From da76459dc21b5af2449af2d36eb95226cb186ce2 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 11:35:11 +0200 Subject: Adding upstream version 2.6.12. Signed-off-by: Daniel Baumann --- reg-tests/checks/1be_40srv_odd_health_checks.vtc | 117 ++++ reg-tests/checks/40be_2srv_odd_health_checks.vtc | 645 +++++++++++++++++++++ reg-tests/checks/4be_1srv_health_checks.vtc | 201 +++++++ .../4be_1srv_smtpchk_httpchk_layer47errors.vtc | 99 ++++ reg-tests/checks/agent-check.vtc | 42 ++ reg-tests/checks/common.pem | 1 + reg-tests/checks/http-check-expect.vtc | 64 ++ reg-tests/checks/http-check-send.vtc | 168 ++++++ reg-tests/checks/http-check.vtc | 157 +++++ reg-tests/checks/http-monitor-uri.vtc | 56 ++ reg-tests/checks/ldap-check.vtc | 96 +++ reg-tests/checks/mysql-check.vtc | 123 ++++ reg-tests/checks/pgsql-check.vtc | 93 +++ reg-tests/checks/redis-check.vtc | 61 ++ reg-tests/checks/smtp-check.vtc | 110 ++++ reg-tests/checks/spop-check.vtc | 94 +++ reg-tests/checks/ssl-hello-check.vtc | 76 +++ reg-tests/checks/tcp-check-ssl.vtc | 118 ++++ reg-tests/checks/tcp-check_min-recv.vtc | 68 +++ reg-tests/checks/tcp-check_multiple_ports.vtc | 48 ++ reg-tests/checks/tcp-checks-socks4.vtc | 61 ++ reg-tests/checks/tls_health_checks.vtc | 118 ++++ 22 files changed, 2616 insertions(+) create mode 100644 reg-tests/checks/1be_40srv_odd_health_checks.vtc create mode 100644 reg-tests/checks/40be_2srv_odd_health_checks.vtc create mode 100644 reg-tests/checks/4be_1srv_health_checks.vtc create mode 100644 reg-tests/checks/4be_1srv_smtpchk_httpchk_layer47errors.vtc create mode 100644 reg-tests/checks/agent-check.vtc create mode 120000 reg-tests/checks/common.pem create mode 100644 reg-tests/checks/http-check-expect.vtc create mode 100644 reg-tests/checks/http-check-send.vtc create mode 100644 reg-tests/checks/http-check.vtc create mode 100644 reg-tests/checks/http-monitor-uri.vtc create mode 100644 reg-tests/checks/ldap-check.vtc create mode 100644 reg-tests/checks/mysql-check.vtc create mode 100644 reg-tests/checks/pgsql-check.vtc create mode 100644 reg-tests/checks/redis-check.vtc create mode 100644 reg-tests/checks/smtp-check.vtc create mode 100644 reg-tests/checks/spop-check.vtc create mode 100644 reg-tests/checks/ssl-hello-check.vtc create mode 100644 reg-tests/checks/tcp-check-ssl.vtc create mode 100644 reg-tests/checks/tcp-check_min-recv.vtc create mode 100644 reg-tests/checks/tcp-check_multiple_ports.vtc create mode 100644 reg-tests/checks/tcp-checks-socks4.vtc create mode 100644 reg-tests/checks/tls_health_checks.vtc (limited to 'reg-tests/checks') diff --git a/reg-tests/checks/1be_40srv_odd_health_checks.vtc b/reg-tests/checks/1be_40srv_odd_health_checks.vtc new file mode 100644 index 0000000..d0f3be5 --- /dev/null +++ b/reg-tests/checks/1be_40srv_odd_health_checks.vtc @@ -0,0 +1,117 @@ +varnishtest "Health-checks: only for servers with 'check' set" +feature ignore_unknown_macro + +# This test start 40 servers in the same backend, named srv0 up to srv39. +# Only the odd servers have health-checks enabled. +# The first health-checks passed tests are checked for all these servers +# thanks to syslog messages. + +#REQUIRE_VERSION=2.4 +#EXCLUDE_TARGETS=freebsd +#REGTEST_TYPE=slow + +syslog S -repeat 20 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv([13579]|[123][13579]) succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP" +} -start + +server s0 {} -start +server s1 {} -start +server s2 {} -start +server s3 {} -start +server s4 {} -start +server s5 {} -start +server s6 {} -start +server s7 {} -start +server s8 {} -start +server s9 {} -start +server s10 {} -start +server s11 {} -start +server s12 {} -start +server s13 {} -start +server s14 {} -start +server s15 {} -start +server s16 {} -start +server s17 {} -start +server s18 {} -start +server s19 {} -start +server s20 {} -start +server s21 {} -start +server s22 {} -start +server s23 {} -start +server s24 {} -start +server s25 {} -start +server s26 {} -start +server s27 {} -start +server s28 {} -start +server s29 {} -start +server s30 {} -start +server s31 {} -start +server s32 {} -start +server s33 {} -start +server s34 {} -start +server s35 {} -start +server s36 {} -start +server s37 {} -start +server s38 {} -start +server s39 {} -start + +haproxy h1 -conf { + defaults + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + default-server no-check inter 200ms downinter 100ms rise 1 fall 1 + + backend be1 + option log-health-checks + log ${S_addr}:${S_port} daemon + server srv0 ${s0_addr}:${s0_port} + server srv1 ${s1_addr}:${s1_port} check + server srv2 ${s2_addr}:${s2_port} + server srv3 ${s3_addr}:${s3_port} check + server srv4 ${s4_addr}:${s4_port} + server srv5 ${s5_addr}:${s5_port} check + server srv6 ${s6_addr}:${s6_port} + server srv7 ${s7_addr}:${s7_port} check + server srv8 ${s8_addr}:${s8_port} + server srv9 ${s9_addr}:${s9_port} check + server srv10 ${s10_addr}:${s10_port} + server srv11 ${s11_addr}:${s11_port} check + server srv12 ${s12_addr}:${s12_port} + server srv13 ${s13_addr}:${s13_port} check + server srv14 ${s14_addr}:${s14_port} + server srv15 ${s15_addr}:${s15_port} check + server srv16 ${s16_addr}:${s16_port} + server srv17 ${s17_addr}:${s17_port} check + server srv18 ${s18_addr}:${s18_port} + server srv19 ${s19_addr}:${s19_port} check + server srv20 ${s20_addr}:${s20_port} + server srv21 ${s21_addr}:${s21_port} check + server srv22 ${s22_addr}:${s22_port} + server srv23 ${s23_addr}:${s23_port} check + server srv24 ${s24_addr}:${s24_port} + server srv25 ${s25_addr}:${s25_port} check + server srv26 ${s26_addr}:${s26_port} + server srv27 ${s27_addr}:${s27_port} check + server srv28 ${s28_addr}:${s28_port} + server srv29 ${s29_addr}:${s29_port} check + server srv30 ${s30_addr}:${s30_port} + server srv31 ${s31_addr}:${s31_port} check + server srv32 ${s32_addr}:${s32_port} + server srv33 ${s33_addr}:${s33_port} check + server srv34 ${s34_addr}:${s34_port} + server srv35 ${s35_addr}:${s35_port} check + server srv36 ${s36_addr}:${s36_port} + server srv37 ${s37_addr}:${s37_port} check + server srv38 ${s38_addr}:${s38_port} + server srv39 ${s39_addr}:${s39_port} check +} -start + +syslog S -wait + +haproxy h1 -cli { + send "show servers state" + expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl srv_check_port srv_check_addr srv_agent_addr srv_agent_port\n2 be1 1 srv0 ${s0_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s0_port} - 0 0 - - 0\n2 be1 2 srv1 ${s1_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s1_port} - 0 0 - - 0\n2 be1 3 srv2 ${s2_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s2_port} - 0 0 - - 0\n2 be1 4 srv3 ${s3_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s3_port} - 0 0 - - 0\n2 be1 5 srv4 ${s4_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s4_port} - 0 0 - - 0\n2 be1 6 srv5 ${s5_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s5_port} - 0 0 - - 0\n2 be1 7 srv6 ${s6_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s6_port} - 0 0 - - 0\n2 be1 8 srv7 ${s7_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s7_port} - 0 0 - - 0\n2 be1 9 srv8 ${s8_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s8_port} - 0 0 - - 0\n2 be1 10 srv9 ${s9_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s9_port} - 0 0 - - 0\n2 be1 11 srv10 ${s10_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s10_port} - 0 0 - - 0\n2 be1 12 srv11 ${s11_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s11_port} - 0 0 - - 0\n2 be1 13 srv12 ${s12_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s12_port} - 0 0 - - 0\n2 be1 14 srv13 ${s13_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s13_port} - 0 0 - - 0\n2 be1 15 srv14 ${s14_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s14_port} - 0 0 - - 0\n2 be1 16 srv15 ${s15_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s15_port} - 0 0 - - 0\n2 be1 17 srv16 ${s16_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s16_port} - 0 0 - - 0\n2 be1 18 srv17 ${s17_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s17_port} - 0 0 - - 0\n2 be1 19 srv18 ${s18_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s18_port} - 0 0 - - 0\n2 be1 20 srv19 ${s19_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s19_port} - 0 0 - - 0\n2 be1 21 srv20 ${s20_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s20_port} - 0 0 - - 0\n2 be1 22 srv21 ${s21_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s21_port} - 0 0 - - 0\n2 be1 23 srv22 ${s22_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s22_port} - 0 0 - - 0\n2 be1 24 srv23 ${s23_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s23_port} - 0 0 - - 0\n2 be1 25 srv24 ${s24_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s24_port} - 0 0 - - 0\n2 be1 26 srv25 ${s25_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s25_port} - 0 0 - - 0\n2 be1 27 srv26 ${s26_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s26_port} - 0 0 - - 0\n2 be1 28 srv27 ${s27_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s27_port} - 0 0 - - 0\n2 be1 29 srv28 ${s28_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s28_port} - 0 0 - - 0\n2 be1 30 srv29 ${s29_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s29_port} - 0 0 - - 0\n2 be1 31 srv30 ${s30_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s30_port} - 0 0 - - 0\n2 be1 32 srv31 ${s31_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s31_port} - 0 0 - - 0\n2 be1 33 srv32 ${s32_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s32_port} - 0 0 - - 0\n2 be1 34 srv33 ${s33_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s33_port} - 0 0 - - 0\n2 be1 35 srv34 ${s34_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s34_port} - 0 0 - - 0\n2 be1 36 srv35 ${s35_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s35_port} - 0 0 - - 0\n2 be1 37 srv36 ${s36_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s36_port} - 0 0 - - 0\n2 be1 38 srv37 ${s37_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s37_port} - 0 0 - - 0\n2 be1 39 srv38 ${s38_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s38_port} - 0 0 - - 0\n2 be1 40 srv39 ${s39_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s39_port} - 0 0 - - 0\n" +} + diff --git a/reg-tests/checks/40be_2srv_odd_health_checks.vtc b/reg-tests/checks/40be_2srv_odd_health_checks.vtc new file mode 100644 index 0000000..cbd4fc0 --- /dev/null +++ b/reg-tests/checks/40be_2srv_odd_health_checks.vtc @@ -0,0 +1,645 @@ +varnishtest "Health-checks" +feature ignore_unknown_macro + +#REQUIRE_VERSION=2.4 +#EXCLUDE_TARGETS=freebsd,osx,generic +#REGTEST_TYPE=slow + +# This script start 40 servers named s0 up to s39. +# For 0 <= i <= 19: +# - s(i) and s(i+1) belong to backend be(2*i+1), +# - fe(2*i+1) backend is configured to used be(2*i+1) backend. +# - only s(2*i+1) servers have health-checks enabled, +# - we start 20 clients named s(2*i+1) which connect to fe(2*i+1) frontend, +# - so that to ensure that health-checks do not consume any connection +# (any varnishtest server without -repeat with n > 1 accepts +# only one connection). +# - we take care of sending the clients to the unchecked servers using the +# "first" lb algo so that servers always receive a valid request + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv1 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv3 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S5 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be5/srv5 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S7 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be7/srv7 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S9 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be9/srv9 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S11 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be11/srv11 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S13 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be13/srv13 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S15 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be15/srv15 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S17 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be17/srv17 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S19 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be19/srv19 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S21 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be21/srv21 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S23 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be23/srv23 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S25 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be25/srv25 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S27 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be27/srv27 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S29 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be29/srv29 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S31 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be31/srv31 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S33 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be33/srv33 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S35 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be35/srv35 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S37 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be37/srv37 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +syslog S39 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be39/srv39 succeeded, reason: Layer4 check passed, check duration: [[:digit:]]+ms, status: 1/1 UP" +} -start + +server s0 { + rxreq + txresp +} -start + +server s2 { + rxreq + txresp +} -start + +server s4 { + rxreq + txresp +} -start + +server s6 { + rxreq + txresp +} -start + +server s8 { + rxreq + txresp +} -start + +server s10 { + rxreq + txresp +} -start + +server s12 { + rxreq + txresp +} -start + +server s14 { + rxreq + txresp +} -start + +server s16 { + rxreq + txresp +} -start + +server s18 { + rxreq + txresp +} -start + +server s20 { + rxreq + txresp +} -start + +server s22 { + rxreq + txresp +} -start + +server s24 { + rxreq + txresp +} -start + +server s26 { + rxreq + txresp +} -start + +server s28 { + rxreq + txresp +} -start + +server s30 { + rxreq + txresp +} -start + +server s32 { + rxreq + txresp +} -start + +server s34 { + rxreq + txresp +} -start + +server s36 { + rxreq + txresp +} -start + +server s38 { + rxreq + txresp +} -start + +server s1 {} -start +server s3 {} -start +server s5 {} -start +server s7 {} -start +server s9 {} -start +server s11 {} -start +server s13 {} -start +server s15 {} -start +server s17 {} -start +server s19 {} -start +server s21 {} -start +server s23 {} -start +server s25 {} -start +server s27 {} -start +server s29 {} -start +server s31 {} -start +server s33 {} -start +server s35 {} -start +server s37 {} -start +server s39 {} -start + +haproxy h1 -conf { + defaults + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + balance first + default-server no-check inter 20ms downinter 1s rise 1 fall 1 + + backend be1 + option log-health-checks + log ${S1_addr}:${S1_port} daemon + server srv0 ${s0_addr}:${s0_port} + server srv1 ${s1_addr}:${s1_port} check + + backend be3 + option log-health-checks + log ${S3_addr}:${S3_port} daemon + server srv2 ${s2_addr}:${s2_port} + server srv3 ${s3_addr}:${s3_port} check + + backend be5 + option log-health-checks + log ${S5_addr}:${S5_port} daemon + server srv4 ${s4_addr}:${s4_port} + server srv5 ${s5_addr}:${s5_port} check + + backend be7 + option log-health-checks + log ${S7_addr}:${S7_port} daemon + server srv6 ${s6_addr}:${s6_port} + server srv7 ${s7_addr}:${s7_port} check + + backend be9 + option log-health-checks + log ${S9_addr}:${S9_port} daemon + server srv8 ${s8_addr}:${s8_port} + server srv9 ${s9_addr}:${s9_port} check + + backend be11 + option log-health-checks + log ${S11_addr}:${S11_port} daemon + server srv10 ${s10_addr}:${s10_port} + server srv11 ${s11_addr}:${s11_port} check + + backend be13 + option log-health-checks + log ${S13_addr}:${S13_port} daemon + server srv12 ${s12_addr}:${s12_port} + server srv13 ${s13_addr}:${s13_port} check + + backend be15 + option log-health-checks + log ${S15_addr}:${S15_port} daemon + server srv14 ${s14_addr}:${s14_port} + server srv15 ${s15_addr}:${s15_port} check + + backend be17 + option log-health-checks + log ${S17_addr}:${S17_port} daemon + server srv16 ${s16_addr}:${s16_port} + server srv17 ${s17_addr}:${s17_port} check + + backend be19 + option log-health-checks + log ${S19_addr}:${S19_port} daemon + server srv18 ${s18_addr}:${s18_port} + server srv19 ${s19_addr}:${s19_port} check + + backend be21 + option log-health-checks + log ${S21_addr}:${S21_port} daemon + server srv20 ${s20_addr}:${s20_port} + server srv21 ${s21_addr}:${s21_port} check + + backend be23 + option log-health-checks + log ${S23_addr}:${S23_port} daemon + server srv22 ${s22_addr}:${s22_port} + server srv23 ${s23_addr}:${s23_port} check + + backend be25 + option log-health-checks + log ${S25_addr}:${S25_port} daemon + server srv24 ${s24_addr}:${s24_port} + server srv25 ${s25_addr}:${s25_port} check + + backend be27 + option log-health-checks + log ${S27_addr}:${S27_port} daemon + server srv26 ${s26_addr}:${s26_port} + server srv27 ${s27_addr}:${s27_port} check + + backend be29 + option log-health-checks + log ${S29_addr}:${S29_port} daemon + server srv28 ${s28_addr}:${s28_port} + server srv29 ${s29_addr}:${s29_port} check + + backend be31 + option log-health-checks + log ${S31_addr}:${S31_port} daemon + server srv30 ${s30_addr}:${s30_port} + server srv31 ${s31_addr}:${s31_port} check + + backend be33 + option log-health-checks + log ${S33_addr}:${S33_port} daemon + server srv32 ${s32_addr}:${s32_port} + server srv33 ${s33_addr}:${s33_port} check + + backend be35 + option log-health-checks + log ${S35_addr}:${S35_port} daemon + server srv34 ${s34_addr}:${s34_port} + server srv35 ${s35_addr}:${s35_port} check + + backend be37 + option log-health-checks + log ${S37_addr}:${S37_port} daemon + server srv36 ${s36_addr}:${s36_port} + server srv37 ${s37_addr}:${s37_port} check + + backend be39 + option log-health-checks + log ${S39_addr}:${S39_port} daemon + server srv38 ${s38_addr}:${s38_port} + server srv39 ${s39_addr}:${s39_port} check + + frontend fe1 + bind "fd@${fe1}" + use_backend be1 + + frontend fe3 + bind "fd@${fe3}" + use_backend be3 + + frontend fe5 + bind "fd@${fe5}" + use_backend be5 + + frontend fe7 + bind "fd@${fe7}" + use_backend be7 + + frontend fe9 + bind "fd@${fe9}" + use_backend be9 + + frontend fe11 + bind "fd@${fe11}" + use_backend be11 + + frontend fe13 + bind "fd@${fe13}" + use_backend be13 + + frontend fe15 + bind "fd@${fe15}" + use_backend be15 + + frontend fe17 + bind "fd@${fe17}" + use_backend be17 + + frontend fe19 + bind "fd@${fe19}" + use_backend be19 + + frontend fe21 + bind "fd@${fe21}" + use_backend be21 + + frontend fe23 + bind "fd@${fe23}" + use_backend be23 + + frontend fe25 + bind "fd@${fe25}" + use_backend be25 + + frontend fe27 + bind "fd@${fe27}" + use_backend be27 + + frontend fe29 + bind "fd@${fe29}" + use_backend be29 + + frontend fe31 + bind "fd@${fe31}" + use_backend be31 + + frontend fe33 + bind "fd@${fe33}" + use_backend be33 + + frontend fe35 + bind "fd@${fe35}" + use_backend be35 + + frontend fe37 + bind "fd@${fe37}" + use_backend be37 + + frontend