Hi,
I read the news about Native SSL support on 1.5.1. version, so I said I
need to try it out:-)
But either I don't understand how SSL backend should be configured or
there is a mismatch on the expectations.
I want HTTPS traffic to HAProxy to be loadbalanced to a backend without
stripping put
On 06/07/2014 04:27 μμ, Jarno Huuskonen wrote:
Hi,
On Sun, Jul 06, Pavlos Parissis wrote:
My conf[1] is quite simple and HAProxy has support for SSL [2]. What I
observe(using tcpdump) is that health checks are in SSL mode(SSL
handshake followed by a HTTP request) but incoming request over
Hoi again,
I am trying to squeeze the most out of my CPUs but I ran into the
problem with stats sockets and multiple processes, see below
Starting haproxy: [WARNING] 186/183809 (33970) : Proxy 'haproxy': in
multi-process mode, stats will be limited to process assigned to the
current request.
On 06/07/2014 10:35 μμ, Vincent Bernat wrote:
❦ 6 juillet 2014 19:00 +0200, Pavlos Parissis pavlos.paris...@gmail.com :
It works and I can get up to 34K transactions/sec as reported by siege,
I am quite happy with that. But the statistics are not correct. The
stats pages reports 1/12th
On 07/07/2014 11:49 πμ, David wrote:
Hello,
I have installed HAproxy 1.5 in my RDS farm. But when i check the disable
option for one server, this server is still active in my farm and users can
connect to it ?
I assume you mean that it took while for the server to stop receiving
after
On 15/07/2014 05:49 μμ, Baptiste wrote:
On Tue, Jul 15, 2014 at 12:40 AM, bjun...@gmail.com bjun...@gmail.com wrote:
Hi folks,
I've a question regarding the ordering/processing of ACL's.
Example (HAProxy 1.4.24):
frontend http_in
.
.
acl is_example.com hdr_beg(host) -i
On 16/07/2014 08:31 πμ, Baptiste wrote:
On Tue, Jul 15, 2014 at 7:14 PM, Pavlos Parissis
pavlos.paris...@gmail.com wrote:
On 15/07/2014 05:49 μμ, Baptiste wrote:
On Tue, Jul 15, 2014 at 12:40 AM, bjun...@gmail.com bjun...@gmail.com
wrote:
Hi folks,
I've a question regarding the ordering
On 18/07/2014 08:33 μμ, Szelcsányi Gábor wrote:
Hi,
I've been reading the documentation and searching the mail list, but one
thing is not clear for me. I have nbroc 2, 2 frontends pined to a
separate cpu core and 1-1 backend. The bind-process options of these
backends are inherited from
Hi,
I have a question about session limit on backend. Having the following
conf and without any parameters in frontend/backends about
sessions/connections I see that backends have 5000 session limit(slim in
CSV output).
How this number is calculated?
global
log 127.0.0.1 local2
On 25/07/2014 07:28 μμ, Willy Tarreau wrote:
Hi all,
[..snip..]
- hot reconfiguration : some users are abusing the reload mechanism to
extreme levels, but that does not void their requirements. And many
other users occasionally need to reload for various reasons such as
On 29/07/2014 10:55 πμ, Willy Tarreau wrote:
Hi Pavlos,
On Mon, Jul 28, 2014 at 12:07:37AM +0200, Pavlos Parissis wrote:
On 25/07/2014 07:28 , Willy Tarreau wrote:
Hi all,
[..snip..]
- hot reconfiguration : some users are abusing the reload mechanism to
extreme levels
On 28/07/2014 11:54 πμ, Apollon Oikonomopoulos wrote:
Hi Willy,
On 19:28 Fri 25 Jul , Willy Tarreau wrote:
Concerning the new features, no promises, but we know that we need to
progress in the following areas :
- multi-process : better synchronization of stats and health checks,
On 01/08/2014 08:00 πμ, cloudpack 川原 洋平 wrote:
Hi,
I setting up HAProxy 1.5.3.
