.
SSL-LOAD-EXTRA-FILES is an excellent feature we’ve been waiting for as
it simplifies our cert deployment, but in its current form It’s not
really usable for us.
Thank you.
--
Marc-Antoine Leclercq
sources or wait for the next dev release.
Actually, the function txn.close() causes a segfault, it will be
fixed in a few time.
I just merged your temporary fix, Thierry, so the segfault is supposed
to be gone. CCing Marc-Antoine and Cyril on this. In the mean time, guys,
please don't add
it works fine with crt pointing to a signe certificate file.
Can you make the openssl tests from the server, connecting locally without
any intermediate
devices?
i did and results are the same.
Regards,
Thanks,
Lukas
--
Marc-Antoine
?
Thierry
On Mon, 17 Aug 2015 15:00:25 +0200
Marc-Antoine marc-antoine.b...@ovh.net wrote:
Hi,
Cyril, as you said, if removed txn:close() from the lua script, I don't
get segfault anymore.
I noticed that if I removed default_backend line from frontend declaration
debugme req.hdr_cnt(X-debug-me) ge 1
http-request lua mirror if debugme
#default_backend be
Regards,
On Sat, 15 Aug 2015 23:56:57 +0200,
Cyril Bonté cyril.bo...@free.fr wrote :
Hi Marc-Antoine,
Le 12/08/2015 19:01, Marc-Antoine a écrit :
I forgot lua file content :
# cat
/home/provisionning/0.pem crt
/home/provisionning/cluster2.d
default_backend cluster2
any idea ?
--
Marc-Antoine
wrote on 8/12/2015 11:29:
On Wed, Aug 12, 2015 at 11:22 AM, Marc-Antoine
marc-antoine.b...@ovh.net wrote:
Hi all,
i'm trying to use an ECC certificate under haproxy without success :
* haproxy -vv
HA-Proxy version 1.5.8 2014/10/31
Copyright 2000-2014 Willy Tarreau w...@1wt.eu
1
http-request lua mirror if debugme
default_backend be
frontend fe:443
bind 127.0.0.1:443 ssl crt /etc/ssl/private
default_backend be
backend be
server s1 127.0.0.2
server s2 127.0.0.3
server s3 127.0.0.4
Regards,
--
Marc-Antoine
response = response .. \r\n
response = response .. buffer
txn.res:send(response)
txn:close()
end
On Wed, 12 Aug 2015 18:57:50 +0200,
Marc-Antoine marc-antoine.b...@ovh.net wrote :
Hi,
i try to test lua in haproxy and i got segfault while doing curl request :
# curl http
Hi,
On Mon, 20 Jul 2015 11:50:50 +0200,
Marc-Antoine marc-antoine.b...@ovh.net wrote :
Hi Lukas,
frontend cluster:443
bind 1.2.3.4:443 ssl strict-sni crt /home/provisionning/0.pem crt
/home/provisionning/cluster.d
default_backend cluster
capture request header Host len 255
,
I made a mistake in my previous email : it works locally AND remotely !
What fixed the problem? This may be useful for others as well.
Lukas
--
Marc-Antoine
2015 GMT
[...]
---
It works locally or remotely !
Not sure I understand. Does that mean it works locally, but not remotely?
Regards,
Lukas
--
Marc-Antoine
Hi,
nobody knows plz ?
On Thu, 9 Jul 2015 13:06:59 +0200,
Marc-Antoine marc-antoine.b...@ovh.net wrote :
Hi all,
I have some problem making ocsp stapling working. here is what i did :
I have 8150.pem with chain, cert and key in it.
I have 8150.pem.ocsp that seems ok :
# openssl
,
--
Marc-Antoine
Hi, just to let you know changelog is missing 1.5.14 infos ;)
great job by the way !
On Fri, 3 Jul 2015 17:55:56 +0200,
Willy Tarreau w...@1wt.eu wrote :
Changelog: http://www.haproxy.org/download/1.5/src/CHANGELOG
--
Marc-Antoine
do,
but not only), you *replace* it.
What you may be looking for, though, is haproxy-systemd-wrapper, which
does all this automatically when it receives SIGUSR2 or SIGHUP.
Regards,
Marc-Antoine
On 11 September 2014 07:44, Willy Tarreau w...@1wt.eu wrote:
On Wed, Sep 10, 2014 at 10:38:55PM -0700, Matt Robenolt wrote:
Awesome, thanks. :)
Is it possible to also get this applied into the 1.5 branch since this is
low risk and doesn???t break any backwards compatibility and whatnot?
++-
1 file changed, 49 insertions(+), 20 deletions(-)
--
1.9.1
Looks good to me.
Any comments, Will?
Regards,
Marc-Antoine
that helps and sounds right.
Marc-Antoine
On Sat, 2014-02-15 at 20:04 -0600, Ryan O'Hara wrote:
On Sun, Feb 16, 2014 at 10:08:31AM +0900, Marc-Antoine Perennou wrote:
This is why you get
haproxy-systemd-wrapper - main haproxy process - haproxy worker.
haproxy-systemd-wrapper waits for the main haproxy process to exit
apply cleanly to the development tree.
