Release Notes

SSL: Added support of AES-256 bits ticket keys on file and CLI

51Degrees: Enabled multi-threaded operation in the 51Degrees module

Prometheus-exporter: New Prometheus exporter for HAProxy

Listener: Implemented multi-queue accept for threads

Listener: Used the multi-queue for multi-thread listeners

Configuration: Added global tune.listener.multi-queue setting

Threads: Enabled one thread per CPU by default

Configuration: Disabled support for nbproc and nbthread in parallel

Backend: Made the random algorithm support a number of draws

Multiplex: Made the H2 MAX_FRAME_SIZE setting configurable

Configuration: No longer enforced a low frontend maxconn value

Buffer modifications

Improved task scheduler: scales much better with large thread counts

Native HTTP Representation (HTX) which immediately brings:

• End-to-end HTTP/2

• Server-side connection pooling

• Server-side connection multiplexing

• gRPC

Cache improvements

• Age headers

• Chunked Transfer Encoding support

• max-object-size = 2GB, total-object-size = 4GB

Connection scheduling reworked to feature true ASYNC-I/O at every level

Varnish Test suite Integration

HTTP Status code 103 (Early Hints)

Support for HTTP Status code 421 (Misdirected Request)

CLI / Runtime API supports payloads

Master/Worker CLI (master has its own socket, communicate with all workers, even those exiting)

Server queues now have a "set-priority" option: deliver JS/CSS before images, boost premium level users compared to regular ones, or give lower priority to bots

Stick-tables extended with gpc1/gpc1_rate counters

strcmp

concat

length

crc32c

ipv6 added to "ipmask" converter

field/word converter extended

date_us: Microseconds part of the date

cpu_calls: Number of calls to the task processing the stream or current request since it was allocated. It is reset for each new request on the same connection.

cpu_ns_avg: The average number of nanoseconds spent in each call to the task processing the stream or current request.

cpu_ns_tot: Total number of nanoseconds spent in each call to the task processing the stream or current request.

lat_ns_avg: Average number of nanoseconds spent between the moment the task handling the stream is woken up and the moment is is effectively called.

lat_ns_tot: The total number of nanoseconds between the moment the task handling the stream is woken up and the moment it is effectively called.

srv_conn_free / be_conn_free : Determine the number of available connections on server/backend.

ssl_bc_is_resumed : Returns true when the back connection was made over an SSL/TLS transport layer and the newly created SSL session was resumed using a cached session or a TLS ticket.

fe_defbe: Fetches frontend default backend name.

ssl_fc_session_key / ssl_bc_session_key: Returns the SSL master key of the front/back connection.

ssl_bc_alpn / ssl_bc_npn: Provides the ALPN and the NPN for an outgoing connection.

prio_class: Returns the priority class of the current session for http mode or the connection for TCP mode.

prio_offset: Returns the priority offset of the current session for http mode or the connection for TCP mode.

Random based load-balancing algorithm

Cloud Native Logging (Log to stdout / fd)

"Resolvers" section now supports resolv.conf

"Show activity" - shows the average and total CPU time consumed by the processing of each task, as well as the average and total latency inflicted by the processing of all other tasks. Values can also be logged if profiling is enabled either through the global section using "profiling.tasks on" or through the Runtime API.

Busy-polling - allows reduction of request processing latency by 30 - 100 microseconds on machines using frequency scaling or supporting deep idle states.

Lua Server class gained the ability to change a server's maxconn value

Lua TXN class gained the ability to adjust a connections priority within the server queue

Lua has a new StickTable class that allows access to the content of a stick-table by key and allows dumping of an entire stick-table