<div dir="ltr">The wait is over on this one!<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Willy Tarreau</b> <span dir="ltr"><<a href="mailto:w@1wt.eu">w@1wt.eu</a>></span><br>
Date: Thu, Jun 19, 2014 at 12:54 PM<br>Subject: [ANNOUNCE] haproxy-1.5.0<br>To: <a href="mailto:haproxy@formilux.org">haproxy@formilux.org</a><br><br><br>Hi everyone,<br>
<br>
The list has been unusually silent today, just as if everyone was waiting<br>
for something to happen :-)<br>
<br>
Today is a great day, the reward of 4 years of hard work. I'm announcing the<br>
release of HAProxy 1.5.0.<br>
<br>
For people who don't follow the development versions, here are the most<br>
noticeable features that 1.5 brings over 1.4 :<br>
- native SSL support on both sides with SNI/NPN/ALPN and OCSP stapling.<br>
- IPv6 and UNIX sockets are supported everywhere<br>
- end-to-end HTTP keep-alive for better support of NTLM and improved<br>
efficiency in static farms<br>
- HTTP/1.1 response compression (deflate, gzip) to save bandwidth<br>
- PROXY protocol versions 1 and 2 on both sides<br>
- data sampling on everything in request or response, including payload<br>
- ACLs can use any matching method with any input sample<br>
- maps and dynamic ACLs updatable from the CLI<br>
- stick-tables support counters to track activity on any input sample<br>
- custom format for logs, unique-id, header rewriting, and redirects<br>
- improved health checks (SSL, scripted TCP, check agent, ...)<br>
- much more scalable configuration supports hundreds of thousands of backends<br>
and certificates without sweating<br>
<br>
Since dev26, a few bugs were fixed, and some low-importance things were<br>
integrated. Basic OCSP stapling support from Dirkjan and Emeric was<br>
finally merged. Sasha's header replace actions were merged as well. I've<br>
added a few more info in the stats page (avg response times) and CSV<br>
output (health check status), added support for PROXY v2 on the accept<br>
side, and added the "capture" action on tcp-request in order to log<br>
contents such as SNI or payload. Rémi's dh-param was finally integrated.<br>
<br>
People love numbers, so here are a few :<br>
<br>
>From 1.4.0 to 1.5.0, we had :<br>
- 1574 calendar days (4 yr 3 mon)<br>
- 26 development versions (one every 2 months on average)<br>
- 540 bugs fixed (387 added during 1.5, 153 affecting 1.4 as well)<br>
- 2549 commits<br>
- 683 unique commit dates (at least this many days worked)<br>
- up to 24 commits per day<br>
- 69712 lines removed, 122279 lines added<br>
- many extremely useful bug reports (too many to list)<br>
- 73 code/doc contributors :<br>
<br>
Adrian Bridgett, Alex Davies, Aman Gupta, Andreas Kohn,<br>
Apollon Oikonomopoulos, Arnaud Cornet, Baptiste Assmann, Bertrand Jacquin,<br>
Bhaskar Maddala, Conrad Hoffmann, Cyril Bonté, Daniel Schultze,<br>
David BERARD, David Cournapeau, David S, David du Colombier, Delta Yeh,<br>
Dirkjan Bussink, Dmitry Sivachenko, Emeric Brun, Emmanuel Hocdet,<br>
Evan Broder, Finn Arne Gangstad, Gabor Lekeny, Geoff Bucar, Wei Zhao,<br>
Guillaume Castagnino, Guillaume de Lafond, Hervé COMMOWICK,<br>
Hiroaki Nakamura, James Voth, Jamie Gloudon, Jarno Huuskonen,<br>
Joe Williams, Joshua M. Clulow, Julien Vehent, Justin Karneges,<br>
Kevin Hester, Kevin Musker, Kristoffer Grönlund, Krzysztof Piotr Oledzki,<br>
Lukas Tribus, Marc-Antoine Perennou, Mark Lamourine, Mathieu Trudel,<br>
Michael Scherer, Neil Prockter, Nenad Merdanovic, Nick Chalk,<br>
Olivier Burgard, Oskar Stolc, Patrick Mézard, Pieter Baauw,<br>
Prach Pongpanich, Rauf Kuliyev, Remi Gacogne, Sagi Bashari, Sasha Pachev,<br>
Sean Carey, Sergiy Prykhodko, Simon Horman, Simone Gotti,<br>
Stathis Voukelatos, Tait Clarridge, Thierry Fournier, Todd Lyons,<br>
Vincent Bernat, William Lallemand, William Turner, Willy Tarreau,<br>
Yuxans Yao, Yves Lafon.<br>
<br>
Additionally, we are very thankful to a few organisations who have sponsored<br>
the development of certain advanced features which required to dedicate a<br>
person or a team for a significant amount of time (I hope I have not missed<br>
any) :<br>
- HAProxy Technologies (formerly Exceliance)<br>
- Loadbalancer.org<br>
- StackOverflow<br>
- SmartFile<br>
- SmugMug<br>
- ImageShack<br>
<br>
Don't forget to offer a beer to your distro packagers who make your life<br>
easier. It's hard to list them all, but if you don't build from sources,<br>
you're likely running a package made and maintained by one of these people :<br>
- debian: Vincent Bernat, Apollon Oikonomopoulos, Prach Pongpanich<br>
- Fedora: Ryan O'hara<br>
- OpenSuSE: Marcus Rückert<br>
- other? just report yourself!<br>
<br>
And last, I'd like to assign a special mention to our most active mailing<br>
list supporters during that period who make the project a reality by off-<br>
loading the support task from developers, and kindly help our 800 permanent<br>
subscribers on a daily basis, BIG THANKS to you guys :<br>
- Baptiste Assmann<br>
- Lukas Tribus<br>
- Cyril Bonté<br>
- Jonathan Matthews<br>
- Thomas Heil<br>
<br>
For the HAProxy development team here in France, it will be time to do<br>
some errands and buy some Champagne to celebrate the event :-)<br>
<br>
