[06:51:58] <godog>	 greetings
[06:53:02] <taavi>	 o/
[07:09:34] <taavi>	 fyi: I'm moving tools to the new set of k8s haproxies
[07:12:42] <godog>	 sweet
[07:46:26] <taavi>	 oh no. apparently having both an A and an AAAA record for the `proxy_pass` target, nginx treats that as a server pool which is different than only having a single upstream.
[07:47:11] <taavi>	 so now nginx is tracking each individual "backend" (i.e. both the v4 and v6 endpoint), and every time it sees a request to one of them fail (which happens often with slow tools), it marks that endpoint as down for some time
[07:49:51] <godog>	 TIL and definitely would not have expected that
[07:50:16] <taavi>	 https://gerrit.wikimedia.org/r/c/operations/puppet/+/1193317 disables that
[07:50:21] <taavi>	 me neither :/
[07:51:38] <godog>	 +1 LGTM
[07:51:42] <taavi>	 except that I misread the docs and that's not the syntax, one moment
[08:05:40] <taavi>	 updated
[08:19:00] <godog>	 LGTM
[08:20:52] <taavi>	 thanks!
[08:26:54] <godog>	 sure np, unlike earlier I was not surprised to learn certain nginx features are paywalled
[16:09:10] <cdanis>	 04:30:03	<@taavi>	minor haproxy annoyance: `http-response set-header` does not affect error pages at all
[16:09:12] <cdanis>	 btw you can use `http-after-response` for this kind of thing
[16:09:57] <taavi>	 ooooooh
[16:10:06] * taavi gets unreasonably excited about a configuration option
[16:10:18] <cdanis>	 yeah that's happened for me multiple times with haproxy 😅
[16:10:45] <cdanis>	 they're very innovative, their Open Core/Enterprise strategy is putting the good documentation behind paywall
[16:11:46] <cdanis>	 and a RESTful administrative API with a control plane, instead of config files + a unix socket with no actual protocol
[17:26:07] * dhinus off