Le 07/05/2020 à 00:06, Aleksandar Lazic a écrit :
On 07.05.20 00:02, Lukas Tribus wrote:
On Wed, 6 May 2020 at 23:33, Aleksandar Lazic wrote:
Hi.
The doc for [tcp|http]-check expect have some *-status arguments like "L7OK",
"L7OKC","L6OK" and "L4OK" and so on.
In the whole documentation
On 07.05.20 00:02, Lukas Tribus wrote:
> On Wed, 6 May 2020 at 23:33, Aleksandar Lazic wrote:
>>
>> Hi.
>>
>> The doc for [tcp|http]-check expect have some *-status arguments like
>> "L7OK", "L7OKC","L6OK" and "L4OK" and so on.
>>
>> In the whole documentation are this states not explained.
>>
On Wed, 6 May 2020 at 23:33, Aleksandar Lazic wrote:
>
> Hi.
>
> The doc for [tcp|http]-check expect have some *-status arguments like "L7OK",
> "L7OKC","L6OK" and "L4OK" and so on.
>
> In the whole documentation are this states not explained.
> I'm not sure in which chapter this states fit's,
Hello,
On Wed, 6 May 2020 at 20:25, William Lallemand wrote:
> > As such I think it's about time we change the default value to 2048 and
> > get rid of this annoying warning before 2.2 gets released (and at the
> > same time 86% of the users will be able to remove one cryptic line in
> > their
Hi.
The doc for [tcp|http]-check expect have some *-status arguments like "L7OK",
"L7OKC","L6OK" and "L4OK" and so on.
In the whole documentation are this states not explained.
I'm not sure in which chapter this states fit's, quick reminder HTTP,global,
logging, new chapter?
My suggestion is
On Wed, May 06, 2020 at 08:25:06PM +0200, William Lallemand wrote:
> I recall a discussion where the default openssl.cnf in some distribution
> was denying a DH lower than 2048. You probably think about this one.
>
Found the commit related to this:
On Wed, May 06, 2020 at 07:59:55PM +0200, Willy Tarreau wrote:
> Hi all,
>
> while running on a trivial test config in which I had enabled
> "zero-warning", my process refused to start due to the good old
> warning "Setting tune.ssl.default-dh-param to 1024 blah blah".
>
> I was almost certain
On Wed, May 06, 2020 at 06:10:26PM +, Branitsky, Norman wrote:
> New RHEL 8 Crypto Configuration mentioned in:
>
>
>
> From: ???
>
> Sent: Wednesday, May 6, 2020 5:34 AM
>
> To: HAProxy
>
> Subject: running haproxy with predefined security policies on RHEL8 ?
>
>
>
> Hello,
New RHEL 8 Crypto Configuration mentioned in:
From: Илья Шипицин
Sent: Wednesday, May 6, 2020 5:34 AM
To: HAProxy
Subject: running haproxy with predefined security policies on RHEL8 ?
Hello,
do we have any experience of
Hi all,
while running on a trivial test config in which I had enabled
"zero-warning", my process refused to start due to the good old
warning "Setting tune.ssl.default-dh-param to 1024 blah blah".
I was almost certain we discussed about switching the default value
to 2048 for 2.0 or 2.1 but
Hi again,
Le mer. 6 mai 2020 à 17:47, Willy Tarreau a écrit :
> Hi Olivier,
>
> On Wed, May 06, 2020 at 05:29:59PM +0200, Olivier D wrote:
> > > Try applying this commit:
> > >
> > >
> https://github.com/haproxy/haproxy/commit/02c88036a61e09d0676a2b6b4086af677b023b94
> >
> >
> > So this patch
Hi Olivier,
On Wed, May 06, 2020 at 05:29:59PM +0200, Olivier D wrote:
> > Try applying this commit:
> >
> > https://github.com/haproxy/haproxy/commit/02c88036a61e09d0676a2b6b4086af677b023b94
>
>
> So this patch is not working for me, with or without patching Apache2 with
>
Hello,
Le mer. 6 mai 2020 à 15:30, Tim Düsterhus a écrit :
> Olivier,
>
> > I was not aware there were any change in the way HAProxy was doing its
> > checks over proxy-protocol in 2.0.14 ... any hint ?
>
> This sounds like this issue we've seen with Dovecot:
>
Hi,
It was a manual test.
I used the default example and adapted it with the parameters in "Test
settings".
"Test result" is just a copy from the logs to stdio.
I was just to make sure we exchange all data types supported by the
protocol.
This could be automated indeed but I didn't do anything
How did you get "test result"?
