2020-04-22 13:16:58 +00:00
|
|
|
varnishtest "Health-checks: ssl-hello health-check"
|
|
|
|
#REQUIRE_OPTION=OPENSSL
|
|
|
|
#REQUIRE_VERSION=2.2
|
|
|
|
#REGTEST_TYPE=slow
|
|
|
|
feature ignore_unknown_macro
|
|
|
|
|
|
|
|
# This scripts tests health-checks for SSL application, enabled using
|
|
|
|
# "option ssl-hello-chk" line.
|
|
|
|
|
|
|
|
syslog S1 -level notice {
|
|
|
|
recv
|
|
|
|
expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP."
|
|
|
|
} -start
|
|
|
|
|
|
|
|
|
|
|
|
syslog S2 -level notice {
|
|
|
|
recv
|
|
|
|
expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer6 invalid response.+info: \"TCPCHK got an empty response at step 2\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN."
|
|
|
|
} -start
|
|
|
|
|
|
|
|
syslog S3 -level notice {
|
|
|
|
recv
|
|
|
|
expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer6 invalid response.+check duration: [[:digit:]]+ms, status: 0/1 DOWN."
|
|
|
|
} -start
|
|
|
|
|
|
|
|
haproxy htst -conf {
|
|
|
|
global
|
|
|
|
tune.ssl.default-dh-param 2048
|
|
|
|
|
|
|
|
defaults
|
|
|
|
mode tcp
|
2021-11-18 16:46:22 +00:00
|
|
|
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
|
2020-04-22 13:16:58 +00:00
|
|
|
|
|
|
|
frontend fe1
|
|
|
|
bind "fd@${fe1}" ssl crt ${testdir}/common.pem
|
|
|
|
|
|
|
|
frontend fe2
|
|
|
|
bind "fd@${fe2}"
|
|
|
|
|
|
|
|
frontend fe3
|
|
|
|
mode http
|
|
|
|
bind "fd@${fe3}"
|
|
|
|
|
|
|
|
} -start
|
|
|
|
|
|
|
|
haproxy h1 -conf {
|
|
|
|
defaults
|
|
|
|
mode tcp
|
2021-11-18 16:46:22 +00:00
|
|
|
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
|
2020-04-22 13:16:58 +00:00
|
|
|
|
|
|
|
backend be1
|
|
|
|
log ${S1_addr}:${S1_port} daemon
|
|
|
|
option log-health-checks
|
|
|
|
option ssl-hello-chk
|
|
|
|
server srv ${htst_fe1_addr}:${htst_fe1_port} check inter 1s rise 1 fall 1
|
|
|
|
|
|
|
|
backend be2
|
|
|
|
log ${S2_addr}:${S2_port} daemon
|
|
|
|
option log-health-checks
|
|
|
|
option ssl-hello-chk
|
|
|
|
server srv ${htst_fe2_addr}:${htst_fe2_port} check inter 1s rise 1 fall 1
|
|
|
|
|
|
|
|
backend be3
|
|
|
|
log ${S3_addr}:${S3_port} daemon
|
|
|
|
option log-health-checks
|
|
|
|
option ssl-hello-chk
|
|
|
|
server srv ${htst_fe3_addr}:${htst_fe3_port} check inter 1s rise 1 fall 1
|
|
|
|
} -start
|
|
|
|
|
|
|
|
syslog S1 -wait
|
|
|
|
syslog S2 -wait
|
|
|
|
syslog S3 -wait
|