{"id":18589403,"url":"https://github.com/pmorie/haproxy","last_synced_at":"2025-05-16T08:07:57.707Z","repository":{"id":138121427,"uuid":"20944769","full_name":"pmorie/haproxy","owner":"pmorie","description":"Haproxy 1.4 Mirror","archived":false,"fork":false,"pushed_at":"2014-06-18T01:11:16.000Z","size":1064,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-17T19:16:39.831Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pmorie.png","metadata":{"files":{"readme":"README","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-06-18T01:10:15.000Z","updated_at":"2014-06-18T01:11:17.000Z","dependencies_parsed_at":null,"dependency_job_id":"34682da9-a9db-4f17-8fdc-fa106f27a3f9","html_url":"https://github.com/pmorie/haproxy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pmorie%2Fhaproxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pmorie%2Fhaproxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pmorie%2Fhaproxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pmorie%2Fhaproxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pmorie","download_url":"https://codeload.github.com/pmorie/haproxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254493385,"owners_count":22080127,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T00:51:57.188Z","updated_at":"2025-05-16T08:07:57.687Z","avatar_url":"https://github.com/pmorie.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":" ----------------------\n HAProxy how-to\n ----------------------\n version 1.4\n willy tarreau\n 2014/03/27\n\n\n1) How to build it\n------------------\n\nTo build haproxy, you will need :\n - GNU make. Neither Solaris nor OpenBSD's make work with the GNU Makefile.\n However, specific Makefiles for BSD and OSX are provided.\n - GCC between 2.91 and 4.7. Others may work, but not tested.\n - GNU ld\n\nAlso, you might want to build with libpcre support, which will provide a very\nefficient regex implementation and will also fix some badness on Solaris' one.\n\nTo build haproxy, you have to choose your target OS amongst the following ones\nand assign it to the TARGET variable :\n\n - linux22 for Linux 2.2\n - linux24 for Linux 2.4 and above (default)\n - linux24e for Linux 2.4 with support for a working epoll (\u003e 0.21)\n - linux26 for Linux 2.6 and above\n - linux2628 for Linux 2.6.28 and above (enables splice and tproxy)\n - solaris for Solaris 8 or 10 (others untested)\n - freebsd for FreeBSD 5 to 8.0 (others untested)\n - osx for Mac OS/X\n - openbsd for OpenBSD 3.1 to 5.2 (others untested)\n - aix52 for AIX 5.2\n - cygwin for Cygwin\n - generic for any other OS.\n - custom to manually adjust every setting\n\nYou may also choose your CPU to benefit from some optimizations. This is\nparticularly important on UltraSparc machines. For this, you can assign\none of the following choices to the CPU variable :\n\n - i686 for intel PentiumPro, Pentium 2 and above, AMD Athlon\n - i586 for intel Pentium, AMD K6, VIA C3.\n - ultrasparc : Sun UltraSparc I/II/III/IV processor\n - native : use the build machine's specific processor optimizations\n - generic : any other processor or no specific optimization. (default)\n\nAlternatively, you may just set the CPU_CFLAGS value to the optimal GCC options\nfor your platform.\n\nYou may want to build specific target binaries which do not match your native\ncompiler's target. This is particularly true on 64-bit systems when you want\nto build a 32-bit binary. Use the ARCH variable for this purpose. Right now\nit only knows about a few x86 variants (i386,i486,i586,i686,x86_64), two\ngeneric ones (32,64) and sets -m32/-m64 as well as -march=\u003carch\u003e accordingly.\n\nIf your system supports PCRE (Perl Compatible Regular Expressions), then you\nreally should build with libpcre which is between 2 and 10 times faster than\nother libc implementations. Regex are used for header processing (deletion,\nrewriting, allow, deny). The only inconvenient of libpcre is that it is not\nyet widely spread, so if you build for other systems, you might get into\ntrouble if they don't have the dynamic library. In this situation, you should\nstatically link libpcre into haproxy so that it will not be necessary to\ninstall it on target systems. Available build options for PCRE are :\n\n - USE_PCRE=1 to use libpcre, in whatever form is available on your system\n (shared or static)\n\n - USE_STATIC_PCRE=1 to use a static version of libpcre even if the dynamic\n one is available. This will enhance portability.