Hi,
I have been struggling with this bug for a little while and wanted to report
it and see if you can either help me or fix this bug. Here is a sample
config file which shows the bug
*global*
*log 127.0.0.1 local0*
*user nobody*
*group nogroup*
*daemon*
*
Vivek,
Le lundi 04 avril 2011 11:21:55, Vivek Malik a écrit :
Hi,
I have been struggling with this bug for a little while and wanted to
report
it and see if you can either help me or fix this bug. Here is a sample
config file which shows the bug
(...)
Basically, the config
Joe,
You need to run as many stunnel instances as number of SSL certificates. If
the sites share SSL certificate, then one stunnel instance will do.
I run stunnel 4.32 with patch from
http://haproxy.1wt.eu/download/patches/on port 443 and forward it to
port 81 on the same machine which is bound
mailing list.
Sent from my iPhone
On Apr 10, 2011, at 8:20 AM, German Gutierrez germ...@olx.com wrote:
BTW, will this patch ever go upstream? Why stunnel does not have this
already?
On Sat, Apr 9, 2011 at 11:43 PM, Vivek Malik vivek.ma...@gmail.com
wrote:
Joe,
You need to run as many
I found a hacky way to do it from mailing list archives
http://www.mail-archive.com/haproxy@formilux.org/msg03323.html
Regards,
Vivek
On Wed, Apr 20, 2011 at 10:09 PM, Vivek Malik vivek.ma...@gmail.com wrote:
Hi,
I am trying to issue a redirect via haproxy and want to reuse the host
.
Thanks,
Vivek
On Wed, Apr 20, 2011 at 10:43 PM, Vivek Malik vivek.ma...@gmail.com wrote:
I found a hacky way to do it from mailing list archives
http://www.mail-archive.com/haproxy@formilux.org/msg03323.html
Regards,
Vivek
On Wed, Apr 20, 2011 at 10:09 PM, Vivek Malik vivek.ma
haproxy -f /etc/haproxy.cfg -sf $(cat $PIDFILE) would do it
haproxy -h
HA-Proxy version 1.4.18 2011/09/16
Copyright 2000-2011 Willy Tarreau w...@1wt.eu
Usage : haproxy [-f cfgfile]* [ -vdVD ] [ -n maxconn ] [ -N maxpconn ]
[ -p pidfile ] [ -m max megs ]
-v displays version ; -vv
We have been using haproxy in production for around 6 months while using
httpclose. We use functions like reqidel, reqadd to manipulate request
headers and use_backend to route a request to a specific backend.
We run websites which often have ajax calls and load javascripts and css
files from the
DNS propagation can take a long time based on my experience. We have a similar
problem where we host multiple identical setups in different EC2 availability
zones. We have been thinking of having DNS entry with multiple A records for
load distribution and failover. However, that doesn't solve
May I ask what some of the acronyms in this email thread stand for
RHI -
AS -
GSLB -
Thanks,
Vivek
On Tue, Nov 1, 2011 at 2:26 PM, Baptiste bed...@gmail.com wrote:
True :)
Despite short TTLs, some client would take a long time to failover.
But it's the only option unless you own your AS and
You are running haproxy in a tcp mode since you are relaying SSL and
decrypting on the backend. Cookies can only be analyzed in HTTP mode. Not
sure how to do sticky sessions in tcp mode.
Vivek
On Mon, Nov 7, 2011 at 2:03 PM, Mir Islam mis...@mirislam.com wrote:
Is it possible to utilize some
to support being
deleted/cleared through the socket interface. Is it possible to do something
similar to clean appsessions? Or maybe store appsession in
a stick-table and clear the session through socket command?
/E
From: Vivek Malik [mailto:vivek.ma...@gmail.com]
Sent: den 7 november 2011 11
We have the same situation where we accept traffic for a long list of
domains. We solve the problem by adding the following for each domain
redirect prefix https://sub.domain.com if !is_https make_https {
hdr(host) sub.eqaldev.com }
The above solution only works if the list of the subdomains is
Haproxy 1.5 has src_conn_rate which can be used for that. I personally
haven't used it. I just remember reading about it.
Vivek
On Tue, Mar 13, 2012 at 8:30 AM, Jerry Champlin
j...@absolute-performance.com wrote:
One way to do this is to find it in the logs with a script and then have
that
A recommended upgrade for all production users. While we are not
(generally) affected by the bugs fixed in haproxy stable version. I
recommend updating haproxy.
I can update haproxy bin in puppet and can check it in (we distribute
haproxy binary via puppetmaster).
Aiman,
Please update
I did something similar for graphite using bash and socat to read from
haproxy socket.
Script at http://pastebin.com/ccenegXb
Regards,
Vivek
On Tue, Oct 2, 2012 at 4:08 PM, Joel Krauska jkrau...@gmail.com wrote:
I use something like this:
(it has a few things that are specific to my
You need to add option httpclose or option http-server-close so that
haproxy doesn't act in the tunnel mode (default behavior).
Regards,
Vivek
On Thu, Oct 11, 2012 at 5:33 PM, Milan Babuskov milan.babus...@gmail.comwrote:
Hello,
I'm using HAProxy 1.4.22. I have the following haproxy.conf
balancer all together. However, there might be better ways to do it which I
am not aware of.
