Merge ~hloeung/content-cache-charm:master into content-cache-charm:master
- Git
- lp:~hloeung/content-cache-charm
- master
- Merge into master
Proposed by
Haw Loeung
Status: | Merged |
---|---|
Approved by: | Haw Loeung |
Approved revision: | 539437892786c3e687ea2f7a9bc999e0fba1c12d |
Merged at revision: | 67f7f1384a4c1f788d2117dc31c377cc29a2051e |
Proposed branch: | ~hloeung/content-cache-charm:master |
Merge into: | content-cache-charm:master |
Prerequisite: | ~hloeung/content-cache-charm:haproxy-config |
Diff against target: |
392 lines (+317/-3) 5 files modified
config.yaml (+6/-0) lib/haproxy.py (+9/-2) reactive/content_cache.py (+6/-1) tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt (+267/-0) tests/unit/test_content_cache.py (+29/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Joel Sing (community) | +1 | Approve | |
Barry Price | Approve | ||
Review via email: mp+390519@code.launchpad.net |
Commit message
Allow overriding default load balancing algorithm used by HAProxy - LP:1891263
Description of the change
To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote : | # |
Revision history for this message
Barry Price (barryprice) wrote : | # |
We could consider adding safety checks to handle a typo or just a plain wrong setting via the haproxy_
On the other hand, if an operator is determined to break things, there's only so much the charms can do to prevent this. Other than that, LGTM - approving on that basis.
review:
Approve
Revision history for this message
Joel Sing (jsing) wrote : | # |
LGTM, minor comments inline.
review:
Approve
(+1)
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote : | # |
Change successfully merged at revision 67f7f1384a4c1f7
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/config.yaml b/config.yaml | |||
2 | index 12560a6..e634fe2 100644 | |||
3 | --- a/config.yaml | |||
4 | +++ b/config.yaml | |||
5 | @@ -45,6 +45,12 @@ options: | |||
6 | 45 | description: > | 45 | description: > |
7 | 46 | Tune HAProxy's hard-stop-after to prevent lingering HAProxy processes | 46 | Tune HAProxy's hard-stop-after to prevent lingering HAProxy processes |
8 | 47 | (LP:1874386). | 47 | (LP:1874386). |
9 | 48 | haproxy_load_balancing_algorithm: | ||
10 | 49 | default: "leastconn" | ||
11 | 50 | type: string | ||
12 | 51 | description: > | ||
13 | 52 | Change the load balancing algorithm used by HAProxy for the | ||
14 | 53 | backends. | ||
15 | 48 | haproxy_processes: | 54 | haproxy_processes: |
16 | 49 | default: 0 | 55 | default: 0 |
17 | 50 | type: int | 56 | type: int |
18 | diff --git a/lib/haproxy.py b/lib/haproxy.py | |||
19 | index c3f3a76..cdb5721 100644 | |||
20 | --- a/lib/haproxy.py | |||
21 | +++ b/lib/haproxy.py | |||
22 | @@ -11,15 +11,21 @@ from lib import utils | |||
23 | 11 | 11 | ||
24 | 12 | 12 | ||
25 | 13 | HAPROXY_BASE_PATH = '/etc/haproxy' | 13 | HAPROXY_BASE_PATH = '/etc/haproxy' |
26 | 14 | HAPROXY_LOAD_BALANCING_ALGORITHM = 'leastconn' | ||
27 | 14 | INDENT = ' ' * 4 | 15 | INDENT = ' ' * 4 |
28 | 15 | TLS_CIPHER_SUITES = 'ECDHE+AESGCM:ECDHE+AES256:ECDHE+AES128:!SSLv3:!TLSv1' | 16 | TLS_CIPHER_SUITES = 'ECDHE+AESGCM:ECDHE+AES256:ECDHE+AES128:!SSLv3:!TLSv1' |
29 | 16 | 17 | ||
30 | 17 | 18 | ||
31 | 18 | class HAProxyConf: | 19 | class HAProxyConf: |
33 | 19 | def __init__(self, conf_path=HAPROXY_BASE_PATH, max_connections=0, hard_stop_after='5m'): | 20 | def __init__( |
34 | 21 | self, conf_path=HAPROXY_BASE_PATH, max_connections=0, hard_stop_after='5m', load_balancing_algorithm=None | ||
35 | 22 | ): | ||
36 | 20 | self._conf_path = conf_path | 23 | self._conf_path = conf_path |
37 | 21 | self.max_connections = int(max_connections) | 24 | self.max_connections = int(max_connections) |
38 | 22 | self.hard_stop_after = hard_stop_after | 25 | self.hard_stop_after = hard_stop_after |
39 | 26 | self.load_balancing_algorithm = HAPROXY_LOAD_BALANCING_ALGORITHM | ||
40 | 27 | if load_balancing_algorithm: | ||
