Re: Haproxy running on 100% CPU and slow downloads
To close this thread out: we found the issue to be in 1.6.4-20160426 patch that I was using. The issue is fixed in 1.6.5. Thanks Willy and Lukas. Thanks Sachin On 5/13/16, 8:14 PM, "Willy Tarreau" wrote: >On Fri, May 13, 2016 at 07:32:36PM +0530, Sachin Shetty wrote: >> In 24 hours all servers had connections growing, we have reverted the >> patch for now. >> >> I have the show sess all output if you would like to see. > >Interestingly in the "show sess all" from yesterday I'm seeing only >negative "tofwd" values for stuck sessions. Exactly the type of thing >which is supposedly fixed now (it's the problem with 2-4GB transfers). >I don't understand since I tested the backport and had the confirmation >from another user that it was OK for him. Maybe there's a corner case I >haven't figure which may depend on certain options. > >Could you please send me privately your config (remove the confidential >stuff) ? I think you gave it to me a few times already but I don't want >to keep those you know. > >Thanks, >Willy >
Re: Bug when loading multiple configuration files
The OP didn’t provide many details, but I am able to reproduce this too using 1.7-dev and the config files shown below. Git bisect shows the break at the commit mentioned. $> cat haproxy.cfg haproxy2.cfg global defaults timeout client 5s timeout server 5s timeout connect 5s mode http listen www bind :8000 listen www2 bind :8001 $> cat git-bisect-run.sh #!/bin/bash -e make clean make TARGET=generic USE_OPENSSL=1 ADDLIB=-lcrypto SSL_INC=/usr/local/opt/openssl/include SSL_LIB=/usr/local/opt/openssl/lib USE_ZLIB=1 USE_PCRE=1 -j4 ./haproxy -c -f ./haproxy.cfg -f ./haproxy2.cfg || exit 1 ./haproxy -vv > On May 24, 2016, at May 24, 4:50 AM, Ben Cabot wrote: > > Hi all, > I think we have found an issue when using multiple configuration > files. The config parser tries to register the listen section twice > causing the error below. > > [root@lbmaster haproxy]# /usr/local/sbin/haproxy -f > /etc/haproxy/haproxy.cfg -f /etc/haproxy/haproxy_manual.cfg > [ALERT] 144/113841 (10937) : register section 'listen': already registered. > [ALERT] 144/113841 (10937) : Could not open configuration file > /etc/haproxy/haproxy_manual.cfg : Success > > > It looks to be introduced in 5e4261b0 but I'm unsure how to fix it. > Please can someone take a look. > > Thanks, > > Ben >
European Company Network 2016/2017
Hello, In order to have your company inserted in the European Company Network for 2016/2017, please print, complete and submit the attached form (PDF file) to the following address: EUROPEAN COMPANY NETWORK P.O. BOX 34 3700 AA ZEIST THE NETHERLANDS Fax: +31-(0)30-310-0126 You can also scan the completed form and attach it in a reply to this email. Updating is free of charge. ECN-Form.pdf Description: Binary data
Lua converter not working in 1.6.5 with Lua 5.3.2
I'm trying to create a Lua converter, but every time I try to call the
converter, I get this:
May 24 17:59:34 localhost haproxy[31077]: Lua converter 'testconv': runtime
error: attempt to call a nil value.
I've simplified this down to a minimal test case:
--
testfn = function(str)
core.Alert("function was called")
core.Alert("arg was " .. str)
return str
end
core.register_converters('testconv',testfn)
core.Alert("does this function work? " .. testfn('yes'))
--
When the proxy starts, the function itself is valid, it behaves as expected.
[alert] 144/180532 (31345) : function was called
[alert] 144/180532 (31345) : arg was yes
[alert] 144/180532 (31345) : does this function work? yes
But when I try to use it, like this (in a frontend)...
http-request set-header X-Test %[str("test"),lua.testconv]
...it is as if the reference to the function has been... misplaced.
May 24 18:05:59 localhost haproxy[31346]: Lua converter 'testconv': runtime
error: attempt to call a nil value.
...and, of course, the X-Test header is added but has no value.