fe39 + bind "fd@${fe39}" + use_backend be39 +} -start + +# This is a sort of synchronization: after having waited for all the syslog +# servers we are sure that all the health-checks have succeeded. +syslog S1 -wait +syslog S3 -wait +syslog S5 -wait +syslog S7 -wait +syslog S9 -wait +syslog S11 -wait +syslog S13 -wait +syslog S15 -wait +syslog S17 -wait +syslog S19 -wait +syslog S21 -wait +syslog S23 -wait +syslog S25 -wait +syslog S27 -wait +syslog S29 -wait +syslog S31 -wait +syslog S33 -wait +syslog S35 -wait +syslog S37 -wait +syslog S39 -wait + +client c1 -connect ${h1_fe1_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c3 -connect ${h1_fe3_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c5 -connect ${h1_fe5_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c7 -connect ${h1_fe7_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c9 -connect ${h1_fe9_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c11 -connect ${h1_fe11_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c13 -connect ${h1_fe13_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c15 -connect ${h1_fe15_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c17 -connect ${h1_fe17_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c19 -connect ${h1_fe19_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c21 -connect ${h1_fe21_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c23 -connect ${h1_fe23_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c25 -connect ${h1_fe25_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c27 -connect ${h1_fe27_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c29 -connect ${h1_fe29_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c31 -connect ${h1_fe31_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c33 -connect ${h1_fe33_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c35 -connect ${h1_fe35_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c37 -connect ${h1_fe37_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c39 -connect ${h1_fe39_sock} { + txreq + rxresp + expect resp.status == 200 +} -start + +client c1 -wait +client c3 -wait +client c5 -wait +client c7 -wait +client c9 -wait +client c11 -wait +client c13 -wait +client c15 -wait +client c17 -wait +client c19 -wait +client c21 -wait +client c23 -wait +client c25 -wait +client c27 -wait +client c29 -wait +client c31 -wait +client c33 -wait +client c35 -wait +client c37 -wait +client c39 -wait + +server s0 -wait +server s2 -wait +server s4 -wait +server s6 -wait +server s8 -wait +server s10 -wait +server s12 -wait +server s14 -wait +server s16 -wait +server s18 -wait +server s20 -wait +server s22 -wait +server s24 -wait +server s26 -wait +server s28 -wait +server s30 -wait +server s32 -wait +server s34 -wait +server s36 -wait +server s38 -wait + + +haproxy h1 -cli { + send "show servers state" + # output produced using the command below (warning, a bug inserts a "be0" every other line: + # for ((i=0;i<40;i++)); do id=$((i/2+2)); be=$((i|1)); si=$(((i&1)+1)); + # if ((i&1)); then chk="6 ([[:digit:]]+ ){3}"; else chk="1 0 1 0 ";fi; + # printf "%d be%d %d srv%d \${s%d_addr} 2 0 1 1 [[:digit:]]+ %s0 0 0 - \${s%d_port} - 0 0 - - 0\n" "$id" "$be" "$si" "$i" "$i" "$chk" "$i" "$i" ; + # done|grep -v be0|sed 's,$,\\n,'| tr -d '\n' + expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl srv_check_port srv_check_addr srv_agent_addr srv_agent_port\n2 be1 1 srv0 ${s0_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s0_port} - 0 0 - - 0\n2 be1 2 srv1 ${s1_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s1_port} - 0 0 - - 0\n3 be3 1 srv2 ${s2_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s2_port} - 0 0 - - 0\n3 be3 2 srv3 ${s3_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s3_port} - 0 0 - - 0\n4 be5 1 srv4 ${s4_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s4_port} - 0 0 - - 0\n4 be5 2 srv5 ${s5_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s5_port} - 0 0 - - 0\n5 be7 1 srv6 ${s6_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s6_port} - 0 0 - - 0\n5 be7 2 srv7 ${s7_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s7_port} - 0 0 - - 0\n6 be9 1 srv8 ${s8_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s8_port} - 0 0 - - 0\n6 be9 2 srv9 ${s9_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s9_port} - 0 0 - - 0\n7 be11 1 srv10 ${s10_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s10_port} - 0 0 - - 0\n7 be11 2 srv11 ${s11_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s11_port} - 0 0 - - 0\n8 be13 1 srv12 ${s12_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s12_port} - 0 0 - - 0\n8 be13 2 srv13 ${s13_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s13_port} - 0 0 - - 0\n9 be15 1 srv14 ${s14_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s14_port} - 0 0 - - 0\n9 be15 2 srv15 ${s15_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s15_port} - 0 0 - - 0\n10 be17 1 srv16 ${s16_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s16_port} - 0 0 - - 0\n10 be17 2 srv17 ${s17_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s17_port} - 0 0 - - 0\n11 be19 1 srv18 ${s18_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s18_port} - 0 0 - - 0\n11 be19 2 srv19 ${s19_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s19_port} - 0 0 - - 0\n12 be21 1 srv20 ${s20_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s20_port} - 0 0 - - 0\n12 be21 2 srv21 ${s21_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s21_port} - 0 0 - - 0\n13 be23 1 srv22 ${s22_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s22_port} - 0 0 - - 0\n13 be23 2 srv23 ${s23_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s23_port} - 0 0 - - 0\n14 be25 1 srv24 ${s24_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s24_port} - 0 0 - - 0\n14 be25 2 srv25 ${s25_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s25_port} - 0 0 - - 0\n15 be27 1 srv26 ${s26_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s26_port} - 0 0 - - 0\n15 be27 2 srv27 ${s27_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s27_port} - 0 0 - - 0\n16 be29 1 srv28 ${s28_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s28_port} - 0 0 - - 0\n16 be29 2 srv29 ${s29_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s29_port} - 0 0 - - 0\n17 be31 1 srv30 ${s30_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s30_port} - 0 0 - - 0\n17 be31 2 srv31 ${s31_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s31_port} - 0 0 - - 0\n18 be33 1 srv32 ${s32_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s32_port} - 0 0 - - 0\n18 be33 2 srv33 ${s33_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s33_port} - 0 0 - - 0\n19 be35 1 srv34 ${s34_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s34_port} - 0 0 - - 0\n19 be35 2 srv35 ${s35_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s35_port} - 0 0 - - 0\n20 be37 1 srv36 ${s36_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s36_port} - 0 0 - - 0\n20 be37 2 srv37 ${s37_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s37_port} - 0 0 - - 0\n21 be39 1 srv38 ${s38_addr} 2 0 1 1 [[:digit:]]+ 1 0 1 0 0 0 0 - ${s38_port} - 0 0 - - 0\n21 be39 2 srv39 ${s39_addr} 2 0 1 1 [[:digit:]]+ 6 ([[:digit:]]+ ){3}0 0 0 - ${s39_port} - 0 0 - - 0\n" +} + diff --git a/reg-tests/checks/4be_1srv_health_checks.vtc b/reg-tests/checks/4be_1srv_health_checks.vtc new file mode 100644 index 0000000..88b631a --- /dev/null +++ b/reg-tests/checks/4be_1srv_health_checks.vtc @@ -0,0 +1,201 @@ +varnishtest "Health-check test" +feature ignore_unknown_macro + +#REQUIRE_VERSION=2.4 +#EXCLUDE_TARGETS=freebsd +#REGTEST_TYPE=slow + +# This script test health-checks for four backends with one server by backend. +# A syslog server is attached to each backend to check the syslog messages +# in the righ order. + +# First, we check a health-check has passed for all the servers thanks to the syslog +# messages. Then each server is disabled. The health-check status are checked. +# Then each server is re-enabled. Finally health-check status +# verifications for each server terminate the execution of this script. + +# Note that the CLI is synchronized with the syslog servers so that +# to be sure to receive the passed health-checks status messages before +# disabling the servers. Same thing, when we check that the servers are down +# before enabling the servers. + +# Cyclic barrier to synchronize the CLI with the syslog servers +barrier b1 cond 5 -cyclic + +# These servers are there only for the health-check test. +server s1 { +} -start + +server s2 { +} -start + +server s3 { +} -start + +server s4 { +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv1 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP" + barrier b1 sync + recv alert + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Server be1/srv1 is going DOWN for maintenance. 0 active and 0 backup servers left. [01] sessions active, 0 requeued, 0 remaining in queue." + recv emerg + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: backend be1 has no server available!" + barrier b1 sync + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: (Server be1/srv1 is UP/READY \\(leaving forced maintenance\\).|Health check for server be1/srv1 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP)" + barrier b1 sync +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv2 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP" + barrier b1 sync + recv alert + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Server be2/srv2 is going DOWN for maintenance. 