I obtained the RST randomly http response when verifying the following
settings.
State that contains the RST or would specification
## tcpdump result
05:31:17.738871 IP ${haproxy-host}.49167
On 04/09/2014 08:55 πμ, Juho Mäkinen wrote:
I'm upgrading my old 1.4.18 haproxies to 1.5.4 and I have a mysterious
problem where haproxy marks some backend servers as being DOWN with a
message L4TOUT in 2000ms. Some times the message also has a star: *
L4TOUT in 2000ms (I didn't find what the
On 08/09/2014 10:30 πμ, Juho Mäkinen wrote:
On Thu, Sep 4, 2014 at 11:35 PM, Pavlos Parissis
pavlos.paris...@gmail.com mailto:pavlos.paris...@gmail.com wrote:
On 04/09/2014 08:55 πμ, Juho Mäkinen wrote:
I'm upgrading my old 1.4.18 haproxies to 1.5.4 and I have a mysterious
On 10/09/2014 07:02 πμ, Juho Mäkinen wrote:
Thanks Pavlos for your help. Fortunately (and embarrassedly for me) the
mistake was not anywhere near haproxy but instead my haproxy configure
template system had a bug which mixed up the backend name and ip
address. Because of this haproxy showed
On 10/09/2014 03:31 μμ, Franky Van Liedekerke wrote:
Hi,
[..snip..]
Any hints are very much appreciated. If more info is needed, let me know.
Is it possible to run tcpdump on both servers and see who is sending
RSTs? what about ldap logs? Do you know if you get this problem for all
LDAP
On 16 September 2014 03:23, Zebra max...@unitedstack.com wrote:
Hi,all
I configure one frontend named https_proxy and one backend named
httpservers. When I start the haproxy in my machine which has 2 cpus,I find
the log below.
Sep 16 01:03:34 localhost haproxy[30429]: Proxy https_proxy
Hi,
Is it possible to have the SSL Private key and SSL certificate of the
server together with all intermediate certificates in 2 separated files?
I tried
bind 10.1.1.1.1:443 ssl crt file.key crt certifate-bundle.pem no-sslv3
ciphers .
but it fails with unable to load SSL private key from
Στις 29 Σεπ 2014 1:56 ΜΜ, ο χρήστης Bot Budi roboteb...@gmail.com
έγραψε:
can i used haproxy for caching server?, it there have feature for
caching?
thanks.
Nope, HAProxy is not a caching engine.
Pavlos
On 26/09/2014 11:46 πμ, JCM wrote:
On 25 September 2014 14:47, Klavs Klavsen k...@vsen.dk wrote:
Any way to make haproxy retry requests with certain http response codes
X times (or just until all backends have been tried) ?
Nope. You really don't want to do this. And I'd be sad if the devs
On 01/10/2014 04:30 μμ, Alexander Olsson wrote:
Is it possible to bind both HTTP and HTTPS on the same port with haproxy.
Something like this:
frontend data-in
mode http
bind 0.0.0.0:8080
crt if ssl /path/to/crt
Obviously above doesn't work. Is there something similar? It's
Hi,
The doc is a bit confusing, at least to me. The former is about TCP
connections and the latter for HTTP requests, am I completely wrong?
Cheers,
Pavlos
signature.asc
Description: OpenPGP digital signature
On 16/10/2014 12:12 μμ, Olivier wrote:
Hi,
2014-10-16 10:34 GMT+02:00 Neil - HAProxy List
maillist-hapr...@iamafreeman.com
mailto:maillist-hapr...@iamafreeman.com:
I'd go further. Sslv3 us an obsolete protocol does anyone disagree
with that?
For a start make no-sslv3 the
On 29 October 2014 08:52, Baptiste bed...@gmail.com wrote:
On Mon, Oct 27, 2014 at 7:41 PM, Chris Allen ch...@cjx.com wrote:
We're running haproxy on a 2x4 core Intel E5-2609 box. At present
haproxy is
running on
a single core and saturating that core at about 15,000 requests per
second.