Regards,
Vivek
On Sun, Oct 14, 2012 at 7:46 PM, Vivek Malik vivek.ma...@gmail.com wrote:
I am not sure of how mikrokit could be having problems with
http-server-close. http-server-close only affects
.
Is there a plan to add stick table pattern extraction which includes
extraction values from path or header using regular expressions?
Thanks,
Vivek
On Fri, Mar 1, 2013 at 12:54 AM, Baptiste bed...@gmail.com wrote:
On Thu, Feb 28, 2013 at 7:28 PM, Vivek Malik vivek.ma...@gmail.com
wrote:
Hi,
I see
Hi,
I would like to set up a configuration where users are required to
authenticate via a custom authentication web app before navigating to
the content backend.
I was thinking on lines of haproxy server sending the request to the
auth server when a map entry is missing. When the user
Hi,
I have a few questions around setting up a customized haproxy farm. I
am combining all my questions in single email.
1) Map peering
Is it possible to peer maps across haproxy running on multiple
machines? Or store key, value pairs inside stick table (which supports
peering).
2) Backend of
Hi,
I am using rand(x) in configuration to make some routing decisions. I
am basically load balancing between backends and using the following
configuration
use_backend bk_1 { rand(100) le 50 }
default_backend bk_2
However, I am not seeing any traffic going to bk_2 and all traffic
goes to bk_1.
Are you putting in DH parameters in mycert.pem?
PFS depends on using DH algorithm to exchange and create a secret for
the connection.
openssl dhparam 2048 mycert.pem should add the DH parameters to the
cert file.
Regards,
Vivek
On Mon, Dec 8, 2014 at 4:44 PM, Sander Rijken
Hi Vincent,
Thanks for the patch. I was able to verify that the patch made the
distribution uniform over a large (300+) output from rand.
Regards,
Vivek
On Mon, Dec 8, 2014 at 4:45 PM, Vincent Bernat ber...@luffy.cx wrote:
❦ 8 décembre 2014 23:20 +0100, Vincent Bernat ber...@luffy.cx :
Hi,
AFAIK, Haproxy doesn't have a subrequest feature.
However, there are other design solutions possible to make Haproxy as
SSO filter. I am using Haproxy is a similar fashion. I have coded my
SSO to notify Haproxy whenever a new SSO authentication session is
added. Haproxy adds that session id
Hi,
I am trying to redirect a user to login page if not logged in and
redirect the user back to original page after login. The login page is
on a different domain than the primary domain where requests are
coming.
I have a few questions/feature requests related to http-request redirect
a)
Please see http://www.mail-archive.com/haproxy@formilux.org/msg06885.html
The summary being
iptables -I INPUT -p tcp --dport $PORT --syn -j DROP
sleep 1
service haproxy restart
iptables -D INPUT -p tcp --dport $PORT --syn -j DROP
Regards,
Vivek
On Tue, Jan 20, 2015 at 1:11 AM, hu.zhang
I see roubdrobin working perfectly over here. Look at sessions total and
see how they are same for every server.
It seems that all your requests are not the same workload. Some servers or
some requests are taking longer to fulfill and increasing load on servers.
Have you tried using leastconn
missing
something in my configuration.
Regards,
Vivek
On Fri, Feb 27, 2015 at 8:20 PM, Vivek Malik vivek.ma...@gmail.com wrote:
Hi,
I am trying to use http-request set-map with fixed strings which are
defined in config file. Example lines
http-request set-map(motion.map) monday %[date
:
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
On Sat, Feb 28, 2015 at 1:26 AM, Baptiste bed...@gmail.com wrote:
On Sat, Feb 28, 2015 at 3:22 AM, Vivek Malik vivek.ma...@gmail.com wrote:
(Sorry
Hi,
I am trying to use http-request set-map with fixed strings which are
defined in config file. Example lines
http-request set-map(motion.map) monday %[date()] if acl_1
http-request set-map(motion.map) tuesday %[date()] if acl_2
Note that monday and tuesday are literal string and not
Hi,
I spent last few hours scratching my head and wondering where my
configuration was wrong and why was it acting weird. Sending this to
ML to see if this is a bug or expected behavior. I expected ACL to
evaluate its condition only once and store the true/false outcome,
however with rand(), I
Hi,
I am getting 500 Internal Server Error on the haproxy.org website.
Various websites like
http://downforeveryoneorjustme.com/www.haproxy.org
http://www.isitdownrightnow.com/haproxy.org.html
http://www.websitenotworking.com/haproxy.org
confirm that the website is down for them too.
Regards,
I had faced the same issue and have documented my solution at
https://www.mail-archive.com/haproxy@formilux.org/msg26387.html
Regards,
Vivek
On Sat, Jul 8, 2017 at 5:44 AM, Aaron West wrote:
> On 8 July 2017 at 11:25, Aaron West wrote:
>> for me
Hi,
I am using haproxy for path based routing and am trying to forward
traffic to another datacenter under certain conditions. However, the
traffic must go via explicit proxy server (squid). The traffic is
getting forwarded to an https endpoint in AWS fronted by ELB.
Is there a way to define
uldn't figure out if I
can force a CONNECT via lua to the backend before haproxy starts
forwarding the request to backend.
Regards,
Vivek
On Sun, Jun 11, 2017 at 11:22 PM, Vivek Malik <vivek.ma...@gmail.com> wrote:
> Hi,
>
> I am using haproxy for path based routing and am t
36 matches
Mail list logo