Content Cache Charm

Merge ~hloeung/content-cache-charm:master into content-cache-charm:master

  1. Git
  2. lp:~hloeung/content-cache-charm
  3. master
  4. Merge into master
Proposed by Haw Loeung
Status: Merged
Approved by: Haw Loeung
Approved revision: 7d3dec5ae404b4db32d11d65cb1114c5ac532031
Merged at revision: cc8cc0a95958ba26a89f2d4b56fba481669c88e8
Proposed branch: ~hloeung/content-cache-charm:master
Merge into: content-cache-charm:master
Diff against target: 286 lines (+84/-7)
13 files modified
lib/haproxy.py (+29/-5)
reactive/content_cache.py (+4/-0)
tests/unit/files/config_test_config.txt (+5/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output.txt (+1/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output3.txt (+1/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt (+1/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt (+1/-1)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt (+14/-0)
tests/unit/files/haproxy_config_rendered_test_output.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_test_output2.txt (+1/-0)
tests/unit/test_haproxy.py (+24/-0)
Reviewer Review Type Date Requested Status
Stuart Bishop (community) Approve
Content Cache Charmers Pending
Review via email: mp+388637@code.launchpad.net

Commit message

Allow specifying default site - LP:1863170

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Stuart Bishop (stub) wrote :

This all seems good.

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision cc8cc0a95958ba26a89f2d4b56fba481669c88e8