On 29 October 2014 13:49, Baptiste bed...@gmail.com wrote:
If a backend is used only by 1 FE and that FE is bound to a certain
CPU(s),
do we still need to bind the backend to the same CPU(s) set ?
Cheers,
Pavlos
Yes, this is a requirement and will be performed by HAProxy
Git tag 1.5.8 is missing:-)
On 31 October 2014 11:33, Willy Tarreau w...@1wt.eu wrote:
On Fri, Oct 31, 2014 at 11:30:14AM +0100, Pavlos Parissis wrote:
Git tag 1.5.8 is missing:-)
Ah indeed, I used Ctrl-R to recall the last history command line
to push the new version, so I pushed only v1.5.7 as found on the
previous
Hi,
Looking at the output of 'show info' on stats socket I see
[...snip...]
SslFrontendKeyRate: 0
SslFrontendMaxKeyRate: 31
SslFrontendSessionReuse_pct: 100
SslBackendKeyRate: 0
SslBackendMaxKeyRate: 6
SslCacheLookups: 698093
SslCacheMisses: 417817
[...snip...]
Would it be an accurate
On 25/11/2014 07:08 μμ, Lukas Tribus wrote:
Hi, Thanks for your reply. We have tried this approach and while
it gives some benefit, the haproxy process itself remains cpu-bound,
with no idle time at all - with both pidstat and perf reporting that
it uses close to 100% of available cpu
Hi,
I want HAProxy to add a response header if request includes a specific
header. I implemented the logic [1] but I get the following
parsing [/etc/haproxy/haproxy.cfg:77] : acl 'lb_debug' will never match
because it only involves keywords that are incompatible with 'frontend
http-response
Hi,
I want HAProxy to add a response header if request includes a specific
header. I implemented the logic [1] but I get the following
parsing [/etc/haproxy/haproxy.cfg:77] : acl 'lb_debug' will never match
because it only involves keywords that are incompatible with 'frontend
http-response
On 28/11/2014 02:44 μμ, Pavlos Parissis wrote:
Hi,
I want HAProxy to add a response header if request includes a specific
header. I implemented the logic [1] but I get the following
parsing [/etc/haproxy/haproxy.cfg:77] : acl 'lb_debug' will never match
because it only involves keywords
On 28/11/2014 01:19 μμ, Baptiste wrote:
On Wed, Nov 26, 2014 at 9:48 PM, Pavlos Parissis
pavlos.paris...@gmail.com wrote:
On 25/11/2014 07:08 μμ, Lukas Tribus wrote:
Hi, Thanks for your reply. We have tried this approach and while
it gives some benefit, the haproxy process itself remains
On 28/11/2014 05:19 μμ, Lukas Tribus wrote:
Hi,
you're right.
If you need to scale *a lot* your SSL processing capacity in HAProxy,
you must use multiple processes.
That said, multiproc model has some counter parts (stats, server
status, health checks are local to each process,
On 30/11/2014 01:17 μμ, Cyril Bonté wrote:
Hi again Sachin,
Le 30/11/2014 13:01, Sachin Shetty a écrit :
Thanks Cyril, but no luck, I still see no connection reuse. For every new
connection from the same client, haproxy make a new connection to the
server and terminates it right after.
Στις 1 Δεκ 2014 2:53 ΜΜ, ο χρήστης Baptiste bed...@gmail.com έγραψε:
Thanks for solution Baptise but why is it consider a dirty hack? I must
assume that it may cause problems in a more complex setups.
Hi Pavlos,
I considered it as a dirty hack because I derouted a feature from
its
On 2 December 2014 at 09:17, Samuel Reed samuel.trace.r...@gmail.com
wrote:
I'm running the latest 1.5 release.
