varnishtest "Health-checks: LDAP health-check" #REQUIRE_VERSION=2.2 #REGTEST_TYPE=slow feature ignore_unknown_macro # This scripts tests health-checks for LDAP application, enabled using # "option ldap-check" line. A intermediate listener is used to validate # the request because it is impossible with VTEST to read and match raw # text. server s1 { recv 14 sendhex "300C020101 61 070A01 00 04000400" } -start server s2 { recv 14 sendhex "300C020101 60 070A01 00 04000400" } -start server s3 { recv 14 sendhex "300C020101 61 070A01 01 04000400" } -start syslog S1 -level notice { recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Proxy be1 started." recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"Success\".+check duration: [[:digit:]]+ms, status: 1/1 UP." } -start syslog S2 -level notice { recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Proxy be2 started." recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 invalid response.+info: \"Not LDAPv3 protocol\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." } -start syslog S3 -level notice { recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Proxy be3 started." recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 wrong status.+code: 1.+info: \"See RFC: http://tools.ietf.org/html/rfc4511#section-4.1.9\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." } -start haproxy h1 -conf { defaults mode tcp timeout client 1s timeout server 1s timeout connect 100ms backend be1 log ${S1_addr}:${S1_port} daemon option log-health-checks option ldap-check server srv ${h1_ldap1_addr}:${h1_ldap1_port} check inter 1s rise 1 fall 1 backend be2 log ${S2_addr}:${S2_port} daemon option log-health-checks option ldap-check server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 backend be3 log ${S3_addr}:${S3_port} daemon option log-health-checks option ldap-check server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 listen ldap1 bind "fd@${ldap1}" tcp-request inspect-delay 100ms tcp-request content accept if { req.len eq 14 } { req.payload(0,14) -m bin "300C020101600702010304008000" } tcp-request content reject server srv ${s1_addr}:${s1_port} } -start syslog S1 -wait syslog S2 -wait syslog S3 -wait