haproxy/reg-tests/checks/1be_40srv_odd_health_checks.vtc
William Dauchy f63704488e MEDIUM: cli/ssl: configure ssl on server at runtime
in the context of a progressive backend migration, we want to be able to
activate SSL on outgoing connections to the server at runtime without
reloading.
This patch adds a `set server ssl` command; in order to allow that:

- add `srv_use_ssl` to `show servers state` command for compatibility,
  also update associated parsing
- when using default-server ssl setting, and `no-ssl` on server line,
  init SSL ctx without activating it
- when triggering ssl API, de/activate SSL connections as requested
- clean ongoing connections as it is done for addr/port changes, without
  checking prior server state

example config:

backend be_foo
  default-server ssl
  server srv0 127.0.0.1:6011 weight 1 no-ssl

show servers state:

  5 be_foo 1 srv0 127.0.0.1 2 0 1 1 15 1 0 4 0 0 0 0 - 6011 - -1

where srv0 can switch to ssl later during the runtime:

  set server be_foo/srv0 ssl on

  5 be_foo 1 srv0 127.0.0.1 2 0 1 1 15 1 0 4 0 0 0 0 - 6011 - 1

Also update existing tests and create a new one.

Signed-off-by: William Dauchy <wdauchy@gmail.com>
2020-11-18 17:22:28 +01:00

118 lines
7.3 KiB
Plaintext

varnishtest "Health-checks: only for servers with 'check' set"
feature ignore_unknown_macro
# This test start 40 servers in the same backend, named srv0 up to srv39.
# Only the odd servers have health-checks enabled.
# The first health-checks passed tests are checked for all these servers
# thanks to syslog messages.
#REQUIRE_VERSION=1.8
#EXCLUDE_TARGETS=freebsd
#REGTEST_TYPE=slow
syslog S -repeat 20 -level notice {
recv
expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv([13579]|[123][13579]) succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP"
} -start
server s0 {} -start
server s1 {} -start
server s2 {} -start
server s3 {} -start
server s4 {} -start
server s5 {} -start
server s6 {} -start
server s7 {} -start
server s8 {} -start
server s9 {} -start
server s10 {} -start
server s11 {} -start
server s12 {} -start
server s13 {} -start
server s14 {} -start
server s15 {} -start
server s16 {} -start
server s17 {} -start
server s18 {} -start
server s19 {} -start
server s20 {} -start
server s21 {} -start
server s22 {} -start
server s23 {} -start
server s24 {} -start
server s25 {} -start
server s26 {} -start
server s27 {} -start
server s28 {} -start
server s29 {} -start
server s30 {} -start
server s31 {} -start
server s32 {} -start
server s33 {} -start
server s34 {} -start
server s35 {} -start
server s36 {} -start
server s37 {} -start
server s38 {} -start
server s39 {} -start
haproxy h1 -conf {
defaults
timeout client 1s
timeout server 1s
timeout connect 1s
default-server no-check inter 200ms downinter 100ms rise 1 fall 1
backend be1
option log-health-checks
log ${S_addr}:${S_port} daemon
server srv0 ${s0_addr}:${s0_port}
server srv1 ${s1_addr}:${s1_port} check
server srv2 ${s2_addr}:${s2_port}
server srv3 ${s3_addr}:${s3_port} check
server srv4 ${s4_addr}:${s4_port}
server srv5 ${s5_addr}:${s5_port} check
server srv6 ${s6_addr}:${s6_port}
server srv7 ${s7_addr}:${s7_port} check
server srv8 ${s8_addr}:${s8_port}
server srv9 ${s9_addr}:${s9_port} check
server srv10 ${s10_addr}:${s10_port}
server srv11 ${s11_addr}:${s11_port} check
server srv12 ${s12_addr}:${s12_port}
server srv13 ${s13_addr}:${s13_port} check
server srv14 ${s14_addr}:${s14_port}
server srv15 ${s15_addr}:${s15_port} check
server srv16 ${s16_addr}:${s16_port}
server srv17 ${s17_addr}:${s17_port} check
server srv18 ${s18_addr}:${s18_port}
server srv19 ${s19_addr}:${s19_port} check
server srv20 ${s20_addr}:${s20_port}
server srv21 ${s21_addr}:${s21_port} check
server srv22 ${s22_addr}:${s22_port}
server srv23 ${s23_addr}:${s23_port} check
server srv24 ${s24_addr}:${s24_port}
server srv25 ${s25_addr}:${s25_port} check
server srv26 ${s26_addr}:${s26_port}
server srv27 ${s27_addr}:${s27_port} check
server srv28 ${s28_addr}:${s28_port}
server srv29 ${s29_addr}:${s29_port} check