Our site runs primarily on the `www` subdomain, but we want to enable HSTS
for
all subdomains (includeSubdomains). Unfortunately, due to the way HSTS
works,
the HSTS header MUST
Hi,
It has been mentioned that 1.5 version doesn't support connection
pooling, meaning that 1 TCP session to a backend server can serve
multiple HTTP requests originated from than 1 client.
Do you guys have plans to introduce this functionality in 1.6 release?
Cheers,
Pavlos
signature.asc
Hi,
I remember someone( maybe Baptiste) saying that in multi process mode
backends will be picked up by the process which frontend is bound to.
But, I found not to be the case in 1.5.9.
I also remember that this works only when you have 1to1 relationship
between frontend and backends, which is my
On 18/12/2014 05:24 πμ, Baptiste wrote:
On Wed, Dec 17, 2014 at 10:39 PM, Pavlos Parissis
pavlos.paris...@gmail.com wrote:
Hi,
I remember someone( maybe Baptiste) saying that in multi process mode
backends will be picked up by the process which frontend is bound to.
But, I found
On 19 December 2014 at 12:02, Kevin COUSIN ki...@kiven.fr wrote:
Hi all,
I install an HAproxy instance to load balance an Remote Desktop Gateway
2012 R2. It works fine in Layer 7 with this configuration and a Windows
8.1, but it dont works with an xfreerdp.I see a difference in logs, with a
Hi,
I see tfo setting for bind directive but it isn't clear to me if HAProxy
will use TCP Fast Open towards the backend server.
Shall I assume that if client uses TCP Fast Open HAProxy will do the
same for server side?
Cheers,
Pavlos
signature.asc
Description: OpenPGP digital signature
On 01/02/2015 03:15 μμ, Willy Tarreau wrote:
Hi Simon,
On Fri, Jan 30, 2015 at 11:22:52AM +0900, Simon Horman wrote:
Hi Willy, Hi All,
the purpose of this email is to solicit feedback on an implementation
of email alerts for haproxy the design of which is based on a discussion
in this
On 03/02/2015 02:02 πμ, Thomas Amsler wrote:
Hello,
Is it possible to front AWS S3 Static Web Hosting with HAProxy? I have
tried to setup a backend to proxy requests to
SomeHost.s3-website-us-east-1.amazonaws.com:80
http://SomeHost.s3-website-us-east-1.amazonaws.com:80. But I am
getting an
On 02/02/2015 05:31 μμ, Willy Tarreau wrote:
Hi Christian,
[...snip...]
We've been considering this for a while now without any elegant solution.
Recently while discussing with Emeric we got an idea to implement scopes,
and along these lines I think we could instead try to inherit ACLs
On 06/02/2015 11:19 πμ, Georges-Etienne Legendre wrote:
Hi Willy,
Yes, please send me the script.
Willy,
If it isn't against the policies of this ML to send attachments and the
script is few kilobytes size, could you please send it to the list?
Thanks,
Pavlos
signature.asc
Description:
On 17/02/2015 01:11 μμ, Mariusz Gronczewski wrote:
On Mon, 16 Feb 2015 12:41:06 +0100, Klavs Klavsen k...@vsen.dk wrote:
As I understand anycast and ECMP (and I only know guys who use it and
know what they are doing ;) - it needs to be two different routes (ie.
routers) that are
On 16/02/2015 09:45 μμ, Michael Holmes wrote:
[...snip..]
* @ 9:05 a.m. stopping and starting HAProxy v1.5.11 didn't resolve the
problem. Waited six minutes for processing which didn't catch up.
