Re: [PR] Add srvkey option to stick-table
On 12/10/20 1:31 AM, Frederic Lecaille wrote: > > It would be preferable to send all your patches, so that others than me > may review your work (no diff between different versions of patches) and > continue to split your work in several patches. > Ok, here is what I have so far as two patches (I combined feedback into the original commit): >From cf965f47e04776ca20d2ee6ed22028741493824c Mon Sep 17 00:00:00 2001 From: Thayne McCombs Date: Fri, 20 Nov 2020 01:28:26 -0700 Subject: [PATCH 1/2] Add srvkey option to stick-table This allows using the address of the server rather than the name of the server for keeping track of servers in a backend for stickiness. Fixes #814 --- doc/configuration.txt | 12 - include/haproxy/dict.h | 1 + include/haproxy/proxy-t.h | 1 + include/haproxy/server-t.h | 1 + include/haproxy/server.h| 2 +- include/haproxy/stick_table-t.h | 11 ++-- include/haproxy/tools.h | 13 + src/cfgparse-listen.c | 1 + src/cfgparse.c | 4 +-- src/dict.c | 24 - src/peers.c | 9 +-- src/server.c| 40 ++-- src/stick_table.c | 31 +- src/stream.c| 47 +++-- src/tools.c | 45 +++ 15 files changed, 216 insertions(+), 26 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index e60e3428d..e17061518 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -10649,7 +10649,7 @@ stick store-request [table ] [{if | unless} ] stick-table type {ip | integer | string [len ] | binary [len ]} -size [expire ] [nopurge] [peers ] +size [expire ] [nopurge] [peers ] [srvkey ] [store ]* Configure the stickiness table for the current section May be used in sections : defaults | frontend | listen | backend @@ -10726,6 +10726,16 @@ stick-table type {ip | integer | string [len ] | binary [len ]} be removed once full. Be sure not to use the "nopurge" parameter if not expiration delay is specified. + specifies how each server is identified for the purposes of the + stick table. The valid values are "name" and "addr". If "name" is + given, then argument for the server (may be generated by + a template). If "addr" is given, then the server is identified + by its current network address, including the port. "addr" is + especially useful if you are using service discovery to generate + the addresses for servers with peered stick-tables and want + to consistently use the same host across peers for a stickiness + token. + is used to store additional information in the stick-table. This may be used by ACLs in order to control various criteria related to the activity of the client matching the stick-table. For each diff --git a/include/haproxy/dict.h b/include/haproxy/dict.h index 59e81352c..c55834ca5 100644 --- a/include/haproxy/dict.h +++ b/include/haproxy/dict.h @@ -31,5 +31,6 @@ struct dict *new_dict(const char *name); struct dict_entry *dict_insert(struct dict *d, char *str); +void dict_entry_unref(struct dict *d, struct dict_entry *de); #endif /* _HAPROXY_DICT_H */ diff --git a/include/haproxy/proxy-t.h b/include/haproxy/proxy-t.h index 998e210f6..e62b79765 100644 --- a/include/haproxy/proxy-t.h +++ b/include/haproxy/proxy-t.h @@ -424,6 +424,7 @@ struct proxy { char *lfsd_file;/* file name where the structured-data logformat string for RFC5424 appears (strdup) */ int lfsd_line; /* file name where the structured-data logformat string for RFC5424 appears */ } conf; /* config information */ + struct eb_root used_server_addr;/* list of server addresses in use */ void *parent; /* parent of the proxy when applicable */ struct comp *comp; /* http compression */ diff --git a/include/haproxy/server-t.h b/include/haproxy/server-t.h index 0e66be693..13f5a5dab 100644 --- a/include/haproxy/server-t.h +++ b/include/haproxy/server-t.h @@ -337,6 +337,7 @@ struct server { struct ebpt_node name; /* place in the tree of used names */ int line; /* line where the section appears */ } conf; /* config information */ + struct ebpt_node addr_node; /* Node for string representation of address for the server (including port number) */ /* Template information used only for server objects which * serve as templat
stable-bot: Bugfixes waiting for a release 2.3 (23), 2.2 (17), 2.1 (26), 2.0 (24)
