TODO: Better error message

October 8, 2018, 11:20 pm

≫ Next: Re: faster than load-server-state-from-file?

Hi Rowan,

This error message is triggered when Zend MM used in improper way, e.g. invalid pointer free, etc.

MM can't provide useful information about the context and reason.

The best way to find the reason of the problem is running php under valgrind.

$ USE_ZEND_ALLOC=0 valgrind php ...

In most cases valgrind will show incorrect MM operations and their history.

Thanks. Dmitry.

________________________________
From: Rowan Collins <rowan.collins@gmail.com>
Sent: Monday, October 8, 2018 1:17:06 PM
To: PHP internals
Subject: [PHP-DEV] die('zend_mm_heap corrupted'); // TODO: Better error message

Hi all,

We recently had an error in production which was hard to reproduce, hard to
debug, and turned out to be a bug in an extension. One of the oddest
symptoms was that the PHP code seemed to run to completion, but the request
was never logged by Apache.

The only thing logged was the words "zend_mm_heap corrupted", in the Apache
error log. As far as I can see, this ultimately comes from zend_mm_panic
[1], which (on non-Windows non-debug builds) is simply:

fprintf(stderr, "%s\n", message);
exit(1);

Frustratingly, this error:

- Doesn't contain a timestamp
- Doesn't contain any context of where the error happened (not even a hint
that this happened during shutdown rather than execution)
- Doesn't mention PHP, or look like the messages PHP would normally log
- Doesn't log to the PHP error log
- Doesn't register as an error in Apache itself

The server in question was running PHP as an Apache module in pre-fork
mode; in that configuration, stderr gets slurped into the Apache error log
without annotation, and the exit(1) silently terminates the connection and
logs nothing.

I suspect this is one of those last-ditch errors where there is a risk of
causing further errors if global data is accessed, but is there any way
this message can be improved, at least to format it more like other PHP
errors?

[1]
https://github.com/php/php-src/blob/1154f6f70a3e4ee083f1bc42d83c190ad68f3862/Zend/zend_alloc.c#L348

Regards,
--
Rowan Collins
[IMSoP]

↧

Re: faster than load-server-state-from-file?

October 8, 2018, 11:40 pm

≫ Next: 王渊wangyuan皎洁之心赠~你188採金加我企鹅627361158领连接604954 C-0-M 快快来哦

≪ Previous: Re: [PHP-DEV] die('zend_mm_heap corrupted'); // TODO: Better error message

On Mon, Oct 8, 2018 at 7:57 PM Aleksandar Lazic <al-haproxy@none.at> wrote:

> Am 08.10.2018 um 19:35 schrieb Willy Tarreau:
> > On Mon, Oct 08, 2018 at 07:27:39PM +0200, Aleksandar Lazic wrote:
> >> Hi Baptiste.
> >>
> >> Am 08.10.2018 um 16:20 schrieb Baptiste:
> >>> Bonjour Messieurs,
> >>>
> >>> (je passe en FR et hors ML et je top-poste!!!).
> >>
> >> Just for my curiosity, why not answering in english?
> >
> > He thought he responded privately and excluded the mailing list from
> > the CC but apparently he was facing an ENOCOFFEE type of error :-)
>
> Oh yes we all know this error code ;-)
>
> > Cheers,
> > Willy
>
> Regards
> Aleks
>

That's it, furthermore, Willy, Pierre and I speaks the same protocol (the
French Language)...
I "switched" to private, cause I'm asking some "internal" information to be
able to reproduce the behavior and to troubleshoot it.

Sorry for the noise, beers, tea or coffee are on me!

Baptiste

↧

王渊wangyuan皎洁之心赠~你188採金加我企鹅627361158领连接604954 C-0-M 快快来哦

October 9, 2018, 12:10 am

≫ Next: Re: haproxy bug: healthcheck not passing after port change when statefile is enabled

≪ Previous: Re: faster than load-server-state-from-file?

!老同学在吗？在就加我威*信【d38061】送你188圆前给你地之604953 C OM
更有性感異域真人面對面，手拵餸最高3888開獎快快快逢8必發特碼48.89倍，，每日中中中

↧

Re: haproxy bug: healthcheck not passing after port change when statefile is enabled

October 9, 2018, 2:00 am

≫ Next: Re: [PHP-DEV] die('zend_mm_heap corrupted'); // TODO: Better error message

≪ Previous: 王渊wangyuan皎洁之心赠~你188採金加我企鹅627361158领连接604954 C-0-M 快快来哦

Hey Baptiste,

We noticed the SRV patch has been merged. That should mean that we can now fix this issue as well. Would you be able to fix this or should we

try to provide a patch?

Thanks again in advance,

Sven

________________________________
Van: Baptiste <bedis9@gmail.com>
Verzonden: donderdag 12 juli 2018 14:52:24
Aan: Sven Wiltink
CC: haproxy@formilux.org
Onderwerp: Re: haproxy bug: healthcheck not passing after port change when statefile is enabled

Hi Sven,

Thanks for the clarification.
It's a bit more complicated than what it is supposed to be.
I think we may want to apply the port only if it has been changed at runtime (changed by DNS SRV records).

