From f4a20b050288ea1a9fcce67c4cc3001606ff55ff Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Sat, 16 Dec 2023 16:17:13 +0000 Subject: [PATCH] Downgrade haproxy image from latest to lts Starting with the automated update to the haproxy 2.9.1 image at 04:00 today, we noticed the service immediately spiking up to 100% CPU and quickly filling its session table. Downgrading from the latest tag to lts (currently 2.8.5) appears to have solved it for now. This might be https://github.com/haproxy/haproxy/issues/2393 . Change-Id: I3085e7921f43665118678a660d777601f08debd3 --- playbooks/roles/haproxy/templates/docker-compose.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/roles/haproxy/templates/docker-compose.yaml.j2 b/playbooks/roles/haproxy/templates/docker-compose.yaml.j2 index 04488bde3f..efd26f2d10 100644 --- a/playbooks/roles/haproxy/templates/docker-compose.yaml.j2 +++ b/playbooks/roles/haproxy/templates/docker-compose.yaml.j2 @@ -5,7 +5,7 @@ version: '2' services: haproxy: restart: always - image: docker.io/library/haproxy:latest + image: docker.io/library/haproxy:lts # NOTE(ianw) 2021-05-17 : haproxy >= 2.4 runs as a non-privileged # user. The main problem here is we use host networking, so the # haproxy user is not allowed to bind to low ports (80/443). The