Re: [PATCH] MEDIUM/RFC: Implement time-based server latency metrics
Hi Willy, Sorry to bother you again, but a quick note in case you have forgotten this patch/email-thread. Regards, - Krishna On Thu, Jan 5, 2017 at 12:53 PM, Willy Tarreauwrote: > Hi Krishna, > > On Thu, Jan 05, 2017 at 11:15:46AM +0530, Krishna Kumar (Engineering) > wrote: > > Hi Willy, > > > > If required, I can try to make the "hard-coded periods" changes too, but > > want > > to hear your opinion as the code gets very complicated, and IMHO, may not > > give correct results depending on when the request is made. All the other > > changes are doable. > > > > Hoping to hear from you on this topic, please let me know your opinion. > > I've started to think about it but had to stop, I'm just busy dealing with > some painful bugs so it takes me more time to review code additions. I'm > intentionally keeping your mail marked unread in order to get back to it > ASAP. > > Thanks, > Willy >
set ssl ocsp-response working only if we already have an ocsp record
Hello, I'm actually implementing OCSP stapling on my haproxy instance. It seems we can update ocsp (with set ssl ocsp-response on socket) only if a previous OCSP record exist. For example : Case #1 - start haproxy without any ocsp file - set ssl ocsp-response $(base64 file.ocsp) => OCSP single response: Certificate ID does not match any certificate or issuer. Case #2 - start haproxy with ocsp file - set ssl ocsp-response [ with same OCSP response file ] => "OCSP Response updated!" Is this an expected behaviour ? Olivier
Re: Gzip compression and transfer: chunked
Le 23/01/2017 à 11:54, Vladimir Mihailenco a écrit : Hi, I am using haproxy as load balancer/reverse proxy for Rails/Go application. I am upgrading from working Haproxy 1.6 config to 1.7.2. And it looks like I need to change my existing config, because Haproxy 1.7 truncates responses from Rails/Rack application. With Haproxy 1.6 and enabled compression - i can load full HTML (200kb) - HTML is not compressed - Transfer-encoding: "chunked" - no Content-Length header With same config Haproxy 1.7 - only first 14kb are avalable - no Transfer-encoding - Content-Length: 14359 With Haproxy 1.7 and compression disabled - full HTML is available - HTML is not compressed - Transfer-encoding: "chunked" - no Content-Length header Any recommendations? Should I disable compression from Rails/Rack app? Hi, Could you share your configurations, the both please ? And if possible, the request/response headers for all scenarios. The compression was rewritten in 1.7. So it is possible that something was broken. Headers returned by your backend could be useful too. -- Christopher
Gzip compression and transfer: chunked
Hi, I am using haproxy as load balancer/reverse proxy for Rails/Go application. I am upgrading from working Haproxy 1.6 config to 1.7.2. And it looks like I need to change my existing config, because Haproxy 1.7 truncates responses from Rails/Rack application. With Haproxy 1.6 and enabled compression - i can load full HTML (200kb) - HTML is not compressed - Transfer-encoding: "chunked" - no Content-Length header With same config Haproxy 1.7 - only first 14kb are avalable - no Transfer-encoding - Content-Length: 14359 With Haproxy 1.7 and compression disabled - full HTML is available - HTML is not compressed - Transfer-encoding: "chunked" - no Content-Length header Any recommendations? Should I disable compression from Rails/Rack app?
Re: Need help to reolsve haproxy issue
Sorry for the late reply, I was on unplanned leave. What I observed in my investigation, when I commented below line it's working as expected. Means even after reboot the machine the haproxy service get started automatically. #stats socket /etc/haproxy/haproxysock level admin I'm not sure what is the significance of this line. Can we proceed with this in our configuration or will it cause any issues further? NOTE : I couldn't find haproxy-wrapper under below location /usr/sbin> ls -ltr *haproxy* -rwxr-xr-x 1 root root 35152 Sep 3 2014 haproxy-halog -rwxr-xr-x 1 root root 788672 Sep 3 2014 haproxy lrwxrwxrwx 1 root root 19 Jan 9 01:47 rchaproxy -> /etc/init.d/haproxy Thanks in advance. On Mon, Jan 16, 2017 at 11:43 AM, Aaron Westwrote: > I've not personally had any issues with systemd which I know doesn't mean > there isn't any... However, on closer inspection, it gets started through a > wrapper "haproxy-systemd-wrapper" for me : > > [Unit] > Description=HAProxy Load Balancer > After=network.target > > [Service] > ExecStartPre=/usr/local/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q > ExecStart=/usr/local/sbin/haproxy-systemd-wrapper -f > /etc/haproxy/haproxy.cfg -$ > ExecReload=/bin/kill -USR2 $MAINPID > KillMode=mixed > Restart=always > > [Install] > WantedBy=multi-user.target > > So definitely check if you are using that wrapper or not if systemd is being > used. > > Otherwise, my feeling is that for whatever reason you cannot access the > socket previously created due to permissions... I mean I can get the same > error trying to start HAproxy as an unprivileged user who cannot write to > the file/directory. > > Aaron West > > Loadbalancer.org Limited > +44 (0)330 380 1064 > www.loadbalancer.org > > On 16 January 2017 at 16:21, Baptiste wrote: >> >> Might be a systemd dependency issue, where the socket is not created >> before the process is started. >> >> Baptiste >> >> On Mon, Jan 16, 2017 at 4:46 PM, Aaron West >> wrote: >>> >>> Hi Praveen, >>> >>> Am I right in assuming it's a socket for the stats page? Also what user >>> is starting HAproxy because maybe it doesn't have permissions to create the >>> socket? >>> >>> We might need your whole config or at least the GLOBAL section... >>> >>> Aaron West >>> >>> Loadbalancer.org Limited >>> +44 (0)330 380 1064 >>> www.loadbalancer.org >>> >>> On 16 January 2017 at 15:38, Praveen Koppula >>> wrote: Some content was missing. Adding again. When we reboot our machine (Where haproxy installed) teh haproxy going to be down and it's not starting after machine boot. When we force to start haproxy service getting below error. Error: Starting haproxy [ALERT] 047/083514 : Starting frontend GLOBAL: error when trying to preserve previous UNIX socket [/etc/haproxy/haproxysock] startproc: exit status of parent of /usr/sbin/haproxy: 1 Failed On Mon, Jan 16, 2017 at 10:32 AM, Praveen Koppula wrote: > > Can you please help me on this. > > Haproxy version is : 1.5.4-2.1 > > Thanks in advance >>> >> >