Content Cache Charm

Merge ~hloeung/content-cache-charm:haproxy-config into content-cache-charm:master

  1. Git
  2. lp:~hloeung/content-cache-charm
  3. haproxy-config
  4. Merge into master
Proposed by Haw Loeung
Status: Merged
Approved by: Haw Loeung
Approved revision: c17e8d3cd7b5353229271d0fcd9a36905c0e7c66
Merged at revision: 2d4a14b89bcc54f23f067b95a5dd53f084f6ff46
Proposed branch: ~hloeung/content-cache-charm:haproxy-config
Merge into: content-cache-charm:master
Diff against target: 274 lines (+68/-15)
14 files modified
lib/haproxy.py (+3/-0)
reactive/content_cache.py (+5/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output.txt (+1/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt (+1/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt (+1/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output_override_backend_site.txt (+24/-4)
tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt (+1/-1)
tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt (+1/-1)
tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt (+1/-1)
tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output3.txt (+6/-0)
tests/unit/files/haproxy_config_rendered_test_output.txt (+1/-1)
tests/unit/files/haproxy_config_rendered_test_output2.txt (+1/-1)
tests/unit/test_content_cache.py (+10/-1)
tests/unit/test_haproxy.py (+12/-1)
Reviewer Review Type Date Requested Status
James Simpson Approve
Canonical IS Reviewers Pending
Review via email: mp+440466@code.launchpad.net

Commit message

Fix to use backend-path for backend checks if defined

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
James Simpson (jsimpso) wrote :

LGTM

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 2d4a14b89bcc54f23f067b95a5dd53f084f6ff46

