Content Cache Charm

Merge ~hloeung/content-cache-charm:master into content-cache-charm:master

  1. Git
  2. lp:~hloeung/content-cache-charm
  3. master
  4. Merge into master
Proposed by Haw Loeung
Status: Merged
Approved by: Tom Haddon
Approved revision: b274f7d4d4151212a5a9fa3752312d87f398c7b3
Merged at revision: 687d6d03ad15df2a82145e9744a202f11ec3d3f3
Proposed branch: ~hloeung/content-cache-charm:master
Merge into: content-cache-charm:master
Diff against target: 40 lines (+14/-1)
2 files modified
lib/haproxy.py (+11/-0)
tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt (+3/-1)
Reviewer Review Type Date Requested Status
Tom Haddon Approve
Canonical IS Reviewers Pending
Review via email: mp+388792@code.launchpad.net

Commit message

Fix default site being a redirect

Description of the change

HAProxy processes redirects before any backend configs (use_backend or
default_backend). With this, the 'use_backend' line in the example
below is never used:

| listen combined-80
| bind 0.0.0.0:80
| bind :::80
| redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
| use_backend backend-site2-http if { hdr(Host) -i site2.local }
| redirect prefix https://site3.local

So any requests for site2.local will always hit the redirect
prefix. Instead, we need to create a new backend with the redirect
rule like so:

| listen combined-80
| bind 0.0.0.0:80
| bind :::80
| redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
| use_backend backend-site2-http if { hdr(Host) -i site2.local }
| default backend-default-site
|
| backend backend-default-site
| redirect prefix https://site3.local

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Tom Haddon (mthaddon) wrote :

Is there any risk of collision here since you've got a function called render_stanza_listen that was previously only rendering listen stanzas but can now potentially also render a "backend" stanza in this case?

review: Needs Information
Revision history for this message
Tom Haddon (mthaddon) wrote :

I think it's okay, because the render_stanza_backend is always rendering them as `backend backend-{name}` whereas this is using `backend default-redirect-site-{port}`.

Revision history for this message
Tom Haddon (mthaddon) wrote :

LGTM, thx

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 687d6d03ad15df2a82145e9744a202f11ec3d3f3

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/lib/haproxy.py b/lib/haproxy.py
2index bc77f62..15088f5 100644
3--- a/lib/haproxy.py
4+++ b/lib/haproxy.py
5@@ -181,6 +181,17 @@ listen {name}
6 if address == '0.0.0.0':
7 bind_config += '\n{indent}bind :::{port}{tls}'.format(port=port, tls=tls_config, indent=INDENT)
8
9+ # Redirects are always processed before use_backends so we
10+ # need to convert default redirect sites to a backend.
11+ if len(backend_config) > 1 and default_backend.startswith("{indent}redirect prefix".format(indent=INDENT)):
12+ backend_name = self._generate_stanza_name("default-redirect-{}".format(name), exclude=stanza_names)
13+ output = "backend {}\n".format(backend_name) + default_backend
14+ default_backend = "{indent}default_backend {backend_name}\n".format(
15+ backend_name=backend_name, indent=INDENT
16+ )
17+ rendered_output.append(output)
18+ stanza_names.append(backend_name)
19+
20 output = listen_stanza.format(
21 name=name,
22 backend_config=''.join(backend_config),
23diff --git a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
24index e2614b3..d7d3110 100644
25--- a/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
26+++ b/tests/unit/files/haproxy_config_rendered_listen_stanzas_test_output3.txt
27@@ -1,10 +1,12 @@
28+backend default-redirect-combined-80
29+ redirect prefix https://site2.local
30
31 listen combined-80
32 bind 0.0.0.0:80
33 bind :::80
34 redirect scheme https code 301 if { hdr(Host) -i site1.local } !{ ssl_fc }
35 redirect scheme https code 301 if { hdr(Host) -i site2.local } !{ ssl_fc }
36- redirect prefix https://site2.local
37+ default_backend default-redirect-combined-80
38
39 listen combined-443
40 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1

Subscribers

People subscribed via source and target branches