mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-18 17:34:45 +00:00
f63704488e
in the context of a progressive backend migration, we want to be able to activate SSL on outgoing connections to the server at runtime without reloading. This patch adds a `set server ssl` command; in order to allow that: - add `srv_use_ssl` to `show servers state` command for compatibility, also update associated parsing - when using default-server ssl setting, and `no-ssl` on server line, init SSL ctx without activating it - when triggering ssl API, de/activate SSL connections as requested - clean ongoing connections as it is done for addr/port changes, without checking prior server state example config: backend be_foo default-server ssl server srv0 127.0.0.1:6011 weight 1 no-ssl show servers state: 5 be_foo 1 srv0 127.0.0.1 2 0 1 1 15 1 0 4 0 0 0 0 - 6011 - -1 where srv0 can switch to ssl later during the runtime: set server be_foo/srv0 ssl on 5 be_foo 1 srv0 127.0.0.1 2 0 1 1 15 1 0 4 0 0 0 0 - 6011 - 1 Also update existing tests and create a new one. Signed-off-by: William Dauchy <wdauchy@gmail.com>
118 lines
7.3 KiB
Plaintext
118 lines
7.3 KiB
Plaintext
varnishtest "Health-checks: only for servers with 'check' set"
|
|
feature ignore_unknown_macro
|
|
|
|
# This test start 40 servers in the same backend, named srv0 up to srv39.
|
|
# Only the odd servers have health-checks enabled.
|
|
# The first health-checks passed tests are checked for all these servers
|
|
# thanks to syslog messages.
|
|
|
|
#REQUIRE_VERSION=1.8
|
|
#EXCLUDE_TARGETS=freebsd
|
|
#REGTEST_TYPE=slow
|
|
|
|
syslog S -repeat 20 -level notice {
|
|
recv
|
|
expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv([13579]|[123][13579]) succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP"
|
|
} -start
|
|
|
|
server s0 {} -start
|
|
server s1 {} -start
|
|
server s2 {} -start
|
|
server s3 {} -start
|
|
server s4 {} -start
|
|
server s5 {} -start
|
|
server s6 {} -start
|
|
server s7 {} -start
|
|
server s8 {} -start
|
|
server s9 {} -start
|
|
server s10 {} -start
|
|
server s11 {} -start
|
|
server s12 {} -start
|
|
server s13 {} -start
|
|
server s14 {} -start
|
|
server s15 {} -start
|
|
server s16 {} -start
|
|
server s17 {} -start
|
|
server s18 {} -start
|
|
server s19 {} -start
|
|
server s20 {} -start
|
|
server s21 {} -start
|
|
server s22 {} -start
|
|
server s23 {} -start
|
|
server s24 {} -start
|
|
server s25 {} -start
|
|
server s26 {} -start
|
|
server s27 {} -start
|
|
server s28 {} -start
|
|
server s29 {} -start
|
|
server s30 {} -start
|
|
server s31 {} -start
|
|
server s32 {} -start
|
|
server s33 {} -start
|
|
server s34 {} -start
|
|
server s35 {} -start
|
|
server s36 {} -start
|
|
server s37 {} -start
|
|
server s38 {} -start
|
|
server s39 {} -start
|
|
|
|
haproxy h1 -conf {
|
|
defaults
|
|
timeout client 1s
|
|
timeout server 1s
|
|
timeout connect 1s
|
|
default-server no-check inter 200ms downinter 100ms rise 1 fall 1
|
|
|
|
backend be1
|
|
option log-health-checks
|
|
log ${S_addr}:${S_port} daemon
|
|
server srv0 ${s0_addr}:${s0_port}
|
|
server srv1 ${s1_addr}:${s1_port} check
|
|
server srv2 ${s2_addr}:${s2_port}
|
|
server srv3 ${s3_addr}:${s3_port} check
|
|
server srv4 ${s4_addr}:${s4_port}
|
|
server srv5 ${s5_addr}:${s5_port} check
|
|
server srv6 ${s6_addr}:${s6_port}
|
|
server srv7 ${s7_addr}:${s7_port} check
|
|
server srv8 ${s8_addr}:${s8_port}
|
|
server srv9 ${s9_addr}:${s9_port} check
|
|
server srv10 ${s10_addr}:${s10_port}
|
|
server srv11 ${s11_addr}:${s11_port} check
|
|
server srv12 ${s12_addr}:${s12_port}
|
|
server srv13 ${s13_addr}:${s13_port} check
|
|
server srv14 ${s14_addr}:${s14_port}
|
|
server srv15 ${s15_addr}:${s15_port} check
|
|
server srv16 ${s16_addr}:${s16_port}
|
|
server srv17 ${s17_addr}:${s17_port} check
|
|
server srv18 ${s18_addr}:${s18_port}
|
|
server srv19 ${s19_addr}:${s19_port} check
|
|
server srv20 ${s20_addr}:${s20_port}
|
|
server srv21 ${s21_addr}:${s21_port} check
|
|
server srv22 ${s22_addr}:${s22_port}
|
|
server srv23 ${s23_addr}:${s23_port} check
|
|
server srv24 ${s24_addr}:${s24_port}
|
|
server srv25 ${s25_addr}:${s25_port} check
|
|
server srv26 ${s26_addr}:${s26_port}
|
|
server srv27 ${s27_addr}:${s27_port} check