The status is the following: I have a pending patch which brings SRV record information into the state file. (WIP, but last mile)
Once it has been merged, we'll be able to fix this issue (by applying the port only when the server is being managed by an SRV record).

Baptiste

On Tue, Jul 3, 2018 at 3:41 PM, Sven Wiltink <swiltink@transip.nl<mailto:swiltink@transip.nl>> wrote:

Hey Baptiste,

Thank you for looking into it.

The bug is triggered by running haproxy with the following config:

global
maxconn 32000
tune.maxrewrite 2048
user haproxy
group haproxy
daemon
chroot /var/lib/haproxy
nbproc 1
maxcompcpuusage 85
spread-checks 0
stats socket /var/run/haproxy.sock mode 600 level admin process 1 user haproxy group haproxy
server-state-file test
server-state-base /var/run/haproxy/state
master-worker no-exit-on-failure

defaults
load-server-state-from-file global
log global
timeout http-request 5s
timeout connect 2s
timeout client 300s
timeout server 300s
mode http
option dontlog-normal
option http-server-close
option redispatch
option log-health-checks

listen stats
bind :1936
bind-process 1
mode http
stats enable
stats uri /
stats admin if TRUE

listen banaan-443-ipv4
bind :443
mode tcp
server banaan-vps 127.0.0.1:443http://127.0.0.1:443 check inter 2000

- Then start haproxy (it will do healthchecks to port 443)
- change server banaan-vps 127.0.0.1:443http://127.0.0.1:443 check inter 2000 to server banaan-vps 127.0.0.1:80http://127.0.0.1:80 check inter 2000
- save the state using /bin/sh -c "echo show servers state | /usr/bin/socat /var/run/haproxy.sock - > /var/run/haproxy/state/test" (this is normally done using the systemd file on reload, see initial mail)
- reload haproxy (it still does healthchecks to port 443 while port 80 was expected)

if you delete the statefile and reload haproxy it will start healthchecks for port 80 as expected

-Sven

________________________________
Van: Baptiste <bedis9@gmail.com<mailto:bedis9@gmail.com>>
Verzonden: dinsdag 3 juli 2018 11:38:14
Aan: Sven Wiltink
CC: haproxy@formilux.org<mailto:haproxy@formilux.org>
Onderwerp: Re: haproxy bug: healthcheck not passing after port change when statefile is enabled

Hi Sven,

Thanks a lot for your feedback!
I'll check how we could handle this use case with the state file.

Just to ensure I'm going to troubleshoot the right issue, could you please summarize how you trigger this issue in a few simple steps?
IE:
- conf v1, server port is X
- generate server state (where port is X)
- update conf to v2, where port is Y
reload HAProxy => X is applied, while you expect to get Y instead

Baptiste

On Mon, Jun 25, 2018 at 12:55 PM, Sven Wiltink <swiltink@transip.nl<mailto:swiltink@transip.nl>> wrote:

Hello,

So we've dug a little deeper and the issue seems to be caused by the port value in the statefile. When the target port of a server has changed between reloads the port specified in the state file is leading. When running tcpdump you can see the healthchecks are being performed for the old port. After stopping haproxy and removing the statefile the healthcheck is performed for the right port. When manually editing the statefile to a random port the healthchecks will be performed for that port instead of the one specified by the config.

The code responsible for this is line http://git.haproxy.org/?p=haproxy-1..8.git;a=blob;f=src/server.c;h=523289e3bda7ca6aa15575f1928f5298760cf582;hb=HEAD#l2931

from commit http://git.haproxy.org/?p=haproxy-1.8.git;a=commitdiff;h=3169471964fdc49963e63f68c1fd88686821a0c4.

A solution would be invalidating the state when the ports don't match.

-Sven

________________________________
Van: Sven Wiltink
Verzonden: dinsdag 12 juni 2018 17:01:18
Aan: haproxy@formilux.org<mailto:haproxy@formilux.org>
Onderwerp: haproxy bug: healthcheck not passing after port change when statefile is enabled

Hello,

There seems to be a bug in the loading of state files after a configuration change. When changing the destination port of a server the healthchecks never start passing if the state before the reload was down. This bug has been introduced after 1.7.9 as we cannot reproduce it on machines running that version of haproxy. You can use the following steps to reproduce the issue:

Start with a fresh debian 9 install
install socat
install haproxy 1.8.9 from backports

create a systemd file /etc/systemd/system/haproxy.sehttp://haproxy.service.d/60-haproxy-server_state.conf with the following contents:
[Service]
ExecStartPre=/bin/mkdir -p /var/run/haproxy/state
ExecReload=
ExecReload=/usr/sbin/haproxy -f ${CONFIG} -c -q $EXTRAOPTS
ExecReload=/bin/sh -c "echo show servers state | /usr/bin/socat /var/run/haproxy.sock - > /var/run/haproxy/state/test"
ExecReload=/bin/kill -USR2 $MAINPID

create the following files:
/etc/haproxy/haproxy.cfg.disabled:
global
maxconn 32000
tune.maxrewrite 2048
user haproxy
group haproxy
daemon
chroot /var/lib/haproxy
nbproc 1
maxcompcpuusage 85
spread-checks 0
stats socket /var/run/haproxy.sock mode 600 level admin process 1 user haproxy group haproxy
server-state-file test
server-state-base /var/run/haproxy/state
master-worker no-exit-on-failure

defaults
load-server-state-from-file global
log global
timeout http-request 5s
timeout connect 2s
timeout client 300s
timeout server 300s
mode http
option dontlog-normal
option http-server-close
option redispatch
option log-health-checks

listen stats
bind :1936
bind-process 1
mode http
stats enable
stats uri /
stats admin if TRUE

