Manipulating backend list with lua
Dearest list, (Although this question is mostly directed to Thierry and Willy) What is the best (or is it even possible) way of manipulating the list of backend servers at runtime using lua ?
HTTPS to HTTP reverse proxy
I am publishing horde webmail application. The horde itself is served
internally via http protocol on apache. Please, see the configuration,
below. The issue seems to be with css and image files as formatting is out
wack. Please note, accessing the http site from intranet works.
global
log 127.0.0.1 local0 debug
tune.ssl.default-dh-param 2048
maxconn 4096
user proxy
group proxy
daemon
#debug
#quiet
defaults
log global
mode http
option forwardfor
option httplog
option dontlognull
option redispatch
option http-server-close
retries 3
maxconn 2000
timeout connect 5000
timeout client 5
timeout server 5
frontend farm_test_ssl
mode http
bind 0.0.0.0:443 ssl crt /etc/ssl/certs/cs.pem crt
/etc/ssl/certs/remote.pem
use_backend bk_cs_cert if { ssl_fc_sni cs.localdom.com } # content
switching based on SNI
use_backend bk_remote_cert if { ssl_fc_sni remote.localdom.com } #
content switching based on SNI
backend bk_cs_cert
mode http
server cs 192.168.8.108:80 check ssl verify none
backend bk_remote_cert
mode http
server remail 192.168.8.166:80 check ssl verify none
Re: appending characters to a custom field without intervening spaces
Thanks for your notice Conrad Yes, this is for the New Relic PHP agent, which requires the X-Request-Start to be in microseconds according to: https://docs.newrelic.com/docs/apm/other-features/request-queueing/configuring-request-queue-reporting#php Yes, after you mentioned it in %Ts, accept_date is in %ms too: case LOG_FMT_MS: // %ms ... ret = utoa_pad((unsigned int)s->logs.accept_date.tv_usec/1000, tmplog, 4); On Mon, Aug 10, 2015 at 12:40 PM, Conrad Hoffmann wrote: > Hey Jose, > > to save you some of the pain I just went through, I would like to add the > following: > > %Ts does not neccessarily give you the time of the processing of the > request, which is what you would want for the typical X-Request-Start > header (are you using NewRelic or a similar service?). This is very hard to > deduce from the documentation, but as far as I can tell it is in fact: > > - the time of the accept() call for the connection when this is the first >request on this connection (which is usually acceptable, but might not >be sometimes) > - something like the end time of the previous request for any subsequent >requests on that connection. > > Thus, if you have long-lived connections that are not constantly churning > out requests, the value of %Ts might significantly deviate from what you > might expect. Maybe Willy can shed some light on when exactly the value of > %Ts is set, but I encourage you do a small test before trusting it (I used > a simple telnet session that I pasted some requests into, with a pause in > between). > > In the end I resorted to calling date(), which only has second resolution > but is at least never off by more than a second. > > Hope that helps, > Conrad > > On 08/10/2015 06:24 PM, Jose Nunez wrote: > > Hi Willy, > > > > thanks for your answer, it works perfectly, thanks! > > > > Jose > > > > On Sun, Aug 9, 2015 at 4:55 AM, Willy Tarreau wrote: > > > >> Hi Jose, > >> > >> On Fri, Aug 07, 2015 at 01:28:13PM -0400, Jose Nunez wrote: > >>> Hi, > >>> > >>> I need to express something similar to this: > >>> > >>> http-request set-header X-REQUEST-START t=%[Ts]%[ms]000 > >>> > >>> (to append three "0"s at the end of the timestamp with milliseconds). > >>> > >>> I have tried with other ways to append the three "0"s at the end: > >>> > >>> http-request set-header X-REQUEST-START t=%Ts%[ms]\x30\x30\x30 > >>> > >>> and > >>> > >>> http-request set-header X-REQUEST-START t=%Ts%ms\x30\x30\x30 > >>> > >>> and no avail either. > >> > >> You've met the limits of the log format which is not a language and > >> which requires some delimiters to be detected. Unfortunately it doesn't > >> have any delimiter which doesn't appear in the output. I found a way to > >> abuse it using %[] to mark a new word (since %[] detects the end of the > >> current block using the closing bracket). Using just "%[]" emits a > warning > >> and does exactly what you want. A cleaner method in 1.6 consists in > >> emitting > >> an empty string as a delimitor : %[str()]. In 1.5, there is no str(), > but > >> you can use %[env()] which will retrieve the contents of the environment > >> variable with no name, it doesn't exist so it returns an empty string. > Yes > >> I know that's ugly, but the log format has gone far beyond its design > goals > >> already! > >> > >> Thus it will give you this in 1.5 : > >> > >> http-request set-header X-REQUEST-START t=%Ts%ms%[env()]000 > >> > >> In 1.6 you can also do that : > >> > >> http-request set-header X-REQUEST-START t=%Ts%ms%[str(000)] > >> > >> Also, please note that what you're doing above only works because %ms is > >> left-padded with zeroes. I'm not seeing this documented anywhere though. > >> > >> Willy > >> > >> > > > > -- > Conrad Hoffmann > Traffic Engineer > > SoundCloud Ltd. | Rheinsberger Str. 76/77, 10115 Berlin, Germany > > Managing Director: Alexander Ljung | Incorporated in England & Wales > with Company No. 6343600 | Local Branch Office | AG Charlottenburg | > HRB 110657B >
