Hi Richard,
On Tue, Jan 17, 2017 at 05:27:22PM +1300, Richard Gray wrote:
> tcp_fin_timeout is set to 60 seconds on my system, but as I understand it,
> this parameter only applies to orphaned connections. In this case, HAProxy
> appears to be holding the socket open, so still has responsibility f
Hi all,
I seem to hitting some kind of bottleneck at about 4k req/s and I’m not
able to find the cause.
I have HAproxy 1.7.2 installed on Ubuntu 16.04.1, VM with 8 cores, 2GB RAM,
1 Gbps networking. Testing with ab cannot get past ~4K req/s. Hitting the
backend directly can yield 8-10K without is
Hi Willy,
Thanks for getting back to me, and thank you for HAProxy - it is one of
my favourite pieces of software. I've done a bit more digging, and have
figured out how to reproduce the behaviour.
On 2017-01-16 23:54, Willy Tarreau wrote:
I notice here that the connection takes 35 minutes t
So on one of my local development machines haproxy started pegging the
CPU at 100%
`strace -T` on the process just shows:
...
epoll_wait(0, {}, 200, 0) = 0 <0.03>
epoll_wait(0, {}, 200, 0) = 0 <0.03>
epoll_wait(0, {}, 200, 0) = 0 <0.03>
epoll_w
Just using the haproxy, not including the CDN - I am able to reproduce the
problem. It appears that for some reason, the JSESSIONID cookie just disappears
and an new one gets created. I've looked through the logs and I am not seeing
any of the backend servers going offline. Strangely enough I ca
I've not personally had any issues with systemd which I know doesn't mean
there isn't any... However, on closer inspection, it gets started through a
wrapper "haproxy-systemd-wrapper" for me :
[Unit]
Description=HAProxy Load Balancer
After=network.target
[Service]
ExecStartPre=/usr/local/sbin/hap
Might be a systemd dependency issue, where the socket is not created before
the process is started.
Baptiste
On Mon, Jan 16, 2017 at 4:46 PM, Aaron West wrote:
> Hi Praveen,
>
> Am I right in assuming it's a socket for the stats page? Also what user is
> starting HAproxy because maybe it doesn'
Hi Praveen,
Am I right in assuming it's a socket for the stats page? Also what user is
starting HAproxy because maybe it doesn't have permissions to create the
socket?
We might need your whole config or at least the GLOBAL section...
Aaron West
Loadbalancer.org Limited
+44 (0)330 380 1064
www.l
There are some very knowledgeable people on this list so I'm sure someone
can help, however, what might the problem actually be?
Aaron West
Loadbalancer.org Limited
+44 (0)330 380 1064
www.loadbalancer.org
On 16 January 2017 at 15:32, Praveen Koppula
wrote:
> Can you please help me on this.
>
Some content was missing. Adding again.
When we reboot our machine (Where haproxy installed) teh haproxy going to
be down and it's not starting after machine boot.
When we force to start haproxy service getting below error.
Error: Starting haproxy [ALERT] 047/083514 : Starting frontend GLOBAL:
err
Can you please help me on this.
Haproxy version is : 1.5.4-2.1
Thanks in advance
for 1.8dev with build fix for boringssl
0001-MEDIUM-boringssl-support-native-multi-cert-selection.patch
Description: Binary data
On Fri, Jan 13, 2017 at 06:11:55PM +0100, Emmanuel Hocdet wrote:
> for 1.8dev
now applied, thanks.
Willy
Hi Willy,
I look another change. A fix (or not?) can be out of this patch.
@@ -3851,39 +3861,41 @@ int ssl_sock_handshake(struct connection *conn,
unsigned int flag)
return 0;
}
else if (ret == SSL_ERROR_SYSCALL) {
-#if (OPENSSL_VERSION_NU
On Mon, Jan 16, 2017 at 12:17:39PM +0100, Emmanuel Hocdet wrote:
> > I think this one is wrong :
> >
> > @@ -6769,13 +6779,12 @@ static struct cli_kw_list cli_kws = {{ },{
> > #if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
> > { { "show", "tls-keys", NULL }, "show tls-ke
Hi Willy,
> Le 16 janv. 2017 à 11:08, Willy Tarreau a écrit :
>
> Hi Manu,
>
> From: Emmanuel Hocdet
> Date: Fri, 13 Jan 2017 17:48:18 +0100
> Subject: [PATCH] BUILD: ssl: fix to build (again) with boringssl
>
> Limitations:
> . disable force-ssl/tls (need more work)
> should be set earlier w
Hi Richard,
On Mon, Jan 16, 2017 at 11:40:57PM +1300, Richard Gray wrote:
> Hi All,
>
> I'm using HAProxy 1.5.14 (the packaged version on CentOS 7.2) to front an
> IMAP proxy service, and I've noticed I'm getting quite a lot of connections
> in FIN_WAIT_2. For example, here are the totals for eac
Hi!
On Mon, Jan 16, 2017 at 10:57:12AM +0100, Micha?? wrote:
> Hello!
> Thank you for reviewing. For me agent-addr looks better too, I hope it
> won't
> be confused with "addr" directive.
>
> So here are patches with "agent-addr" changes and I added extebded commit
> messages to code commits.
>
Hi All,
I'm using HAProxy 1.5.14 (the packaged version on CentOS 7.2) to front an IMAP
proxy service, and I've noticed I'm getting quite a lot of connections in
FIN_WAIT_2. For example, here are the totals for each state on my system right
now:
$ netstat -an | awk '/tcp/ {print $6}' | sort | u
Hi Jarno,
On Fri, Jan 13, 2017 at 07:28:38PM +0200, Jarno Huuskonen wrote:
> This is my first attempt in adding deny_status to:
> http-request tarpit [deny_status ]
>
> First patch updates parse_http_req_cond so config parser accepts
> [deny_status ] for http-request tarpit (and sets
> rule->deny
Hi Manu,
From: Emmanuel Hocdet
Date: Fri, 13 Jan 2017 17:48:18 +0100
Subject: [PATCH] BUILD: ssl: fix to build (again) with boringssl
Limitations:
. disable force-ssl/tls (need more work)
should be set earlier with SSL_CTX_new (SSL_CTX_set_ssl_version is removed)
. disable generate-certificates
Hello!
Thank you for reviewing. For me agent-addr looks better too, I hope it
won't
be confused with "addr" directive.
So here are patches with "agent-addr" changes and I added extebded commit
messages to code commits.
I wrote "Can be backported", because those are not bugfix'es, because they
don
Hi HaproxyTeam,
Hope this email brings you better business opportunity.
After comparing your website performance with your competitors, we gathered
few factors which are affecting your site while promotion. In order to
avoid such hurdles, you should always be prepared to overcome new updates
by G
23 matches
Mail list logo