Hi,
HAProxy 2.2-dev7 was released on 2020/05/05. It added 205 new commits
after version 2.2-dev6.
The most visible changes in this version is the rework of the health checks
that was started by Gaëtan and completed by Christopher. I'll certainly say
a number of stupidities about all this so I won't enter into details, but the
main points to be aware of is that the health checks which for 18 years have
been the ugliest part of the internals have now become smart. They are now
all internally implemented on top of tcp-check rules, and that these ones
were improved to satisfy the new requirements. For now all this new stuff is
not yet fully exploited beyond what is needed for the checks but we can hope
a lot of new cool stuff in a near future.
In addition, HTTP checks now run over HTX and employ the muxes so they can
now run over HTTP/1 and HTTP/2, and can separately set headers and body.
All the elements may be extracted and processed for advanced checks. You
should refer to the documentation to figure all the details. Please beware
that the check configuration rules are subject to change a little bit before
the release but the main principle is already here.
Just before releasing I noticed one minor regtest failure on openssl 1.0.2
only, that I bisected to commit df38f88 ("MINOR: checks: Improve log message
of tcp-checks on success") (which sadly, doesn't have any commit message).
This failure is only about the logged message on check failure. I don't see
any obvious reason why this commit would only affect openssl 1.0.2 so I
guess the issue is somewhere else, and likely not much important.
Aside this there were a number of code cleanups, regtest additions and doc
updates. Among the other pending things I'm aware of is the support for
syslog over TCP and that should be all.
My personal feeling is that the rate of changes is still a bit high this
late in the cycle and that the level of issues remains high as well, and
I would appreciate it when it starts to calm down. I wouldn't be surprized
if we'd release in early June rather than end of May. But there's no rush
and that doesn't make a huge difference, provided it allows us to have an
excellent 2.2.
If you have painful checks in your configs, or some unusual ones, your
feedback will be welcome. If you're facing limitations with your HTTP
checks, it might be the right moment to give this one a try.
Please find the usual URLs below :
Site index : http://www.haproxy.org/
Discourse: http://discourse.haproxy.org/
Slack channel: https://slack.haproxy.org/
Issue tracker: https://github.com/haproxy/haproxy/issues
Sources : http://www.haproxy.org/download/2.2/src/
Git repository : http://git.haproxy.org/git/haproxy.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy.git
Changelog: http://www.haproxy.org/download/2.2/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
Willy
---
Complete changelog :
Baptiste Assmann (3):
MINOR: ist: add istadv() function
MINOR: ist: add istissame() function
MINOR: istbuf: add ist2buf() function
Christopher Faulet (136):
BUG/MINOR: http-ana: Throw a 500 error if after-response ruleset fails on
errors
BUG/MINOR: check: Update server address and port to execute an external
check
MINOR: mini-clist: Add functions to iterate backward on a list
MINOR: checks: Add a way to send custom headers and payload during http
chekcs
BUG/MINOR: checks: Respect the no-check-ssl option
BUG/MEDIUM: server/checks: Init server check during config validity check
CLEANUP: checks: Don't export anymore init_check and
srv_check_healthcheck_port
BUG/MINOR: checks: Forbid tcp-check lines in default section as documented
MINOR: checks: Stop xform buffers to null-terminated string for tcp-check
rules
MINOR: checks: Simplify functions to get step id and comment
MEDIUM: proxy/checks: Register a keyword to parse tcp-check rules
MEDIUM: checks: Add implicit tcp-check connect rule
MAJOR: checks: Refactor and simplify the tcp-check loop
MINOR: checks: Add the sni option for tcp-check connect rules
MINOR: checks: Add the via-socks4 option for tcp-check connect rules
MINOR: checks: Add the alpn option for tcp-check connect rules
MINOR: ssl: Export a generic function to parse an alpn string
MINOR: checks: Add the default option for tcp-check connect rules
MINOR: checks: Add the addr option for tcp-check connect rule
MEDIUM: checks: Support expression to set the port
MEDIUM: checks: Support log-format strings for tcp-check send rules
MINOR: log: Don't depends on a stream to process samples in log-format
string
MINOR: log: Don't systematically set LW_REQ when a sample expr is added
MEDIUM: checks: Add a shared list of tcp-check rules
MINOR: sample: add htonl converter
MINOR: sample: add cut_crlf con