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/lib/haproxy.py b/lib/haproxy.py
2index 8a7a637..be91db4 100644
3--- a/lib/haproxy.py
4+++ b/lib/haproxy.py
5@@ -261,6 +261,9 @@ backend backend-{name}
6 maxconn = loc_conf.get('backend-maxconn', 200)
7 method = loc_conf.get('backend-check-method', 'HEAD')
8 path = loc_conf.get('backend-check-path', '/')
9+ if path.startswith('/'):
10+ path = path[1:]
11+ path = os.path.join(loc_conf.get('backend-path', '/'), path)
12 signed_url_hmac_key = loc_conf.get('signed-url-hmac-key')
13 if signed_url_hmac_key:
14 expiry_time = utils.never_expires_time()
15diff --git a/reactive/content_cache.py b/reactive/content_cache.py
16index 4516e5a..4a81b89 100644
17--- a/reactive/content_cache.py
18+++ b/reactive/content_cache.py
19@@ -359,7 +359,7 @@ def configure_haproxy(): # NOQA: C901 LP#1825084
20
21 new_cached_loc_conf['signed-url-hmac-key'] = loc_conf.get('signed-url-hmac-key')
22 # Pass through selected backend location configs, if defined.
23- for key in ('site-name', 'backend-inter-time', 'backend-site-name', 'backend-tls'):
24+ for key in ('site-name', 'backend-inter-time', 'backend-path', 'backend-site-name', 'backend-tls'):
25 if key in loc_conf:
26 new_loc_conf[key] = loc_conf[key]
27 # No 'backend-tls' provided so let's try work out automatically.
28@@ -475,6 +475,10 @@ def configure_nagios():
29 # Backend proxy layer check; no token needs to be passed here as it's
30 # stripped by the cache layer.
31 check_name = utils.generate_nagios_check_name(nagios_name, 'site', 'backend_proxy')
32+ # We also need to use the backend-path if present.
33+ if path.startswith('/'):
34+ path = path[1:]
35+ path = os.path.join(loc_conf.get('backend-path', '/'), path)
36 cmd = (
37 '/usr/lib/nagios/plugins/check_http -I 127.0.0.1 -H {site_name} -p {backend_port}'
38 ' -j {method} -u {path}'.format(
39diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
40index e27c5f5..1cd9a4c 100644
41--- a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
42+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
43@@ -240,7 +240,7 @@ backend backend-site5
44 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
45
46 backend backend-site5-2
47- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
48+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
49 http-request set-header Host site5.local
50 option redispatch 1
51 balance leastconn
52diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
53index 3a7c3ee..f35b48a 100644
54--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
55+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
56@@ -240,7 +240,7 @@ backend backend-site5
57 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
58
59 backend backend-site5-2
60- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
61+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
62 http-request set-header Host site5.local
63 option redispatch 1
64 balance leastconn
65diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt
66index 4c5d2c6..5542295 100644
67--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt
68+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt
69@@ -240,7 +240,7 @@ backend backend-site5
70 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
71
72 backend backend-site5-2
73- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
74+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
75 http-request set-header Host site5.local
76 option redispatch 1
77 balance roundrobin
78diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_override_backend_site.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_override_backend_site.txt
79index 7120c9f..2d4cf0b 100644
80--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_override_backend_site.txt
81+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_override_backend_site.txt
82@@ -1,6 +1,6 @@
83 global
84 nbthread 4
85- maxconn 16384
86+ maxconn 24576
87 log /dev/log local0
88 log /dev/log local1 notice
89 chroot /var/lib/haproxy
90@@ -36,7 +36,7 @@ global
91 # requires ~200 bytes so on a host with say 32 CPUs, 10 sites,
92 # each with 2000 max conns will only consume around 122 Mbytes
93 # (32 * 10 * 2000 * 200), which is not much.
94- tune.ssl.cachesize 16384
95+ tune.ssl.cachesize 24576
96
97 defaults
98 log global
99@@ -78,17 +78,23 @@ listen stats
100 stats refresh 3
101
102
103-listen cached-site1-local
104+listen combined-443
105 bind 0.0.0.0:443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
106 bind :::443 ssl crt /var/lib/haproxy/certs alpn h2,http/1.1
107 capture request header X-Cache-Request-ID len 60
108- default_backend backend-cached-site1-local
109+ use_backend backend-cached-site1-local if { hdr(Host) -i site1.local }
110+ use_backend backend-cached-site2-local if { hdr(Host) -i site2.local }
111
112 listen site1-local
113 bind 127.0.0.1:8080
114 capture request header X-Cache-Request-ID len 60
115 default_backend backend-site1-local
116
117+listen site2-local
118+ bind 127.0.0.1:8081
119+ capture request header X-Cache-Request-ID len 60
120+ default_backend backend-site2-local
121+
122 backend backend-cached-site1-local
123 option httpchk GET /_status/content-cache-check HTTP/1.1\r\nHost:\ site1.local\r\nUser-Agent:\ haproxy/httpchk
124 http-request set-header Host site1.local
125@@ -102,3 +108,17 @@ backend backend-site1-local
126 option redispatch 1
127 balance leastconn
128 server server_1 10.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 200 ssl sni str(objectstorage.ps5.internal) check-sni objectstorage.ps5.internal verify required ca-file ca-certificates.crt
129+
130+backend backend-cached-site2-local
131+ option httpchk GET /_status/content-cache-check HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
132+ http-request set-header Host site2.local
133+ http-request set-header X-Forwarded-For %[src]
134+ balance leastconn
135+ server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 200
136+
137+backend backend-site2-local
138+ option httpchk HEAD /swift/v1/AUTH_aabbccdd001122/mybucket/index.html HTTP/1.1\r\nHost:\ objectstorage.ps5.internal\r\nUser-Agent:\ haproxy/httpchk
139+ http-request set-header Host objectstorage.ps5.internal
140+ option redispatch 1
141+ balance leastconn
142+ server server_1 10.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 200 ssl sni str(objectstorage.ps5.internal) check-sni objectstorage.ps5.internal verify required ca-file ca-certificates.crt
143diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
144index edcf968..6a51f8a 100644