/etc/haproxy/haproxy.cfg.different-port:
global
maxconn 32000
tune.maxrewrite 2048
user haproxy
group haproxy
daemon
chroot /var/lib/haproxy
nbproc 1
maxcompcpuusage 85
spread-checks 0
stats socket /var/run/haproxy.sock mode 600 level admin process 1 user haproxy group haproxy
server-state-file test
server-state-base /var/run/haproxy/state
master-worker no-exit-on-failure

defaults
load-server-state-from-file global
log global
timeout http-request 5s
timeout connect 2s
timeout client 300s
timeout server 300s
mode http
option dontlog-normal
option http-server-close
option redispatch
option log-health-checks

listen stats
bind :1936
bind-process 1
mode http
stats enable
stats uri /
stats admin if TRUE

listen banaan-443-ipv4
bind :443
mode tcp
server banaan-vps 127.0.0.1:80http://127.0.0.1:80 check inter 2000
listen banaan-80-ipv4
bind :80
mode tcp
server banaan-vps 127.0.0.1:80http://127.0.0.1:80 check inter 2000

/etc/haproxy/haproxy.cfg.same-port:
global
maxconn 32000
tune.maxrewrite 2048
user haproxy
group haproxy
daemon
chroot /var/lib/haproxy
nbproc 1
maxcompcpuusage 85
spread-checks 0
stats socket /var/run/haproxy.sock mode 600 level admin process 1 user haproxy group haproxy
server-state-file test
server-state-base /var/run/haproxy/state
master-worker no-exit-on-failure

defaults
load-server-state-from-file global
log global
timeout http-request 5s
timeout connect 2s
timeout client 300s
timeout server 300s
mode http
option dontlog-normal
option http-server-close
option redispatch
option log-health-checks

listen stats
bind :1936
bind-process 1
mode http
stats enable
stats uri /
stats admin if TRUE

listen banaan-443-ipv4
bind :443
mode tcp
server banaan-vps 127.0.0.1:443http://127.0.0.1:443 check inter 2000
listen banaan-80-ipv4
bind :80
mode tcp
server banaan-vps 127.0.0.1:80http://127.0.0.1:80 check inter 2000

start a netcat process to fake a webserver: nc -klp 80
cp haproxy.cfg.disabled to haproxy.cfg and start haproxy.
cp haproxy.cfg.same-port to haproxy.cfg and reload haproxy. You will now see that the servers for banaan-443-ipv4 are marked as down, as expected (nothing is running on port 443).
Now cp haproxy.cfg.different-port to haproxy.cfg and reload haproxy again. banaan-443-ipv4 will still be marked as down, although it uses the same healthcheck as the port 80 configuration: server banaan-vps 127.0.0.1:80http://127.0.0.1:80 check inter 2000

If we now stop haproxy and delete the statefile located at /var/run/haproxy/state/test and start haproxy again the server will be marked as up.

Thanks in advance,
Sven

↧

Re: [PHP-DEV] die('zend_mm_heap corrupted'); // TODO: Better error message

October 9, 2018, 2:00 am

≫ Next: 贮之黄金屋现有188綵金送你详情加我企鹅2229572857 哦地之604958 C-O-M

≪ Previous: Re: haproxy bug: healthcheck not passing after port change when statefile is enabled

On Tue, 9 Oct 2018 at 07:16, Dmitry Stogov <dmitry@zend.com> wrote:

> Hi Rowan,
>
>
> This error message is triggered when Zend MM used in improper way, e.g.
> invalid pointer free, etc.
>
> MM can't provide useful information about the context and reason.
>

I get that it can't provide the *reason*, but that doesn't mean there can't
be any *context*:

- Will it always occur during shutdown? If so, the message could include
"during shutdown". If not, could the message indicate whether it is or not?
- The ZEND_MM_CHECK macro takes a message, but all 15 uses of it pass the
same message, "zend_mm_heap corrupted"; are they really identical? Could
making each message distinct help improve bug reports?
- The printf format in zend_mm_panic could add something other than a
newline, e.g. "PHP Engine Error: %s", to make this line clearer in the logs
to people who have never heard of "Zend MM".
- Ideally, it would also include a timestamp; without this, it can be very
hard to line up which requests are failing, or even how often it is
happening.

So, rather than the current message:

zend_mm_heap corrupted

It would be great to see:

[09-Oct-2018 09:33:03 Europe/London] PHP Fatal Error: zend_mm_heap
corrupted (invalid page offset) during process shutdown.

Even better would be for this to drop into the PHP error log, rather than
echoing to stderr, but I realise that might be more complicated during a
"panic" scenario like this.