41 | 28 | self.load_balancing_algorithm = load_balancing_algorithm | ||
42 | 23 | 29 | ||
43 | 24 | @property | 30 | @property |
44 | 25 | def conf_path(self): | 31 | def conf_path(self): |
45 | @@ -212,7 +218,7 @@ listen {name} | |||
46 | 212 | backend backend-{name} | 218 | backend backend-{name} |
47 | 213 | {options}{indent}{httpchk} | 219 | {options}{indent}{httpchk} |
48 | 214 | {indent}http-request set-header Host {site_name} | 220 | {indent}http-request set-header Host {site_name} |
50 | 215 | {indent}balance leastconn | 221 | {indent}balance {load_balancing_algorithm} |
51 | 216 | {backends} | 222 | {backends} |
52 | 217 | """ | 223 | """ |
53 | 218 | rendered_output = [] | 224 | rendered_output = [] |
54 | @@ -293,6 +299,7 @@ backend backend-{name} | |||
55 | 293 | site=site, | 299 | site=site, |
56 | 294 | site_name=site_name, | 300 | site_name=site_name, |
57 | 295 | httpchk=httpchk, | 301 | httpchk=httpchk, |
58 | 302 | load_balancing_algorithm=self.load_balancing_algorithm, | ||
59 | 296 | backends='\n'.join(backend_confs), | 303 | backends='\n'.join(backend_confs), |
60 | 297 | options=options, | 304 | options=options, |
61 | 298 | indent=INDENT, | 305 | indent=INDENT, |
62 | diff --git a/reactive/content_cache.py b/reactive/content_cache.py | |||
63 | index 5b15f8a..5d4460b 100644 | |||
64 | --- a/reactive/content_cache.py | |||
65 | +++ b/reactive/content_cache.py | |||
66 | @@ -208,7 +208,12 @@ def configure_haproxy(): # NOQA: C901 LP#1825084 | |||
67 | 208 | 208 | ||
68 | 209 | max_connections = config.get('max_connections', 0) | 209 | max_connections = config.get('max_connections', 0) |
69 | 210 | hard_stop_after = config.get('haproxy_hard_stop_after') | 210 | hard_stop_after = config.get('haproxy_hard_stop_after') |
71 | 211 | haproxy = HAProxy.HAProxyConf(max_connections=max_connections, hard_stop_after=hard_stop_after) | 211 | load_balancing_algorithm = config.get('haproxy_load_balancing_algorithm') |
72 | 212 | haproxy = HAProxy.HAProxyConf( | ||
73 | 213 | max_connections=max_connections, | ||
74 | 214 | hard_stop_after=hard_stop_after, | ||
75 | 215 | load_balancing_algorithm=load_balancing_algorithm, | ||
76 | 216 | ) | ||
77 | 212 | sites_secrets = secrets_from_config(config.get('sites_secrets')) | 217 | sites_secrets = secrets_from_config(config.get('sites_secrets')) |
78 | 213 | blacklist_ports = [int(x.strip()) for x in config.get('blacklist_ports', '').split(',') if x.strip()] | 218 | blacklist_ports = [int(x.strip()) for x in config.get('blacklist_ports', '').split(',') if x.strip()] |
79 | 214 | sites = sites_from_config(config.get('sites'), sites_secrets, blacklist_ports=blacklist_ports) | 219 | sites = sites_from_config(config.get('sites'), sites_secrets, blacklist_ports=blacklist_ports) |
80 | diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt | |||
81 | 215 | new file mode 100644 | 220 | new file mode 100644 |
82 | index 0000000..b0c6370 | |||
83 | --- /dev/null | |||
84 | +++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt | |||
85 | @@ -0,0 +1,267 @@ | |||
86 | 1 | global | ||
87 | 2 | nbthread 4 | ||
88 | 3 | maxconn 106496 | ||
89 | 4 | log /dev/log local0 | ||
90 | 5 | log /dev/log local1 notice | ||
91 | 6 | chroot /var/lib/haproxy | ||
92 | 7 | stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners | ||
93 | 8 | stats timeout 30s | ||
94 | 9 | user haproxy | ||
95 | 10 | group haproxy | ||
96 | 11 | daemon | ||
97 | 12 | |||
98 | 13 | # LP#1874386: Work around lingering HAProxy processes as per LP:1874386 | ||
99 | 14 | # and kill them off. | ||
100 | 15 | hard-stop-after 15m | ||
101 | 16 | |||
102 | 17 | # Default SSL material locations | ||
103 | 18 | ca-base /etc/ssl/certs | ||
104 | 19 | crt-base /etc/ssl/private | ||
105 | 20 | |||
106 | 21 | # Default ciphers to use on SSL-enabled listening sockets. | ||
107 | 22 | # For more information, see ciphers(1SSL). This list is from: | ||
108 | 23 | # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ | ||