Hi, This is a friendly bot that watches fixes pending for the next haproxy-stable release! One such e-mail is sent periodically once patches are waiting in the last maintenance branch, and an ideal release date is computed based on the severity of these fixes and their merge date. Responses to this mail must be sent to the mailing list. Last release 2.3.2 was issued on 2020-11-28. There are currently 23 patches in the queue cut down this way: - 2 MAJOR, first one merged on 2020-12-14 - 6 MEDIUM, first one merged on 2020-12-14 - 15 MINOR, first one merged on 2020-12-14 Thus the computed ideal release date for 2.3.3 would be 2020-12-28, which is in two weeks or less. Last release 2.2.6 was issued on 2020-11-30. There are currently 17 patches in the queue cut down this way: - 2 MAJOR, first one merged on 2020-12-14 - 3 MEDIUM, first one merged on 2020-12-14 - 12 MINOR, first one merged on 2020-12-14 Thus the computed ideal release date for 2.2.7 would be 2020-12-28, which is in two weeks or less. Last release 2.1.10 was issued on 2020-11-05. There are currently 26 patches in the queue cut down this way: - 4 MAJOR, first one merged on 2020-11-13 - 5 MEDIUM, first one merged on 2020-11-13 - 17 MINOR, first one merged on 2020-11-06 Thus the computed ideal release date for 2.1.11 would be 2020-12-11, which was within the last week. Last release 2.0.19 was issued on 2020-11-06. There are currently 24 patches in the queue cut down this way: - 4 MAJOR, first one merged on 2020-11-13 - 5 MEDIUM, first one merged on 2020-11-13 - 15 MINOR, first one merged on 2020-11-13 Thus the computed ideal release date for 2.0.20 would be 2020-12-11, which was within the last week. The current list of patches in the queue is: - 2.0, 2.1 - MAJOR : peers: fix partial message decoding - 2.0, 2.1, 2.2, 2.3- MAJOR : spoa/python: Fixing return None - 2.0, 2.1 - MAJOR : spoe: Be sure to remove all references on a released spoe applet - 2.2, 2.3 - MAJOR : ring: tcp forward on ring can break the reader counter. - 2.0, 2.1 - MAJOR : filters: Always keep all offsets up to date during data filtering - 2.0, 2.1, 2.2, 2.3- MEDIUM : spoa/python: Fixing PyObject_Call positional arguments - 2.0, 2.1, 2.2, 2.3- MEDIUM : lb-leastconn: Reposition a server using the right eweight - 2.3 - MEDIUM : local log format regression. - 2.3 - MEDIUM : task: close a possible data race condition on a tasklet's list link - 2.0, 2.1 - MEDIUM : filters: Forward all filtered data at the end of http filtering - 2.0, 2.1, 2.2, 2.3- MEDIUM : spoa/python: Fixing references to None - 2.3 - MEDIUM : lists: Lock the element while we check if it is in a list. - 2.0, 2.1 - MEDIUM : peers: fix decoding of multi-byte length in stick-table messages - 2.0, 2.1, 2.2, 2.3- MINOR : spoa/python: Cleanup references for failed Module Addobject operations - 2.0, 2.1, 2.2, 2.3- MINOR : lua: warn when registering action, conv, sf, cli or applet multiple times - 2.0, 2.1 - MINOR : http-fetch: Extract cookie value even when no cookie name - 2.0, 2.1 - MINOR : peers: Missing TX cache entries reset. - 2.2, 2.3 - MINOR : http-check: Use right condition to consider HTX message as full - 2.3 - MINOR : listener: use sockaddr_in6 for IPv6 - 2.0, 2.1 - MINOR : peers: Do not ignore a protocol error for dictionary entries. - 2.0, 2.1 - MINOR : http-fetch: Fix calls w/o parentheses of the cookie sample fetches - 2.0, 2.1, 2.2, 2.3- MINOR : lua: Post init register function are not executed beyond the first one - 2.0, 2.1 - MINOR : http-ana: Don't wait for the body of CONNECT requests - 2.0, 2.1, 2.2, 2.3- MINOR : spoa/python: Cleanup ipaddress objects if initialization fails - 2.0, 2.1, 2.2, 2.3- MINOR : tools: make parse_time_err() more strict on the timer validity - 2.2, 2.3 - MINOR : mux-h1: Handle keep-alive timeout for idle frontend connections - 2.0, 2.1, 2.2, 2.3- MINOR : tools: Reject size format not starting by a digit - 2.0, 2.1 - MINOR : pattern: a sample marked as const could be written - 2.0, 2.1, 2.2, 2.3- MINOR : lua: Some lua init operation are processed unsafe - 2.0, 2.1 - MINOR : lua: set buffer size during map lookups - 2.3 - MINOR : mux-h2/stats: make stream/connection proto errors more accurate - 2.3 - MINOR : mux-h2/stats: not all GOAWAY frames are errors - 2.1
Quick question on atomics on ARM
Hi, I started to look at Haproxy on ARM and stumbled across the implementation of cpu relax. While it is needed to have such instruction, I am however wondering if the yield instruction is not more appropriate than isb in this case ? Kind regards.
Re: [PATCH] more granular guard for SSL_CTX_add_server_custom_ext
On Fri, Dec 11, 2020 at 09:58:31PM +0500, Илья Шипицин wrote: > ping :) > > пт, 27 нояб. 2020 г. в 02:58, Илья Шипицин : > > > Hello, > > > > let us continue to improve ssl guarding. > > > > Ilya > > Thanks, merged. -- William Lallemand
Re: HAproxy 2.2.5 possible bug in ssl crt-list socket commands?
