Hi all,
No reliability issue was reported since 1.4.4 was released. This is a very good thing, because some people were asking for a few minor features, so it was the right opportunity to get them merged without mixing them with fixes.
First, Cyril Bonté provided the new ignore-persist directive. it allows haproxy to ignore the persistence cookie on some requests which validate an ACL-based condition. It is particularly suited to optimise the load balancing of static or stateless objects in the middle of a stateful farm.
Second, it was planned 3 years ago to be able to feed ACLs with large data sets loaded from files, but it was still not implemented due to the lack of precise needs. Now, 3 years later, more and more people are reporting difficulties writing large configurations, and the last config I saw which was 104000 lines long convinced me that it was urgent to support this feature. But matching requests against very large datasets can be CPU intensive, so I have extended my Elastic Binary Trees to support new lookup methods and now it is possible to lookup a string or an IP address among tens of thousands in a few tens of nanoseconds. This means that it is now possible to use haproxy to perform geolocation. For instance, checking that a source address belongs to one of the 38400 european networks only consumes 2% CPU at 40000 requests per second. I'll try to write down a HOWTO for those interested in geolocation. I can already say that the "CIDR" or "Netmask" continent tables distributed by countryipblocks.net can be loaded unmodified. For instance :
acl host_www hdr_beg(host) -i www.
redirect prefix http://eu.my.domain if host_www { src -f Europe_cidr.txt -f Africa_cidr.txt }
redirect prefix http://us.my.domain if host_www { src -f North_America_cidr.txt -f South_America_cidr.txt }
redirect prefix http://as.my.domain if host_www { src -f Asia_cidr.txt -f Oceania_cidr.txt }
# otherwise process locally
The rest are just minor improvements. Tt's now possible to stick on an IP address extracted from an HTTP header, and I improved a bit more the halog analyser, which is now possible to report request counts by status codes. It also gained some nice performance boost as it can now parse about 1.3 Gigabytes of logs per second on a 3 GHz Core2. For most of us this doesn't speak, but I know that those periodically running it over their logs from Nagios, the less time it takes, the better.
I have not yet merged the ECV patch, simply because I forgot to review and fix it before the release. Shame on me, it will be for next release if I don't forget.
I hope that I'll be able to start new devs for 1.5 soon. Generally the first release without a bugfix is the right moment to fork.
I expect that this version will take some time to spread because it only contains minor new features and will likely not be backported to various distros. Still, some power users will probably interested in giving it a try.
Once again, I've built for linux-x86 and solaris-sparc, and the usual links apply :
site index : http://haproxy.1wt.eu/ sources : http://haproxy.1wt.eu/download/1.4/src/ changelog : http://haproxy.1wt.eu/download/1.4/src/CHANGELOG binaries : http://haproxy.1wt.eu/download/1.4/bin/
Have fun,
Willy
Received on 2010/05/14 00:34
This archive was generated by hypermail 2.2.0 : 2010/05/14 00:45 CEST