109 | 24 | # An alternative list with additional directives can be obtained from | ||
110 | 25 | # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy | ||
111 | 26 | ssl-default-bind-ciphers ECDHE+AESGCM:ECDHE+AES256:ECDHE+AES128:!SSLv3:!TLSv1 | ||
112 | 27 | ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 | ||
113 | 28 | # We'll eventually disable DHE (LP#1825321), but for now, bump DH params | ||
114 | 29 | tune.ssl.default-dh-param 2048 | ||
115 | 30 | |||
116 | 31 | # Increase the SSL/TLS session cache from the default 20k. But | ||
117 | 32 | # rather than hardcode values, let's just set it to match | ||
118 | 33 | # global_max_connections (which by default is calculated using | ||
119 | 34 | # num. of CPU cores and num. of configured sites). Each entry | ||
120 | 35 | # requires ~200 bytes so on a host with say 32 CPUs, 10 sites, | ||
121 | 36 | # each with 2000 max conns will only consume around 122 Mbytes | ||
122 | 37 | # (32 * 10 * 2000 * 200), which is not much. | ||
123 | 38 | tune.ssl.cachesize 106496 | ||
124 | 39 | |||
125 | 40 | defaults | ||
126 | 41 | log global | ||
127 | 42 | maxconn 8192 | ||
128 | 43 | mode http | ||
129 | 44 | option httplog | ||
130 | 45 | option dontlognull | ||
131 | 46 | timeout connect 5s | ||
132 | 47 | timeout client 50s | ||
133 | 48 | timeout server 50s | ||
134 | 49 | errorfile 400 /etc/haproxy/errors/400.http | ||
135 | 50 | errorfile 403 /etc/haproxy/errors/403.http | ||
136 | 51 | errorfile 408 /etc/haproxy/errors/408.http | ||
137 | 52 | errorfile 500 /etc/haproxy/errors/500.http | ||
138 | 53 | errorfile 502 /etc/haproxy/errors/502.http | ||
139 | 54 | errorfile 503 /etc/haproxy/errors/503.http | ||
140 | 55 | errorfile 504 /etc/haproxy/errors/504.http | ||
141 | 56 | |||
142 | 57 | resolvers dns | ||
143 | 58 | nameserver dns1 127.0.0.53:53 | ||
144 | 59 | resolve_retries 3 | ||
145 | 60 | timeout resolve 3s | ||
146 | 61 | timeout retry 3s | ||
147 | 62 | accepted_payload_size 8192 | ||
148 | 63 | |||
149 | 64 | listen stats | ||
150 | 65 | bind 127.0.0.1:10000 | ||
151 | 66 | acl allowed_cidr src 127.0.0.0/8 | ||
152 | 67 | http-request deny unless allowed_cidr | ||
153 | 68 | |||
154 | 69 | mode http | ||
155 | 70 | stats enable | ||
156 | 71 | stats uri / | ||
157 | 72 | stats realm Haproxy\ Statistics | ||
158 | 73 | stats auth haproxy:biometricsarenotsecret | ||
159 | 74 | stats refresh 3 | ||
160 | 75 | |||
161 | 76 | |||
162 | 77 | listen combined-80 | ||
163 | 78 | bind 0.0.0.0:80 | ||
164 | 79 | bind :::80 | ||
165 | 80 | redirect scheme https code 301 if { hdr(Host) -i site2.local } !{ ssl_fc } | ||
166 | 81 | use_backend backend-cached-site1-local if { hdr(Host) -i site1.local } | ||
167 | 82 | use_backend backend-cached-site3-local if { hdr(Host) -i site3.local } | ||
168 | 83 | use_backend backend-cached-site4-local if { hdr(Host) -i site4.local } | ||
169 | 84 | use_backend backend-cached-site5 if { hdr(Host) -i site5.local } | ||
170 | 85 | use_backend backend-cached-site6-local if { hdr(Host) -i site6.local } | ||
171 | 86 | use_backend backend-cached-site9-local if { hdr(Host) -i site9.local } | ||
172 | 87 | default_backend backend-cached-site3-local | ||
173 | 88 | |||
174 | 89 | listen site1-local | ||
175 | 90 | bind 127.0.0.1:8080 | ||
176 | 91 | default_backend backend-site1-local | ||
177 | 92 | |||
178 | 93 | listen cached-site2-local | ||
179 | 94 | bind 0.0.0.0:443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1 | ||
180 | 95 | bind :::443 ssl crt /etc/haproxy/site2-bundle.crt alpn h2,http/1.1 | ||
181 | 96 | default_backend backend-cached-site2-local | ||
182 | 97 | |||
183 | 98 | listen site2-local | ||
184 | 99 | bind 127.0.0.1:8081 | ||
185 | 100 | default_backend backend-site2-local | ||
186 | 101 | |||
187 | 102 | listen site3-local | ||
188 | 103 | bind 127.0.0.1:8082 | ||
189 | 104 | default_backend backend-site3-local | ||
190 | 105 | |||
191 | 106 | listen site5 | ||
192 | 107 | bind 127.0.0.1:8083 | ||
