RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-19 01:54:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
bf4ec6f4a0
haproxy/reg-tests/checks/tls_health_checks.vtc
Willy Tarreau f673923629 REGTESTS: extend the default I/O timeouts and make them overridable 
With the CI occasionally slowing down, we're starting to see again some
spurious failures despite the long 1-second timeouts. This reports false
positives that are disturbing and doesn't provide as much value as this
could. However at this delay it already becomes a pain for developers
to wait for the tests to complete.

This commit adds support for the new environment variable
HAPROXY_TEST_TIMEOUT that will allow anyone to modify the connect,
client and server timeouts. It was set to 5 seconds by default, which
should be plenty for quite some time in the CI. All relevant values
that were 200ms or above were replaced by this one. A few larger
values were left as they are special. One test for the set-timeout
action that used to rely on a fixed 1-sec value was extended to a
fixed 5-sec, as the timeout is normally not reached, but it needs
to be known to compare the old and new values.
2021-11-18 17:57:11 +01:00

119 lines
3.3 KiB
Plaintext
Raw Blame History

varnishtest "Health-check test over TLS/SSL"
#REQUIRE_OPTIONS=OPENSSL
#REGTEST_TYPE=slow
feature ignore_unknown_macro
# This script tests health-checks for a TLS/SSL backend with "option httpchk"
# and "check-ssl" option enabled attached to h2 haproxy process. This haproxy
# h2 process is chained to h1 other one.
#
server s1 {
rxreq
expect req.method == OPTIONS
expect req.url == *
expect req.proto == HTTP/1.1
txresp
} -start
server s2 {
} -start
server s3 {
rxreq
expect req.method == OPTIONS
expect req.url == *
expect req.proto == HTTP/1.1
txresp
} -start
syslog S1 -level notice {
recv info
expect ~ "[^:\\[ ]\\[${h1_pid}\\]: .* fe1~ be1/srv1 .* 200 [[:digit:]]+ - - ---- .* \"OPTIONS \\* HTTP/1.1\""
} -start
haproxy h1 -conf {
global
tune.ssl.default-dh-param 2048
defaults
mode http
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
backend be1
server srv1 ${s1_addr}:${s1_port}
backend be2
server srv2 ${s2_addr}:${s2_port}
backend be3
server srv3 ${s3_addr}:${s3_port}
frontend fe1
option httplog
log ${S1_addr}:${S1_port} len 2048 local0 debug err
bind "fd@${fe1}" ssl crt ${testdir}/common.pem
use_backend be1
frontend fe2
option tcplog
bind "fd@${fe2}" ssl crt ${testdir}/common.pem
use_backend be2
frontend fe3
option httplog
bind "fd@${fe3}" ssl crt ${testdir}/common.pem
use_backend be3
} -start
syslog S2 -level notice {
recv
expect ~ "[^:\\[ ]\\[${h2_pid}\\]: Health check for server be2/srv1 succeeded, reason: Layer7 check passed.+code: 200.+check duration: [[:digit:]]+ms, status: 1/1 UP."
} -start
syslog S4 -level notice {
recv
expect ~ "[^:\\[ ]\\[${h2_pid}\\]: Health check for server be4/srv2 succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP."
} -start
syslog S6 -level notice {
recv
expect ~ "[^:\\[ ]\\[${h2_pid}\\]: Health check for server be6/srv3 succeeded, reason: Layer7 check passed.+code: 200.+check duration: [[:digit:]]+ms, status: 1/1 UP."
} -start
haproxy h2 -conf {
global
tune.ssl.default-dh-param 2048
defaults
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
default-server downinter 1s inter 500 rise 1 fall 1
backend be2
option log-health-checks
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
log ${S2_addr}:${S2_port} daemon
server srv1 ${h1_fe1_addr}:${h1_fe1_port} ssl crt ${testdir}/common.pem verify none check
backend be4
option log-health-checks
log ${S4_addr}:${S4_port} daemon
server srv2 ${h1_fe2_addr}:${h1_fe2_port} ssl crt ${testdir}/common.pem verify none check-ssl check
backend be6
option log-health-checks
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
log ${S6_addr}:${S6_port} daemon
server srv3 127.0.0.1:80 crt ${testdir}/common.pem verify none check check-ssl port ${h1_fe3_port} addr ${h1_fe3_addr}:80
} -start
syslog S1 -wait
syslog S2 -wait
syslog S4 -wait
syslog S6 -wait
Reference in New Issue View Git Blame Copy Permalink