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/lib/haproxy.py b/lib/haproxy.py
index 1d5721e..6516216 100644
--- a/lib/haproxy.py
+++ b/lib/haproxy.py
@@ -77,6 +77,9 @@ class HAProxyConf:
77 # We use a different flag/config here so it's only enabled77 # We use a different flag/config here so it's only enabled
78 # on the HTTP, and not the HTTPS, stanza.78 # on the HTTP, and not the HTTPS, stanza.
79 new['0.0.0.0:80'][site_name] = {'enable-redirect-http-to-https': True}79 new['0.0.0.0:80'][site_name] = {'enable-redirect-http-to-https': True}
80 if 'default' in config[site]:
81 new['0.0.0.0:80'][site_name]['default'] = config[site]['default']
82
80 port = config[site].get('port', default_port)83 port = config[site].get('port', default_port)
81 name = '{}:{}'.format(listen_address, port)84 name = '{}:{}'.format(listen_address, port)
82 new.setdefault(name, {})85 new.setdefault(name, {})
@@ -98,11 +101,11 @@ class HAProxyConf:
98 new[name][new_site]['port'] = port101 new[name][new_site]['port'] = port
99 return new102 return new
100103
101 def render_stanza_listen(self, config):104 def render_stanza_listen(self, config): # NOQA: C901
102 listen_stanza = """105 listen_stanza = """
103listen {name}106listen {name}
104{bind_config}107{bind_config}
105{backend_config}"""108{backend_config}{default_backend}"""
106 backend_conf = '{indent}use_backend backend-{backend} if {{ hdr(Host) -i {site_name} }}\n'109 backend_conf = '{indent}use_backend backend-{backend} if {{ hdr(Host) -i {site_name} }}\n'
107 redirect_conf = '{indent}redirect scheme https code 301 if {{ hdr(Host) -i {site_name} }} !{{ ssl_fc }}\n'110 redirect_conf = '{indent}redirect scheme https code 301 if {{ hdr(Host) -i {site_name} }} !{{ ssl_fc }}\n'
108111
@@ -116,10 +119,12 @@ listen {name}
116 (address, port) = utils.ip_addr_port_split(address_port)119 (address, port) = utils.ip_addr_port_split(address_port)
117120
118 backend_config = []121 backend_config = []
122 default_backend = ''
119 tls_cert_bundle_paths = []123 tls_cert_bundle_paths = []
120 redirect_http_to_https = False124 redirect_http_to_https = False
121 for site, site_conf in config[address_port].items():125 for site, site_conf in config[address_port].items():
122 site_name = site_conf.get('site-name', site)126 site_name = site_conf.get('site-name', site)
127 default_site = site_conf.get('default', False)
123 redirect_http_to_https = site_conf.get('enable-redirect-http-to-https', False)128 redirect_http_to_https = site_conf.get('enable-redirect-http-to-https', False)
124129
125 if len(config[address_port].keys()) == 1:130 if len(config[address_port].keys()) == 1:
@@ -138,11 +143,19 @@ listen {name}
138 # HTTP -> HTTPS redirect143 # HTTP -> HTTPS redirect
139 if redirect_http_to_https:144 if redirect_http_to_https:
140 backend_config.append(redirect_conf.format(site_name=site_name, indent=INDENT))145 backend_config.append(redirect_conf.format(site_name=site_name, indent=INDENT))
146 if default_site:
147 default_backend = "{indent}redirect prefix https://{site_name}\n".format(
148 site_name=site_name, indent=INDENT
149 )
141 else:150 else:
142 backend_name = self._generate_stanza_name(151 backend_name = self._generate_stanza_name(
143 site_conf.get('locations', {}).get('backend-name') or site152 site_conf.get('locations', {}).get('backend-name') or site
144 )153 )
145 backend_config.append(backend_conf.format(backend=backend_name, site_name=site_name, indent=INDENT))154 backend_config.append(backend_conf.format(backend=backend_name, site_name=site_name, indent=INDENT))
155 if default_site:
156 default_backend = "{indent}default_backend backend-{backend}\n".format(
157 backend=backend_name, indent=INDENT
158 )
146159
147 tls_config = ''160 tls_config = ''
148 if tls_cert_bundle_paths:161 if tls_cert_bundle_paths:
@@ -151,8 +164,15 @@ listen {name}
151 alpn_protos = 'h2,http/1.1'164 alpn_protos = 'h2,http/1.1'
152 tls_config = ' ssl {} alpn {}'.format(certs, alpn_protos)165 tls_config = ' ssl {} alpn {}'.format(certs, alpn_protos)
153166
154 if len(backend_config) == 1 and not redirect_http_to_https:167 if len(backend_config) == 1:
155 backend_config = ['{indent}default_backend backend-{backend}\n'.format(backend=name, indent=INDENT)]168 if redirect_http_to_https:
169 backend_config = []
170 default_backend = "{indent}redirect prefix https://{site_name}\n".format(
171 site_name=site_name, indent=INDENT
172 )
173 else:
174 backend_config = []
175 default_backend = "{indent}default_backend backend-{backend}\n".format(backend=name, indent=INDENT)
156176
157 bind_config = '{indent}bind {address_port}{tls}'.format(177 bind_config = '{indent}bind {address_port}{tls}'.format(
158 address_port=address_port, tls=tls_config, indent=INDENT178 address_port=address_port, tls=tls_config, indent=INDENT
@@ -162,7 +182,11 @@ listen {name}
162 bind_config += '\n{indent}bind :::{port}{tls}'.format(port=port, tls=tls_config, indent=INDENT)182 bind_config += '\n{indent}bind :::{port}{tls}'.format(port=port, tls=tls_config, indent=INDENT)
163183
164 output = listen_stanza.format(184 output = listen_stanza.format(
165 name=name, backend_config=''.join(backend_config), bind_config=bind_config, indent=INDENT,185 name=name,