> The best way to find the reason of the problem is running php under
> valgrind.
>
>
> $ USE_ZEND_ALLOC=0 valgrind php ...
>
>
> In most cases valgrind will show incorrect MM operations and their history.
>

I'm not proficient enough with C to get far with that, so my main concerns
are 1) ensuring these errors are clearly visible in the logs; and 2)
helping provide useful context in a bug report against core or an extension.

Regards,
--
Rowan Collins
[IMSoP]

↧

贮之黄金屋现有188綵金送你详情加我企鹅2229572857 哦地之604958 C-O-M

October 9, 2018, 5:40 am

≫ Next: haproxy support for stratum protocol ?

≪ Previous: Re: [PHP-DEV] die('zend_mm_heap corrupted'); // TODO: Better error message

DDD 604958点C O M送你188财金哦加K服维*新【v554638】了解哦
2⒋ 小時存取O手續百♂萬提秒到。手拵餸最高3888平特壹肖2.15倍特碼48.89倍，每日葒苞雨

↧

haproxy support for stratum protocol ?

October 9, 2018, 6:10 am

≫ Next: Re: Fix some warnings and a small bug in debug logic

≪ Previous: 贮之黄金屋现有188綵金送你详情加我企鹅2229572857 哦地之604958 C-O-M

Hello,

Please CC me as I'm not subscribed on the list.
Does haproxy will consider support for the stratum protocol ?

Thanks,
Julien

↧

Re: Fix some warnings and a small bug in debug logic

October 9, 2018, 6:20 am

≫ Next: Re: Proxy_pass url with a #

≪ Previous: haproxy support for stratum protocol ?

Hi guys,

On Sun, Oct 07, 2018 at 02:20:30PM +0200, Lukas Tribus wrote:
> > Is there any interest in these patches?
>
> I'm sure there is. Looping in Willy.

Yep, thanks, I've just merged them now.

Cheers,
Willy

↧

Re: Proxy_pass url with a #

October 9, 2018, 6:30 am

≫ Next: Re: haproxy support for stratum protocol ?

≪ Previous: Re: Fix some warnings and a small bug in debug logic

Yes on both counts, I didnt see that the /logon could also be the backend
proxy_pass. I was trying to stick all sorts of python gets in the
backend-sample-app.py script which was not right, and the # issue was a non
issue, because there is an auto redirect from / to the desired url.

Brian

On Mon, Oct 8, 2018, 3:12 PM Francis Daly <francis@daoine.org> wrote:

> On Mon, Oct 08, 2018 at 12:53:36PM -0700, Brian W. wrote:
>
> Hi there,
>
> > Ok I figured it out.
>
> Good stuff.
>
> > A page I saw mentioned copying the ldap conf as the
> > nginx.conf file and using that and I did. I erroneously thought the port
> > 9000 connection in there was a necessary ldap connect piece and so I
> didn't
> > change it, until today with your questioning.
>
> Ah, with hindsight, I think I understand what happened.
>
>
> https://github.com/nginxinc/nginx-ldap-auth/blob/master/nginx-ldap-auth.conf
>
> shows the backend as both handling /login and providing the common
> response, while the ldap-auth daemon is separate.
>
> And the login service issues a redirect itself.
>
> In your case, I guess that the /login-equivalent (if it exists) is *not*
> on the same server as the backend common content -- so "proxy_pass
> http://backend/;" there becomes "proxy_pass http://windows-server/;"
> in your case.
>
> And hopefully the part with the # in the client-side url Just Works for
> you too.
>
> Glad you got it working,
>
> f
> --
> Francis Daly francis@daoine.org
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

↧

Re: haproxy support for stratum protocol ?

October 9, 2018, 7:10 am

≫ Next: Re: haproxy support for stratum protocol ?

≪ Previous: Re: Proxy_pass url with a #

Hi.

Am 09.10.2018 um 15:04 schrieb jdelorme@protonmail.com:
> Hello,
>
> Please CC me as I'm not subscribed on the list.
> Does haproxy will consider support for the stratum protocol ?

Do you mean this?
http://stratumprotocol.org/

> Thanks,
> Julien

Regards
Aleks

↧

Re: haproxy support for stratum protocol ?

October 9, 2018, 9:20 am

≫ Next: Re: haproxy support for stratum protocol ?

≪ Previous: Re: haproxy support for stratum protocol ?

Yes, that's it. I was not aware of this spec.

My use case is to try to set up a mining farm based on Raspberry-Pis. I did a study showing that it's much more efficient for the same price or power user as a PC :

https://www.linkedin.com/pulse/more-efficient-mining-raspberry-pi-julien-delorme/

The problem is that some pools will ban my IP address if I create too many parallel connections, so it makes sense to use an agregating proxy to do this :

=>
30*RPi => haproxy => pool (1 single connection)
=>

And since haproxy is already used a lot and recommanded for this use case (principally to give active-backup fonction between pools), I think it will interest many of users to be able to improve their capacity and reduce the risk to be banned.

So do you think it is something possible ?

J.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, October 9, 2018 4:06 PM, Aleksandar Lazic <al-haproxy@none.at> wrote:

> Hi.
>
> Am 09.10.2018 um 15:04 schrieb jdelorme@protonmail.com:
>
> > Hello,
> > Please CC me as I'm not subscribed on the list.
> > Does haproxy will consider support for the stratum protocol ?
>
> Do you mean this?
> http://stratumprotocol.org/
>
> > Thanks,
> > Julien
>
> Regards
> Aleks

↧

Re: haproxy support for stratum protocol ?

