-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update to Debian bookworm #214
Conversation
This comes with a bump to OpenSSL 3, which might cause some breakage, so we might want to pause and consider / solicit opinions. 🤔 |
Not breakage, but a steep loss of performance that is likely unacceptable to many users. See https://www.mail-archive.com/[email protected]/msg43306.html (and basically the whole thread). |
Also Ctrl+F "OpenSSL" and "wolfSSL" in this email: https://www.mail-archive.com/[email protected]/msg43600.html |
Ah and one more thing: OpenSSL 3 is only officially supported as of HAProxy 2.6.x, as per the list on haproxy.org:
|
Yeah, oops -- that was a while ago though (a full year now). According to haproxy/haproxy#1276, the OpenSSL 3 support was backported to the 2.4 line, so that explains that (and we pin 2.0 to Debian Buster and Alpine 3.16 already), but that doesn't explain why 2.2 appears to be just fine. 🤷 I guess we should probably revert 2.2 to Alpine 3.16, pin it to Debian Bullseye (to be on the safe / "upstream supported" side), and then finally do this update. |
(first, a rebase) |
…orted until 2.6+ and backported to 2.4)
Changes: - docker-library/haproxy@f74e9f8: Merge pull request docker-library/haproxy#214 from infosiftr/bookworm - docker-library/haproxy@37ba32b: Pin 2.2 to Debian Bullseye and Alpine 3.16 to avoid OpenSSL 3 (unsupported until 2.6+ and backported to 2.4) - docker-library/haproxy@71aadfa: Update to Debian bookworm
Changes: - docker-library/haproxy@e4b286a: Update 2.6 to 2.6.16 - docker-library/haproxy@f74e9f8: Merge pull request docker-library/haproxy#214 from infosiftr/bookworm - docker-library/haproxy@37ba32b: Pin 2.2 to Debian Bullseye and Alpine 3.16 to avoid OpenSSL 3 (unsupported until 2.6+ and backported to 2.4) - docker-library/haproxy@71aadfa: Update to Debian bookworm
Leaving
2.0
on Debian buster: #167