0 active and 0 backup servers left. [01] sessions active, 0 requeued, 0 remaining in queue." + recv emerg + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: backend be2 has no server available!" + barrier b1 sync + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: (Server be2/srv2 is UP/READY \\(leaving forced maintenance\\).|Health check for server be2/srv2 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP)" + barrier b1 sync +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv3 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP" + barrier b1 sync + recv alert + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Server be3/srv3 is going DOWN for maintenance. 0 active and 0 backup servers left. [01] sessions active, 0 requeued, 0 remaining in queue." + recv emerg + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: backend be3 has no server available!" + barrier b1 sync + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: (Server be3/srv3 is UP/READY \\(leaving forced maintenance\\).|Health check for server be3/srv3 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP)" + barrier b1 sync +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv4 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP" + barrier b1 sync + recv alert + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Server be4/srv4 is going DOWN for maintenance. 0 active and 0 backup servers left. [01] sessions active, 0 requeued, 0 remaining in queue." + recv emerg + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: backend be4 has no server available!" + barrier b1 sync + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: (Server be4/srv4 is UP/READY \\(leaving forced maintenance\\).|Health check for server be4/srv4 succeeded.+reason: Layer4 check passed.+check duration: [[:digit:]]+ms.+status: 1/1 UP)" + barrier b1 sync +} -start + + +haproxy h1 -conf { + defaults + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + default-server check inter 200ms downinter 100s rise 1 fall 1 + + frontend fe1 + bind "fd@${fe1}" + use_backend be1 + + frontend fe2 + bind "fd@${fe2}" + use_backend be2 + + frontend fe3 + bind "fd@${fe3}" + use_backend be3 + + frontend fe4 + bind "fd@${fe4}" + use_backend be4 + + backend be1 + option log-health-checks + log ${S1_addr}:${S1_port} daemon + server srv1 ${s1_addr}:${s1_port} + + backend be2 + option log-health-checks + log ${S2_addr}:${S2_port} daemon + server srv2 ${s2_addr}:${s2_port} + + backend be3 + option log-health-checks + log ${S3_addr}:${S3_port} daemon + server srv3 ${s3_addr}:${s3_port} + + backend be4 + option log-health-checks + log ${S4_addr}:${S4_port} daemon + server srv4 ${s4_addr}:${s4_port} +} -start + +haproxy h1 -cli { + barrier b1 sync + send "show servers state" + expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl srv_check_port srv_check_addr srv_agent_addr srv_agent_port\n6 be1 1 srv1 ${s1_addr} 2 0 1 1 [[:digit:]]+ 6 3 1 [67] 0 0 0 - ${s1_port} - 0 0 - - 0\n7 be2 1 srv2 ${s2_addr} 2 0 1 1 [[:digit:]]+ 6 3 1 [67] 0 0 0 - ${s2_port} - 0 0 - - 0\n8 be3 1 srv3 ${s3_addr} 2 0 1 1 [[:digit:]]+ 6 3 1 [67] 0 0 0 - ${s3_port} - 0 0 - - 0\n9 be4 1 srv4 ${s4_addr} 2 0 1 1 [[:digit:]]+ 6 3 1 [67] 0 0 0 - ${s4_port} - 0 0 - - 0" +} + +haproxy h1 -cli { + send "disable server be1/srv1" + expect ~ .* +} + +haproxy h1 -cli { + send "disable server be2/srv2" + expect ~ .* +} + +haproxy h1 -cli { + send "disable server be3/srv3" + expect ~ .* +} + +haproxy h1 -cli { + send "disable server be4/srv4" + expect ~ .* +} + +haproxy h1 -cli { + barrier b1 sync + send "show servers state" + expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl srv_check_port srv_check_addr srv_agent_addr srv_agent_port\n6 be1 1 srv1 ${s1_addr} 0 1 1 1 [[:digit:]]+ 6 3 [01] 1[45] 0 0 0 - ${s1_port} - 0 0 - - 0\n7 be2 1 srv2 ${s2_addr} 0 1 1 1 [[:digit:]]+ 6 3 [01] 1[45] 0 0 0 - ${s2_port} - 0 0 - - 0\n8 be3 1 srv3 ${s3_addr} 0 1 1 1 [[:digit:]]+ 6 3 [01] 1[45] 0 0 0 - ${s3_port} - 0 0 - - 0\n9 be4 1 srv4 ${s4_addr} 0 1 1 1 [[:digit:]]+ 6 3 [01] 1[45] 0 0 0 - ${s4_port} - 0 0 - - 0" +} + +haproxy h1 -cli { + send "enable server be1/srv1" + expect ~ .* +} + +haproxy h1 -cli { + send "enable server be2/srv2" + expect ~ .* +} + +haproxy h1 -cli { + send "enable server be3/srv3" + expect ~ .* +} + +haproxy h1 -cli { + send "enable server be4/srv4" + expect ~ .* +} + +haproxy h1 -cli { + barrier b1 sync + send "show servers state" + expect ~ "# be_id be_name srv_id srv_name srv_addr srv_op_state srv_admin_state srv_uweight srv_iweight srv_time_since_last_change srv_check_status srv_check_result srv_check_health srv_check_state srv_agent_state bk_f_forced_id srv_f_forced_id srv_fqdn srv_port srvrecord srv_use_ssl srv_check_port srv_check_addr srv_agent_addr srv_agent_port\n6 be1 1 srv1 ${s1_addr} 2 0 1 1 [[:digit:]]+ 6 [03] 1 [67] 0 0 0 - ${s1_port} - 0 0 - - 0\n7 be2 1 srv2 ${s2_addr} 2 0 1 1 [[:digit:]]+ 6 [03] 1 [67] 0 0 0 - ${s2_port} - 0 0 - - 0\n8 be3 1 srv3 ${s3_addr} 2 0 1 1 [[:digit:]]+ 6 [03] 1 [67] 0 0 0 - ${s3_port} - 0 0 - - 0\n9 be4 1 srv4 ${s4_addr} 2 0 1 1 [[:digit:]]+ 6 [03] 1 [67] 0 0 0 - ${s4_port} - 0 0 - - 0" +} + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait + diff --git a/reg-tests/checks/4be_1srv_smtpchk_httpchk_layer47errors.vtc b/reg-tests/checks/4be_1srv_smtpchk_httpchk_layer47errors.vtc new file mode 100644 index 0000000..3c4fcd8 --- /dev/null +++ b/reg-tests/checks/4be_1srv_smtpchk_httpchk_layer47errors.vtc @@ -0,0 +1,99 @@ +varnishtest "Check: smptchk option" +feature ignore_unknown_macro + +#EXCLUDE_TARGETS=freebsd,osx,generic +#REGTEST_TYPE=slow + +barrier b cond 3 + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv1 succeeded.+reason: Layer7 check passed.+code: 221.+check duration: [[:digit:]]+ms.+status: 1/1 UP." + barrier b sync + recv + expect ~ "Health check for server be1/srv1 failed.+reason: Layer7 timeout.+check duration: [[:digit:]]+ms.+status: 0/1 DOWN" +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv2 succeeded.+reason: Layer7 check passed.+code: 200.+.+check duration: [[:digit:]]+ms.+status: 1/1 UP." + barrier b sync + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv2 failed.+reason: Layer7 timeout.+check duration: [[:digit:]]+ms.+status: 0/1 DOWN" +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv3 failed.+reason: Layer4 connection problem.+info: \"General socket error \\(Network is unreachable\\)\".+check duration: [[:digit:]]+ms.+status: 0/1 DOWN." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv4 failed.+reason: Layer4 connection problem.+info: \"Connection refused\".+check duration: [[:digit:]]+ms.+status: 0/1 DOWN." +} -start + +server s1 { + send "2" + send "2" + send "0" + send "\r\n" + recv 16 + send "2" + send "4" + send "8" + send "\r\n" + recv 6 + send "2" + send "2" + send "1" + send " ok\r\n" +} -start + +server s2 { + rxreq + txresp +} -start + +haproxy h1 -conf { + defaults + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + option log-health-checks + default-server inter 200ms downinter 100ms rise 1 fall 1 + + backend be1 + option smtpchk + log ${S1_addr}:${S1_port} daemon + server srv1 ${s1_addr}:${s1_port} check + + backend be2 + mode tcp + log ${S2_addr}:${S2_port} daemon + option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www + server srv2 ${s2_addr}:${s2_port} check + + backend be3 + log ${S3_addr}:${S3_port} daemon + server srv3 255.255.255.255:11111 check + + backend be4 + log ${S4_addr}:${S4_port} daemon + server srv4 localhost:11111 check +} -start + +haproxy h1 -cli { + barrier b sync + send "show servers state" + expect ~ .* +} + +server s1 -wait +server s2 -wait + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait + + diff --git a/reg-tests/checks/agent-check.vtc b/reg-tests/checks/agent-check.vtc new file mode 100644 index 0000000..5cf51c6 --- /dev/null +++ b/reg-tests/checks/agent-check.vtc @@ -0,0 +1,42 @@ +varnishtest "Health-checks: agent-check" +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +barrier b1 cond 2 -cyclic +barrier b2 cond 2 -cyclic + +server s1 { + barrier b1 sync + recv 5 + send "75%,maxconn:30,maint,down\n" + expect_close + barrier b2 sync +} -start + + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + server srv ${s1_addr}:${s1_port} weight 100 agent-check agent-addr ${s1_addr} agent-port ${s1_port} agent-send "pouet" agent-inter 100ms +} -start + +haproxy h1 -cli { + send "show servers state" + expect ~ "be1 1 srv 127.0.0.1 2 0 100 100 [[:digit:]]+ 1 0 [[:digit:]] 0 [[:digit:]]+ 0 0 - ${s1_port} -" + send "show stat" + expect ~ "be1,srv,0,0,0,0,," + + barrier b1 sync + barrier b2 sync + send "show servers state" + expect ~ "be1 1 srv 127.0.0.1 0 1 75 100 [[:digit:]]+ 1 0 [[:digit:]] 0 [[:digit:]]+ 0 0 - ${s1_port} -" + send "show stat" + expect ~ "be1,srv,0,0,0,0,30" +} diff --git a/reg-tests/checks/common.pem b/reg-tests/checks/common.pem new file mode 120000 index 0000000..a4433d5 --- /dev/null +++ b/reg-tests/checks/common.pem @@ -0,0 +1 @@ +../ssl/common.pem \ No newline at end of file diff --git a/reg-tests/checks/http-check-expect.vtc b/reg-tests/checks/http-check-expect.vtc new file mode 100644 index 0000000..637eec6 --- /dev/null +++ b/reg-tests/checks/http-check-expect.vtc @@ -0,0 +1,64 @@ +varnishtest "Health-checks: some http-check expect tests" +feature ignore_unknown_macro +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +# This script tests http-check expect rules. + +server s1 { + rxreq + expect req.method == OPTIONS + expect req.url == / + expect req.proto == HTTP/1.0 + txresp -status 202 \ + -hdr "x-test1: true, next value" \ + -hdr "x-test2: true, begin-value, value-end, value-sub-string, value-reg-123ABC" \ + -hdr "x-begin-test: 1" \ + -hdr "x-test-end: 1" \ + -hdr "x-sub-test: 1" \ + -hdr "x-reg-test1: 1" \ + -hdr "x-hdr-name: x-test1" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded.*code: 202" +} -start + +haproxy h1 -conf { + defaults + mode http + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + option log-health-checks + + backend be1 + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk + http-check expect status 200-399 + + http-check expect hdr name "x-test1" + http-check expect hdr name -m str "X-Test2" + http-check expect hdr name -m beg "X-Begin-" + http-check expect hdr name -m end "-End" + http-check expect hdr name -m sub "-Sub-" + http-check expect hdr name -m reg "^[a-z]+-Reg-[a-z]+[0-9]\$" + http-check set-var(check.hdr_name) res.fhdr(x-hdr-name) + http-check expect hdr name-lf -m str "%[var(check.hdr_name)]" + http-check expect hdr name-lf -m str "%[res.fhdr(x-hdr-name)]" + + http-check expect fhdr name "x-test1" value "true, next value" + http-check expect hdr name "x-test2" value -m str "true" + http-check expect hdr name -m beg "x-test" value -m beg "begin-" + http-check expect hdr name -m beg "x-test" value -m end "-end" + http-check expect hdr name -m beg "x-test" value -m sub "-sub-" + http-check expect hdr name -m beg "x-test" value -m reg "^value-reg-[A-Z0-9]+\$" + http-check expect fhdr name -m beg "x-test" value -m reg "value-reg-[A-Z0-9]+" + http-check set-var(check.hdr_value) str(x-test1) + http-check expect hdr name -m beg "x-" value-lf -m str "%[var(check.hdr_value)]" + http-check expect fhdr name -m beg "x-" value-lf -m str "%[res.fhdr(x-hdr-name)]" + + server srv ${s1_addr}:${s1_port} check inter 100ms rise 1 fall 1 +} -start + +syslog S1 -wait diff --git a/reg-tests/checks/http-check-send.vtc b/reg-tests/checks/http-check-send.vtc new file mode 100644 index 0000000..0970ee4 --- /dev/null +++ b/reg-tests/checks/http-check-send.vtc @@ -0,0 +1,168 @@ +varnishtest "Health-checks: http-check send test" +#REGTEST_TYPE=slow +#REQUIRE_VERSION=2.4 +feature ignore_unknown_macro + +# This script tests HTTP health-checks and more particularly the "http-check +# send" directive. + +server s1 { + rxreq + expect req.method == OPTIONS + expect req.url == / + expect req.proto == HTTP/1.0 + txresp +} -start + +server s2 { + rxreq + expect req.method == GET + expect req.url == /test + expect req.proto == HTTP/1.1 + expect req.http.connection == "close" + txresp +} -start + +server s3 { + rxreq + expect req.method == OPTIONS + expect req.url == / + expect req.proto == HTTP/1.0 + expect req.http.hdr == + expect req.http.host == + expect req.http.x-test == + expect req.bodylen == 0 + txresp +} -start + +server s4 { + rxreq + expect req.method == GET + expect req.url == /status + expect req.proto == HTTP/1.1 + expect req.http.connection == "close" + expect req.http.hdr == + expect req.http.host == "my-www-host" + expect req.http.x-test == true + expect req.http.content-length == 4 + expect req.bodylen == 4 + expect req.body == "test" + txresp +} -start + +server s5 { + rxreq + expect req.method == OPTIONS + expect req.url == / + expect req.proto == HTTP/1.0 + expect req.http.hdr == + expect req.http.host == "other-www-host" + expect req.http.x-test == + expect req.http.x-new-test == true + expect req.http.content-length == 10 + expect req.bodylen == 10 + expect req.body == "other test" + txresp +} -start + +server s6 { + rxreq + expect req.method == GET + expect req.url == / + expect req.proto == HTTP/1.1 + expect req.http.host == "ws-host" + expect req.http.connection == "upgrade" + expect req.http.upgrade == "raw-proto" + txresp \ + -status 101 \ + -hdr "connection: upgrade" \ + -hdr "upgrade: raw-proto" +} -start + + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded.*code: 200" +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv succeeded.*code: 200" +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv succeeded.*code: 200" +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv succeeded.*code: 200" +} -start + +syslog S5 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be5/srv succeeded.*code: 200" +} -start + +syslog S6 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be6_ws/srv succeeded.*code: 101" +} -start + + +haproxy h1 -conf { + defaults + mode http + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + option httpchk + option log-health-checks + + backend be1 + log ${S1_addr}:${S1_port} len 2048 local0 + server srv ${s1_addr}:${s1_port} check inter 200ms rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} len 2048 local0 + option httpchk GET /test HTTP/1.1 + server srv ${s2_addr}:${s2_port} check inter 200ms rise 1 fall 1 + + defaults + mode http + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + option httpchk GET /status HTTP/1.1\r\nHdr:\ must-be-removed + option log-health-checks + http-check send hdr Host "my-www-host" hdr X-test true body "test" + + backend be3 + option httpchk + log ${S3_addr}:${S3_port} len 2048 local0 + server srv ${s3_addr}:${s3_port} check inter 200ms rise 1 fall 1 + + backend be4 + log ${S4_addr}:${S4_port} len 2048 local0 + server srv ${s4_addr}:${s4_port} check inter 200ms rise 1 fall 1 + + backend be5 + log ${S5_addr}:${S5_port} len 2058 local0 + http-check send hdr Host "other-www-host" hdr X-New-Test true body "other test" + server srv ${s5_addr}:${s5_port} check inter 200ms rise 1 fall 1 + + backend be6_ws + log ${S6_addr}:${S6_port} len 2048 local0 + http-check send meth GET uri / ver HTTP/1.1 hdr host ws-host hdr connection upgrade hdr upgrade raw-proto + http-check expect status 101 + server srv ${s6_addr}:${s6_port} check inter 200ms rise 1 fall 1 + +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait +syslog S5 -wait +syslog S6 -wait diff --git a/reg-tests/checks/http-check.vtc b/reg-tests/checks/http-check.vtc new file mode 100644 index 0000000..3353060 --- /dev/null +++ b/reg-tests/checks/http-check.vtc @@ -0,0 +1,157 @@ +varnishtest "Health-checks: some http-check tests" +feature ignore_unknown_macro +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +# This script tests HTTP health-checks. + +server s1 { + rxreq + expect req.method == OPTIONS + expect req.url == / + expect req.proto == HTTP/1.0 + txresp +} -start + +server s2 { + rxreq + expect req.method == GET + expect req.url == /status + expect req.proto == HTTP/1.1 + txresp +} -start + +server s3 { + rxreq + expect req.method == GET + expect req.url == /status + expect req.proto == HTTP/1.1 + txresp +} -start + +server s4 { + rxreq + expect req.method == GET + expect req.url == /req1 + expect req.proto == HTTP/1.1 + expect req.http.x-test == "server=srv" + expect req.http.x-haproxy-server-state ~ "UP.+name=be4/srv" + expect req.bodylen == 0 + txresp + + accept + rxreq + expect req.method == GET + expect req.url == /req2 + expect req.proto == HTTP/1.1 + expect req.http.x-test == "server=" + expect req.http.x-haproxy-server-state ~ "UP.+name=be4/srv" + expect req.http.content-length == 17 + expect req.bodylen == 17 + expect req.body == "health-check body" + txresp + + accept + rxreq + expect req.method == GET + expect req.url == /req3 + expect req.proto == HTTP/1.0 + expect req.http.x-test == + expect req.http.x-haproxy-server-state ~ "UP.+name=be4/srv" + expect req.bodylen == 0 + txresp + + accept + rxreq + expect req.method == GET + expect req.url == / + expect req.proto == HTTP/1.0 + expect req.http.x-test == + expect req.http.x-haproxy-server-state ~ "UP.+name=be4/srv" + expect req.bodylen == 23 + expect req.body == "health-check on be4-srv" + txresp + +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]/srv succeeded.*code: 200" + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]/srv succeeded.*code: 200" + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]/srv succeeded.*code: 200" + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]/srv succeeded.*code: 200" + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]/srv succeeded.*code: 200" + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]/srv succeeded.*code: 200" +} -start + +haproxy h1 -conf { + defaults + mode http + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + option log-health-checks + + backend be1 + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk + server srv ${s1_addr}:${s1_port} check inter 100ms rise 1 fall 1 + + backend be2 + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk GET /status HTTP/1.1 + server srv ${s2_addr}:${s2_port} check inter 100ms rise 1 fall 1 + + backend be3 + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk + http-check send meth GET uri /status ver HTTP/1.1 + server srv ${s3_addr}:${s3_port} check inter 100ms rise 1 fall 1 + + backend be4 + mode tcp + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk + http-check send-state + http-check connect addr ${s4_addr}:${s4_port} + http-check set-var(check.server) "str(srv)" + http-check set-var(check.path) "str(/req1)" + http-check send meth GET uri-lf "%[var(check.path)]" ver HTTP/1.1 hdr x-test "server=%[var(check.server)]" + http-check expect status 200 + http-check connect addr ${s4_addr} port ${s4_port} + http-check unset-var(check.server) + http-check set-var(check.path) "str(/req2)" + http-check send meth GET uri-lf "%[var(check.path)]" ver HTTP/1.1 hdr x-test "server=%[var(check.server)]" body "health-check body" + http-check expect rstatus "^2[0-9]{2}" + http-check connect addr ${s4_addr} port ${s4_port} + http-check set-var(check.path) "str(/req3)" + http-check send meth GET uri-lf "%[var(check.path)]" + http-check expect rstatus "^2[0-9]{2}" + http-check connect addr ${s4_addr} port ${s4_port} + http-check unset-var(check.path) + http-check send meth GET uri-lf "%[var(check.path)]" body-lf "health-check on %[be_name]-%[srv_name]" + ## implicit expect rule + server srv ${s1_addr}:${s1_port} check inter 100ms rise 1 fall 1 + + backend be5 + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk + server srv ${h1_li1_addr}:${h1_li1_port} proto h2 check inter 100ms rise 1 fall 1 + + backend be6 + log ${S1_addr}:${S1_port} len 2048 local0 + option httpchk GET /status HTTP/1.1 + server srv ${h1_li1_addr}:${h1_li1_port} check check-proto h2 inter 100ms rise 1 fall 1 + + listen li1 + mode http + bind "fd@${li1}" proto h2 + http-request return status 200 + +} -start + +syslog S1 -wait diff --git a/reg-tests/checks/http-monitor-uri.vtc b/reg-tests/checks/http-monitor-uri.vtc new file mode 100644 index 0000000..b6c8ccb --- /dev/null +++ b/reg-tests/checks/http-monitor-uri.vtc @@ -0,0 +1,56 @@ +varnishtest "Test the HTTP directive monitor-uri" +#REQUIRE_VERSION=2.2 + +# This config tests the HTTP directive monitor-uri. Especially the path matching +# when an absolute-form uri is received from the client. But also the +# case-sensitivity of the matching. + +feature ignore_unknown_macro + +haproxy h1 -conf { + defaults + mode http + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + + frontend fe1 + bind "fd@${fe1}" + monitor-uri /health + + frontend fe2 + bind "fd@${fe2}" + monitor-uri http://www.haproxy.org/health +} -start + +client c1 -connect ${h1_fe1_sock} { + txreq -req GET -url /health + rxresp + expect resp.status == 200 +} -run + +client c2 -connect ${h1_fe1_sock} { + txreq -req GET -url http://www.haproxy.org/health \ + -hdr "Host: www.haproxy.org" + rxresp + expect resp.status == 200 +} -run + +client c3 -connect ${h1_fe1_sock} { + txreq -req GET -url /hEAlth + rxresp + expect resp.status == 503 +} -run + +client c4 -connect ${h1_fe2_sock} { + txreq -req GET -url http://www.haproxy.org/health \ + -hdr "Host: www.haproxy.org" + rxresp + expect resp.status == 200 +} -run + +client c5 -connect ${h1_fe2_sock} { + txreq -req GET -url /health + rxresp + expect resp.status == 503 +} -run diff --git a/reg-tests/checks/ldap-check.vtc b/reg-tests/checks/ldap-check.vtc new file mode 100644 index 0000000..a0e5509 --- /dev/null +++ b/reg-tests/checks/ldap-check.vtc @@ -0,0 +1,96 @@ +varnishtest "Health-checks: LDAP health-check" +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for LDAP application, enabled using +# "option ldap-check" line. A intermediate listener is used to validate +# the request because it is impossible with VTEST to read and match raw +# text. + +server s1 { + recv 14 + sendhex "300C020101 61 070A01 00 04000400" +} -start + +server s2 { + recv 14 + sendhex "300C020101 60 070A01 00 04000400" +} -start + +server s3 { + recv 14 + sendhex "300C020101 61 070A01 01 04000400" +} -start + +server s4 { + recv 14 + sendhex "308400000010020101 61 84000000070A01" + delay 0.1 + sendhex "00 04000400" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"Success\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 invalid response.+info: \"Not LDAPv3 protocol\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 wrong status.+code: 1.+info: \"See RFC: http://tools.ietf.org/html/rfc4511#section-4.1.9\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv succeeded, reason: Layer7 check passed.+info: \"Success\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option ldap-check + server srv ${h1_ldap1_addr}:${h1_ldap1_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option ldap-check + server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option ldap-check + server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 + + backend be4 + log ${S4_addr}:${S4_port} daemon + option log-health-checks + option ldap-check + server srv ${s4_addr}:${s4_port} check inter 1s rise 1 fall 1 + + listen ldap1 + bind "fd@${ldap1}" + tcp-request inspect-delay 100ms + tcp-request content accept if { req.len eq 14 } { req.payload(0,14) -m bin "300C020101600702010304008000" } + tcp-request content reject + server srv ${s1_addr}:${s1_port} + +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait diff --git a/reg-tests/checks/mysql-check.vtc b/reg-tests/checks/mysql-check.vtc new file mode 100644 index 0000000..b2348c3 --- /dev/null +++ b/reg-tests/checks/mysql-check.vtc @@ -0,0 +1,123 @@ +varnishtest "Health-checks: MySQL health-check" +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for MySQL application, enabled using +# "option mysql-check" line. A intermediate listener is used to validate +# the request because it is impossible with VTEST to read and match raw +# text. + +server s1 { + sendhex "4A0000000A382E302E3139000A0000006F3C025E6249410D00FFFFFF0200FFC715000000000000000000007C182159106E2761144322200063616368696E675F736861325F70617373776F726400" + expect_close +} -start + +server s2 { + sendhex "4A0000000A382E302E3139000A0000006F3C025E6249410D00FFFFFF0200FFC715000000000000000000007C182159106E2761144322200063616368696E675F736861325F70617373776F726400" + recv 20 + sendhex "03000002000000" +} -start + +server s3 { + sendhex "4A0000000A382E302E3139000A0000006F3C025E6249410D00FFFFFF0200FFC715000000000000000000007C182159106E2761144322200063616368696E675F736861325F70617373776F726400" + recv 47 + sendhex "0700000200000002000000" +} -start + +server s4 { + sendhex "4A0000000A382E302E3139000A0000006F3C025E6249410D00FFFFFF0200FFC715000000000000000000007C182159106E2761144322200063616368696E675F736861325F70617373776F726400" + recv 21 + sendhex "67000002FFE304436C69656E7420646F6573206E6F7420737570706F72742061757468656E7469636174696F6E2070726F746F636F6C20726571756573746564206279207365727665723B20636F6E736964657220757067726164696E67204D7953514C20636C69656E74" +} -start + +server s5 { + sendhex "4A0000000A382E302E3139000A0000006F3C025E6249410D00FFFFFF0200FFC715000000000000000000007C182159106E2761144322200063616368696E675F736861325F70617373776F726400" + recv 48 + sendhex "67000002FFE304436C69656E7420646F6573206E6F7420737570706F72742061757468656E7469636174696F6E2070726F746F636F6C20726571756573746564206279207365727665723B20636F6E736964657220757067726164696E67204D7953514C20636C69656E74" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"8.0.19\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv succeeded, reason: Layer7 check passed.+info: \"8.0.19\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv succeeded, reason: Layer7 check passed.+info: \"8.0.19\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv failed, reason: Layer7 wrong status.+code: 1251.+info: \"Client does not support authentication protocol requested by server; consider upgrading MySQL client\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S5 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be5/srv failed, reason: Layer7 wrong status.+code: 1251.+info: \"Client does not support authentication protocol requested by server; consider upgrading MySQL client\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option mysql-check + server srv ${s1_addr}:${s1_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option mysql-check user user pre-41 + server srv ${h1_mysql1_addr}:${h1_mysql1_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option mysql-check user user + server srv ${h1_mysql2_addr}:${h1_mysql2_port} check inter 1s rise 1 fall 1 + + backend be4 + log ${S4_addr}:${S4_port} daemon + option log-health-checks + option mysql-check user pouet + server srv ${s4_addr}:${s4_port} check inter 1s rise 1 fall 1 + + backend be5 + log ${S5_addr}:${S5_port} daemon + option log-health-checks + option mysql-check user pouet post-41 + server srv ${s5_addr}:${s5_port} check inter 1s rise 1 fall 1 + + listen mysql1 + bind "fd@${mysql1}" + tcp-request inspect-delay 100ms + tcp-request content accept if { req.len eq 20 } { req.payload(0,20) -m bin "0B00000100800000017573657200000100000001" } + tcp-request content reject + server srv ${s2_addr}:${s2_port} + + listen mysql2 + bind "fd@${mysql2}" + tcp-request inspect-delay 100ms + tcp-request content accept if { req.len eq 47 } { req.payload(0,47) -m bin "2600000100820000008000012100000000000000000000000000000000000000000000007573657200000100000001" } + tcp-request content reject + server srv ${s3_addr}:${s3_port} + +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait +syslog S5 -wait diff --git a/reg-tests/checks/pgsql-check.vtc b/reg-tests/checks/pgsql-check.vtc new file mode 100644 index 0000000..2c9c65b --- /dev/null +++ b/reg-tests/checks/pgsql-check.vtc @@ -0,0 +1,93 @@ +varnishtest "Health-checks: PostgreSQL health-check" +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for PostgreSQL application, enabled using +# "option pgsql-check" line. A intermediate listener is used to validate +# the request because it is impossible with VTEST to read and match raw +# text. + +server s1 { + recv 23 + sendhex "520000000800000000" +} -start + +server s2 { + recv 23 + sendhex "450000000B53464154414C00" +} -start + +server s3 { + recv 23 + send "Not a PostgreSQL response" +} -start + +server s4 { + recv 23 + sendhex "52000000170000000A534352414D2D5348412D3235360000" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"PostgreSQL server is ok\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 invalid response.+info: \"FATAL\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 wrong status.+info: \"PostgreSQL unknown error\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv succeeded, reason: Layer7 check passed.