Content Cache Charm

Merge ~hloeung/content-cache-charm:master into content-cache-charm:master

  1. Git
  2. lp:~hloeung/content-cache-charm
  3. master
  4. Merge into master
Proposed by Haw Loeung
Status: Merged
Approved by: Haw Loeung
Approved revision: 7d3dec5ae404b4db32d11d65cb1114c5ac532031
Merged at revision: cc8cc0a95958ba26a89f2d4b56fba481669c88e8
Proposed branch: ~hloeung/content-cache-charm:master
Merge into: content-cache-charm:master
Diff against target: 286 lines (+84/-7)
13 files modified
lib/haproxy.py (+29/-5)
reactive/content_cache.py (+4/-0)
tests/unit/files/config_test_config.txt (+5/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output.txt (+1/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output3.txt (+1/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt (+1/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt (+1/-1)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt (+14/-0)
tests/unit/files/haproxy_config_rendered_test_output.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_test_output2.txt (+1/-0)
tests/unit/test_haproxy.py (+24/-0)
Reviewer Review Type Date Requested Status
Stuart Bishop (community) Approve
Content Cache Charmers Pending
Review via email: mp+388637@code.launchpad.net

Commit message

Allow specifying default site - LP:1863170

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Stuart Bishop (stub) wrote :

This all seems good.

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision cc8cc0a95958ba26a89f2d4b56fba481669c88e8