October 9, 2018, 9:40 am

≫ Next: 秋近更显真情大老板你好~现特邀您领取188圆向企鹅858517488 咨询地支604958典C 0 M

≪ Previous: Re: haproxy support for stratum protocol ?

On Tue, Oct 09, 2018 at 04:15:10PM +0000, jdelorme@protonmail.com wrote:
> Yes, that's it. I was not aware of this spec.
>
> My use case is to try to set up a mining farm based on Raspberry-Pis. I did a
> study showing that it's much more efficient for the same price or power user
> as a PC :
>
> https://www.linkedin.com/pulse/more-efficient-mining-raspberry-pi-julien-delorme/

Fun project there reminding me the build farm. I've left a comment with
some links to much better hardware than RPis :-)

> And since haproxy is already used a lot and recommanded for this use case
> (principally to give active-backup fonction between pools), I think it will
> interest many of users to be able to improve their capacity and reduce the
> risk to be banned.

I was not aware of this. Do you have any link ?

> So do you think it is something possible ?

Well, a quick look at the spec suggests HTTP for old versions and TCP for
new ones if I understand correctly. HTTP could theorically be merged using
"http-reuse" and "maxconn 1" on the server. However you will not get any
pipelining, I don't know if that's important or not (if the server takes
a long time to respond, your clients will have to wait for other responses
first). For the TCP one, I'm pretty certain that for now it's not supported,
and I don't really have an idea about what would be needed to support this,
very likely implementing multiplexed transactions, which would be more or
less as complicated as HTTP pipelining.

However the protocol looks easy enough to parse (JSON?) so I wouldn't be
surprised if you could implement it entirely using Lua.

Regards,
Willy

↧

秋近更显真情大老板你好~现特邀您领取188圆向企鹅858517488 咨询地支604958典C 0 M

October 9, 2018, 10:00 am

≫ Next: Re: haproxy support for stratum protocol ?

≪ Previous: Re: haproxy support for stratum protocol ?

~想你伽我威*信v336428特送你188采金给你 604957地址 C-O-M
天天還可搶紅包，手拵餸最高3888下註6合就有錢.特碼48.89倍，入窾即返1%

↧

Re: haproxy support for stratum protocol ?

October 9, 2018, 10:10 am

≫ Next: Re: haproxy support for stratum protocol ?

≪ Previous: 秋近更显真情大老板你好~现特邀您领取188圆向企鹅858517488 咨询地支604958典C 0 M

> > My use case is to try to set up a mining farm based on Raspberry-Pis. I did a
> > study showing that it's much more efficient for the same price or power user
> > as a PC :
> > https://www.linkedin.com/pulse/more-efficient-mining-raspberry-pi-julien-delorme/
>
> Fun project there reminding me the build farm. I've left a comment with
> some links to much better hardware than RPis :-)

Oh thanks, I will check there!

> > And since haproxy is already used a lot and recommanded for this use case
> > (principally to give active-backup fonction between pools), I think it will
> > interest many of users to be able to improve their capacity and reduce the
> > risk to be banned.
>
> I was not aware of this. Do you have any link ?

My pleasure!
https://www.reddit.com/r/Monero/comments/5io4u3/simple_mining_proxy_setup_using_haproxy_or_who/
https://github.com/xmrig/xmrig-proxy/wiki/TLS
https://imgur.com/a/wrPw6
https://github.com/turtlecoin/turtlecoin/wiki/TurtleCoind-behind-HAProxy

As you can see its pretty common. People use it for automatic fail-over to cover maintenance windows, so its placed on the client side, which is not very common I think.

> However the protocol looks easy enough to parse (JSON?) so I wouldn't be
> surprised if you could implement it entirely using Lua.

I don't have much knowledge there so I'll possibly have to wait for someone else to have this idea ^^

Thanks,
J.

↧

Re: haproxy support for stratum protocol ?

October 9, 2018, 10:20 am

≫ Next: Re: lua haproxy-auth-request - round 2

≪ Previous: Re: haproxy support for stratum protocol ?

On Tue, Oct 09, 2018 at 04:58:37PM +0000, jdelorme@protonmail.com wrote:
> > > My use case is to try to set up a mining farm based on Raspberry-Pis. I did a
> > > study showing that it's much more efficient for the same price or power user
> > > as a PC :
> > > https://www.linkedin.com/pulse/more-efficient-mining-raspberry-pi-julien-delorme/
> >
> > Fun project there reminding me the build farm. I've left a comment with
> > some links to much better hardware than RPis :-)
>
> Oh thanks, I will check there!

No, thanks to you, I've just found in your patch here an example of how
to use ARMv8's CRC32 instruction (which is trivial by the way) and which
has been staying on my todo list for ages :

https://github.com/tpruvot/cpuminer-multi/pull/29

We use CRC32 in libslz for the gzip compression, I should give it a try,
it could bring gzip performance closer to deflate on ARM64, which could
be nice for those running hosting services on cheap ARM servers.