193 | 108 | default_backend backend-site5 | ||
194 | 109 | |||
195 | 110 | listen site5-2 | ||
196 | 111 | bind 127.0.0.1:8084 | ||
197 | 112 | default_backend backend-site5-2 | ||
198 | 113 | |||
199 | 114 | listen site6-local | ||
200 | 115 | bind 127.0.0.1:8085 | ||
201 | 116 | default_backend backend-site6-local | ||
202 | 117 | |||
203 | 118 | listen combined-444 | ||
204 | 119 | bind 0.0.0.0:444 ssl crt /etc/haproxy/site7-bundle.crt crt /etc/haproxy/site8-bundle.crt alpn h2,http/1.1 | ||
205 | 120 | bind :::444 ssl crt /etc/haproxy/site7-bundle.crt crt /etc/haproxy/site8-bundle.crt alpn h2,http/1.1 | ||
206 | 121 | use_backend backend-cached-site7-local if { hdr(Host) -i site7.local } | ||
207 | 122 | use_backend backend-cached-site8-local if { hdr(Host) -i site8.local } | ||
208 | 123 | |||
209 | 124 | listen site7-local | ||
210 | 125 | bind 127.0.0.1:8086 | ||
211 | 126 | default_backend backend-site7-local | ||
212 | 127 | |||
213 | 128 | listen site8-local | ||
214 | 129 | bind 127.0.0.1:8087 | ||
215 | 130 | default_backend backend-site8-local | ||
216 | 131 | |||
217 | 132 | listen site8-local-2 | ||
218 | 133 | bind 127.0.0.1:8088 | ||
219 | 134 | default_backend backend-site8-local-2 | ||
220 | 135 | |||
221 | 136 | listen site9-local | ||
222 | 137 | bind 127.0.0.1:8089 | ||
223 | 138 | default_backend backend-site9-local | ||
224 | 139 | |||
225 | 140 | backend backend-cached-site1-local | ||
226 | 141 | option forwardfor | ||
227 | 142 | option httpchk HEAD /?token=1861920000_f3e404e205ed44749e942d481f7a7bec57c5e78a HTTP/1.0\r\nHost:\ site1.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
228 | 143 | http-request set-header Host site1.local | ||
229 | 144 | balance roundrobin | ||
230 | 145 | server server_1 127.0.0.1:6080 check inter 2s rise 2 fall 60 maxconn 2048 | ||
231 | 146 | |||
232 | 147 | backend backend-site1-local | ||
233 | 148 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site1.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
234 | 149 | http-request set-header Host site1.local | ||
235 | 150 | balance roundrobin | ||
236 | 151 | server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
237 | 152 | server server_2 127.0.1.11:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
238 | 153 | server server_3 127.0.1.12:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
239 | 154 | |||
240 | 155 | backend backend-cached-site2-local | ||
241 | 156 | option forwardfor | ||
242 | 157 | option httpchk GET /check/ HTTP/1.0\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
243 | 158 | http-request set-header Host site2.local | ||
244 | 159 | balance roundrobin | ||
245 | 160 | server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 2048 | ||
246 | 161 | |||
247 | 162 | backend backend-site2-local | ||
248 | 163 | option httpchk GET /check/ HTTP/1.0\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
249 | 164 | http-request set-header Host site2.local | ||
250 | 165 | balance roundrobin | ||
251 | 166 | server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt | ||
252 | 167 | server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt | ||
253 | 168 | server server_3 127.0.1.12:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt | ||
254 | 169 | |||
255 | 170 | backend backend-cached-site3-local | ||
256 | 171 | option forwardfor | ||
257 | 172 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site3.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
258 | 173 | http-request set-header Host site3.local | ||
259 | 174 | balance roundrobin | ||
260 | 175 | server server_1 127.0.0.1:6082 check inter 2s rise 2 fall 60 maxconn 4096 | ||
261 | 176 | |||
262 | 177 | backend backend-site3-local | ||
263 | 178 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site3.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
264 | 179 | http-request set-header Host site3.local | ||
265 | 180 | balance roundrobin | ||
266 | 181 | server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