Now the practical things. 1.5 now enters in maintenance status and the<br>
development continues with 1.6-dev0 which is the exact equivalent of<br>
1.5.0. The links have been updated below. Note the removal of /devel/<br>
for the sources and the introduction of haproxy-1.5.git since this is<br>
not the development tree anymore :<br>
<br>
Site index : <a href="http://www.haproxy.org/" target="_blank">http://www.haproxy.org/</a><br>
Sources : <a href="http://www.haproxy.org/download/1.5/src/" target="_blank">http://www.haproxy.org/download/1.5/src/</a><br>
Git repository : <a href="http://git.haproxy.org/git/haproxy-1.5.git/" target="_blank">http://git.haproxy.org/git/haproxy-1.5.git/</a><br>
Git Web browsing : <a href="http://git.haproxy.org/?p=haproxy-1.5.git" target="_blank">http://git.haproxy.org/?p=haproxy-1.5.git</a><br>
Changelog : <a href="http://www.haproxy.org/download/1.5/src/CHANGELOG" target="_blank">http://www.haproxy.org/download/1.5/src/CHANGELOG</a><br>
Cyril's HTML doc : <a href="http://cbonte.github.com/haproxy-dconv/configuration-1.5.html" target="_blank">http://cbonte.github.com/haproxy-dconv/configuration-1.5.html</a><br>
<br>
I'm figuring that tomorrow is Friday. Guys, be reasonable, don't forget the<br>
good old principle of not upgrading on Fridays, try to hold on till monday<br>
if you can :-)<br>
<br>
BTW, since I've got this question off-list a number of times now, yes we're<br>
going to release updated HAPEE packages very soon, please keep an eye on it :<br>
<br>
<a href="https://www.haproxy.com/products/haproxy-enterprise-edition/" target="_blank">https://www.haproxy.com/products/haproxy-enterprise-edition/</a><br>
<br>
And finally the changelog since 1.5-dev26.<br>
<br>
Have fun an as usual, please report anything abnormal you'd face up, but<br>
after checking the doc.<br>
<br>
Willy<br>
<br>
--------<br>
2014/06/19 : 1.5.0<br>
- MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'.<br>
- MEDIUM: ssl: basic OCSP stapling support.<br>
- MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response'<br>
- MEDIUM: ssl: add 300s supported time skew on OCSP response update.<br>
- MINOR: checks: mysql-check: Add support for v4.1+ authentication<br>
- MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits<br>
- MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description.<br>
- MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp<br>
- MEDIUM: Break out check establishment into connect_chk()<br>
- MEDIUM: Add port_to_str helper<br>
- BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section.<br>
- BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT.<br>
- MINOR: regex: fix a little configuration memory leak.<br>
- MINOR: regex: Create JIT compatible function that return match strings<br>
- MEDIUM: regex: replace all standard regex function by own functions<br>
- MEDIUM: regex: Remove null terminated strings.<br>
- MINOR: regex: Use native PCRE API.<br>
- MINOR: missing regex.h include<br>
- DOC: Add Exim as Proxy Protocol implementer.<br>
- BUILD: don't use type "uint" which is not portable<br>
- BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour<br>
- BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction<br>
- CLEANUP: http: don't clear CF_READ_NOEXP twice<br>
- DOC: fix proxy protocol v2 decoder example<br>
- DOC: fix remaining occurrences of "pattern extraction"<br>
- MINOR: log: allow the HTTP status code to be logged even in TCP frontends<br>
- MINOR: logs: don't limit HTTP header captures to HTTP frontends<br>
- MINOR: sample: improve sample_fetch_string() to report partial contents<br>
- MINOR: capture: extend the captures to support non-header keys<br>
- MINOR: tcp: prepare support for the "capture" action<br>
- MEDIUM: tcp: add a new tcp-request capture directive<br>
- MEDIUM: session: allow shorter retry delay if timeout connect is small<br>
- MEDIUM: session: don't apply the retry delay when redispatching<br>
- MEDIUM: session: redispatch earlier when possible<br>
- MINOR: config: warn when tcp-check rules are used without option tcp-check<br>
- BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol<br>
- DOC: proxy protocol example parser was still wrong<br>
- DOC: minor updates to the proxy protocol doc<br>
- CLEANUP: connection: merge proxy proto v2 header and address block<br>
- MEDIUM: connection: add support for proxy protocol v2 in accept-proxy<br>
- MINOR: tools: add new functions to quote-encode strings<br>
- DOC: clarify the CSV format<br>
- MEDIUM: stats: report the last check and last agent's output on the CSV status<br>
- MINOR: freq_ctr: introduce a new averaging method<br>
- MEDIUM: session: maintain per-backend and per-server time statistics<br>
- MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs<br>
- BUG/MINOR: http: fix typos in previous patch<br>
- DOC: remove the ultra-obsolete TODO file<br>
- DOC: update roadmap<br>
- DOC: minor updates to the README<br>
- DOC: mention the maxconn limitations with the select poller<br>
- DOC: commit a few old design thoughts files<br>
----<br>
<br>
<br>
</div><br><br clear="all"><div><br></div>-- <br><span></span>Stephen Balukoff
<br>Blue Box Group, LLC
<br>(800)613-4305 x807
</div>