\n\n - with no option, use your OS libc's standard regex implemntation (default).\n Warning! group references on Solaris seem broken. Use static-pcre whenever\n possible.\n\nBy default, the DEBUG variable is set to '-g' to enable debug symbols. It is\nnot wise to disable it on uncommon systems, because it's often the only way to\nget a complete core when you need one. Otherwise, you can set DEBUG to '-s' to\nstrip the binary.\n\nFor example, I use this to build for Solaris 8 :\n\n $ make TARGET=solaris CPU=ultrasparc USE_STATIC_PCRE=1\n\nAnd I build it this way on OpenBSD or FreeBSD :\n\n $ make -f Makefile.bsd REGEX=pcre DEBUG= COPTS.generic=\"-Os -fomit-frame-pointer -mgnu\"\n\nIn order to build a 32-bit binary on an x86_64 Linux system :\n\n $ make TARGET=linux26 ARCH=i386\n\nIf you need to pass other defines, includes, libraries, etc... then please\ncheck the Makefile to see which ones will be available in your case, and\nuse the USE_* variables in the GNU Makefile, or ADDINC, ADDLIB, and DEFINE\nvariables in the BSD makefiles.\n\nAIX 5.3 is known to work with the generic target. However, for the binary to\nalso run on 5.2 or earlier, you need to build with DEFINE=\"-D_MSGQSUPPORT\",\notherwise __fd_select() will be used while not being present in the libc.\nIf you get build errors because of strange symbols or section mismatches,\nsimply remove -g from DEBUG_CFLAGS.\n\nYou can easily define your own target with the GNU Makefile. Unknown targets\nare processed with no default option except USE_POLL=default. So you can very\nwell use that property to define your own set of options. USE_POLL can even be\ndisabled by setting USE_POLL=\"\". For example :\n\n $ gmake TARGET=tiny USE_POLL=\"\" TARGET_CFLAGS=-fomit-frame-pointer\n\n\n2) How to install it\n--------------------\n\nTo install haproxy, you can either copy the single resulting binary to the\nplace you want, or run :\n\n $ sudo make install\n\nIf you're packaging it for another system, you can specify its root directory\nin the usual DESTDIR variable.\n\n\n3) How to set it up\n-------------------\n\nThere is some documentation in the doc/ directory :\n\n - architecture.txt : this is the architecture manual. It is quite old and\n does not tell about the nice new features, but it's still a good starting\n point when you know what you want but don't know how to do it.\n\n - configuration.txt : this is the configuration manual. It recalls a few\n essential HTTP basic concepts, and details all the configuration file\n syntax (keywords, units). It also describes the log and stats format. It\n is normally always up to date. If you see that something is missing from\n it, please report it as this is a bug.\n\n - haproxy-en.txt / haproxy-fr.txt : these are the old outdated docs. You\n should never need them. If you do, then please report what you didn't\n find in the other ones.\n\n - gpl.txt / lgpl.txt : the copy of the licenses covering the software. See\n the 'LICENSE' file at the top for more information.\n\n - the rest is mainly for developers.\n\nThere are also a number of nice configuration examples in the \"examples\"\ndirectory as well as on several sites and articles on the net which are linked\nto from the haproxy web site.\n\n\n4) How to report a bug\n----------------------\n\nIt is possible that from time to time you'll find a bug. A bug is a case where\nwhat you see is not what is documented. Otherwise it can be a misdesign. If you\nfind that something is stupidly design, please discuss it on the list (see the\n\"how to contribute\" section below). If you feel like you're proceeding right\nand haproxy doesn't obey, then first ask yourself if it is possible that nobody\nbefore you has even encountered this issue. If it's unlikely, the you probably\nhave an issue in your setup. Just in case of doubt, please consult the mailing\nlist archives :\n\n http://www.formilux.org/archives/haproxy/\n http://marc.info/?l=haproxy\n\nOtherwise, please try to gather the maximum amount of information to help\nreproduce the issue and send that to the mailing list :\n\n haproxy@formilux.org\n\nPlease include your configuration and logs. You can mask your IP addresses and\npasswords, we don't need them. But it's essential that you post your config if\nyou want people to guess what is happening.