267 | 182 | server server_2 127.0.1.11:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
268 | 183 | server server_3 127.0.1.12:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
269 | 184 | |||
270 | 185 | backend backend-cached-site4-local | ||
271 | 186 | option forwardfor | ||
272 | 187 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site4.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
273 | 188 | http-request set-header Host site4.local | ||
274 | 189 | balance roundrobin | ||
275 | 190 | server server_1 127.0.0.1:6083 check inter 2s rise 2 fall 60 maxconn 2048 | ||
276 | 191 | |||
277 | 192 | backend backend-cached-site5 | ||
278 | 193 | option forwardfor | ||
279 | 194 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
280 | 195 | http-request set-header Host site5.local | ||
281 | 196 | balance roundrobin | ||
282 | 197 | server server_1 127.0.0.1:6084 check inter 2s rise 2 fall 60 maxconn 2048 | ||
283 | 198 | |||
284 | 199 | backend backend-site5 | ||
285 | 200 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
286 | 201 | http-request set-header Host site5.local | ||
287 | 202 | balance roundrobin | ||
288 | 203 | server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
289 | 204 | |||
290 | 205 | backend backend-site5-2 | ||
291 | 206 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
292 | 207 | http-request set-header Host site5.local | ||
293 | 208 | balance roundrobin | ||
294 | 209 | server server_1 127.0.1.11:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
295 | 210 | |||
296 | 211 | backend backend-cached-site6-local | ||
297 | 212 | option forwardfor | ||
298 | 213 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site6.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
299 | 214 | http-request set-header Host site6.local | ||
300 | 215 | balance roundrobin | ||
301 | 216 | server server_1 127.0.0.1:6085 check inter 2s rise 2 fall 60 maxconn 2048 | ||
302 | 217 | |||
303 | 218 | backend backend-site6-local | ||
304 | 219 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site6.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
305 | 220 | http-request set-header Host site6.local | ||
306 | 221 | balance roundrobin | ||
307 | 222 | server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 2048 ssl sni str(site6.local) check-sni site6.local verify required ca-file ca-certificates.crt | ||
308 | 223 | |||
309 | 224 | backend backend-cached-site7-local | ||
310 | 225 | option forwardfor | ||
311 | 226 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site7.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
312 | 227 | http-request set-header Host site7.local | ||
313 | 228 | balance roundrobin | ||
314 | 229 | server server_1 127.0.0.1:6086 check inter 2s rise 2 fall 60 maxconn 2048 | ||
315 | 230 | |||
316 | 231 | backend backend-site7-local | ||
317 | 232 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site7.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
318 | 233 | http-request set-header Host site7.local | ||
319 | 234 | balance roundrobin | ||
320 | 235 | server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
321 | 236 | |||
322 | 237 | backend backend-cached-site8-local | ||
323 | 238 | option forwardfor | ||
324 | 239 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site8.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
325 | 240 | http-request set-header Host site8.local | ||
326 | 241 | balance roundrobin | ||
327 | 242 | server server_1 127.0.0.1:6087 check inter 2s rise 2 fall 60 maxconn 2048 | ||
328 | 243 | |||
329 | 244 | backend backend-site8-local | ||
330 | 245 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site8.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
331 | 246 | http-request set-header Host site8.local | ||
332 | 247 | balance roundrobin | ||
333 | 248 | server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 2048 | ||
334 | 249 | |||