Re: appending characters to a custom field without intervening spaces
Hey Jose, to save you some of the pain I just went through, I would like to add the following: %Ts does not neccessarily give you the time of the processing of the request, which is what you would want for the typical X-Request-Start header (are you using NewRelic or a similar service?). This is very hard to deduce from the documentation, but as far as I can tell it is in fact: - the time of the accept() call for the connection when this is the first request on this connection (which is usually acceptable, but might not be sometimes) - something like the end time of the previous request for any subsequent requests on that connection. Thus, if you have long-lived connections that are not constantly churning out requests, the value of %Ts might significantly deviate from what you might expect. Maybe Willy can shed some light on when exactly the value of %Ts is set, but I encourage you do a small test before trusting it (I used a simple telnet session that I pasted some requests into, with a pause in between). In the end I resorted to calling date(), which only has second resolution but is at least never off by more than a second. Hope that helps, Conrad On 08/10/2015 06:24 PM, Jose Nunez wrote: > Hi Willy, > > thanks for your answer, it works perfectly, thanks! > > Jose > > On Sun, Aug 9, 2015 at 4:55 AM, Willy Tarreau wrote: > >> Hi Jose, >> >> On Fri, Aug 07, 2015 at 01:28:13PM -0400, Jose Nunez wrote: >>> Hi, >>> >>> I need to express something similar to this: >>> >>> http-request set-header X-REQUEST-START t=%[Ts]%[ms]000 >>> >>> (to append three "0"s at the end of the timestamp with milliseconds). >>> >>> I have tried with other ways to append the three "0"s at the end: >>> >>> http-request set-header X-REQUEST-START t=%Ts%[ms]\x30\x30\x30 >>> >>> and >>> >>> http-request set-header X-REQUEST-START t=%Ts%ms\x30\x30\x30 >>> >>> and no avail either. >> >> You've met the limits of the log format which is not a language and >> which requires some delimiters to be detected. Unfortunately it doesn't >> have any delimiter which doesn't appear in the output. I found a way to >> abuse it using %[] to mark a new word (since %[] detects the end of the >> current block using the closing bracket). Using just "%[]" emits a warning >> and does exactly what you want. A cleaner method in 1.6 consists in >> emitting >> an empty string as a delimitor : %[str()]. In 1.5, there is no str(), but >> you can use %[env()] which will retrieve the contents of the environment >> variable with no name, it doesn't exist so it returns an empty string. Yes >> I know that's ugly, but the log format has gone far beyond its design goals >> already! >> >> Thus it will give you this in 1.5 : >> >> http-request set-header X-REQUEST-START t=%Ts%ms%[env()]000 >> >> In 1.6 you can also do that : >> >> http-request set-header X-REQUEST-START t=%Ts%ms%[str(000)] >> >> Also, please note that what you're doing above only works because %ms is >> left-padded with zeroes. I'm not seeing this documented anywhere though. >> >> Willy >> >> > -- Conrad Hoffmann Traffic Engineer SoundCloud Ltd. | Rheinsberger Str. 76/77, 10115 Berlin, Germany Managing Director: Alexander Ljung | Incorporated in England & Wales with Company No. 6343600 | Local Branch Office | AG Charlottenburg | HRB 110657B
Re: appending characters to a custom field without intervening spaces