+info: \"PostgreSQL server is ok\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option pgsql-check user postgres + server srv ${h1_pgsql_addr}:${h1_pgsql_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option pgsql-check user postgres + server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option pgsql-check user postgres + server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 + + backend be4 + log ${S4_addr}:${S4_port} daemon + option log-health-checks + option pgsql-check user postgres + server srv ${s4_addr}:${s4_port} check inter 1s rise 1 fall 1 + + listen pgsql1 + bind "fd@${pgsql}" + tcp-request inspect-delay 100ms + tcp-request content accept if { req.len eq 23 } { req.payload(0,23) -m bin "00000017000300007573657200706f7374677265730000" } + tcp-request content reject + server srv ${s1_addr}:${s1_port} +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait diff --git a/reg-tests/checks/redis-check.vtc b/reg-tests/checks/redis-check.vtc new file mode 100644 index 0000000..78b6ed3 --- /dev/null +++ b/reg-tests/checks/redis-check.vtc @@ -0,0 +1,61 @@ +varnishtest "Health-checks: Redis health-check" +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for Redis application, enabled using +# "option redis-check" line. A intermediate listener is used to validate +# the request because it is impossible with VTEST to read and match raw +# text. + +server s1 { + recv 14 + send "+PONG\r\n" +} -start + +server s2 { + recv 14 + send "-Error message\r\n" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"Redis server is ok\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 wrong status.+info: \"-Error message\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option redis-check + server srv ${h1_redis_addr}:${h1_redis_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option redis-check + server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 + + listen redis1 + bind "fd@${redis}" + tcp-request inspect-delay 100ms + tcp-request content accept if { req.len eq 14 } { req.payload(0,14) -m str "*1\r\n\$4\r\nPING\r\n" } + tcp-request content reject + server srv ${s1_addr}:${s1_port} + +} -start + +syslog S1 -wait +syslog S2 -wait diff --git a/reg-tests/checks/smtp-check.vtc b/reg-tests/checks/smtp-check.vtc new file mode 100644 index 0000000..723f5f0 --- /dev/null +++ b/reg-tests/checks/smtp-check.vtc @@ -0,0 +1,110 @@ +varnishtest "Health-checks: SMTP health-check" +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for SMTP servers, enabled using +# "option smtpchk" line. + +server s1 { + send "220 smtp-check.vtc SMTP Server\r\n" + recv 16 + send "250 smtp-check.vtc\r\n" + recv 6 + send "221 smtp-check.vtc closing\r\n" +} -start + +server s2 { + send "220 smtp-check.vtc SMTP Server\r\n" + recv 17 + send "250-smtp-check.vtc\r\n" + send "250-KEYWORD\r\n" + send "250 LAST KEYWORD\r\n" + recv 6 + send "221 smtp-check.vtc closing\r\n" +} -start + +server s3 { + send "I'm not a SMTP server\r\n" +} -start + +server s4 { + send "421 Try again later\r\n" +} -start + +server s5 { + send "220 smtp-check.vtc SMTP Server\r\n" + recv 16 + send "512 DNS error\r\n" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+code: 221.+info: \"smtp-check.vtc closing\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv succeeded, reason: Layer7 check passed.+code: 221.+info: \"smtp-check.vtc closing\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 invalid response.+info: \"I'm not a SMTP server\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv failed, reason: Layer7 wrong status.+code: 421.+info: \"Try again later\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S5 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be5/srv failed, reason: Layer7 wrong status.+code: 512.+info: \"DNS error\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option smtpchk + server srv ${s1_addr}:${s1_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option smtpchk EHLO domain.tld + server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option smtpchk + server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 + + backend be4 + log ${S4_addr}:${S4_port} daemon + option log-health-checks + option smtpchk + server srv ${s4_addr}:${s4_port} check inter 1s rise 1 fall 1 + + backend be5 + log ${S5_addr}:${S5_port} daemon + option log-health-checks + option smtpchk EHLO domain.tld + server srv ${s5_addr}:${s5_port} check inter 1s rise 1 fall 1 + +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait +syslog S5 -wait diff --git a/reg-tests/checks/spop-check.vtc b/reg-tests/checks/spop-check.vtc new file mode 100644 index 0000000..93cef59 --- /dev/null +++ b/reg-tests/checks/spop-check.vtc @@ -0,0 +1,94 @@ +varnishtest "Health-checks: SPOP health-check" +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for SPOE agent, enabled using +# "option spop-check" line. A intermediate listener is used to validate +# the request because it is impossible with VTEST to read and match raw +# text. + +server s1 { + recv 82 + sendhex "00000036 65 00000001 0000 0776657273696F6E 0803322E30 0E6D61782D6672616D652D73697A65 03FCF0 060C6361706162696C6974696573 0800" +} -start + +server s2 { + recv 82 + sendhex "00000000" +} -start + +server s3 { + recv 82 + sendhex "00000007 65 00000000 0000" +} -start + +server s4 { + recv 82 + sendhex "00000014 65 00000001 0000 0776657273696F6E 0803312E30" +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"SPOA server is ok\".+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 invalid response.+info: \"invalid frame received\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 invalid response.+info: \"fragmentation not supported\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv failed, reason: Layer7 invalid response.+info: \"unsupported version\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option spop-check + server srv ${h1_spop1_addr}:${h1_spop1_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option spop-check + server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option spop-check + server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 + + backend be4 + log ${S4_addr}:${S4_port} daemon + option log-health-checks + option spop-check + server srv ${s4_addr}:${s4_port} check inter 1s rise 1 fall 1 + + listen spop1 + bind "fd@${spop1}" + tcp-request inspect-delay 100ms + tcp-request content accept if { req.len eq 82 } { req.payload(0,4) -m bin "0000004E" } #{ req.payload(4,4) -m bin "00000001" } { req.payload(8,2) -m bin "0000" } { req.payload(12,17) -m str "supported-version" } + tcp-request content reject + server srv ${s1_addr}:${s1_port} + +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait +syslog S4 -wait diff --git a/reg-tests/checks/ssl-hello-check.vtc b/reg-tests/checks/ssl-hello-check.vtc new file mode 100644 index 0000000..49abc0b --- /dev/null +++ b/reg-tests/checks/ssl-hello-check.vtc @@ -0,0 +1,76 @@ +varnishtest "Health-checks: ssl-hello health-check" +#REQUIRE_OPTION=OPENSSL +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for SSL application, enabled using +# "option ssl-hello-chk" line. + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer6 invalid response.+info: \"TCPCHK got an empty response at step 2\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer6 invalid response.+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +haproxy htst -conf { + global + tune.ssl.default-dh-param 2048 + + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + frontend fe1 + bind "fd@${fe1}" ssl crt ${testdir}/common.pem + + frontend fe2 + bind "fd@${fe2}" + + frontend fe3 + mode http + bind "fd@${fe3}" + +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option ssl-hello-chk + server srv ${htst_fe1_addr}:${htst_fe1_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option ssl-hello-chk + server srv ${htst_fe2_addr}:${htst_fe2_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option ssl-hello-chk + server srv ${htst_fe3_addr}:${htst_fe3_port} check inter 1s rise 1 fall 1 +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait diff --git a/reg-tests/checks/tcp-check-ssl.vtc b/reg-tests/checks/tcp-check-ssl.vtc new file mode 100644 index 0000000..6ac1782 --- /dev/null +++ b/reg-tests/checks/tcp-check-ssl.vtc @@ -0,0 +1,118 @@ +varnishtest "Health-checks: tcp-check health-check with ssl options" +#REQUIRE_OPTION=OPENSSL +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +syslog S_ok -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]+/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]+/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]+/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]+/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be[0-9]+/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer6 invalid response.+info: \"(Connection closed during SSL handshake|SSL handshake failure)\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv failed, reason: Layer6 invalid response.