Project

General

Profile

Actions

Todo #9386

closed

Deprecate built-in relayd Load Balancer

Added by Jim Pingle about 5 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Load Balancer
Target version:
Start date:
03/06/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

As of now, relayd does not function on FreeBSD 12 due to OpenSSL 1.1.x. The port is currently marked BROKEN for FreeBSD 12 and later. It has been this way since October, and there isn't any apparent sign of work to make it compatible with OpenSSL 1.1.x (no open PRs, no discussions on the ports list I could see).

Since HAProxy can do nearly everything the majority of users want from relayd (and does it better), in these circumstances the best move is to deprecate the relayd-based load balancer in favor of the HAProxy package.

Subtasks include:

  • Remove Load Balancer code
    • Config pages (usr/local/www/load_balancer_monitor_edit.php usr/local/www/load_balancer_monitor.php usr/local/www/load_balancer_pool_edit.php usr/local/www/load_balancer_pool.php usr/local/www/load_balancer_setting.php usr/local/www/load_balancer_virtual_server_edit.php usr/local/www/load_balancer_virtual_server.php)
    • Status pages (usr/local/www/status_lb_pool.php usr/local/www/status_lb_vs.php)
    • Widget (usr/local/www/widgets/widgets/load_balancer_status.widget.php usr/local/www/widgets/include/load_balancer.inc)
    • Menu entry (usr/local/www/head.inc)
    • Sticky parts for relayd only (system_advanced_misc.php)
    • vslb.inc -- only contains functions used by the load balancer, nothing else needs anything from it
    • Service definition and related references (etc/inc/service-utils.inc)
    • XMLRPC references (usr/local/www/xmlrpc.php etc/rc.filter_synchronize)
    • Boot time startup (rc.bootup)
    • NAT/firewall rules/anchors (etc/inc/filter.inc etc/phpshellsessions/pfanchordrill)
    • Upgrade code references that are no longer needed (etc/inc/upgrade_config.inc)
    • Privileges (etc/inc/priv/user.priv.inc)
    • Log references (etc/inc/filter_log.inc etc/pfSense-rc etc/inc/system.inc usr/local/www/status_logs.php usr/local/www/status_logs_settings.php usr/local/www/status_logs_common.inc)
    • Alias name check code (usr/local/www/firewall_aliases_import.php usr/local/www/firewall_aliases.php usr/local/www/firewall_aliases_edit.php)
    • Help entries (usr/local/www/help.php)
    • Shortcuts (usr/local/www/shortcuts.inc)
    • Status output (usr/local/www/status.php)
    • Default config.xml entries for load_balancer (conf.default/config.xml)
    • Any other stray references to relayd, load_balancer, etc
  • Add removed files from the above tasks to /etc/pfSense.obsoletedfiles
  • Possibly create upgrade or migration code to move LB entries to HAProxy, or create a script or mechanism to do the same manually
  • Upgrade code should remove the load_balancer section, but depending on the above it could be preserved in a file under /conf/ for migration purposes.
  • Remove references to the load balancer from current documentation
Actions #1

Updated by Jim Pingle about 5 years ago

  • Description updated (diff)
Actions #2

Updated by Jim Pingle about 5 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #3

Updated by Jim Pingle about 4 years ago

  • Status changed from Feedback to Resolved

Looks better on current snaps. Nothing left that I can see.

Actions

Also available in: Atom PDF