New and/or improved features to HAProxy Enterprise 1.9 include:

Backports

  • SSL: Added support of AES-256 bits ticket keys on file and CLI

  • 51Degrees: Enabled multi-threaded operation in the 51Degrees module

  • Prometheus-exporter: New Prometheus exporter for HAProxy

  • Listener: Implemented multi-queue accept for threads

  • Listener: Used the multi-queue for multi-thread listeners

  • Configuration: Added global tune.listener.multi-queue setting

  • Threads: Enabled one thread per CPU by default

  • Configuration: Disabled support for nbproc and nbthread in parallel

  • Backend: Made the random algorithm support a number of draws

  • Multiplex: Made the H2 MAX_FRAME_SIZE setting configurable

  • Configuration: No longer enforced a low frontend maxconn value

Various optimizations

  • Buffer modifications

  • Improved task scheduler: scales much better with large thread counts

  • Native HTTP Representation (HTX) which immediately brings:

    • End-to-end HTTP/2

    • Server-side connection pooling

    • Server-side connection multiplexing

    • gRPC

  • Cache improvements

    • Age headers

    • Chunked Transfer Encoding support

    • max-object-size = 2GB, total-object-size = 4GB

  • Connection scheduling reworked to feature true ASYNC-I/O at every level

  • Varnish Test suite Integration

  • HTTP Status code 103 (Early Hints)

  • Support for HTTP Status code 421 (Misdirected Request)

  • CLI / Runtime API supports payloads

  • Master/Worker CLI (master has its own socket, communicate with all workers, even those exiting)

  • Server queues now have a "set-priority" option: deliver JS/CSS before images, boost premium level users compared to regular ones, or give lower priority to bots

  • Stick-tables extended with gpc1/gpc1_rate counters

New converters

  • strcmp

  • concat

  • length

  • crc32c

  • ipv6 added to "ipmask" converter

  • field/word converter extended

New fetches

  • date_us: Microseconds part of the date

  • cpu_calls: Number of calls to the task processing the stream or current request since it was allocated. It is reset for each new request on the same connection.

  • cpu_ns_avg: The average number of nanoseconds spent in each call to the task processing the stream or current request.

  • cpu_ns_tot: Total number of nanoseconds spent in each call to the task processing the stream or current request.

  • lat_ns_avg: Average number of nanoseconds spent between the moment the task handling the stream is woken up and the moment is is effectively called.

  • lat_ns_tot: The total number of nanoseconds between the moment the task handling the stream is woken up and the moment it is effectively called.

  • srv_conn_free / be_conn_free : Determine the number of available connections on server/backend.

  • ssl_bc_is_resumed : Returns true when the back connection was made over an SSL/TLS transport layer and the newly created SSL session was resumed using a cached session or a TLS ticket.

  • fe_defbe: Fetches frontend default backend name.

  • ssl_fc_session_key / ssl_bc_session_key: Returns the SSL master key of the front/back connection.

  • ssl_bc_alpn / ssl_bc_npn: Provides the ALPN and the NPN for an outgoing connection.

  • prio_class: Returns the priority class of the current session for http mode or the connection for TCP mode.

  • prio_offset: Returns the priority offset of the current session for http mode or the connection for TCP mode.

Other enhancements

  • Random based load balancing algorithm

  • Cloud Native Logging (Log to stdout / fd)

  • "Resolvers" section now supports resolv.conf

  • "Show activity" - shows the average and total CPU time consumed by the processing of each task, as well as the average and total latency inflicted by the processing of all other tasks. Values can also be logged if profiling is enabled either through the global section using "profiling.tasks on" or through the Runtime API.

  • Busy-polling - allows reduction of request processing latency by 30 - 100 microseconds on machines using frequency scaling or supporting deep idle states.

  • Lua Server class gained the ability to change a server's maxconn value

  • Lua TXN class gained the ability to adjust a connections priority within the server queue

  • Lua has a new StickTable class that allows access to the content of a stick-table by key and allows dumping of an entire stick-table