335 | 250 | backend backend-site8-local-2 | ||
336 | 251 | option httpchk HEAD / HTTP/1.0\r\nHost:\ auth.site8.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
337 | 252 | http-request set-header Host auth.site8.local | ||
338 | 253 | balance roundrobin | ||
339 | 254 | server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 2048 ssl sni str(auth.site8.local) check-sni auth.site8.local verify required ca-file ca-certificates.crt | ||
340 | 255 | |||
341 | 256 | backend backend-cached-site9-local | ||
342 | 257 | option forwardfor | ||
343 | 258 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site9.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
344 | 259 | http-request set-header Host site9.local | ||
345 | 260 | balance roundrobin | ||
346 | 261 | server server_1 127.0.0.1:6088 check inter 2s rise 2 fall 60 maxconn 2048 | ||
347 | 262 | |||
348 | 263 | backend backend-site9-local | ||
349 | 264 | option httpchk HEAD / HTTP/1.0\r\nHost:\ site9.local\r\nUser-Agent:\ haproxy/httpchk\r\nCache-Control:\ no-cache | ||
350 | 265 | http-request set-header Host site9.local | ||
351 | 266 | balance roundrobin | ||
352 | 267 | server server_1 127.0.1.15:80 check inter 1m rise 2 fall 5 maxconn 2048 | ||
353 | diff --git a/tests/unit/test_content_cache.py b/tests/unit/test_content_cache.py | |||
354 | index 3b62cbb..561cd53 100644 | |||
355 | --- a/tests/unit/test_content_cache.py | |||
356 | +++ b/tests/unit/test_content_cache.py | |||
357 | @@ -485,6 +485,35 @@ site1.local: | |||
358 | 485 | @freezegun.freeze_time("2019-03-22", tz_offset=0) | 485 | @freezegun.freeze_time("2019-03-22", tz_offset=0) |
359 | 486 | @mock.patch('charmhelpers.core.hookenv.opened_ports') | 486 | @mock.patch('charmhelpers.core.hookenv.opened_ports') |
360 | 487 | @mock.patch('charms.reactive.set_flag') | 487 | @mock.patch('charms.reactive.set_flag') |
361 | 488 | @mock.patch('reactive.content_cache.update_logrotate') | ||
362 | 489 | def test_configure_haproxy_sites_load_balancing_algorithm(self, logrotation, set_flag, opened_ports): | ||
363 | 490 | with open('tests/unit/files/config_test_config.txt', 'r', encoding='utf-8') as f: | ||
364 | 491 | config = f.read() | ||
365 | 492 | self.mock_config.return_value = { | ||
366 | 493 | 'haproxy_hard_stop_after': '15m', | ||
367 | 494 | 'haproxy_load_balancing_algorithm': 'roundrobin', | ||
368 | 495 | 'max_connections': 8192, | ||
369 | 496 | 'sites': config, | ||
370 | 497 | } | ||
371 | 498 | |||
372 | 499 | with mock.patch('lib.haproxy.HAProxyConf.conf_file', new_callable=mock.PropertyMock) as mock_conf_file: | ||
373 | 500 | mock_conf_file.return_value = os.path.join(self.tmpdir, 'haproxy.cfg') | ||
374 | 501 | opened_ports.return_value = ['443/tcp'] | ||
375 | 502 | content_cache.configure_haproxy() | ||
376 | 503 | |||
377 | 504 | with open( | ||
378 | 505 | 'tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt', | ||
379 | 506 | 'r', | ||
380 | 507 | encoding='utf-8', | ||
381 | 508 | ) as f: | ||
382 | 509 | want = f.read() | ||
383 | 510 | with open(os.path.join(self.tmpdir, 'haproxy.cfg'), 'r', encoding='utf-8') as f: | ||
384 | 511 | got = f.read() | ||
385 | 512 | self.assertEqual(got, want) | ||
386 | 513 | |||
387 | 514 | @freezegun.freeze_time("2019-03-22", tz_offset=0) | ||
388 | 515 | @mock.patch('charmhelpers.core.hookenv.opened_ports') | ||
389 | 516 | @mock.patch('charms.reactive.set_flag') | ||
390 | 488 | @mock.patch('lib.utils.package_version') | 517 | @mock.patch('lib.utils.package_version') |
391 | 489 | @mock.patch('reactive.content_cache.update_logrotate') | 518 | @mock.patch('reactive.content_cache.update_logrotate') |
392 | 490 | def test_configure_haproxy_processes_and_threads(self, logrotation, package_version, set_flag, opened_ports): | 519 | def test_configure_haproxy_processes_and_threads(self, logrotation, package_version, set_flag, opened_ports): |
This merge proposal is being monitored by mergebot. Change the status to Approved to merge.