Holding/queuing incoming connections at HAProxy for database backend?

Hi Willy, I want to hold/queue incoming client connections to a database backend that sits behind HAProxy dynamically during maintenance tasks and allow connections back in once done. I searched through the mailing list archive and found that you had provided patch for similar request in the

[PATCH] Minor: Escape equals sign on socket dump

Greetings, Was recently working with a stick table storing URL's and one had an equals sign in it (e.g. 127.0.0.1/f=ab) which made it difficult to easily split the key and value without a regex. This patch will change it so that the key looks like "key=127.0.0.1/f\=ab" instead of

Re: Dynamic backend changes without restarting

On 04/10/2016 01:11 μμ, Hayden James wrote: > Was the concern that a better solution was possible that could fully > repair the issue instead of a partial fix? > I haven't seen that better solution, I may have missed it as I don't read linux-netdev ML every day. May be Willy knows something more

Re: Clarification needed: variable scopes

On Sep 20, 2016 7:58 AM, "John Dison" wrote: > > Hello, > > I am reading about set-var(): > The name of the variable starts with an indication about its scope. > Can you please explain what does these scopes mean? Does they affect when variables are evaluated? Or something

Re: nbproc best practices

On Tue, 04 Oct 2016 11:40:01 +0200, Holger Just wrote: > Hi Mariusz, > > Mariusz Gronczewski wrote: > > we've come to the point when we have to start using nbproc > 1 (mostly > > because going SSL-only in coming months) and as I understand I have > > to bind each process to

Multiple url parameter based session limiting

Hi, Lets say, we have URL http://domain.tld?foo=abc=def. I'd like to have current session limiting with sticky tables when both foo and bar values match, but I'm not sure how to achieve this (in most optimal way). Sticky tables are somewhat hard to understand for me. stick-table type string

Re: Dynamic backend changes without restarting

Was the concern that a better solution was possible that could fully repair the issue instead of a partial fix? On Mon, Oct 3, 2016 at 3:41 AM, Pavlos Parissis wrote: > On 29/09/2016 07:13 μμ, Joseph Lynch wrote: > > You can always dynamically remove servers via the

Re: Haproxy SSL performance vs nginx

By changing setting to 1024 bit. I am getting comparable result. Thanks all for kind help. SSL INFO: DHE_RSA_AES_256_CBC_SHA1 - Protocol: TLS1.0 - Key Exchange: DHE-RSA - Ephemeral DH using prime of 1024 bits - Cipher: AES-256-CBC - MAC: SHA1 - Compression: NULL - Certificate Type: X.509 -

Re: Haproxy SSL performance vs nginx

On Tue, 4 Oct 2016 14:45:16 +0530 Rajesh Mahajan wrote: > Please find attached new test result using httpress tool. > Configuration is remain same for both nginx and haproxy shared > earlier. > > Summary Report > *Haproxy:* > > TOTALS: 5000 connect, 5000 requests,

Re: Haproxy SSL performance vs nginx

Hi, On Tue, Oct 04, Rajesh Mahajan wrote: > HAPROXY > httpress -n 5000 -t 100 -c 500 https://192.168.57.30/test.html ... > SSL INFO: DHE_RSA_AES_256_CBC_SHA1 > - Protocol: TLS1.0 > - Key Exchange: DHE-RSA > - Ephemeral DH

Re: Haproxy SSL performance vs nginx

On Tue, 4 Oct 2016 14:24:13 +0530 Rajesh Mahajan wrote: > Please check the ssl_haproxy.cfg .We have defined max value as below > > global > maxconn 2 > maxconnrate 15000 This is a different setting. This is per-process. By default frontend has

Re: nbproc best practices

Hi Mariusz, Mariusz Gronczewski wrote: > we've come to the point when we have to start using nbproc > 1 (mostly > because going SSL-only in coming months) and as I understand I have > to bind each process to separate admin socket and then repeat every > command for each process, and in case of

Re: Haproxy SSL performance vs nginx

Please check the ssl_haproxy.cfg .We have defined max value as below global maxconn 2 maxconnrate 15000 On Tue, Oct 4, 2016 at 2:03 PM, Marcin Deranek wrote: > Hi, > > On Tue, 4 Oct 2016 10:55:08 +0530 > Rajesh Mahajan

Re: Haproxy SSL performance vs nginx

Hi, On Tue, 4 Oct 2016 10:55:08 +0530 Rajesh Mahajan wrote: > Please find attached configuration files for both nginx and haproxy. > Could you please share your results wrt to nginx and tell me which > http benchmark tool you are using for testing. From what I see