145--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
146+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
147@@ -241,7 +241,7 @@ backend backend-site5
148 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
149
150 backend backend-site5-2
151- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
152+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
153 http-request set-header Host site5.local
154 option redispatch 1
155 balance leastconn
156diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt
157index f9e5f97..e1735fc 100644
158--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt
159+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt
160@@ -244,7 +244,7 @@ backend backend-site5
161 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
162
163 backend backend-site5-2
164- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
165+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
166 http-request set-header Host site5.local
167 retry-on all-retryable-errors
168 option redispatch 1
169diff --git a/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt b/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt
170index dd90319..ace8cc4 100644
171--- a/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt
172+++ b/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt
173@@ -32,7 +32,7 @@ backend backend-site5
174 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
175
176 backend backend-site5-2
177- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
178+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
179 http-request set-header Host site5.local
180 balance leastconn
181 server server_1 127.0.1.11:80 check inter 5s rise 2 fall 5 maxconn 200
182diff --git a/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output3.txt b/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output3.txt
183index c50f39e..fa5df40 100644
184--- a/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output3.txt
185+++ b/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output3.txt
186@@ -4,3 +4,9 @@ backend backend-site1-local
187 http-request set-header Host objectstorage.ps5.internal
188 balance leastconn
189 server server_1 10.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 200 ssl sni str(objectstorage.ps5.internal) check-sni objectstorage.ps5.internal verify required ca-file ca-certificates.crt alpn h2,http/1.1 check-alpn http/1.1
190+
191+backend backend-site2-local
192+ option httpchk HEAD /swift/v1/AUTH_aabbccdd001122/mybucket/index.html HTTP/1.1\r\nHost:\ objectstorage.ps5.internal\r\nUser-Agent:\ haproxy/httpchk
193+ http-request set-header Host objectstorage.ps5.internal
194+ balance leastconn
195+ server server_1 10.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 200 ssl sni str(objectstorage.ps5.internal) check-sni objectstorage.ps5.internal verify required ca-file ca-certificates.crt alpn h2,http/1.1 check-alpn http/1.1
196diff --git a/tests/unit/files/haproxy_config_rendered_test_output.txt b/tests/unit/files/haproxy_config_rendered_test_output.txt
197index ce982ea..a101eb0 100644
198--- a/tests/unit/files/haproxy_config_rendered_test_output.txt
199+++ b/tests/unit/files/haproxy_config_rendered_test_output.txt
200@@ -141,7 +141,7 @@ backend backend-site5
201 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
202
203 backend backend-site5-2
204- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
205+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
206 http-request set-header Host site5.local
207 balance leastconn
208 server server_1 127.0.1.11:80 check inter 5s rise 2 fall 5 maxconn 200
209diff --git a/tests/unit/files/haproxy_config_rendered_test_output2.txt b/tests/unit/files/haproxy_config_rendered_test_output2.txt
210index 1149b85..a8f0cb6 100644
211--- a/tests/unit/files/haproxy_config_rendered_test_output2.txt
212+++ b/tests/unit/files/haproxy_config_rendered_test_output2.txt
213@@ -141,7 +141,7 @@ backend backend-site5
214 server server_1 127.0.1.10:80 check inter 5s rise 2 fall 5 maxconn 200
215
216 backend backend-site5-2
217- option httpchk HEAD / HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
218+ option httpchk HEAD /auth-check/ HTTP/1.1\r\nHost:\ site5.local\r\nUser-Agent:\ haproxy/httpchk
219 http-request set-header Host site5.local
220 balance leastconn
221 server server_1 127.0.1.11:80 check inter 5s rise 2 fall 5 maxconn 200
222diff --git a/tests/unit/test_content_cache.py b/tests/unit/test_content_cache.py
223index 9dd21b7..feba416 100644
224--- a/tests/unit/test_content_cache.py
225+++ b/tests/unit/test_content_cache.py
226@@ -491,6 +491,15 @@ site1.local:
227 backend-tls: true
228 backends: ['10.0.1.10:443']
229 tls-cert-bundle-path: /var/lib/haproxy/certs
230+site2.local:
231+ locations:
232+ /:
233+ backend-check-path: '/index.html'
234+ backend-path: '/swift/v1/AUTH_aabbccdd001122/mybucket/'
235+ backend-site-name: 'objectstorage.ps5.internal'
236+ backend-tls: true
237+ backends: ['10.0.1.10:443']
238+ tls-cert-bundle-path: /var/lib/haproxy/certs
239 '''
240 self.mock_config.return_value = {'haproxy_hard_stop_after': '15m', 'max_connections': 8192, 'sites': config}
241 with mock.patch('lib.haproxy.HAProxyConf.conf_file', new_callable=mock.PropertyMock) as mock_conf_file:
242@@ -864,7 +873,7 @@ site1.local:
243 mock.call(
244 shortname='site_site5_auth_backend_proxy',
245 description='site5 backend proxy check',
246- check_cmd='/usr/lib/nagios/plugins/check_http -I 127.0.0.1 -H site5.local -p 8084 -j HEAD -u /auth',
247+ check_cmd='/usr/lib/nagios/plugins/check_http -I 127.0.0.1 -H site5.local -p 8084 -j HEAD -u /auth-check/auth', # NOQA: E501
248 ),
249 ]
250 nrpe_instance_mock.add_check.assert_has_calls(want, any_order=True)
251diff --git a/tests/unit/test_haproxy.py b/tests/unit/test_haproxy.py
252index 66ba6e7..e690f2d 100644
253--- a/tests/unit/test_haproxy.py
254+++ b/tests/unit/test_haproxy.py
255@@ -174,7 +174,18 @@ class TestLibHAProxy(unittest.TestCase):
256 'backends': ['10.0.1.10:443'],
257 }
258 }
259- }
260+ },
261+ 'site2.local': {
262+ 'locations': {
263+ '/': {
264+ 'backend-check-path': '/index.html',
265+ 'backend-path': '/swift/v1/AUTH_aabbccdd001122/mybucket/',
266+ 'backend-site-name': 'objectstorage.ps5.internal',
267+ 'backend-tls': True,
268+ 'backends': ['10.0.1.10:443'],
269+ }
270+ }
271+ },
272 }
273 output = 'tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output3.txt'
274 with open(output, 'r', encoding='utf-8') as f:

Subscribers

People subscribed via source and target branches