txpkgupload

Merge ~cjwatson/txpkgupload:charm-send-sftp-port into txpkgupload:master

  1. Git
  2. lp:~cjwatson/txpkgupload
  3. charm-send-sftp-port
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: 4429bb36df619ede77ff9e72761372c9e2a29ff0
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/txpkgupload:charm-send-sftp-port
Merge into: txpkgupload:master
Diff against target: 32 lines (+3/-4)
1 file modified
charm/txpkgupload/reactive/txpkgupload.py (+3/-4)
Reviewer Review Type Date Requested Status
Ines Almeida Approve
Review via email: mp+455549@code.launchpad.net

Commit message

charm: Tell haproxy to send to the SFTP port

Description of the change

The arrangements to use whatever port the client used are only actually necessary for FTP. On production, we're using iptables to redirect incoming traffic on port 22 to port 5022, and not specifying the port causes haproxy to send traffic to port 22 on the backend, which is not what we want to happen.

To post a comment you must log in.
Revision history for this message
Ines Almeida (ines-almeida) wrote :

Makes sense

review: Approve
Revision history for this message
Ines Almeida (ines-almeida) wrote :

Maybe we should add a little more information to the comment about why we want the haproxy using the same port as the request for the FTP case. A quick "This is necessary for passive FTP requests" should suffice

Revision history for this message
Colin Watson (cjwatson) wrote :

I didn't notice that comment before merging this, but I addressed it in https://code.launchpad.net/~cjwatson/txpkgupload/+git/txpkgupload/+merge/455553.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/charm/txpkgupload/reactive/txpkgupload.py b/charm/txpkgupload/reactive/txpkgupload.py
index 689aa90..ab13487 100644
--- a/charm/txpkgupload/reactive/txpkgupload.py
+++ b/charm/txpkgupload/reactive/txpkgupload.py
@@ -250,9 +250,6 @@ def configure_loadbalancer():
250 ftp_port = config["ftp_port"]250 ftp_port = config["ftp_port"]
251 sftp_port = config["sftp_port"]251 sftp_port = config["sftp_port"]
252252
253 # Note that we don't send specific ports for the services.servers list.
254 # Not setting a port makes the haproxy use the same port used in the
255 # client's request.
256 services = [253 services = [
257 {254 {
258 "service_name": "txpkgupload-ftp",255 "service_name": "txpkgupload-ftp",
@@ -263,6 +260,8 @@ def configure_loadbalancer():
263 [260 [
264 f"ftp_{unit_name}",261 f"ftp_{unit_name}",
265 unit_ip,262 unit_ip,
263 # Not setting a port makes haproxy use the same port
264 # used in the client's request.
266 "",265 "",
267 server_options.replace("{port}", str(ftp_port)),266 server_options.replace("{port}", str(ftp_port)),
268 ]267 ]
@@ -277,7 +276,7 @@ def configure_loadbalancer():
277 [276 [
278 f"sftp_{unit_name}",277 f"sftp_{unit_name}",
279 unit_ip,278 unit_ip,
280 "",279 sftp_port,
281 server_options.replace("{port}", str(sftp_port)),280 server_options.replace("{port}", str(sftp_port)),
282 ]281 ]
283 ],282 ],

Subscribers

People subscribed via source and target branches

to all changes: