Deprecate built-in relayd Load Balancer
As of now, relayd does not function on FreeBSD 12 due to OpenSSL 1.1.x. The port is currently marked BROKEN for FreeBSD 12 and later. It has been this way since October, and there isn't any apparent sign of work to make it compatible with OpenSSL 1.1.x (no open PRs, no discussions on the ports list I could see).
Since HAProxy can do nearly everything the majority of users want from relayd (and does it better), in these circumstances the best move is to deprecate the relayd-based load balancer in favor of the HAProxy package.
- Remove Load Balancer code
- Config pages (usr/local/www/load_balancer_monitor_edit.php usr/local/www/load_balancer_monitor.php usr/local/www/load_balancer_pool_edit.php usr/local/www/load_balancer_pool.php usr/local/www/load_balancer_setting.php usr/local/www/load_balancer_virtual_server_edit.php usr/local/www/load_balancer_virtual_server.php)
- Status pages (usr/local/www/status_lb_pool.php usr/local/www/status_lb_vs.php)
- Widget (usr/local/www/widgets/widgets/load_balancer_status.widget.php usr/local/www/widgets/include/load_balancer.inc)
- Menu entry (usr/local/www/head.inc)
- Sticky parts for relayd only (system_advanced_misc.php)
- vslb.inc -- only contains functions used by the load balancer, nothing else needs anything from it
- Service definition and related references (etc/inc/service-utils.inc)
- XMLRPC references (usr/local/www/xmlrpc.php etc/rc.filter_synchronize)
- Boot time startup (rc.bootup)
- NAT/firewall rules/anchors (etc/inc/filter.inc etc/phpshellsessions/pfanchordrill)
- Upgrade code references that are no longer needed (etc/inc/upgrade_config.inc)
- Privileges (etc/inc/priv/user.priv.inc)
- Log references (etc/inc/filter_log.inc etc/pfSense-rc etc/inc/system.inc usr/local/www/status_logs.php usr/local/www/status_logs_settings.php usr/local/www/status_logs_common.inc)
- Alias name check code (usr/local/www/firewall_aliases_import.php usr/local/www/firewall_aliases.php usr/local/www/firewall_aliases_edit.php)
- Help entries (usr/local/www/help.php)
- Shortcuts (usr/local/www/shortcuts.inc)
- Status output (usr/local/www/status.php)
- Default config.xml entries for load_balancer (conf.default/config.xml)
- Any other stray references to relayd, load_balancer, etc
- Add removed files from the above tasks to /etc/pfSense.obsoletedfiles
- Possibly create upgrade or migration code to move LB entries to HAProxy, or create a script or mechanism to do the same manually
- Upgrade code should remove the load_balancer section, but depending on the above it could be preserved in a file under /conf/ for migration purposes.
- Remove references to the load balancer from current documentation
Deprecate the built-in relayd Load Balancer. Closes #9386
It is not available on FreeBSD 12 with OpenSSL 1.1.x.
Users can migrate to the HAProxy package.