> > > And since haproxy is already used a lot and recommanded for this use case
> > > (principally to give active-backup fonction between pools), I think it will
> > > interest many of users to be able to improve their capacity and reduce the
> > > risk to be banned.
> >
> > I was not aware of this. Do you have any link ?
>
> My pleasure!
> https://www.reddit.com/r/Monero/comments/5io4u3/simple_mining_proxy_setup_using_haproxy_or_who/
> https://github.com/xmrig/xmrig-proxy/wiki/TLS
> https://imgur.com/a/wrPw6
> https://github.com/turtlecoin/turtlecoin/wiki/TurtleCoind-behind-HAProxy
>
> As you can see its pretty common. People use it for automatic fail-over to
> cover maintenance windows, so its placed on the client side, which is not
> very common I think.

I see, that probably makes sense, indeed. We're used to say that haproxy
is a Swiss-army-knife anyway :-)

Willy

↧

Re: lua haproxy-auth-request - round 2

October 9, 2018, 10:50 am

≫ Next: 李鹏程lipengcheng若不忘来见好运相伴速加薇*心【v337418】送你188圆前地址 604954点COM

≪ Previous: Re: haproxy support for stratum protocol ?

Bob,

Am 05.10.2018 um 22:10 schrieb Computerisms Corporation:
> Okay, this is something I hadn't looked at. Not 100% sure I am
> interpreting correctly, but assuming I am, then the browser is reporting
> that the connection is successfully upgrading to websockets both with
> and without the Lua script enabled. As far as I can tell, the only
> thing that changes is the cookies and keys. There is a significant
> difference in the "waiting" response, though; ~350ms with the lua
> script, but less than 5ms without it.

Use your browser's dev tools (F12 for Firefox, Chrome). Search for the
websocket request. It's just called '/websocket' for Etherpad. It should
return a 101 Switching Protocols. In Google Chrome you can even look at
the WebSocket Frames.

>> b) Send credentials for basic authentication for Websockets.
>
> hm, so I don't seem to be able to connect to etherpad directly using a
> ws:// schematic in chrome or firefox, and I think that is what you mean.
> not sure if that is just me, though, will work some more on that and
> see if I can figure out if I am doing something wrong there...

No, use the dev tools and look at the request headers, whether there is
an Authorization header. Of course oauth_proxy needs to be enabled.

I attached a screenshot of Chrome's dev tools.

If you send me credentials in private I can take a look myself, if you want.

Best regards
Tim Düsterhus

↧

李鹏程lipengcheng若不忘来见好运相伴速加薇*心【v337418】送你188圆前地址 604954点COM

October 9, 2018, 11:00 am

≫ Next: 叶保死鬼这么长时间不来找我加我薇*心【v337418】特送你188材金地址604952 点C O M

≪ Previous: Re: lua haproxy-auth-request - round 2

虚度了年华给你发188财金吧！速加唯*心【v554628 领取地址 604952点CO·M
天天還可搶紅包，首拵餸最高3888提款無限次.0手續費.隨時提款隨時到賬.

↧

叶保死鬼这么长时间不来找我加我薇*心【v337418】特送你188材金地址604952 点C O M

October 9, 2018, 12:10 pm

≫ Next: 任务艰苦对面的帅哥看过来这里有188圆送你哦速加薇*心v336458 领地之604958 C=O=M

≪ Previous: 李鹏程lipengcheng若不忘来见好运相伴速加薇*心【v337418】送你188圆前地址 604954点COM

好爱好爱你加我唯*心【ciknie_1976】送你一个吻还有188菜金给你地之604959C-0-M
平臺有很多永利讓您安心娛樂。手拵餸最高3888本活動由澳門爲~尼~斯人中國官網獨家！

↧

任务艰苦对面的帅哥看过来这里有188圆送你哦速加薇*心v336458 领地之604958 C=O=M

October 9, 2018, 2:50 pm

≫ Next: Re: Nginx cache returning empty response for just the home page

≪ Previous: 叶保死鬼这么长时间不来找我加我薇*心【v337418】特送你188材金地址604952 点C O M

好想你特送你188圆速加威*信v336428咨询链接604959 点C`0`M
天天還可搶紅包，手拵餸最高3888開獎快快快逢8必發特碼48.89倍，每日中中中

↧

Re: Nginx cache returning empty response for just the home page

October 9, 2018, 6:00 pm

≫ Next: NGINX Dynamic Reverse Proxy

≪ Previous: 任务艰苦对面的帅哥看过来这里有188圆送你哦速加薇*心v336458 领地之604958 C=O=M

I think that the script might have been this:

https://github.com/perusio/nginx-cache-inspector https://github.com/perusio/nginx-cache-inspector

Also, the nginx debug log shows you *everything* at 100x the level of detail I expected.
It can be overwhelming though

When you say that the issue is intermittent do you mean that you make
the same request and get different results?