\n\nAlso, keep in mind that haproxy is designed to NEVER CRASH. If you see it die\nwithout any reason, then it definitely is a critical bug that must be reported\nand urgently fixed. It has happened a couple of times in the past, essentially\non development versions running on new architectures. If you think your setup\nis fairly common, then it is possible that the issue is totally unrelated.\nAnyway, if that happens, feel free to contact me directly, as I will give you\ninstructions on how to collect a usable core file, and will probably ask for\nother captures that you'll not want to share with the list.\n\n\n5) How to contribute\n--------------------\n\nIt is possible that you'll want to add a specific feature to satisfy your needs\nor one of your customers'. Contributions are welcome, however I'm often very\npicky about changes. I will generally reject patches that change massive parts\nof the code, or that touch the core parts without any good reason if those\nchanges have not been discussed first.\n\nThe proper place to discuss your changes is the HAProxy Mailing List. There are\nenough skilled readers to catch hazardous mistakes and to suggest improvements.\nI trust a number of them enough to merge a patch if they say it's OK, so using\nthe list is the fastest way to get your code reviewed and merged. You can\nsubscribe to it by sending an empty e-mail at the following address :\n\n haproxy+subscribe@formilux.org\n\nIf you have an idea about something to implement, *please* discuss it on the\nlist first. It has already happened several times that two persons did the same\nthing simultaneously. This is a waste of time for both of them. It's also very\ncommon to see some changes rejected because they're done in a way that will\nconflict with future evolutions, or that does not leave a good feeling. It's\nalways unpleasant for the person who did the work, and it is unpleasant for me\ntoo because I value people's time and efforts. That would not happen if these\nwere discussed first. There is no problem posting work in progress to the list,\nit happens quite often in fact. Also, don't waste your time with the doc when\nsubmitting patches for review, only add the doc with the patch you consider\nready to merge.\n\nIf your work is very confidential and you can't publicly discuss it, you can\nalso mail me directly about it, but your mail may be waiting several days in\nthe queue before you get a response.\n\nIf you'd like a feature to be added but you think you don't have the skills to\nimplement it yourself, you should follow these steps :\n\n 1. discuss the feature on the mailing list. It is possible that someone\n else has already implemented it, or that someone will tell you how to\n proceed without it, or even why not to do it. It is also possible that\n in fact it's quite easy to implement and people will guide you through\n the process. That way you'll finally have YOUR patch merged, providing\n the feature YOU need.\n\n 2. if you really can't code it yourself after discussing it, then you may\n consider contacting someone to do the job for you. Some people on the\n list might be OK with trying to do it. Otherwise, you can check the list\n of contributors at the URL below, some of the regular contributors may\n be able to do the work, probably not for free but their time is as much\n valuable as yours after all, you can't eat the cake and have it too.\n\nThe list of past and regular contributors is available below. It lists not only\nsignificant code contributions (features, fixes), but also time or money\ndonations :\n\n http://haproxy.1wt.eu/contrib.html\n\nNote to contributors: it's very handy when patches comes with a properly\nformated subject. There are 3 criteria of particular importance in any patch :\n\n - its nature (is it a fix for a bug, a new feature, an optimization, ...)\n - its importance, which generally reflects the risk of merging/not merging it\n - what area it applies to (eg: http, stats, startup, config, doc, ...)\n\nIt's important to make these 3 criteria easy to spot in the patch's subject,\nbecause it's the first (and sometimes the only) thing which is read when\nreviewing patches to find which ones need to be backported to older versions.\n\nSpecifically, bugs must be clearly easy to spot so that they're never missed.