server srv30 ${s30_addr}:${s30_port}
server srv31 ${s31_addr}:${s31_port} check
server srv32 ${s32_addr}:${s32_port}
server srv33 ${s33_addr}:${s33_port} check
server srv34 ${s34_addr}:${s34_port}
server srv35 ${s35_addr}:${s35_port} check
server srv36 ${s36_addr}:${s36_port}
server srv37 ${s37_addr}:${s37_port} check
server srv38 ${s38_addr}:${s38_port}
server srv39 ${s39_addr}:${s39_port} check
} -start
syslog S -wait
haproxy h1 -cli {
send "show servers state"
expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl\n2 be1 1 srv0 ${s0_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s0_port} - 0\n2 be1 2 srv1 ${s1_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s1_port} - 0\n2 be1 3 srv2 ${s2_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s2_port} - 0\n2 be1 4 srv3 ${s3_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s3_port} - 0\n2 be1 5 srv4 ${s4_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s4_port} - 0\n2 be1 6 srv5 ${s5_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s5_port} - 0\n2 be1 7 srv6 ${s6_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s6_port} - 0\n2 be1 8 srv7 ${s7_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s7_port} - 0\n2 be1 9 srv8 ${s8_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s8_port} - 0\n2 be1 10 srv9 ${s9_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s9_port} - 0\n2 be1 11 srv10 ${s10_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s10_port} - 0\n2 be1 12 srv11 ${s11_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s11_port} - 0\n2 be1 13 srv12 ${s12_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s12_port} - 0\n2 be1 14 srv13 ${s13_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s13_port} - 0\n2 be1 15 srv14 ${s14_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s14_port} - 0\n2 be1 16 srv15 ${s15_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s15_port} - 0\n2 be1 17 srv16 ${s16_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s16_port} - 0\n2 be1 18 srv17 ${s17_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s17_port} - 0\n2 be1 19 srv18 ${s18_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s18_port} - 0\n2 be1 20 srv19 ${s19_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s19_port} - 0\n2 be1 21 srv20 ${s20_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s20_port} - 0\n2 be1 22 srv21 ${s21_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s21_port} - 0\n2 be1 23 srv22 ${s22_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s22_port} - 0\n2 be1 24 srv23 ${s23_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s23_port} - 0\n2 be1 25 srv24 ${s24_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s24_port} - 0\n2 be1 26 srv25 ${s25_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s25_port} - 0\n2 be1 27 srv26 ${s26_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s26_port} - 0\n2 be1 28 srv27 ${s27_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s27_port} - 0\n2 be1 29 srv28 ${s28_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s28_port} - 0\n2 be1 30 srv29 ${s29_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s29_port} - 0\n2 be1 31 srv30 ${s30_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s30_port} - 0\n2 be1 32 srv31 ${s31_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s31_port} - 0\n2 be1 33 srv32 ${s32_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s32_port} - 0\n2 be1 34 srv33 ${s33_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s33_port} - 0\n2 be1 35 srv34 ${s34_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s34_port} - 0\n2 be1 36 srv35 ${s35_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s35_port} - 0\n2 be1 37 srv36 ${s36_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s36_port} - 0\n2 be1 38 srv37 ${s37_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s37_port} - 0\n2 be1 39 srv38 ${s38_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s38_port} - 0\n2 be1 40 srv39 ${s39_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s39_port} - 0\n"
}