Release Notes
About this release
Key changes in the HAProxy ALOHA 15.5 release include:
Upgraded to HAProxy Enterprise 2.8r1
Email alerts as a Lua module
Lua updates
HTTP compression changes
TLS signing algorithms management and default ALPN values
HTTP Forwarded header
Other performance tuning options
What's new, improved and removed
- PacketShield QUIC support
-
PacketShield received an update that allows it to protect HTTP/3 traffic over the QUIC protocol. QUIC is a UDP-based protocol.
- Email alerts as a Lua module
-
The mailers feature, which lets you send email alerts about the load balancer, has been ported to be a Lua module. The benefit to you is the ability to edit the Lua code to suit your needs, such as to customize the alert messages that the load balancer produces. To enable it, load the mailers Lua module using the
lua-load
directive in theglobal
section.
- Lua updates
-
A new event framework allows Lua modules to subscribe to some load balancer events and execute event handler functions. Events you can subscribe to include when servers are added, deleted, or go up or down. Use the function
Server.event_sub
to subscribe to events.A new
core.queue
function lets you create a first-in first-out data structure in Lua.The
Server
class gained new functions for accessing information about backend servers, including getting the server's name (get_name
), the number of active sessions (get_cur_sess
), the number of pending connections (get_pend_conn
), and other functions.A new global directive named
tune.lua.burst-timeout
terminates the Lua process if it exceeds the timeout value without ever yielding execution back to the load balancer. A well-behaved Lua module will yield execution on the current thread back to the load balancer during long-running tasks, to be continued later.The Lua's HTTP client that ships with the load balancer is able to resolve DNS hostnames thanks to a default
resolvers
section invisibly added to the configuration. If you do not use the HTTP client in Lua, then you can disable this by setting the new global directivehttpclient.resolvers.disabled
toon
.
- HTTP compression
-
The HTTP compression directives have an updated syntax that allows you to compress both responses and requests. For example, you can now compress requests that contain JSON messages before relaying them to backend servers. See the
compression direction
,compression algo-req
,compression algo-res
,compression type-req
, andcompression type-res
directives.
- TLS signing algorithms and curves
-
The new global directives
ssl-default-bind-client-sigalgs
andssl-default-bind-sigalgs
, as well as the newbind
argumentsclient-sigalgs
andsigalgs
let you list the TLS signing algorithms the load balancer will use or accept during a TLS handshake and during validating a client certificate.The
curves
argument, which sets a list of elliptic curve algorithms negotiated during the TLS handshake, is now availble on theserver
anddefault-server
lines.
- Default ALPN values
-
You no longer need to specify
alpn h2
on abind
line to enable HTTP/2. This is now the default value and will fall back to HTTP/1.1 if the client does not support HTTP/2. Also,bind
lines that use the QUIC protocol will default to having analpn
argument set toh3
for HTTP/3.
- HTTP Forwarded header
-
The new directive
option forwarded
will add aForwarded
header to HTTP requests, passing the client's IP address to backend servers. This is the successor to the non-standardX-Forwarded-For
header. New converters let you validate and read the header:rfc7239_is_valid
,rfc7239_field
,rfc7239_n2nn
, andrfc7239_n2np
.
- Configurable sticky counters
-
The new global directive
tune.stick-counters
lets you increase the number of stick table sticky counters, which had previously been a built-in constant set to 3.
- HTTP actions
-
The
http-after-response
directive gained an expanded set of actions, includingset-map
,sc-add-gpc
,set-log-level
, and others.All action directives now support the
sc-add-gpc
action.
- HTTP/2 tuning options
-
New global directives enable tuning the HTTP/2 protocol. They include
tune.h2.be.initialize-window-size
,tune.h2.be.max-concurrent-streams
,tune.h2.fe.initial-window-size
,tune.h2.fe.max-concurrent-streams
,tune.h2.initial-window-size
andtune.h2.max-concurrent-streams
.
- Listener shards
-
The new global directive
tune.listener.default-shards
simplifies setting shards. Sharding is a feature for servers with a high number of threads that makes it easier to replicate abind
line to create multiple listeners and assign worker threads to the listeners. The goal is to reduce thread contention. You can set the directive to a number of shards, to the valueby-thread
, or to the valueby-group
. Settingby-group
is especially convenient since you can then group threads and assign them together to a listener, and so this is the default setting.
- Other performance tuning options
-
The
bind
line'scpu-map
argument, which associates threads with CPUs, now accepts a list, delimited by commas.The
bind
line'sthread
argument can now be set to a comma-delimited list of thread ranges instead of just a single range.The new global directive
tune.listener.multi-queue
controls how work is distributed to threads assigned to a listener. A value ofon
, which is the default, passes work to the least busy thread. A value offair
passes work in a round-robin rotation.The new global directive
tune.memory.hot-size
allows you to set the amount of memory kept hot in the local cache, but the default value of 512 KB should be sufficient for most.
- HTTP request body and URL parameters
-
The
req.body_param
,url_param
, andurlp_val
fetch methods now accept an additional argument that enables case-insensitive matching of parameters, which makes it easier to configure the load balancer's behavior to agree with the web server's behavior. Also, a new converter namedparam
extracts name-value parameters from a string while letting you set the delimiter used between parameters.
- Round-trip time
-
The new fetch methods
bc_rtt
andbc_trrvar
return the round-trip time between the load balancer and a backend server. You can configure them to return values in milliseconds or microseconds.
- Preprocessor directives
-
This version introduces two new preprocessor functions. The
strstr
function returnstrue
if the inspected string contains a given string. Theenabled
function returnstrue
if the given option is enabled at runtime.
- Proxy Protocol
-
Proxy Protocol v2 has been updated in this version to allow the load balancer to extract extra information from the Proxy Protocol header when a TCP connection is established on the frontend. The new fetch method
fc_pp_tlv
supports extracting a TLV (Type-Length-Value) from the protocol header.
Getting support
Current HAProxy ALOHA customers, log in to the customer portal, https://my.haproxy.com/portal/cust/login.
Next up
Changelog