* @ 9:12 a.m. I downgraded HAProxy from v1.5.11 to v1.5.3 and
everything normalized in
On 10/02/2015 10:56 πμ, Tobias Feldhaus wrote:
On Thu, Feb 5, 2015 at 9:38 PM, Pavlos Parissis
pavlos.paris...@gmail.com mailto:pavlos.paris...@gmail.com wrote:
On 04/02/2015 11:38 πμ, Tobias Feldhaus wrote:
Hi,
To refresh the page did not help (the number of seconds
On 01/02/2015 07:35 πμ, Willy Tarreau wrote:
Hello Joseph,
I'm CCing Bhaskar since he was the one proposing the first solution, he
may have some useful insights. Other points below.
On Thu, Jan 15, 2015 at 01:23:59PM -0800, Joseph Lynch wrote:
Hello,
I am trying to set up a health check
On 15/01/2015 09:16 μμ, Alex Wu wrote:
We enable send-proxy for ssl connections, and have the patched apache
module to deal with proxyprotocol.
From Mac OS, we see it works as designed. But when we repeat the same
test using ipad, then we the connection rejected. iPad cannot establish
the
On 01/02/2015 03:03 μμ, Willy Tarreau wrote:
On Sun, Feb 01, 2015 at 08:25:24AM +0100, Pavlos Parissis wrote:
If I understood Bhaskar's suggestion correctly, we could delegate health
check for backend servers to a single server which does all the health
checking. Am I right ?
Yes
On 05/01/2015 12:04 μμ, Thomas Heil wrote:
Hi,
On 03.01.2015 16:31, Ram Chander wrote:
Hi,
I have a requirement like below:
Consider there are two sets of backends. Each has some servers in it
One is default , other is backup
Haproxy should try second set if first set returns 404.
On 05/01/2015 12:28 μμ, Thomas Heil wrote:
Hi,
On 05.01.2015 12:18, Pavlos Parissis wrote:
On 05/01/2015 12:04 μμ, Thomas Heil wrote:
Hi,
On 03.01.2015 16:31, Ram Chander wrote:
Hi,
I have a requirement like below:
Consider there are two sets of backends. Each has some servers
Στις 8 Ιαν 2015 4:39 ΜΜ, ο χρήστης Alfredo Gutierrez
alfredo.gutierrez...@gmail.com έγραψε:
I am trying to setup a LB for one of my clients that is for two WS_FTP
windows servers. I have configured HAProxy already but I am not getting any
redirecting when I ftp to the LB server. I have searched
Hi,
According to the docs I can have the following snippet
http-request add-header Nodename %[env(HOSTNAME)]
to set the hostname as the value on a header. But, it doesn't work. I
network trace and Nginx logs show no value.
While the following works.
http-request add-header Nodename %H
I am
On 06/01/2015 08:42 μμ, Cyril Bonté wrote:
Hi Pavlos,
Le 06/01/2015 20:17, Pavlos Parissis a écrit :
Hi,
According to the docs I can have the following snippet
http-request add-header Nodename %[env(HOSTNAME)]
to set the hostname as the value on a header. But, it doesn't work. I
Hoi,
I am trying to return a specific 200 response when URL matches a ACL but I get
back 503. Where is my mistake?
frontend mpla
acl robots.txt path_beg /robots.txt
use_backend bk_robots if robots.txt
default_backend foo_com
backend bk_robots
mode http
errorfile 200
On 13/01/2015 12:36 μμ, Jarno Huuskonen wrote:
Hi,
On Tue, Jan 13, Pavlos Parissis wrote:
Hoi,
I am trying to return a specific 200 response when URL matches a ACL but I
get
back 503. Where is my mistake?
frontend mpla
acl robots.txt path_beg /robots.txt
use_backend
On 04/02/2015 01:26 πμ, Simon Horman wrote:
On Tue, Feb 03, 2015 at 05:13:02PM +0100, Baptiste wrote:
On Tue, Feb 3, 2015 at 4:59 PM, Pavlos Parissis
pavlos.paris...@gmail.com wrote:
On 01/02/2015 03:15 μμ, Willy Tarreau wrote:
Hi Simon,
On Fri, Jan 30, 2015 at 11:22:52AM +0900, Simon
On 04/02/2015 11:38 πμ, Tobias Feldhaus wrote:
Hi,
To refresh the page did not help (the number of seconds the PRIMARY
backend was considered to be down increased continuously, but not the
number of Bytes or the color).