186 backend_config=''.join(backend_config),
187 bind_config=bind_config,
188 default_backend=default_backend,
189 indent=INDENT,
166 )190 )
167 rendered_output.append(output)191 rendered_output.append(output)
168192
diff --git a/reactive/content_cache.py b/reactive/content_cache.py
index e5967a8..fc6b637 100644
--- a/reactive/content_cache.py
+++ b/reactive/content_cache.py
@@ -227,6 +227,10 @@ def configure_haproxy(): # NOQA: C901 LP#1825084
227 cached_site = 'cached-{}'.format(site)227 cached_site = 'cached-{}'.format(site)
228 new_conf[cached_site] = {'site-name': site_conf.get('site-name') or site, 'locations': {}}228 new_conf[cached_site] = {'site-name': site_conf.get('site-name') or site, 'locations': {}}
229229
230 default_site = site_conf.get('default')
231 if default_site:
232 new_conf[cached_site]['default'] = default_site
233
230 default_port = 80234 default_port = 80
231 tls_cert_bundle_path = site_conf.get('tls-cert-bundle-path')235 tls_cert_bundle_path = site_conf.get('tls-cert-bundle-path')
232 if tls_cert_bundle_path:236 if tls_cert_bundle_path:
diff --git a/tests/unit/files/config_test_config.txt b/tests/unit/files/config_test_config.txt
index fb0e4fb..25d69c9 100644
--- a/tests/unit/files/config_test_config.txt
+++ b/tests/unit/files/config_test_config.txt
@@ -12,6 +12,8 @@ site1.local:
12 - X-Origin-Key: Sae6oob2aethuosh12 - X-Origin-Key: Sae6oob2aethuosh
13 - X-Some-Header-1: something one two three13 - X-Some-Header-1: something one two three
14 - X-Some-Header-2: something:one:two:three14 - X-Some-Header-2: something:one:two:three
15 # Test multiple default sites, last one wins.
16 default: True
1517
16# Test 2: TLS/SSL as well as backends (HTTPS), with custom backend-maxconn18# Test 2: TLS/SSL as well as backends (HTTPS), with custom backend-maxconn
17site2.local:19site2.local:
@@ -33,9 +35,12 @@ site2.local:
33 /my-local-content2/:35 /my-local-content2/:
34 extra-config:36 extra-config:
35 - root /var/www/html37 - root /var/www/html
38 # Test default site with only a single backend.
39 default: True
3640
37# Test 3: No port, just backends (HTTP), with custom cache-maxconn41# Test 3: No port, just backends (HTTP), with custom cache-maxconn
38site3.local:42site3.local:
43 default: True
39 locations:44 locations:
40 /:45 /:
41 backends:46 backends:
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
index 357f5bd..d6f703b 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
@@ -77,6 +77,7 @@ listen combined-80
77 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }77 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }
78 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }78 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }
79 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }79 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }
80 default_backend backend-cached-site3-local
8081
81listen site1-local82listen site1-local
82 bind 127.0.0.1:808083 bind 127.0.0.1:8080
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt
index 017645d..c82bf5c 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output3.txt
@@ -70,7 +70,7 @@ listen stats
70listen redirect-site1-local70listen redirect-site1-local
71 bind 0.0.0.0:8071 bind 0.0.0.0:80
72 bind :::8072 bind :::80
73 redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }73 redirect prefix https://site1.local
7474
75listen cached-site1-local75listen cached-site1-local
76 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.176 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
index 472b1f8..151a1d4 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
@@ -77,6 +77,7 @@ listen combined-80
77 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }77 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }
78 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }78 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }
79 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }79 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }
80 default_backend backend-cached-site3-local
8081
81listen site1-local82listen site1-local
82 bind 127.0.0.1:808083 bind 127.0.0.1:8080
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
index ab7d065..77106e2 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
@@ -78,6 +78,7 @@ listen combined-80
78 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }78 use_backend backend-cached-site5 if { hdr(Host) -i site5.local }
79 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }79 use_backend backend-cached-site6-local if { hdr(Host) -i site6.local }
80 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }80 use_backend backend-cached-site9-local if { hdr(Host) -i site9.local }
81 default_backend backend-cached-site3-local
8182
82listen site1-local83listen site1-local
83 bind 127.0.0.1:808084 bind 127.0.0.1:8080
diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt
index c86468b..6a0b4a4 100644
--- a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt
+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output.txt
@@ -9,6 +9,7 @@ listen combined-80
9 use_backend backend-site5 if { hdr(Host) -i site5.local }9 use_backend backend-site5 if { hdr(Host) -i site5.local }