+info: \"(Connection closed during SSL handshake|SSL handshake failure) at step 1 of tcp-check \\(connect\\)\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + + +haproxy htst -conf { + global + tune.ssl.default-dh-param 2048 + + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + listen li1 + bind "fd@${li1}" + tcp-request inspect-delay 100ms + tcp-request content reject if { req.ssl_hello_type 0 } + tcp-request content accept if { req.ssl_sni check.haproxy.org } + tcp-request content accept if { req.ssl_sni connect.haproxy.org } + tcp-request content reject + server fe1 ${htst_fe1_addr}:${htst_fe1_port} + + listen li2 + bind "fd@${li2}" + tcp-request inspect-delay 100ms + tcp-request content reject if { req.ssl_hello_type 0 } + tcp-request content accept if { req.ssl_alpn h2 } + tcp-request content accept if { req.ssl_alpn http/1.1 } + tcp-request content reject + server fe1 ${htst_fe1_addr}:${htst_fe1_port} + + frontend fe1 + bind "fd@${fe1}" ssl crt ${testdir}/common.pem + +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S_ok_addr}:${S_ok_port} daemon + option log-health-checks + server srv ${htst_li1_addr}:${htst_li1_port} check check-ssl check-sni check.haproxy.org inter 1s rise 1 fall 1 verify none + + backend be2 + log ${S_ok_addr}:${S_ok_port} daemon + option log-health-checks + option tcp-check + tcp-check connect ssl sni connect.haproxy.org + server srv ${htst_li1_addr}:${htst_li1_port} check inter 1s rise 1 fall 1 verify none + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + server srv ${htst_li1_addr}:${htst_li1_port} check check-ssl check-sni bad.haproxy.org inter 1s rise 1 fall 1 verify none + + backend be4 + log ${S4_addr}:${S4_port} daemon + option log-health-checks + option tcp-check + tcp-check connect ssl sni bad.haproxy.org + server srv ${htst_li1_addr}:${htst_li1_port} check inter 1s rise 1 fall 1 verify none + + backend be5 + log ${S_ok_addr}:${S_ok_port} daemon + option log-health-checks + option tcp-check + tcp-check connect default + server srv ${htst_li1_addr}:${htst_li1_port} check check-ssl check-sni check.haproxy.org inter 1s rise 1 fall 1 verify none + + backend be6 + log ${S_ok_addr}:${S_ok_port} daemon + option log-health-checks + server srv ${htst_li2_addr}:${htst_li2_port} check check-ssl check-alpn "h2,http/1.1" inter 1s rise 1 fall 1 verify none + + backend be7 + log ${S_ok_addr}:${S_ok_port} daemon + option log-health-checks + option tcp-check + tcp-check connect ssl alpn "h2,http/1.1" + server srv ${htst_li2_addr}:${htst_li2_port} check inter 1s rise 1 fall 1 verify none + +} -start + +syslog S_ok -wait +syslog S3 -wait +syslog S4 -wait diff --git a/reg-tests/checks/tcp-check_min-recv.vtc b/reg-tests/checks/tcp-check_min-recv.vtc new file mode 100644 index 0000000..81f93e0 --- /dev/null +++ b/reg-tests/checks/tcp-check_min-recv.vtc @@ -0,0 +1,68 @@ +varnishtest "tcp-check negative bounded regex match" +#EXCLUDE_TARGETS=freebsd,osx,generic +#REGTEST_TYPE=slow +#REQUIRE_VERSION=2.2 +# This test use a negative expect rule and verify that setting a required +# minimum amount of data to match. +feature ignore_unknown_macro + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv1 failed, reason: Layer7 timeout.*at step 2 of tcp-check" +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv1 succeeded" +} -start + +server s1 { + send "valid" + delay 0.2 + expect_close +} -start + +server s2 { + send "valid" + recv 10 + send "valid" + delay 0.2 + expect_close +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + timeout check "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + # must fail fast + timeout check 1 + timeout server 1 + log ${S1_addr}:${S1_port} len 2048 local0 + option tcp-check + option log-health-checks + tcp-check connect + tcp-check expect !rstring "^error" comment "negative check" + tcp-check expect string "valid" comment "positive check" + tcp-check send "0123456789" + tcp-check expect string "valid" comment "positive check" + server srv1 ${s1_addr}:${s1_port} check inter 200ms rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} len 2048 local0 + option tcp-check + option log-health-checks + tcp-check connect + tcp-check expect min-recv 5 !rstring "^error" comment "negative check" + tcp-check expect string "valid" comment "positive check" + tcp-check send "0123456789" + tcp-check expect string "valid" comment "positive check" + server srv1 ${s2_addr}:${s2_port} check inter 200ms rise 1 fall 1 +} -start + +syslog S1 -wait +syslog S2 -wait diff --git a/reg-tests/checks/tcp-check_multiple_ports.vtc b/reg-tests/checks/tcp-check_multiple_ports.vtc new file mode 100644 index 0000000..356ddf6 --- /dev/null +++ b/reg-tests/checks/tcp-check_multiple_ports.vtc @@ -0,0 +1,48 @@ +varnishtest "tcp-check multiple ports" +#EXCLUDE_TARGETS=freebsd,osx,generic +#REGTEST_TYPE=slow +# This test uses multiple tcp-check connect rules to perform health checking on +# a target. It relies on port 1 being unbound on the local system. +feature ignore_unknown_macro + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv1 failed.*Connection refused at step 2 of tcp-check.*connect port 1" +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv1 failed.*Connection refused at step 1 of tcp-check.*connect port 1" +} -start + +server s1 { +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + timeout check "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + #default-server check inter 200ms rise 1 fall 1 + + backend be1 + log ${S1_addr}:${S1_port} len 2048 local0 + option tcp-check + option log-health-checks + tcp-check connect port ${s1_port} + tcp-check connect port 1 + server srv1 ${s1_addr}:${s1_port} check inter 200ms rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} len 2048 local0 + option tcp-check + option log-health-checks + tcp-check connect port 1 + tcp-check connect port ${s1_port} + server srv1 ${s1_addr}:${s1_port} check inter 200ms rise 1 fall 1 +} -start + +syslog S1 -wait +syslog S2 -wait diff --git a/reg-tests/checks/tcp-checks-socks4.vtc b/reg-tests/checks/tcp-checks-socks4.vtc new file mode 100644 index 0000000..04c23ec --- /dev/null +++ b/reg-tests/checks/tcp-checks-socks4.vtc @@ -0,0 +1,61 @@ +varnishtest "Health-checks: basic HTTP health-check though a socks4 proxy" +#REQUIRE_VERSION=2.0 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests a simple HTTP health-checks though a socks4 proxy. + +server s1 { +} -start + +server socks { + ## get socks4 request + recv 16 + + ## send socks4 response : + ## constant(1): 0x00 + ## statut(1) : 0x5a (success) + ## padding(6) : ignored + sendhex "005A000000000000" + + rxreq + expect req.method == OPTIONS + expect req.url == / + expect req.proto == HTTP/1.0 + txresp +} -start + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+code: 200.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option httpchk + server srv ${s1_addr}:${s1_port} socks4 ${h1_socks_addr}:${h1_socks_port} check-via-socks4 check inter 1s rise 1 fall 1 + + listen socks + bind "fd@${socks}" + tcp-request inspect-delay 500ms + ## Accept socks4 request on 16 bytes : + ## version(1) : 0x04 + ## command(1) : 0x01 + ## port(2) : ${s1_port} + ## addr(4) : ${s1_addr} + ## user-id : "HAProxy\0" + tcp-request content accept if { req.len eq 16 } { req.payload(0,1) -m bin "04" } { req.payload(1,1) -m bin "01" } { req.payload(2,2),hex,hex2i eq ${s1_port} } { req.payload(4,4),hex,hex2i -m ip ${s1_addr} } { req.payload(8,8) -m bin "484150726F787900" } + tcp-request content reject + server srv ${socks_addr}:${socks_port} + +} -start + +syslog S1 -wait diff --git a/reg-tests/checks/tls_health_checks.vtc b/reg-tests/checks/tls_health_checks.vtc new file mode 100644 index 0000000..1989d65 --- /dev/null +++ b/reg-tests/checks/tls_health_checks.vtc @@ -0,0 +1,118 @@ +varnishtest "Health-check test over TLS/SSL" +#REQUIRE_OPTIONS=OPENSSL +#REGTEST_TYPE=slow +feature ignore_unknown_macro + + +# This script tests health-checks for a TLS/SSL backend with "option httpchk" +# and "check-ssl" option enabled attached to h2 haproxy process. This haproxy +# h2 process is chained to h1 other one. +# +server s1 { + rxreq + expect req.method == OPTIONS + expect req.url == * + expect req.proto == HTTP/1.1 + txresp +} -start + +server s2 { +} -start + +server s3 { + rxreq + expect req.method == OPTIONS + expect req.url == * + expect req.proto == HTTP/1.1 + txresp +} -start + +syslog S1 -level notice { + recv info + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: .* fe1~ be1/srv1 .* 200 [[:digit:]]+ - - ---- .* \"OPTIONS \\* HTTP/1.1\"" +} -start + +haproxy h1 -conf { + global + tune.ssl.default-dh-param 2048 + + defaults + mode http + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + server srv1 ${s1_addr}:${s1_port} + + backend be2 + server srv2 ${s2_addr}:${s2_port} + + backend be3 + server srv3 ${s3_addr}:${s3_port} + + frontend fe1 + option httplog + log ${S1_addr}:${S1_port} len 2048 local0 debug err + bind "fd@${fe1}" ssl crt ${testdir}/common.pem + use_backend be1 + + frontend fe2 + option tcplog + bind "fd@${fe2}" ssl crt ${testdir}/common.pem + use_backend be2 + + frontend fe3 + option httplog + bind "fd@${fe3}" ssl crt ${testdir}/common.pem + use_backend be3 +} -start + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h2_pid}\\]: Health check for server be2/srv1 succeeded, reason: Layer7 check passed.+code: 200.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S4 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h2_pid}\\]: Health check for server be4/srv2 succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +syslog S6 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h2_pid}\\]: Health check for server be6/srv3 succeeded, reason: Layer7 check passed.+code: 200.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + +haproxy h2 -conf { + global + tune.ssl.default-dh-param 2048 + + defaults + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + default-server downinter 1s inter 500 rise 1 fall 1 + + backend be2 + option log-health-checks + option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www + log ${S2_addr}:${S2_port} daemon + server srv1 ${h1_fe1_addr}:${h1_fe1_port} ssl crt ${testdir}/common.pem verify none check + + backend be4 + option log-health-checks + log ${S4_addr}:${S4_port} daemon + server srv2 ${h1_fe2_addr}:${h1_fe2_port} ssl crt ${testdir}/common.pem verify none check-ssl check + + backend be6 + option log-health-checks + option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www + log ${S6_addr}:${S6_port} daemon + server srv3 127.0.0.1:80 crt ${testdir}/common.pem verify none check check-ssl port ${h1_fe3_port} addr ${h1_fe3_addr}:80 +} -start + +syslog S1 -wait + +syslog S2 -wait +syslog S4 -wait +syslog S6 -wait -- cgit v1.2.3