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/lib/haproxy.py b/lib/haproxy.py
2index 1d5721e..6516216 100644
3--- a/lib/haproxy.py
4+++ b/lib/haproxy.py
5@@ -77,6 +77,9 @@ class HAProxyConf:
6 # We use a different flag/config here so it's only enabled
7 # on the HTTP, and not the HTTPS, stanza.
8 new['0.0.0.0:80'][site_name] = {'enable-redirect-http-to-https': True}
9+ if 'default' in config[site]:
10+ new['0.0.0.0:80'][site_name]['default'] = config[site]['default']
11+
12 port = config[site].get('port', default_port)
13 name = '{}:{}'.format(listen_address, port)
14 new.setdefault(name, {})
15@@ -98,11 +101,11 @@ class HAProxyConf:
16 new[name][new_site]['port'] = port
17 return new
18
19- def render_stanza_listen(self, config):
20+ def render_stanza_listen(self, config): # NOQA: C901
21 listen_stanza = """
22 listen {name}
23 {bind_config}
24-{backend_config}"""
25+{backend_config}{default_backend}"""
26 backend_conf = '{indent}use_backend backend-{backend} if {{ hdr(Host) -i {site_name} }}\n'
27 redirect_conf = '{indent}redirect scheme https code 301 if {{ hdr(Host) -i {site_name} }} !{{ ssl_fc }}\n'
28
29@@ -116,10 +119,12 @@ listen {name}
30 (address, port) = utils.ip_addr_port_split(address_port)
31
32 backend_config = []
33+ default_backend = ''
34 tls_cert_bundle_paths = []
35 redirect_http_to_https = False
36 for site, site_conf in config[address_port].items():
37 site_name = site_conf.get('site-name', site)
38+ default_site = site_conf.get('default', False)
39 redirect_http_to_https = site_conf.get('enable-redirect-http-to-https', False)
40
41 if len(config[address_port].keys()) == 1:
42@@ -138,11 +143,19 @@ listen {name}
43 # HTTP -> HTTPS redirect
44 if redirect_http_to_https:
45 backend_config.append(redirect_conf.format(site_name=site_name, indent=INDENT))
46+ if default_site:
47+ default_backend = "{indent}redirect prefix https://{site_name}\n".format(
48+ site_name=site_name, indent=INDENT
49+ )
50 else:
51 backend_name = self._generate_stanza_name(
52 site_conf.get('locations', {}).get('backend-name') or site
53 )
54 backend_config.append(backend_conf.format(backend=backend_name, site_name=site_name, indent=INDENT))
55+ if default_site:
56+ default_backend = "{indent}default_backend backend-{backend}\n".format(
57+ backend=backend_name, indent=INDENT
58+ )
59
60 tls_config = ''
61 if tls_cert_bundle_paths:
62@@ -151,8 +164,15 @@ listen {name}
63 alpn_protos = 'h2,http/1.1'
64 tls_config = ' ssl {} alpn {}'.format(certs, alpn_protos)
65
66- if len(backend_config) == 1 and not redirect_http_to_https:
67- backend_config = ['{indent}default_backend backend-{backend}\n'.format(backend=name, indent=INDENT)]
68+ if len(backend_config) == 1:
69+ if redirect_http_to_https:
70+ backend_config = []
71+ default_backend = "{indent}redirect prefix https://{site_name}\n".format(
72+ site_name=site_name, indent=INDENT
73+ )
74+ else:
75+ backend_config = []
76+ default_backend = "{indent}default_backend backend-{backend}\n".format(backend=name, indent=INDENT)
77
78 bind_config = '{indent}bind {address_port}{tls}'.format(
79 address_port=address_port, tls=tls_config, indent=INDENT
80@@ -162,7 +182,11 @@ listen {name}
81 bind_config += '\n{indent}bind :::{port}{tls}'.format(port=port, tls=tls_config, indent=INDENT)
82
83 output = listen_stanza.format(
84- name=name, backend_config=''.join(backend_config), bind_config=bind_config, indent=INDENT,
85+ name=name,
86+ backend_config=''.join(backend_config),
87+ bind_config=bind_config,
88+ default_backend=default_backend,
89+ indent=INDENT,
90 )
91 rendered_output.append(output)
92
93diff --git a/reactive/content_cache.py b/reactive/content_cache.py
94index e5967a8..fc6b637 100644
95--- a/reactive/content_cache.py
96+++ b/reactive/content_cache.py
97@@ -227,6 +227,10 @@ def configure_haproxy(): # NOQA: C901 LP#1825084
98 cached_site = 'cached-{}'.format(site)
99 new_conf[cached_site] = {'site-name': site_conf.get('site-name') or site, 'locations': {}}
100
101+ default_site = site_conf.get('default')
102+ if default_site:
103+ new_conf[cached_site]['default'] = default_site
104+
105 default_port = 80
106 tls_cert_bundle_path = site_conf.get('tls-cert-bundle-path')
107 if tls_cert_bundle_path:
108diff --git a/tests/unit/files/config_test_config.txt b/tests/unit/files/config_test_config.txt
109index fb0e4fb..25d69c9 100644
110--- a/tests/unit/files/config_test_config.txt
111+++ b/tests/unit/files/config_test_config.txt
112@@ -12,6 +12,8 @@ site1.local:
113 - X-Origin-Key: Sae6oob2aethuosh
114 - X-Some-Header-1: something one two three
115 - X-Some-Header-2: something:one:two:three
116+ # Test multiple default sites, last one wins.
117+ default: True
118
119 # Test 2: TLS/SSL as well as backends (HTTPS), with custom backend-maxconn
120 site2.local:
121@@ -33,9 +35,12 @@ site2.local:
122 /my-local-content2/:
123 extra-config:
124 - root /var/www/html
125+ # Test default site with only a single backend.
126+ default: True
127
128 # Test 3: No port, just backends (HTTP), with custom cache-maxconn
129 site3.local:
130+ default: True
131 locations:
132 /:
133 backends:
134diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
135index 357f5bd..d6f703b 100644
136--- a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
137+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
138@@ -77,6 +77,7 @@ listen combined-80
139 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }
140 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }
141 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }
142+ default_backend backend-cached-site3-local
143
144 listen site1-local
145 bind 127.0.0.1:8080
146diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt
147index 017645d..c82bf5c 100644
148--- a/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt
149+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt
150@@ -70,7 +70,7 @@ listen stats
151 listen redirect-site1-local
