see any cpu-map in Christians configuration, is it not needed anymore?) cpu-map 1 0 cpu-map 2 1 ... cpu-map 28 27 frontend https bind :443 ssl crt /etc/ssl/xx.pem process 1 bind :443 ssl crt /etc/ssl/xx.pem process 28 # should I omitt process 1/2 and 15/16 here? # Should I use core 0 on each CPU for backends (proc 1+15) or should I use core 1(proc 2+16)? backend x bind-process 1 15 backend y bind-process 2 16 backend z # or should i use a bind-process like the frontend's bind? bind-process 2 bind-process 16 I just read the release notes for haproxy 1.7. There was mention of mixing different certificate types under "support of multi-certs". Previously I would have a tcp-ssl that would send traffic to a ecc backend and a rsa backend depending on req.ssl_ec_ext, which in turn would send traffic to a frontend with two sockets, one for each certificate type. To something like this (hope my ascii doesn't get messed up). +-->backend01 +--->backend-ecc+ | frontend-tcp-ssl:443 | +--->frontend-https+-->backend02 +--->backend-rsa + | +-->backend03 Does this mean I can now mix RSA and ECC certificates on the same frontend and skip the entire frontend-backend-frontend trick? +-->backend01 | frontend-https:443+-->backend02 | +-->backend03 Thanks, Elias