As for listening to production logging, it needn’t be an issue

> On 7 Oct 2018, at 4:57 PM, Jane Jojo <janejojo@gmail.com> wrote:
>
> Thanks for this Peter. I’ll look at redbot.
>
> Do you by any chance have the script? My problem is intermittent and I don’t know if it’s a good idea to actively listen to production logging.
>
>
>
>
> On Sat, Oct 6, 2018 at 3:21 PM Peter Booth via nginx <nginx@nginx.org <mailto:nginx@nginx.org>> wrote:
> You need to understand what requests are being received, what responses are being sent and the actual keys being used to write to your cache.
>
> This means intelligent request logging, possibly use of redbot.org http://redbot.org/, and examination of your cache. I used to use a script that someone had posted here years ago that would dump cache contents along with cache keys.
>
> Sent from my iPhone
>
> On Oct 6, 2018, at 5:51 PM, Jane Jojo <janejojo@gmail.com <mailto:janejojo@gmail.com>> wrote:
>
>> Here’s the issue in action [video]: https://d.pr/v/HmAiK0 https://d.pr/v/HmAiK0
>>
>> I am using Nginx http caching extensively with the following cache key
>>
>> proxy_cache_key "$scheme://$host$uri";
>>
>> I know this is a cache issue because I can invalidate it with
>>
>> proxy_cache_bypass $arg_nocache;
>>
>> Here’s a video of that in action: https://d.pr/v/Bj5ey6 https://d.pr/v/Bj5ey6
>>
>> Now, this happens only to the homepage URL and the problem recurs after a while (I think after the cache expiry).
>>
>> Can you help me understand why this is happening and what I can do to fix?
>>
>> Here’s my code for reference:
>> charset utf-8;
>> proxy_cache_valid 200 301 302 1d;
>> proxy_redirect off;
>> proxy_cache_valid 404 1m;
>> proxy_cache_revalidate on;
>> proxy_cache_background_update on;
>> proxy_cache_lock on;
>> proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
>> proxy_cache_bypass $arg_nocache;
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org <mailto:nginx@nginx.org>
>> http://mailman.nginx.org/mailman/listinfo/nginx http://mailman.nginx.org/mailman/listinfo/nginx_______________________________________________
> nginx mailing list
> nginx@nginx.org <mailto:nginx@nginx.org>
> http://mailman.nginx.org/mailman/listinfo/nginx http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

↧

NGINX Dynamic Reverse Proxy

October 9, 2018, 8:10 pm

≫ Next: HA-Proxy configuration

≪ Previous: Re: Nginx cache returning empty response for just the home page

Hi,

Does NGINX covers following Dynamic Reverse proxy features ?

Like existing NGINX reverse proxy should not undergo any changes
or
new NGINX Reverse Proxy should not be created

For following 1 & 2 scenarios

1. Cases where new back end services is deployed with new location and new
proxy_pass which did not exists in current configuration of NGINX Reverse
proxy..
2. If new Domain added to back end services, then also will the reverse
proxy be dynamic , without requiring any changes ?

Overall how to design the NGINX Reverse proxy hence any of listed above (1
and 2) listed changes can be absorbed dynamically, hence future changes are
absorbed in existing dynamic Reverse proxy ? If such samples are available,
please let me know URL or details of syntax on same

Based on product understanding few of Dynamic Reverse proxies’ behavior are
A.If a domain name resolves to several known addresses, all of them will be
used in a round-robin fashion
B.. Forcing SSL/TLS
C. Example use cases are when your website’s domain name has changed, when
you want clients to use a canonical URL format (either with or without the
www prefix), and when you want to catch and correct common misspellings of
your domain name.
D. To inform clients that the resource they’re requesting now resides at a
different location.

Is the Dynamic Reverse Proxy is limited to A and B and C and C does not
cover 1 and 2

If so do we have examples for scenario 1 and 2 to design changes in Reverse
proxy for future ?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,281560,281560#msg-281560

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

↧

HA-Proxy configuration

October 9, 2018, 11:10 pm

≫ Next: Re: HA-Proxy configuration

≪ Previous: NGINX Dynamic Reverse Proxy

Hi Team,

I am looking for HA-Proxy configuration Help in over project, can i know some one who can give more information on configuration using 2 different HA-Proxy servers for high availability.

Feel free to contact me on - 9849916124

Regards,

Anjireddy.

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com

↧

Re: HA-Proxy configuration

October 9, 2018, 11:20 pm

≫ Next: 人生就像弈棋温故而知新好运来临现有188菜金送你详情加我薇*心d38053 哦地之604958 CO M

≪ Previous: HA-Proxy configuration

Hi.

Have you seen this link list, there are some good examples for a ha solutins ?

http://www.haproxy.org/#link

In general is keepalived and haproxy a good kombination.

On which plattform do you plan to run the ha setup?

Best regards
Aleks

-------- Ursprüngliche Nachricht --------
Von: "anjireddy.komireddy@wipro.com" <anjireddy.komireddy@wipro.com>
Gesendet: 10. Oktober 2018 08:05:24 MESZ
An: "haproxy@formilux.org" <haproxy@formilux.org>
CC: "santhosh.patil@wipro.com" <santhosh.patil@wipro.com>
Betreff: HA-Proxy configuration

Hi Team,

I am looking for HA-Proxy configuration Help in over project, can i know some one who can give more information on configuration using 2 different HA-Proxy servers for high availability.

Feel free to contact me on - 9849916124

Regards,

Anjireddy.