|
|
server srv28 ${s28_addr}:${s28_port}
|
|
server srv29 ${s29_addr}:${s29_port} check
|
|
server srv30 ${s30_addr}:${s30_port}
|
|
server srv31 ${s31_addr}:${s31_port} check
|
|
server srv32 ${s32_addr}:${s32_port}
|
|
server srv33 ${s33_addr}:${s33_port} check
|
|
server srv34 ${s34_addr}:${s34_port}
|
|
server srv35 ${s35_addr}:${s35_port} check
|
|
server srv36 ${s36_addr}:${s36_port}
|
|
server srv37 ${s37_addr}:${s37_port} check
|
|
server srv38 ${s38_addr}:${s38_port}
|
|
server srv39 ${s39_addr}:${s39_port} check
|
|
} -start
|
|
|
|
syslog S -wait
|
|
|
|
haproxy h1 -cli {
|
|
send "show servers state"
|
|
expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl\n2 be1 1 srv0 ${s0_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s0_port} - 0\n2 be1 2 srv1 ${s1_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s1_port} - 0\n2 be1 3 srv2 ${s2_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s2_port} - 0\n2 be1 4 srv3 ${s3_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s3_port} - 0\n2 be1 5 srv4 ${s4_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s4_port} - 0\n2 be1 6 srv5 ${s5_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s5_port} - 0\n2 be1 7 srv6 ${s6_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s6_port} - 0\n2 be1 8 srv7 ${s7_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s7_port} - 0\n2 be1 9 srv8 ${s8_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s8_port} - 0\n2 be1 10 srv9 ${s9_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s9_port} - 0\n2 be1 11 srv10 ${s10_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s10_port} - 0\n2 be1 12 srv11 ${s11_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s11_port} - 0\n2 be1 13 srv12 ${s12_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s12_port} - 0\n2 be1 14 srv13 ${s13_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s13_port} - 0\n2 be1 15 srv14 ${s14_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s14_port} - 0\n2 be1 16 srv15 ${s15_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s15_port} - 0\n2 be1 17 srv16 ${s16_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s16_port} - 0\n2 be1 18 srv17 ${s17_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s17_port} - 0\n2 be1 19 srv18 ${s18_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s18_port} - 0\n2 be1 20 srv19 ${s19_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s19_port} - 0\n2 be1 21 srv20 ${s20_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s20_port} - 0\n2 be1 22 srv21 ${s21_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s21_port} - 0\n2 be1 23 srv22 ${s22_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s22_port} - 0\n2 be1 24 srv23 ${s23_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s23_port} - 0\n2 be1 25 srv24 ${s24_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s24_port} - 0\n2 be1 26 srv25 ${s25_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s25_port} - 0\n2 be1 27 srv26 ${s26_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s26_port} - 0\n2 be1 28 srv27 ${s27_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s27_port} - 0\n2 be1 29 srv28 ${s28_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s28_port} - 0\n2 be1 30 srv29 ${s29_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s29_port} - 0\n2 be1 31 srv30 ${s30_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s30_port} - 0\n2 be1 32 srv31 ${s31_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s31_port} - 0\n2 be1 33 srv32 ${s32_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s32_port} - 0\n2 be1 34 srv33 ${s33_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s33_port} - 0\n2 be1 35 srv34 ${s34_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s34_port} - 0\n2 be1 36 srv35 ${s35_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s35_port} - 0\n2 be1 37 srv36 ${s36_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s36_port} - 0\n2 be1 38 srv37 ${s37_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s37_port} - 0\n2 be1 39 srv38 ${s38_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s38_port} - 0\n2 be1 40 srv39 ${s39_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s39_port} - 0\n"
|
|
}
|
|
|