[deploy@haproxy-tracker-one /var/log] /usr/local/sbin/haproxy -vv
On 05/02/2015 03:01 μμ, Klavs Klavsen wrote:
Hi guys,
Just to check.. if I set nbproc to f.ex. 4 - then I understand I need to
define 4xstats.. and when I visit the webinterface.. I'll actually only
get stats from one of the 4 processes..
But we have ADMIN enabled for stats - so we can
Hi all,
During a stress test I discovered a drop of 5% performance at rate of
380K req/s when the following 3 statements were added in a frontend
where HTTPS is not used
http-request add-header X-Cipher-Name %sslc
http-request add-header X-Cipher-Version %sslv
http-request add-header
On 30/03/2015 07:13 πμ, Krishna Kumar Unnikrishnan (Engineering) wrote:
Hi all,
I am testing haproxy as follows:
System1: 24 Intel(R) Xeon(R) CPU E5-2697 v3 @ 2.60GHz, 64 GB. This system
is running 3.19.0 kernel, and hosts the following servers:
1. nginx1 server - cpu 1-2, 1G
Hi,
Today I noticed after a reload that previous process was alive for long
time( 8hours). This is a HAProxy which runs in HTTP mode in front of
few squid servers, conf is quite simple[1] and the version is 1.5.6[2]
I had a lsof watcher for the old pid and the number of connections were
very
On 23/02/2015 10:55 μμ, NuSkooler wrote:
Attached is the information you requested -- and hopefully performed
correctly :)
* no_haproxy.pcap: This is a successful connection + POST to the
original Mochiweb server. Note that here the port is 8443 not 443
(IP=10.3.3.3)
* ha_self_signed.pcap:
On 24/02/2015 04:57 μμ, Nenad Merdanovic wrote:
Hello Vincent, Lucas
On 2/24/2015 4:56 PM, Lukas Tribus wrote:
It would be nice to add a note that without proper rotation, PFS is
compromised by the use of TLS tickets. People may not understand why
they need to put 3 keys in this file and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 13/04/2015 07:24 ??, Joseph Lynch wrote:
Hello,
I published an article today on Yelp's engineering blog
(http://engineeringblog.yelp.com/2015/04/true-zero-downtime-haproxy-re
loads.html)
that shows a technique we use for low latency,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 28/04/2015 12:56 ??, CJ Ess wrote:
When you run HAProxy in full debugging mode there is a debug_hdrs()
call that displays all of the http headers read from the frontend,
I'd also like to be able to see the headers being sent to the
backend.
On 29/04/2015 12:56 μμ, Krishna Kumar (Engineering) wrote:
Dear all,
Sorry, my lab systems were down for many days and I could not get back
on this earlier. After
new systems were allocated, I managed to get all the requested
information with a fresh ru
(Sorry, this is a long mail too!).
On 30/04/2015 08:31 μμ, Shawn Heisey wrote:
I have a number of backend configs that handle requests to dev and
staging webservers. These backend configs only have one server. If
that server goes down briefly because the server process is restarted,
which happens frequently precisely because
On 30/04/2015 09:57 μμ, Shawn Heisey wrote:
On 4/30/2015 1:03 PM, Pavlos Parissis wrote:
On 30/04/2015 08:31 μμ, Shawn Heisey wrote:
I definitely DO want this kind of console notification if one of the
production backends has no server available, but I don't want the
interruption for staging
Please see attached.