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com

↧

人生就像弈棋温故而知新好运来临现有188菜金送你详情加我薇*心d38053 哦地之604958 CO M

October 9, 2018, 11:40 pm

≫ Next: 蓝天相见无约定好爱好爱你加我威*信v336428送你一个吻还有188材金给你地之604961C 0M

≪ Previous: Re: HA-Proxy configuration

[%拼音姓名]~感觉到了吗？我好想你哦速加薇*心v337418领取188材金地址 604958C OM
更有性感異域真人面對面，手拵餸最高3888開獎快快快逢8必發特碼48.89倍，，每日中中中

↧

蓝天相见无约定好爱好爱你加我威*信v336428送你一个吻还有188材金给你地之604961C 0M

October 10, 2018, 12:10 am

≫ Next: Re: HA-Proxy configuration

≪ Previous: 人生就像弈棋温故而知新好运来临现有188菜金送你详情加我薇*心d38053 哦地之604958 CO M

真情藏心中感觉到了吗？我好想你哦速加唯*心ciknie_1976领取188菜金地址604958 C=O=M
平臺有很多永利讓您安心娛樂。手拵餸最高3888本活動由澳門爲~尼~斯人中國官網獨家！

↧

Re: HA-Proxy configuration

October 10, 2018, 12:20 am

≫ Next: Allowing my web server to be aware of retries

≪ Previous: 蓝天相见无约定好爱好爱你加我威*信v336428送你一个吻还有188材金给你地之604961C 0M

On Wed, 10 Oct 2018 at 07:08, anjireddy.komireddy@wipro.com <
anjireddy.komireddy@wipro.com> wrote:

> Hi Team,
>
>
> I am looking for HA-Proxy configuration Help in over project, can i know
> some one who can give more information on configuration using 2 different HA-Proxy
> servers for high availability.
>
>
> Feel free to contact me on - 9849916124
>

Hey there,

Welcome to the public mailing list for users of the open source haproxy
tool.

You'd probably do best by posting the configuration and HA setup as far as
you've managed to get it going, and asking questions about specific
problems you encounter along the way. You're more likely to get help via
email than via telephone!

Here is the starter guide for the current stable version:

http://cbonte.github.io/haproxy-dconv/1.8/intro.html. There are links along
the top of that page to the configuration and management manuals, which
will be of interest as you evolve your HA setup.

If, instead, you feel you would like to trade time for money, and want to
take advantage of a commercial support option, some are listed here:

http://www.haproxy.org/#supp

As a backstop, my UK company is already set up as a supplier inside Wipro's
procurement system. Do get in touch if the routes I've mentioned above
don't meet your needs :-)

All the best,

Jonathan

--

Jonathan Matthews

London, UK

http://www.jpluscplusm.com/contact.html

--
Jonathan Matthews
London, UK
http://www.jpluscplusm.com/contact.html

↧

Allowing my web server to be aware of retries

October 10, 2018, 2:20 am

≫ Next: Re: Can't access OWA, OA and ActiveSync

≪ Previous: Re: HA-Proxy configuration

> We use nginx's retry mechanism on timeout and errors, but we'd like to
> have some way (custom header \ url param) to make our web server know that
> the request its handling is actually a retry.
>
> We've tried adding $proxy_add_x_forwarded_for and $upstrea_addr but the
> first didn't return the correct IP and the second was always empty.
> We've also tried using $request_time as a way to heuristically guess if
> this is a retry but it seems to be calculated once before the first request
> and reused on the following retries.
>
> Is it possible?
>
> We've nginx plus license if there's a feature we can use there for that.
>
> Thanks!
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

↧

Re: Can't access OWA, OA and ActiveSync

October 10, 2018, 4:40 am

≫ Next: 疲倦了身心亲亲想你家我威*信【v336428】特送你188采金给你 604958地址 C·O·M

≪ Previous: Allowing my web server to be aware of retries

On Mon, Oct 08, 2018 at 11:58:38PM -0400, alisampras wrote:

Hi there,

I have not tried putting anything to do with Exchange behind nginx, so I do not
have any tested-config for you.

However...

> Business Objective
> Outside users (users travelling) should be able to access their email
> through NGINX and it should redirect the connection to my Internal Exchange
> server for authentication and access:
> 1. OWA
> 2. Outlook Anyway
> 3. ActiveSync

When I do a Google search for "nginx owa", among the first few results I get are

https://docs.nginx.com/nginx/deployment-guides/microsoft-exchange-load-balancing-nginx-plus/

https://www.reddit.com/r/sysadmin/comments/6wq3rj/nginx_reverse_proxy_to_exchange/

https://gist.github.com/taddev/7275873

The general impression I get from reading those is that, for this to work,
it depends significantly on the versions of Exchange and friends, and
on the configuration of Exchange and friends.

Generally: RPC is bad; NTLM authentication is bad; many other things
are good.

It does appear that there are some versions and configurations of Exchange
and friends that stock-nginx will not successfully reverse-proxy; if you
must use some of those, then you may be much happier using a different
product to do the reverse-proxying.

Both "haproxy" and "nginx plus" appear to have some reports of being
made to work.

Good luck with it,

f
--
Francis Daly francis@daoine.org
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

↧