HAProxy Enterprise Documentation 1.6r2

Release Notes

HAProxy Enterprise 1.6r2 comprises the following new functionalities:

New features

  • HTTP REST API

  • List HAProxy Enterprise modules and their versions from the CLI

  • LUA support is now enabled in HAProxy

  • New lb-update features

    • TLS session ticket keys

    • Ability to launch an update from the CLI

    • Optional logs

    • Various fixes

Backported features from development branch

  • TCP layer statistics are available in the form of new sample fetches (rtt, rtt variance, retransmits, losses, etc.)

  • New dst_is_local, src_is_local sample fetches make it easier to take care of locally initiated connections in contrast with remote connections

  • The peers protocol was updated to version 2.1 with support for synchronization of expiration dates

  • CLI keyword registration to allow modules to plug-in on the command line and receive actions (for example: refresh now)

  • SO_REUSEPORT can now be disabled with a new bind directive: noreuseport

  • New possibilities for accessing load balancer internals with LUA

  • Idle time in logs is now ignored by default for time measurements so that HTTP request time corresponds to the time elapsed between the first character and the full request. The handshake time is also available to measure the time spent in SSL/PROXY handshakes.

  • stick-tables now use native types to guarantee better accuracy of tracked information, especially binary keys

  • Mailers now support a configurable connection timeout

  • Changing server address, port and checkport is now possible from the CLI

  • New tcp-request session rule-sets makes it possible to track some L5-only information, for example anything negotiated in the handshake such as SSL DN or the client's IP address as passed by the PROXY protocol. Previously it was needed to do it in tcp-request content rules, which would count one new connection event per request.

  • New stats field for denied connections and denied sessions

  • New hash-balance-factor directive for consistent hashing method

  • New http-response rule track-sc

  • SSL/TLS

    • SNI filters supported in multi-type certificates


Next up

Getting Started