\nAny patch fixing a bug must have the \"BUG\" tag in its subject. Most common\npatch types include :\n\n - BUG fix for a bug. The severity of the bug should also be indicated\n when known. Similarly, if a backport is needed to older versions,\n it should be indicated on the last line of the commit message. If\n the bug has been identified as a regression brought by a specific\n patch or version, this indication will be appreciated too. New\n maintenance releases are generally emitted when a few of these\n patches are merged.\n\n - CLEANUP code cleanup, silence of warnings, etc... theorically no impact.\n These patches will rarely be seen in stable branches, though they\n may appear when they remove some annoyance or when they make\n backporting easier. By nature, a cleanup is always minor.\n\n - REORG code reorganization. Some blocks may be moved to other places,\n some important checks might be swapped, etc... These changes\n always present a risk of regression. For this reason, they should\n never be mixed with any bug fix nor functional change. Code is\n only moved as-is. Indicating the risk of breakage is highly\n recommended.\n\n - BUILD updates or fixes for build issues. Changes to makefiles also fall\n into this category. The risk of breakage should be indicated if\n known. It is also appreciated to indicate what platforms and/or\n configurations were tested after the change.\n\n - OPTIM some code was optimised. Sometimes if the regression risk is very\n low and the gains significant, such patches may be merged in the\n stable branch. Depending on the amount of code changed or replaced\n and the level of trust the author has in the change, the risk of\n regression should be indicated.\n\n - RELEASE release of a new version (development or stable).\n\n - LICENSE licensing updates (may impact distro packagers).\n\n\nWhen the patch cannot be categorized, it's best not to put any tag. This is\ncommonly the case for new features, which development versions are mostly made\nof.\n\nAdditionally, the importance of the patch should be indicated when known. A\nsingle upper-case word is preferred, among :\n\n - MINOR minor change, very low risk of impact. It is often the case for\n code additions that don't touch live code. For a bug, it generally\n indicates an annoyance, nothing more.\n\n - MEDIUM medium risk, may cause unexpected regressions of low importance or\n which may quickly be discovered. For a bug, it generally indicates\n something odd which requires changing the configuration in an\n undesired way to work around the issue.\n\n - MAJOR major risk of hidden regression. This happens when I rearrange\n large parts of code, when I play with timeouts, with variable\n initializations, etc... We should only exceptionally find such\n patches in stable branches. For a bug, it indicates severe\n reliability issues for which workarounds are identified with or\n without performance impacts.\n\n - CRITICAL medium-term reliability or security is at risk and workarounds,\n if they exist, might not always be acceptable. An upgrade is\n absolutely required. A maintenance release may be emitted even if\n only one of these bugs are fixed. Note that this tag is only used\n with bugs. Such patches must indicate what is the first version\n affected, and if known, the commit ID which introduced the issue.\n\nIf this criterion doesn't apply, it's best not to put it. For instance, most\ndoc updates and most examples or test files are just added or updated without\nany need to qualify a level of importance.\n\nThe area the patch applies to is quite important, because some areas are known\nto be similar in older versions, suggesting a backport might be desirable, and\nconversely, some areas are known to be specific to one version. When the tag is\nused alone, uppercase is preferred for readability, otherwise lowercase is fine\ntoo. The following tags are suggested but not limitative :\n\n - doc documentation updates or fixes. No code is affected, no need to\n upgrade. These patches can also be sent right after a new feature,\n to document it.\n\n - examples example files. Be careful, sometimes these files are packaged.\n\n - tests regression test files. No code is affected, no need to upgrade.\n\n - init initialization code, arguments parsing, etc...