Am I doing it wrong, or is there something not right, here? Verified with
a clean build in a new directory.
--
HA-Proxy version 1.6.5 2016/05/10
Copyright 2000-2016 Willy Tarreau
Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement
OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_LUA=yes USE_PCRE=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.8
Compression algorithms supported : identity("identity"),
deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with OpenSSL version : OpenSSL 1.0.1f 6 Jan 2014
Running on OpenSSL version : OpenSSL 1.0.1f 6 Jan 2014
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built with PCRE version : 8.31 2012-07-06
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built with Lua version : Lua 5.3.2
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Bug when loading multiple configuration files
Hi all, I think we have found an issue when using multiple configuration files. The config parser tries to register the listen section twice causing the error below. [root@lbmaster haproxy]# /usr/local/sbin/haproxy -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/haproxy_manual.cfg [ALERT] 144/113841 (10937) : register section 'listen': already registered. [ALERT] 144/113841 (10937) : Could not open configuration file /etc/haproxy/haproxy_manual.cfg : Success It looks to be introduced in 5e4261b0 but I'm unsure how to fix it. Please can someone take a look. Thanks, Ben
Unsubscribe
Unsubscribe
Re: Minor - patch 1.6.x - Fix some warnings in Connection.c
What's the style you prefer?
On May 24, 2016 1:10 AM, "Willy Tarreau" wrote:
> Hi Jonathan,
>
> On Fri, May 20, 2016 at 01:14:31PM -0400, Jonathan Fisher wrote:
> > These warnings bother me.
> >
> >
> >
> > --
> > *Jonathan S. Fisher*
> > Senior Software Engineer
> > https://twitter.com/exabrial
> > http://www.tomitribe.com
> > https://www.tomitribe.io
>
> > diff --git a/src/connection.c b/src/connection.c
> > index 991cae3..12cdef0 100644
> > --- a/src/connection.c
> > +++ b/src/connection.c
> > @@ -385,7 +385,7 @@ int conn_recv_proxy(struct connection *conn, int
> flag)
> > if (trash.len < 9) /* shortest possible line */
> > goto missing;
> >
> > - if (!memcmp(line, "TCP4 ", 5) != 0) {
> > + if ((!memcmp(line, "TCP4 ", 5)) != 0) {
> > u32 src3, dst3, sport, dport;
> >
> > line += 5;
> > @@ -426,7 +426,7 @@ int conn_recv_proxy(struct connection *conn, int
> flag)
> > ((struct sockaddr_in *)&conn->addr.to)->sin_port
> = htons(dport);
> > conn->flags |= CO_FL_ADDR_FROM_SET | CO_FL_ADDR_TO_SET;
> > }
> > - else if (!memcmp(line, "TCP6 ", 5) != 0) {
> > + else if ((!memcmp(line, "TCP6 ", 5)) != 0) {
> > u32 sport, dport;
> > char *src_s;
> > char *dst_s, *sport_s, *dport_s;
>
> Well, these fixes make the code even uglier than what it was. Please note
> that these ones were already fixed some time ago by this patch
>
> commit 42ff05e2d3d10e8a1e070e66e8883c5eabe196d7
> Author: David CARLIER
> Date: Thu Mar 24 09:22:36 2016 +
>
> CLEANUP: connection: fix double negation on memcmp()
>
> Nothing harmful in here, just clarify that it applies to the whole
> expression.
>
> I'm noticing that I didn't backport this patch, I should pick it.
>
> Thanks,
> Willy
>
Re: WAF in HAProxy
On Fri, 6 May 2016 20:38:14 +0200 Rainer Duffner wrote: > > > Am 06.05.2016 um 00:15 schrieb Thierry FOURNIER > > : > > > > Hi, > > > > You can look here: > > > > http://discourse.haproxy.org/t/ironbee-in-haproxy/92 > > > > Thierry > > > > > > > > Is that project actually alive? > The last (and what looks like only) commit this year was to adjust the year > for the copyright. > That in general is not really the most assuring sign for a healthy open > source project. Hi, The projet is actually in devlopment status, and all testers are welcome. Thierry
