varnishtest "Health-checks: ssl-hello health-check" #REQUIRE_OPTION=OPENSSL #REQUIRE_VERSION=2.2 #REGTEST_TYPE=slow feature ignore_unknown_macro # This scripts tests health-checks for SSL application, enabled using # "option ssl-hello-chk" line. syslog S1 -level notice { recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." } -start syslog S2 -level notice { recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer6 invalid response.+info: \"TCPCHK got an empty response at step 2\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." } -start syslog S3 -level notice { recv expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer6 invalid response.+check duration: [[:digit:]]+ms, status: 0/1 DOWN." } -start haproxy htst -conf { global tune.ssl.default-dh-param 2048 defaults mode tcp timeout client "${HAPROXY_TEST_TIMEOUT-5s}" timeout server "${HAPROXY_TEST_TIMEOUT-5s}" timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" frontend fe1 bind "fd@${fe1}" ssl crt ${testdir}/common.pem frontend fe2 bind "fd@${fe2}" frontend fe3 mode http bind "fd@${fe3}" } -start haproxy h1 -conf { defaults mode tcp timeout client "${HAPROXY_TEST_TIMEOUT-5s}" timeout server "${HAPROXY_TEST_TIMEOUT-5s}" timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" backend be1 log ${S1_addr}:${S1_port} daemon option log-health-checks option ssl-hello-chk server srv ${htst_fe1_addr}:${htst_fe1_port} check inter 1s rise 1 fall 1 backend be2 log ${S2_addr}:${S2_port} daemon option log-health-checks option ssl-hello-chk server srv ${htst_fe2_addr}:${htst_fe2_port} check inter 1s rise 1 fall 1 backend be3 log ${S3_addr}:${S3_port} daemon option log-health-checks option ssl-hello-chk server srv ${htst_fe3_addr}:${htst_fe3_port} check inter 1s rise 1 fall 1 } -start syslog S1 -wait syslog S2 -wait syslog S3 -wait