\n\n - config configuration parser, mostly used when adding new config keywords\n\n - http the HTTP engine\n\n - stats the stats reporting engine as well as the stats socket CLI\n\n - checks the health checks engine (eg: when adding new checks)\n\n - acl the ACL processing core or some ACLs from other areas\n\n - peers the peer synchronization engine\n\n - listeners everything related to incoming connection settings\n\n - frontend everything related to incoming connection processing\n\n - backend everything related to LB algorithms and server farm\n\n - session session processing and flags (very sensible, be careful)\n\n - server server connection management, queueing\n\n - proxy proxy maintenance (start/stop)\n\n - log log management\n\n - poll any of the pollers\n\n - halog the halog sub-component in the contrib directory\n\n - contrib any addition to the contrib directory\n\nOther names may be invented when more precise indications are meaningful, for\ninstance : \"cookie\" which indicates cookie processing in the HTTP core. Last,\nindicating the name of the affected file is also a good way to quickly spot\nchanges. Many commits were already tagged with \"stream_sock\" or \"cfgparse\" for\ninstance.\n\nIt is desired that AT LEAST one of the 3 criteria tags is reported in the patch\nsubject. Ideally, we would have the 3 most often. The two first criteria should\nbe present before a first colon (':'). If both are present, then they should be\ndelimited with a slash ('/'). The 3rd criterion (area) should appear next, also\nfollowed by a colon. Thus, all of the following messages are valid :\n\nExamples of messages :\n - DOC: document options forwardfor to logasap\n - DOC/MAJOR: reorganize the whole document and change indenting\n - BUG: stats: connection reset counters must be plain ascii, not HTML\n - BUG/MINOR: stats: connection reset counters must be plain ascii, not HTML\n - MEDIUM: checks: support multi-packet health check responses\n - RELEASE: Released version 1.4.2\n - BUILD: stats: stdint is not present on solaris\n - OPTIM/MINOR: halog: make fgets parse more bytes by blocks\n - REORG/MEDIUM: move syscall redefinition to specific places\n\nPlease do not use square brackets anymore around the tags, because they give me\nmore work when merging patches. By default I'm asking Git to keep them but this\ncauses trouble when patches are prefixed with the [PATCH] tag because in order\nnot to store it, I have to hand-edit the patches. So as of now, I will ask Git\nto remove whatever is located between square brackets, which implies that any\nsubject formatted the old way will have its tag stripped out.\n\nIn fact, one of the only square bracket tags that still makes sense is '[RFC]'\nat the beginning of the subject, when you're asking for someone to review your\nchange before getting it merged. If the patch is OK to be merged, then I can\nmerge it as-is and the '[RFC]' tag will automatically be removed. If you don't\nwant it to be merged at all, you can simply state it in the message, or use an\nalternate '[WIP]' tag (\"work in progress\").\n\nThe tags are not rigid, follow your intuition first, anyway I reserve the right\nto change them when merging the patch. It may happen that a same patch has a\ndifferent tag in two distinct branches. The reason is that a bug in one branch\nmay just be a cleanup in the other one because the code cannot be triggered.\n\n\nFor a more efficient interaction between the mainline code and your code, I can\nonly strongly encourage you to try the Git version control system :\n\n http://git-scm.com/\n\nIt's very fast, lightweight and lets you undo/redo your work as often as you\nwant, without making your mistakes visible to the rest of the world. It will\ndefinitely help you contribute quality code and take other people's feedback\nin consideration. In order to clone the HAProxy Git repository :\n\n $ git clone http://git.1wt.eu/git/haproxy-1.4.git (stable 1.4)\n $ git clone http://git.1wt.eu/git/haproxy.git/ (development)\n\nIf you decide to use Git for your developments, then your commit messages will\nhave the subject line in the format described above, then the whole description\nof your work (mainly why you did it) will be in the body. You can directly send\nyour commits to the mailing list, the format is convenient to read and process.\n\n-- end\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpmorie%2Fhaproxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpmorie%2Fhaproxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpmorie%2Fhaproxy/lists"}