152 bind 0.0.0.0:80
153 bind :::80
154- redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
155+ redirect prefix https://site1.local
156
157 listen cached-site1-local
158 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
159diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
160index 472b1f8..151a1d4 100644
161--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
162+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
163@@ -77,6 +77,7 @@ listen combined-80
164 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }
165 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }
166 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }
167+ default_backend backend-cached-site3-local
168
169 listen site1-local
170 bind 127.0.0.1:8080
171diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
172index ab7d065..77106e2 100644
173--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
174+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
175@@ -78,6 +78,7 @@ listen combined-80
176 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }
177 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }
178 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }
179+ default_backend backend-cached-site3-local
180
181 listen site1-local
182 bind 127.0.0.1:8080
183diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt
184index c86468b..6a0b4a4 100644
185--- a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt
186+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt
187@@ -9,6 +9,7 @@ listen combined-80
188 use_backend backend-site5 if { hdr(Host) -i site5.local }
189 use_backend backend-site6-local if { hdr(Host) -i site6.local }
190 use_backend backend-site9-local if { hdr(Host) -i site9.local }
191+ default_backend backend-site3-local
192
193 listen site2-local
194 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1
195diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt
196index b84b56e..2e12427 100644
197--- a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt
198+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt
199@@ -2,7 +2,7 @@
200 listen redirect-site1-local
201 bind 0.0.0.0:80
202 bind :::80
203- redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
204+ redirect prefix https://site1.local
205
206 listen site1-local
207 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
208diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
209new file mode 100644
210index 0000000..e2614b3
211--- /dev/null
212+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
213@@ -0,0 +1,14 @@
214+
215+listen combined-80
216+ bind 0.0.0.0:80
217+ bind :::80
218+ redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
219+ redirect scheme https code 301 if { hdr(Host) -i site2.local } !{ ssl_fc }
220+ redirect prefix https://site2.local
221+
222+listen combined-443
223+ bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
224+ bind :::443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
225+ use_backend backend-site1-local if { hdr(Host) -i site1.local }
226+ use_backend backend-site2-local if { hdr(Host) -i site2.local }
227+ default_backend backend-site2-local
228diff --git a/tests/unit/files/haproxy_config_rendered_test_output.txt b/tests/unit/files/haproxy_config_rendered_test_output.txt
229index 7e9dff0..8b98792 100644
230--- a/tests/unit/files/haproxy_config_rendered_test_output.txt
231+++ b/tests/unit/files/haproxy_config_rendered_test_output.txt
232@@ -78,6 +78,7 @@ listen combined-80
233 use_backend backend-site5 if { hdr(Host) -i site5.local }
234 use_backend backend-site6-local if { hdr(Host) -i site6.local }
235 use_backend backend-site9-local if { hdr(Host) -i site9.local }
236+ default_backend backend-site3-local
237
238 listen site2-local
239 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1
240diff --git a/tests/unit/files/haproxy_config_rendered_test_output2.txt b/tests/unit/files/haproxy_config_rendered_test_output2.txt
241index d9ee515..d0efd57 100644
242--- a/tests/unit/files/haproxy_config_rendered_test_output2.txt
243+++ b/tests/unit/files/haproxy_config_rendered_test_output2.txt
244@@ -78,6 +78,7 @@ listen combined-80
245 use_backend backend-site5 if { hdr(Host) -i site5.local }
246 use_backend backend-site6-local if { hdr(Host) -i site6.local }
247 use_backend backend-site9-local if { hdr(Host) -i site9.local }
248+ default_backend backend-site3-local
249
250 listen site2-local
251 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1
252diff --git a/tests/unit/test_haproxy.py b/tests/unit/test_haproxy.py
253index cac29ca..9fc9604 100644
254--- a/tests/unit/test_haproxy.py
255+++ b/tests/unit/test_haproxy.py
256@@ -104,6 +104,30 @@ class TestLibHAProxy(unittest.TestCase):
257 want = f.read()
258 self.assertEqual(''.join(haproxy.render_stanza_listen(config)), want)
259
260+ def test_haproxy_config_rendered_listen_stanzas_redirect_default_site(self):
261+ haproxy = HAProxy.HAProxyConf(self.tmpdir)
262+ config = {
263+ 'site1.local': {
264+ 'locations': {'/': {'backends': ['192.168.1.1:8080']}},
265+ 'port': 443,
266+ 'redirect-http-to-https': True,
267+ 'site-name': 'site1.local',
268+ 'tls-cert-bundle-path': '/var/lib/haproxy/certs',
269+ },
270+ 'site2.local': {
271+ 'default': True,
272+ 'locations': {'/': {'backends': ['192.168.1.1:8080']}},
273+ 'port': 443,
274+ 'redirect-http-to-https': True,
275+ 'site-name': 'site2.local',
276+ 'tls-cert-bundle-path': '/var/lib/haproxy/certs',
277+ },
278+ }
279+ output = 'tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt'
280+ with open(output, 'r', encoding='utf-8') as f:
281+ want = f.read()
282+ self.assertEqual(''.join(haproxy.render_stanza_listen(config)), want)
283+
284 @freezegun.freeze_time("2019-03-22", tz_offset=0)
285 def test_haproxy_config_rendered_backend_stanzas(self):
286 haproxy = HAProxy.HAProxyConf(self.tmpdir)

Subscribers

People subscribed via source and target branches