Hi Willy, thanks for your answer, it works perfectly, thanks! Jose On Sun, Aug 9, 2015 at 4:55 AM, Willy Tarreau wrote: > Hi Jose, > > On Fri, Aug 07, 2015 at 01:28:13PM -0400, Jose Nunez wrote: > > Hi, > > > > I need to express something similar to this: > > > > http-request set-header X-REQUEST-START t=%[Ts]%[ms]000 > > > > (to append three "0"s at the end of the timestamp with milliseconds). > > > > I have tried with other ways to append the three "0"s at the end: > > > > http-request set-header X-REQUEST-START t=%Ts%[ms]\x30\x30\x30 > > > > and > > > > http-request set-header X-REQUEST-START t=%Ts%ms\x30\x30\x30 > > > > and no avail either. > > You've met the limits of the log format which is not a language and > which requires some delimiters to be detected. Unfortunately it doesn't > have any delimiter which doesn't appear in the output. I found a way to > abuse it using %[] to mark a new word (since %[] detects the end of the > current block using the closing bracket). Using just "%[]" emits a warning > and does exactly what you want. A cleaner method in 1.6 consists in > emitting > an empty string as a delimitor : %[str()]. In 1.5, there is no str(), but > you can use %[env()] which will retrieve the contents of the environment > variable with no name, it doesn't exist so it returns an empty string. Yes > I know that's ugly, but the log format has gone far beyond its design goals > already! > > Thus it will give you this in 1.5 : > > http-request set-header X-REQUEST-START t=%Ts%ms%[env()]000 > > In 1.6 you can also do that : > > http-request set-header X-REQUEST-START t=%Ts%ms%[str(000)] > > Also, please note that what you're doing above only works because %ms is > left-padded with zeroes. I'm not seeing this documented anywhere though. > > Willy > >
[SPAM] Pcb Inquiry
Dear,. How are you ? We’re a pcb maker, hope to support you on PCB area. Our capability : . 1- 18 layer . HDI Board with blind and buried vias, Laser drilling, 3/3mil track/width, High copper up to 5 OZ, Impedance control; etc. . FR-4 ,HalogenFree material, Rogers, TACONIC, Arlon, Polyimide, Aluminum-based board . quick turn, small volume and mass production. Please check if you have any pcb inquiry and send it to me. I will quote for you within 4 hours. PS,If you’re not the right person ,Please help to forward this email to your purchase dept . thank you . To unsubscribe, please click here Bestech Circuits (HK) Limited peter ( Oversea Sales Department ) TEL:+86-755-29185755 Fax:+86-755-86251678 EMAIL:peter.yang@bestechcircuits.com Website:www.bestechcircuits.com
Re: ha-proxy strange behavior with check localhost option
Hi BLN, bln prasad wrote: > I'm not sure why health check is failing if it's localhost on few > systems and this is observed with only 1.5.14 version. > ideally there should not be any difference between localhost and > 127.0.0.1 right. Localhost can resolve to several different IPs, including * any in the network of 127.0.0.0/8, most commonly 127.0.0.1 * ::1 (the defined localhost address in IPv6) The most common issue here is indeed the difference between IPv4 and IPv6. If your server is IPv6 aware, HAProxy might try to connect to ::1 only. If your service only listens on 127.0.0.1 however, this will probably break. Also, some systems of other local IP addresses than 127.0.0.1 in their configuration, E.g. some Debian and Ubuntu distributions define the fixed local hostname as 127.0.1.1. This was added in order to work around some configuration issues. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316099 for details. You should have a look at your /etc/hosts file to check this. Generally (at least right now), it is always a good idea to specify full IP addresses instead of hostnames in the HAProxy configuration. As specified hostnames are resolved only once during startup (in HAProxy 1.5), you are thus save from hard to debug issues stemming from different opinions about a hostname-ip mapping in DNS and in your running HAProxy processes. Regards, Holger
ha-proxy strange behavior with check localhost option
Hi, I configured my backend health check as below and my backed end is listening on 0.0.0.0:8002 check localhost:8002 I was using haproxy-1.5.11 version and we didn't see any issues. But when i upgraded to haproxy-1.5.14, i'm finding that same above configuration is failing on some systems. It started working when i changed to below. check 127.0.0.1:8002 I'm not sure why health check is failing if it's localhost on few systems and this is observed with only 1.5.14 version. ideally there should not be any difference between localhost and 127.0.0.1 right. Can you please throw some inputs on this issue. Thanks & Regards, BLN
Re:AD new SMD flood lights provided by Asia Boslin.
To those who cpncern on Good days! This is Lauren from Asia Boslin(www.simaoled.com). We are professional manufacturer of LED products since 2008. Hot sale is LED flood light, LED street light, LED panel light etc... Now we have promotion for the new SMD flood light, see if you will be interested in. Welcome to ask for details. Lauren Ng Asia-BOSLIN Optoelectronics Sci & Tech Group Co.,LTD Mobile:0086-13425113530 Fax:86-755-23007107 Email:lau...@simaoled.com Web:www.simaoled.com Skype:simaoled41 Address:TaiHeRong Industrial Bldg A .LiaoKeng .Shiyan,Shenzhen,China Guangzhou Fair Booth No.:D62, 3.2 hall, A area.
