Re: Haproxy loabalance with cookie

Hi Hoang, Could we get your HAproxy config please, an example of both scenarios would be best. It may help to better to better understand your situation. Aaron West Loadbalancer.org Limited +44 (0)330 380 1064 www.loadbalancer.org On 7 February 2017 at 01:55, Hoang Le Trung wrote: > Hi > > >

Re: Lua sample fetch logging ends up in response when doing http-request redirect

Hi, This bug should be backported from 1.5 to 1.7, and obviously in 1.8. unfortunately, the problem is nt cleanly fixed (it is just move), so we work on another - and definitive - fix. Thierry On Mon, 06 Feb 2017 17:41:15 + Jesse Schulman wrote: > Any idea on if this will be going into 1.

Re: Lua sample fetch logging ends up in response when doing http-request redirect

On Tue, Feb 07, 2017 at 11:21:20AM +0100, thierry.fourn...@arpalert.org wrote: > Hi, > > This bug should be backported from 1.5 to 1.7, and obviously in 1.8. > unfortunately, the problem is nt cleanly fixed (it is just move), so we > work on another - and definitive - fix. Indeed, just to give a

RE: frequently reload haproxy without sleep time result in old haproxy process never dying

Hi, I guess you're using a systemd-based distro. You should have a look at this thread https://www.mail-archive.com/haproxy@formilux.org/msg23867.html. The patches were applied to 1.7, but apparently backported to 1.6.11 and 1.5.19 since. Now I have a clean termination of old processes, no mo

Re: [PATCH] BUILD: ssl: fix to build (again) with boringssl

I Igor, I build haproxy with boringssl static library to avoid any conflict with openssl shared lib. It also need to be link with libdecrepit (boringssl). > Le 30 janv. 2017 à 14:28, Igor Pav a écrit : > > sorry for unclear question, it's quite simple, build haproxy from git > with boringssl (D

Re: 1.8dev 405ff31e31eb1cbdc76ba0d93c6db4c7a3fd497a regression ?

Hi Jarno, I'm not able to reproduce this crash with current 1.8dev and openssl 1.0.2j. Manu > Le 5 févr. 2017 à 20:04, Jarno Huuskonen a écrit : > > Hi, > > Commit 405ff31e31eb1cbdc76ba0d93c6db4c7a3fd497a > (BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL) is causing > trouble (with

Re: ROI Driven Campaign For haproxy.org

Hello *haproxy.org* Team, I was fascinated visiting your website – *haproxy.org* . Clearly, your company has a rich and interactive website and hopefully you make adequate online traffic, sales or lead generation. No? Allow me to put toget

Re: [PATCH] BUILD: ssl: fix to build (again) with boringssl

Hi, Emmanuel. build with static lib, but no luck, can you provide some building details? Thanks. /build/slib/libcrypto.a(thread_pthread.c.o): In function `CRYPTO_MUTEX_init': /root/boringssl/crypto/thread_pthread.c:31: undefined reference to `pthread_rwlock_init' /build/slib/libcrypto.a(thread_pth

Re: [PATCH] BUILD: ssl: fix to build (again) with boringssl

you need: ADDLIB="-lpthread -ldecrepit" > Le 7 févr. 2017 à 16:09, Igor Pav a écrit : > > Hi, Emmanuel. build with static lib, but no luck, can you provide some > building details? Thanks. > > /build/slib/libcrypto.a(thread_pthread.c.o): In function `CRYPTO_MUTEX_init': > /root/boringssl/crypto

Re: Strange behavior of sample fetches in http-response replace-header option

Hi all, I just checked and the issue is still present in current master. Could you maybe have a look at this issue? It smells a bit like this could potentially be connected to the issue discussed in the thread "Lua sample fetch logging ends up in response when doing http-request redirect". Howeve

Dynamically manage server SSL certificates?

Hi, I'm thinking about using HAProxy to terminate SSL connections for thousands of domains on a single frontend (using SNI). Certificates will obviously need to be added/removed/renewed quite regularly. Right now it seems that the usual strategy to manage this is to maintain the list of all cert

Re: Lua sample fetch logging ends up in response when doing http-request redirect

Thank you for the update, we are running the patch Thierry provided with success, but we only do a lua call within the %[] almost identically to the simple reproducer I provided. I *think* we are safe considering we don't do any redirect in the way that your (Willy's) reproducer is doing it. We w

Re: Debug Log: Response headers logged before rewriting

I’ve run into this issue in the past. It’d be great if someone could provide some insight. I ended up blogging about this in the past: http://jtslear.github.io/haproxy-url-rewrite-logging-double-take/ -- John Skarbek On February 7, 2017 at 14:00:25, Daniel Schneller (daniel.schnel...@centerd

Re: Debug Log: Response headers logged before rewriting

Hello everyone! While I have since figured out what my original problem was, the original question remains. Is this intentional, am I missing something, or both? :) Cheers, Daniel > On 3. Feb. 2017, at 13:40, Daniel Schneller > wrote: > > Hi there! > > I currently trying to figure out a p

Re: Lua sample fetch logging ends up in response when doing http-request redirect

On Tue, Feb 07, 2017 at 06:37:09PM +, Jesse Schulman wrote: > Thank you for the update, we are running the patch Thierry provided with > success, but we only do a lua call within the %[] almost identically to the > simple reproducer I provided. I *think* we are safe considering we don't > do a

RE: Haproxy loabalance with cookie

Hi Aaron, Here is my haproxy configure frontend kylin-web bind 192.168.1.120:7077 acl url_static path_beg -i /kylin stats enable stats uri /haproxy?stats stats realm Strictly\ Private default_backend app #

regarding tune.http.maxhdr

Hi, All. One customer is experiencing "502 Bad Gateway" error when Apache web server responses with lots(over 100) of "Set-Cookie" Header and found that following limitation in the default configuration of haproxy. Environment is L7 haproxy ==> nginx reverse proxy ==> Apache web server as HTTP or