Thanks,
Pavlos
From 2fd6a3f14ad96e3f4f73ab01dfbe030ed70f3ed3 Mon Sep 17 00:00:00 2001
From: Pavlos Parissis pavlos.paris...@gmail.com
Date: Sat, 2 May 2015 20:30:44 +0200
Subject: [PATCH] DOC: Update doc about act and bck fields in the statistics
Reorder description for act
On 06/05/2015 12:03 μμ, Baptiste wrote:
On Wed, May 6, 2015 at 7:15 AM, Krishna Kumar (Engineering)
krishna...@flipkart.com wrote:
Hi Baptiste,
On Wed, May 6, 2015 at 1:24 AM, Baptiste bed...@gmail.com wrote:
Also, during the test, the status of various backend's change often
between
OK
On 05/05/2015 07:11 πμ, ANISH S IYER wrote:
HI
i need to configure HAproxy with apache server as loadbalancer
It sounds a bit strange to have a 2-tier load balancing setup using
software load balancer at both tiers, unless you do SSL offloading on
1-tier.
You can configure your Apache load
On 05/05/2015 02:06 μμ, Krishna Kumar (Engineering) wrote:
Hi Willy, Pavlos,
Thank you once again for your advice.
Requests per second:19071.55 [#/sec] (mean)
Transfer rate: 9461.28 [Kbytes/sec] received
These numbers are extremely low and very likely
On 10/05/2015 11:58 πμ, Pepe Charli wrote:
Hi,
Willy, thank you for your work
Now it is possible to use peers provided that the whole
section is only used by tables belonging to the same process. This makes
it easier to run SSL offloading in multiple processes now
Please, someone could
On 11/05/2015 10:46 μμ, Amol wrote:
Hi
I am using Haproxy (1.5.9) and trying to resolve a PCI compliance issue
with TLS v1.0, but when i set the following options in global section of
the haproxy.cfg i am getting an error in my haproxy.log and the webpage
does not showup.
On 09/05/2015 08:45 πμ, Nenad Merdanovic wrote:
This patchset adds support for updating TLS ticket keys using the admin
socket.
Nenad Merdanovic (3):
MINOR: Add TLS ticket keys reference and use it in the listener struct
MEDIUM: Add support for updating TLS ticket keys via socket
Hi all,
I have pushed to github a tool which I call haproxytool that can be used
to perform the most frequent operations on frontends/pools/servers.
You can find it here https://github.com/unixsurfer/haproxytool.
It uses haproxyadmin Python library which supports HAProxy in
multi-process
On 09/04/2015 02:52 μμ, Dieter van Zeder wrote:
Here's the the stripped-down configuration. Http-server-close is required in
order to use leastconn. The frontend actually contains various acl rules,
thus mode http.
I had a look at the doc and it isn't mentioned that http-server-close is
On 09/04/2015 02:11 μμ, Dieter van Zeder wrote:
It's not about idle connections, it's about connections closed by the client
before the server fully sent the response. I have an apache module which can
detect client disconnects and then stops processing. Having haproxy before
those
On 09/04/2015 12:52 μμ, Dieter van Zeder wrote:
Hi there, is it possible to forward packets indicating a client
disconnect, with haproxy running in http mode? The webserver is able to
cancel long running requests, but the disconnect cannot be detected at
the backend.
I don't quite
Hoi,
While I was reading commit descriptions I saw in
REORG/MAJOR: session: rename the session entity to stream
[..snip..]
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about
On 06/04/2015 08:41 μμ, Brian Fleming wrote:
I can do reload and there will be no downtime?
Yes, reload is a safe operation. But, don't be surprised if you see the
old process alive for long time(days). This behavior is caused by insane
timeout values on the client-side used by some
On 07/04/2015 09:55 μμ, Florin Andrei wrote:
Let's say HAproxy is used for a second layer of load balancers, with the
first layer being AWS ELBs.
