| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 1 | varnishtest "Health-checks: LDAP health-check" |
| 2 | #REQUIRE_VERSION=2.2 |
| 3 | #REGTEST_TYPE=slow |
| 4 | feature ignore_unknown_macro |
| 5 | |
| 6 | # This scripts tests health-checks for LDAP application, enabled using |
| 7 | # "option ldap-check" line. A intermediate listener is used to validate |
| 8 | # the request because it is impossible with VTEST to read and match raw |
| 9 | # text. |
| 10 | |
| 11 | server s1 { |
| 12 | recv 14 |
| 13 | sendhex "300C020101 61 070A01 00 04000400" |
| 14 | } -start |
| 15 | |
| 16 | server s2 { |
| 17 | recv 14 |
| 18 | sendhex "300C020101 60 070A01 00 04000400" |
| 19 | } -start |
| 20 | |
| 21 | server s3 { |
| 22 | recv 14 |
| 23 | sendhex "300C020101 61 070A01 01 04000400" |
| 24 | } -start |
| 25 | |
| 26 | syslog S1 -level notice { |
| 27 | recv |
| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 28 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"Success\".+check duration: [[:digit:]]+ms, status: 1/1 UP." |
| 29 | } -start |
| 30 | |
| 31 | syslog S2 -level notice { |
| 32 | recv |
| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 33 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 invalid response.+info: \"Not LDAPv3 protocol\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." |
| 34 | } -start |
| 35 | |
| 36 | syslog S3 -level notice { |
| 37 | recv |
| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 38 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 wrong status.+code: 1.+info: \"See RFC: http://tools.ietf.org/html/rfc4511#section-4.1.9\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." |
| 39 | } -start |
| 40 | |
| 41 | haproxy h1 -conf { |
| 42 | defaults |
| 43 | mode tcp |
| 44 | timeout client 1s |
| 45 | timeout server 1s |
| 46 | timeout connect 100ms |
| 47 | |
| 48 | backend be1 |
| 49 | log ${S1_addr}:${S1_port} daemon |
| 50 | option log-health-checks |
| 51 | option ldap-check |
| 52 | server srv ${h1_ldap1_addr}:${h1_ldap1_port} check inter 1s rise 1 fall 1 |
| 53 | |
| 54 | backend be2 |
| 55 | log ${S2_addr}:${S2_port} daemon |
| 56 | option log-health-checks |
| 57 | option ldap-check |
| 58 | server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 |
| 59 | |
| 60 | backend be3 |
| 61 | log ${S3_addr}:${S3_port} daemon |
| 62 | option log-health-checks |
| 63 | option ldap-check |
| 64 | server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 |
| 65 | |
| 66 | listen ldap1 |
| 67 | bind "fd@${ldap1}" |
| 68 | tcp-request inspect-delay 100ms |
| 69 | tcp-request content accept if { req.len eq 14 } { req.payload(0,14) -m bin "300C020101600702010304008000" } |
| 70 | tcp-request content reject |
| 71 | server srv ${s1_addr}:${s1_port} |
| 72 | |
| 73 | } -start |
| 74 | |
| 75 | syslog S1 -wait |
| 76 | syslog S2 -wait |
| 77 | syslog S3 -wait |