Great, thank you! I'll wait for Marc-Antoine to do a quick review since
he seems to be the only one here having had his fingers dirty with
systemd, then I have no problem merging them.
Thanks!
Willy
I don't have access to a computer to actually test those
Formerly, if A was replaced by B, and then B by C before
A finished exiting, we didn't wait for B to finish so it
ended up as a zombie process.
Fix this by waiting randomly every child we spawn.
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
src/haproxy-systemd-wrapper.c | 10
Hi,
After checking out the man page of waitpid, wait would indeed be sufficient
here.
I didn't actually know about waitpid(-1)
I'll resubmit an updated patch tomorrow!
Thanks
On 1 April 2013 23:32, Willy Tarreau w...@1wt.eu wrote:
Hi Marc-Antoine,
On Thu, Mar 14, 2013 at 02:50:56PM +0100
Formerly, if A was replaced by B, and then B by C before
A finished exiting, we didn't wait for B to finish so it
ended up as a zombie process.
Fix this by queuing all process we spawn for waitpid.
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
src/haproxy-systemd-wrapper.c
Formerly, if A was replaced by B, and then B by C before
A finished exiting, we didn't wait for B to finish so it
ended up as a zombie process.
Fix this by queuing all process we spawn for waitpid.
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
src/haproxy-systemd-wrapper.c
Hi,
On 13 February 2013 08:11, Willy Tarreau w...@1wt.eu wrote:
Hi Marc-Antoine,
On Tue, Feb 12, 2013 at 10:53:54AM +0100, Marc-Antoine Perennou wrote:
+systemd/haproxy.service: contrib/systemd/haproxy.service.in
+ mkdir -p systemd
+ sed -e 's:@SBINDIR@:'$(strip $(SBINDIR
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
.gitignore | 1 +
contrib/systemd/Makefile | 8
contrib/systemd/haproxy.service.in | 11 +++
3 files changed, 20 insertions(+)
create mode 100644 contrib/systemd/Makefile
-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
doc/haproxy-en.txt | 1 +
doc/haproxy-fr.txt | 1 +
doc/haproxy.1 | 4
include/types/global.h | 1 +
src/haproxy.c | 35 +++
5 files changed, 30 insertions(+), 12 deletions
itself) signal, and spawing a new haproxy with -sf as a child to
relay the
first one.
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
.gitignore| 1 +
Makefile | 16 +-
src/haproxy-systemd-wrapper.c | 113
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
.gitignore | 1 +
Makefile | 8 ++--
contrib/systemd/haproxy.service.in | 11 +++
3 files changed, 18 insertions(+), 2 deletions(-)
create mode 100644 contrib
On 9 February 2013 09:45, Willy Tarreau w...@1wt.eu wrote:
On Fri, Feb 08, 2013 at 03:58:46PM +0100, Marc-Antoine Perennou wrote:
@@ -1493,8 +1499,13 @@ int main(int argc, char **argv)
px = px-next;
}
- if (proc == global.nbproc
here ? I first did it with SIGUSR1 but then children couldn't
bind
to this signal on reload, since it was already a USR1 action, so I took the
first one
not colliding.
On 9 February 2013 09:49, Willy Tarreau w...@1wt.eu wrote:
On Fri, Feb 08, 2013 at 03:58:47PM +0100, Marc-Antoine Perennou wrote
On 9 February 2013 11:06, Willy Tarreau w...@1wt.eu wrote:
Hi,
On Sat, Feb 09, 2013 at 10:44:04AM +0100, Marc-Antoine Perennou wrote:
I just made a simple test, running a webserver serving a big file
locally,
using haproxy,
my wrapper and systemd service. I started a download and during
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
.gitignore| 1 +
Makefile | 16 +-
src/haproxy-systemd-wrapper.c | 122 ++
3 files changed, 137 insertions(+), 2 deletions(-)
create mode
Hi,
Currently, to reload haproxy configuration, you have to use -sf.
Systemd philosophy is for the daemon not to fork by themselves, but rather let
the init process do it for them.
My first patch adds a new option -Ds which is exactly like -D, but instead
of
forking n times to get n jobs
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
doc/haproxy-en.txt | 1 +
doc/haproxy-fr.txt | 1 +
doc/haproxy.1 | 4
include/types/global.h | 1 +
src/haproxy.c | 35 +++
5 files changed, 30 insertions(+), 12
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
.gitignore | 1 +
Makefile | 8 ++--
contrib/systemd/haproxy.service.in | 11 +++
3 files changed, 18 insertions(+), 2 deletions(-)
create mode 100644 contrib
It is totally normal that systemd kills the new process as the main one
which was the first has exited. This is the expected behaviour.
I'm currently patching haproxy to fully support systemd, I'll probably
submit my patches by tomorrow (It's fully functionnal here, only needs a
little cleaning)
Signed-off-by: Marc-Antoine Perennou marc-anto...@perennou.com
---
doc/haproxy-en.txt | 1 +
doc/haproxy-fr.txt | 1 +
doc/haproxy.1 | 4
include/types/global.h | 1 +
src/haproxy.c | 31 +++
5 files changed, 26 insertions(+), 12
39 matches
Mail list logo