When you create an ELB, you can specify a health check. This should
actually check the health of the HAproxy instances that the ELB is
pointing
On 19/06/2015 11:08 πμ, Andrei Marinescu wrote:
Same here, only 1-2 messages per week, and generally correctly tagged as
[SPAM]. Way less than the last discussion on this topic produced J
+1
This has been discussed before and Willy expressed the reasons why there
isn't any smap filter
Hoi,
From the doc:
stot [LFBS]: cumulative number of connections
From the above I understand that this counts TCP connections and not
HTTP requests. But, I found out that for backend/servers counts HTTP
requests
I fire up 500 HTTP requests over 100 TCP connections
./httpress -q -n 500 -k -t
On 22/06/2015 05:58 μμ, Willy Tarreau wrote:
Hi Pavlos,
On Mon, Jun 22, 2015 at 02:17:06PM +0200, Pavlos Parissis wrote:
Hoi,
From the doc:
stot [LFBS]: cumulative number of connections
From the above I understand that this counts TCP connections and not
HTTP requests. But, I found
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 27/05/2015 09:59 πμ, Igor wrote:
Hi, nginx 1.9.1 introduces a new feature that enables use of the
SO_REUSEPORT socket option, is this available in HAPROXY now or maybe
later :)?
http://nginx.com/blog/socket-sharding-nginx-release-1-9-1/
On 26/06/2015 03:57 μμ, Willy Tarreau wrote:
Hi,
as promise, here comes 1.5.13. It's been 1.5 months already since 1.5.12
and my misleading announce of the backport of peers support for nbproc :-)
You forgot to paste this to the site:-)
BTW: runs smoothly on production since the release
On 16/05/2015 11:22 πμ, Willy Tarreau wrote:
Hi Pavlos,
On Sat, May 02, 2015 at 08:39:36PM +0200, Pavlos Parissis wrote:
Please see attached.
Reorder description for act and bck in order to be aligned with the types
---
doc/configuration.txt | 4 ++--
1 file changed, 2 insertions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 22/05/2015 09:06 μμ, Mrunmayi Dhume wrote:
Hello,
I am using haproxy-1.6 with Lua. I have a use-case where I want to
set the destination (backend server) very dynamically, based on
certain layer 7 information (I am trying to avoid
On 24/08/2015 07:37 πμ, Willy Tarreau wrote:
Hi Phillip,
On Fri, Aug 21, 2015 at 01:28:06PM -0400, Phillip Decker wrote:
Hi guys,
I know we're all busy, but I just had a quick question - do we have a
ballpark idea when the next dev tag will be set? (ie. v1.6dev4 ?) Or even
further,
On 16/07/2015 04:02 μμ, Krishna Kumar (Engineering) wrote:
Hi John,
Your suggestion works very well, and exactly what I was looking for.
Thank you very much.
You could also try https://github.com/unixsurfer/haproxytool
Cheers,
Pavlos
signature.asc
Description: OpenPGP digital
On 17/07/2015 06:02 πμ, Ruoshan Huang wrote:
hi,
I found that the html stats page has a column of status which comes with
the uptime of a server or backend,
but in the csv stats I couldn’t find the uptime accordingly.
Can I get the uptime of servers without parsing the html? Thanks.
On 16/07/2015 05:56 μμ, Łukasz Tasz wrote:
Hi Guys,
I need some help with handling timeouts.
I'm using haproxy in tcp mode.
What is the issue?
client connects proxy, client is trying to sent something, it is
reaching client timeout on haproxy,
but connection on client side is still in
On 03/11/2015 11:32 πμ, Willy TARREAU wrote:
> Hi,
>
> some extra bugs were found and fixed since 1.6.1, and since they can
> cause trouble, here comes 1.6.2. In short, a bug in the DNS parser could
> lead to an endless loop, and another bug in the HTTP connection reuse code
> could cause a
Hi,
Following resolver section passes configuration check
resolvers mydns1
nameserver ns1 8.8.8.8:53
nameserver ns1 8.8.4.4:53
resolve_retries 3
timeout retry 1s
hold valid 10s
IMHO: allowing same ID for 2 different objects, which
1 - 100 of 278 matches
Mail list logo