10 use_backend backend-site6-local if { hdr(Host) -i site6.local }10 use_backend backend-site6-local if { hdr(Host) -i site6.local }
11 use_backend backend-site9-local if { hdr(Host) -i site9.local }11 use_backend backend-site9-local if { hdr(Host) -i site9.local }
12 default_backend backend-site3-local
1213
13listen site2-local14listen site2-local
14 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.115 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1
diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt
index b84b56e..2e12427 100644
--- a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt
+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output2.txt
@@ -2,7 +2,7 @@
2listen redirect-site1-local2listen redirect-site1-local
3 bind 0.0.0.0:803 bind 0.0.0.0:80
4 bind :::804 bind :::80
5 redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }5 redirect prefix https://site1.local
66
7listen site1-local7listen site1-local
8 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.18 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
9new file mode 1006449new file mode 100644
index 0000000..e2614b3
--- /dev/null
+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
@@ -0,0 +1,14 @@
1
2listen combined-80
3 bind 0.0.0.0:80
4 bind :::80
5 redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
6 redirect scheme https code 301 if { hdr(Host) -i site2.local } !{ ssl_fc }
7 redirect prefix https://site2.local
8
9listen combined-443
10 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
11 bind :::443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
12 use_backend backend-site1-local if { hdr(Host) -i site1.local }
13 use_backend backend-site2-local if { hdr(Host) -i site2.local }
14 default_backend backend-site2-local
diff --git a/tests/unit/files/haproxy_config_rendered_test_output.txt b/tests/unit/files/haproxy_config_rendered_test_output.txt
index 7e9dff0..8b98792 100644
--- a/tests/unit/files/haproxy_config_rendered_test_output.txt
+++ b/tests/unit/files/haproxy_config_rendered_test_output.txt
@@ -78,6 +78,7 @@ listen combined-80
78 use_backend backend-site5 if { hdr(Host) -i site5.local }78 use_backend backend-site5 if { hdr(Host) -i site5.local }
79 use_backend backend-site6-local if { hdr(Host) -i site6.local }79 use_backend backend-site6-local if { hdr(Host) -i site6.local }
80 use_backend backend-site9-local if { hdr(Host) -i site9.local }80 use_backend backend-site9-local if { hdr(Host) -i site9.local }
81 default_backend backend-site3-local
8182
82listen site2-local83listen site2-local
83 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.184 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1
diff --git a/tests/unit/files/haproxy_config_rendered_test_output2.txt b/tests/unit/files/haproxy_config_rendered_test_output2.txt
index d9ee515..d0efd57 100644
--- a/tests/unit/files/haproxy_config_rendered_test_output2.txt
+++ b/tests/unit/files/haproxy_config_rendered_test_output2.txt
@@ -78,6 +78,7 @@ listen combined-80
78 use_backend backend-site5 if { hdr(Host) -i site5.local }78 use_backend backend-site5 if { hdr(Host) -i site5.local }
79 use_backend backend-site6-local if { hdr(Host) -i site6.local }79 use_backend backend-site6-local if { hdr(Host) -i site6.local }
80 use_backend backend-site9-local if { hdr(Host) -i site9.local }80 use_backend backend-site9-local if { hdr(Host) -i site9.local }
81 default_backend backend-site3-local
8182
82listen site2-local83listen site2-local
83 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.184 bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1
diff --git a/tests/unit/test_haproxy.py b/tests/unit/test_haproxy.py
index cac29ca..9fc9604 100644
--- a/tests/unit/test_haproxy.py
+++ b/tests/unit/test_haproxy.py
@@ -104,6 +104,30 @@ class TestLibHAProxy(unittest.TestCase):
104 want = f.read()104 want = f.read()
105 self.assertEqual(''.join(haproxy.render_stanza_listen(config)), want)105 self.assertEqual(''.join(haproxy.render_stanza_listen(config)), want)
106106
107 def test_haproxy_config_rendered_listen_stanzas_redirect_default_site(self):
108 haproxy = HAProxy.HAProxyConf(self.tmpdir)
109 config = {
110 'site1.local': {
111 'locations': {'/': {'backends': ['192.168.1.1:8080']}},
112 'port': 443,
113 'redirect-http-to-https': True,
114 'site-name': 'site1.local',
115 'tls-cert-bundle-path': '/var/lib/haproxy/certs',
116 },
117 'site2.local': {
118 'default': True,
119 'locations': {'/': {'backends': ['192.168.1.1:8080']}},
120 'port': 443,
121 'redirect-http-to-https': True,
122 'site-name': 'site2.local',
123 'tls-cert-bundle-path': '/var/lib/haproxy/certs',
124 },
125 }
126 output = 'tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt'
127 with open(output, 'r', encoding='utf-8') as f:
128 want = f.read()
129 self.assertEqual(''.join(haproxy.render_stanza_listen(config)), want)
130
107 @freezegun.freeze_time("2019-03-22", tz_offset=0)131 @freezegun.freeze_time("2019-03-22", tz_offset=0)
108 def test_haproxy_config_rendered_backend_stanzas(self):132 def test_haproxy_config_rendered_backend_stanzas(self):
109 haproxy = HAProxy.HAProxyConf(self.tmpdir)133 haproxy = HAProxy.HAProxyConf(self.tmpdir)

Subscribers

People subscribed via source and target branches