Skip to content

v16.5.0+3.2.14

Choose a tag to compare

View all tags
@CFN-CI CFN-CI released this 16 Mar 05:40
· 12 commits to master since this release
v16.5.0+3.2.14
367f2b5

haproxy-boshrelease 16.5.0+3.2.14

New Features

  • ACL blocking can now be applied on tcp layer, thx @hoffmaen / @a18e - #882 
      ha_proxy.cidr_blocklist_tcp:
    description: List of CIDRs to block on TCP level. If empty, only a comment is rendered. Format is string array of CIDRs or single string of base64 encoded gzip.
    default: ~
    example:
      cidr_blocklist_tcp:
        - 10.0.0.0/8
        - 192.168.2.0/24
    • From this version, IPs can be blocked via socket until next restart, the empty file haproxy/config/blocklist_cidrs_tcp.txt is created by default. Example: 
      bosh -d haproxy ssh -c "echo 'add acl /var/vcap/jobs/haproxy/config/blocklist_cidrs_tcp.txt 10.0.1.1/24' | sudo socat - /var/vcap/sys/run/haproxy/stats.sock"

Upgrades

  • HAProxy has been upgraded from v3.2.13 to v3.2.14

Versions

The following versions of upstream components are included in this haproxy-boshrelease:

Component Version
HAProxy 3.2.14
keepalived 2.3.4
Lua 5.4.8
PCRE 10.47
socat 1.8.1.1

Deployment

releases:
- name: "haproxy"
  version: "16.5.0+3.2.14"
  url: "https://github.com/cloudfoundry/haproxy-boshrelease/releases/download/v16.5.0+3.2.14/haproxy-16.5.0+3.2.14.tgz"
  sha1: "5f1a41b40a3dffa93df34656f8bfd7f8f81a296f"

# for deployments with sha256, use the following line instead:
# sha1: "sha256:df868ffb2f8e91e6867dd20a5838839bf1aafe0e5f6a1d7c3d3762d8a21f8431"

Deployment (patched)

releases:
- name: "haproxy"
  version: "16.5.0+3.2.14-patched"
  url: "https://github.com/cloudfoundry/haproxy-boshrelease/releases/download/v16.5.0+3.2.14/haproxy-16.5.0+3.2.14-patched.tgz"
  sha1: "18bb76d6b3a81bcac497269179add5161b6785a8"

# for deployments with sha256, use the following line instead:
# sha1: "sha256:3bb18806e2f66e12eb534d1896ac437da27f8be05a92b62054e1c02a45b80e30"

What's Changed

  • ci: reset semver to 16.4.0 by @plowin in #879
  • fix: support IPv6 when joining IP address and port by @plowin in #881
  • chore(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 in /acceptance-tests by @dependabot[bot] in #880
  • Introduce an ACL for blocking on tcp layer by @hoffmaen / @a18e in #882
  • Bump haproxy version to 3.2.14 by @CFN-CI in #886
  • chore(deps): bump golang.org/x/net from 0.51.0 to 0.52.0 in /acceptance-tests by @dependabot[bot] in #887

Full Changelog: v16.4.0+3.2.13...v16.5.0+3.2.14

Contributors

a18e, dependabot, and 3 other contributors
Assets 4
Loading