On Fri, Dec 11, 2020 at 10:19:22AM +, Froehlich, Dominik wrote: > Hi, > > I am trying to implement a dynamic certificate updater for my crt-list in > HAproxy 2.2.5. > I have noticed that somehow, when I update an existing certificate and add it > to the crt-list twice, I can never remove it again. > For people interested, the bug was discussed here: https://github.com/haproxy/haproxy/issues/1004 -- William Lallemand
Bid Writing, Major Donors and Volunteering Workshops
NFP WORKSHOPS 18 Blake Street, York YO1 8QG 01133 280988 Affordable Training Courses for Charities, Schools & Public Sector Organisations This email has been sent to haproxy@formilux.org CLICK TO UNSUBSCRIBE FROM LIST Alternatively send a blank e-mail to unsubscr...@nfpmail2001.co.uk quoting haproxy@formilux.org in the subject line. Unsubscribe requests will take effect within seven days. Bid Writing: The Basics Online via ZOOM COST £95 TOPICS COVERED Do you know the most common reasons for rejection? Are you gathering the right evidence? Are you making the right arguments? Are you using the right terminology? Are your numbers right? Are you learning from rejections? Are you assembling the right documents? Do you know how to create a clear and concise standard funding bid? Are you communicating with people or just excluding them? Do you know your own organisation well enough? Are you thinking through your projects carefully enough? Do you know enough about your competitors? Are you answering the questions funders will ask themselves about your application? Are you submitting applications correctly? PARTICIPANTS Staff members, volunteers, trustees or board members of charities, schools, not for profits or public sector organisations who intend to submit grant funding applications to charitable grant making trusts and foundations. People who provide advice to these organisations are also welcome. Bid Writing: Advanced Online via ZOOM COST £95 TOPICS COVERED Are you applying to the right trusts? Are you applying to enough trusts? Are you asking for the right amount of money? Are you applying in the right ways? Are your projects the most fundable projects? Are you carrying out trust fundraising in a professional way? Are you delegating enough work? Are you highly productive or just very busy? Are you looking for trusts in all the right places? How do you compare with your competitors for funding? Is the rest of your fundraising hampering your bids to trusts? Do you understand what trusts are ideally looking for? PARTICIPANTS Staff members, volunteers, trustees or board members of charities, schools, not for profits or public sector organisations who intend to submit grant funding applications to charitable grant making trusts and foundations. People who provide advice to these organisations are also welcome. Dates & Booking Links BID WRITING: THE BASICS Mon 21 Dec 2020 10.00 to 12.30Booking Link Mon 11 Jan 2020 10.00 to 12.30Booking Link Mon 25 Jan 2020 10.00 to 12.30Booking Link Mon 08 Feb 2020 10.00 to 12.30Booking Link Mon 22 Feb 2020 10.00 to 12.30Booking Link BID WRITING: ADVANCED Tue 22 Dec 2020 10.00 to 12.30Booking Link Tue 12 Jan 2020 10.00 to 12.30Booking Link Tue 26 Jan 2020 10.00 to 12.30Booking Link Tue 09 Feb 2020 10.00 to 12.30Booking Link Tue 23 Feb 2020 10.00 to 12.30Booking Link Recruiting and Managing Volunteers Online via ZOOM COST £195 TOPICS COVERED Where do you find volunteers? How do you find the right volunteers? How do you attract volunteers? How do you run volunteer recruitment events? How do you interview volunteers? How do you train volunteers? How do you motivate volunteers? How do you involve volunteers? How do you recognise volunteer? How do you recognise problems with volunteers? How do you learn from volunteer problems? How do you retain volunteers? How do you manage volunteers? What about volunteers and your own staff? What about younger, older and employee volunteers? PARTICIPANTS Staff members, volunteers, trustees or board members of charities, schools, not for profits or public sector organisations who intend to recruit volunteers into their organisation and then manage those volunteers. People who provide advice to these organisations are also welcome. Dates & Booking Links RECRUITING AND MANAGING VOLUNTEERS Wed 13 Jan 2021 10.00 to 16.00Booking Link Wed 10 Mar 2021 10.00 to 16.00Booking Link Major Donor Fundraising Online via ZOOM COST £95 TOPICS COVERED Major Donor Characteristics, Motivations and Requirements. Researching and Screening Major Donors. Encouraging, Involving and Retaining Major Donors. Building Relationships with Major Donors. Major Donor Events and Activities. Setting Up Major Donor Clubs.Asking For Major Gifts. Looking After and Reporting Back to Major Donors. Delivering on Major Donor Expectations. Showing Your Appreciation to Major Donors. Fundraising Budgets and Committees. PARTICIPANTS Staff members, volunteers, trustees or board members of charities, schools, not for profits or public sector organisations who intend to carry out Major Donor Fundraising. People who provide advice to these organisations are also welcome. Dates & Booking Links MAJOR DONOR FUNDRAISING Wed 10 Feb 2021 10.00 to 12.30Booking Link Wed 14 Apr 2021 10.00 to 12.30Booking Link FEEDBACK FROM PAST ATTENDEES AT LIVE WORKSHOPS I must say I was really impressed with the