Should we add automated test for that? For example, once a week
On Wed, May 6, 2020, 5:28 PM Gilchrist Dadaglo wrote:
>
> Background:
> Python 2 is no longer supported since January, 1st 2020 as per
> https://www.python.org/doc/sunset-python-2/
>
btw, I'm going to enable arm64 builds back soon :)
but your efforts are awesome.
ср, 6 мая 2020 г. в 17:18, Martin Grigorov :
> Hi,
>
> I've just created a PR (https://github.com/haproxy/haproxy/pull/617/files)
> that introduces testing on ARM64/AARCH64 at GitHub Actions.
> It almost works!
Olivier,
Am 06.05.20 um 15:15 schrieb Olivier D:
> This morning I tried to upgrade HAProxy 2.0.13 to 2.0.14 but had to
> rollback immediately : some backends checks started to fail.
> Error reported was : SOCKERR - SSL handshake failure
>
> The backends failing have a specific configuration as
Hello,
This morning I tried to upgrade HAProxy 2.0.13 to 2.0.14 but had to
rollback immediately : some backends checks started to fail.
Error reported was : SOCKERR - SSL handshake failure
The backends failing have a specific configuration as follows (I removed
anything unnecessary to trigger
Background:
Python 2 is no longer supported since January, 1st 2020 as per
https://www.python.org/doc/sunset-python-2/
The purpose of this change is to make the spoa_server contrib library
compatible with Python 3 to allow transition to Python 3.
Test Settings:
Dear list!
Author: Martin Tzvetanov Grigorov
Number of patches: 21
This is an automated relay of the Github pull request:
Build and test on AARCH64 at GitHub actions
Patch title(s):
Add ARM64 testing
Fix YAML
Do not use '-it' for 'docker run'
Create a custom Dockerfile where
Hi,
I've just created a PR (https://github.com/haproxy/haproxy/pull/617/files)
that introduces testing on ARM64/AARCH64 at GitHub Actions.
It almost works! There are few tests that fail. Any help finding the reason
is very welcome!
Martin
On Mon, Mar 23, 2020 at 11:12 AM Martin Grigorov
wrote:
Builds new models with added slowstart server parameter.
>From 7638bf05e36f3ae890e4d023acbfeb60bee4b802 Mon Sep 17 00:00:00 2001
From: Stefan Scheglmann
Date: Thu, 30 Apr 2020 13:05:49 +0200
Subject: [PATCH] MINOR: server: adds slowstart parameter
Newly generated models, adding support for
Adds slowstart parameter to dataplaneapi-specification. These patches add
slowstart to dataplaneapi-specification.
Sry for duplicate, this replaces previous mail with one mail per patch and
patch included.
>From a02f7bef4ae6624eeaa916294e896c7af73b451a Mon Sep 17 00:00:00 2001
From: Stefan
Add optional slowstart parameter to dataplaneapi-specification and build new
models from it. There two followup patches pending, one on client-native and
one on dataplaneapi, waiting for those to be merged.
--
Kind regards,
Stefan Scheglmann
SWH Dev
Phone + 49 30 88615 3358
Fax +
Hello,
I was creating counter-measures against a DOS attack, but I failed to
understand some numbers I received.
I'm using HAProxy 2.0.14
My (expurged) frontend config is :
listen test
bind X.X.X.X:443
maxconn 65536
rate-limit sessions 128
But during the attack, the following
Hello,
do we have any experience of
https://www.redhat.com/en/blog/consistent-security-crypto-policies-red-hat-enterprise-linux-8
?
Cheers,
Ilya Shipitcin
thank you, I will have a look!
ср, 6 мая 2020 г. в 14:27, Martin Grigorov :
> Hi Илья,
>
> On Wed, May 6, 2020 at 11:59 AM Илья Шипицин wrote:
>
>> do you run tests on GH arm64 agents ? is it dedicated (your own) agents
>> attached to your repo ? can you give a link ?
>>
>
> I use Docker + QEMU
Hi Илья,
On Wed, May 6, 2020 at 11:59 AM Илья Шипицин wrote:
> do you run tests on GH arm64 agents ? is it dedicated (your own) agents
> attached to your repo ? can you give a link ?
>
I use Docker + QEMU with GH hosted runner.
You can see the current diff at
do you run tests on GH arm64 agents ? is it dedicated (your own) agents
attached to your repo ? can you give a link ?
ср, 6 мая 2020 г. в 13:22, Martin Grigorov :
> Hello HAProxy team,
>
> While working on a PR to build & test HAProxy on AARCH64 at GitHub Actions
> I've noticed a strange
Hello HAProxy team,
While working on a PR to build & test HAProxy on AARCH64 at GitHub Actions
I've noticed a strange behavior for some of the tests.
To reduce the time of the build I've removed USE_OPENSSL=1 from the FLAGS
[1] passed to "make".
The build passed successfully, some of the tests
30 matches
Mail list logo