| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 1 | varnishtest "Health-checks: ssl-hello health-check" |
| 2 | #REQUIRE_OPTION=OPENSSL |
| 3 | #REQUIRE_VERSION=2.2 |
| 4 | #REGTEST_TYPE=slow |
| 5 | feature ignore_unknown_macro |
| 6 | |
| 7 | # This scripts tests health-checks for SSL application, enabled using |
| 8 | # "option ssl-hello-chk" line. |
| 9 | |
| 10 | syslog S1 -level notice { |
| 11 | recv |
| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 12 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." |
| 13 | } -start |
| 14 | |
| 15 | |
| 16 | syslog S2 -level notice { |
| 17 | recv |
| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 18 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer6 invalid response.+info: \"TCPCHK got an empty response at step 2\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." |
| 19 | } -start |
| 20 | |
| 21 | syslog S3 -level notice { |
| 22 | recv |
| Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 23 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer6 invalid response.+check duration: [[:digit:]]+ms, status: 0/1 DOWN." |
| 24 | } -start |
| 25 | |
| 26 | haproxy htst -conf { |
| 27 | global |
| 28 | tune.ssl.default-dh-param 2048 |
| 29 | |
| 30 | defaults |
| 31 | mode tcp |
| 32 | timeout client 1s |
| 33 | timeout server 1s |
| 34 | timeout connect 100ms |
| 35 | |
| 36 | frontend fe1 |
| 37 | bind "fd@${fe1}" ssl crt ${testdir}/common.pem |
| 38 | |
| 39 | frontend fe2 |
| 40 | bind "fd@${fe2}" |
| 41 | |
| 42 | frontend fe3 |
| 43 | mode http |
| 44 | bind "fd@${fe3}" |
| 45 | |
| 46 | } -start |
| 47 | |
| 48 | haproxy h1 -conf { |
| 49 | defaults |
| 50 | mode tcp |
| 51 | timeout client 1s |
| 52 | timeout server 1s |
| 53 | timeout connect 100ms |
| 54 | |
| 55 | backend be1 |
| 56 | log ${S1_addr}:${S1_port} daemon |
| 57 | option log-health-checks |
| 58 | option ssl-hello-chk |
| 59 | server srv ${htst_fe1_addr}:${htst_fe1_port} check inter 1s rise 1 fall 1 |
| 60 | |
| 61 | backend be2 |
| 62 | log ${S2_addr}:${S2_port} daemon |
| 63 | option log-health-checks |
| 64 | option ssl-hello-chk |
| 65 | server srv ${htst_fe2_addr}:${htst_fe2_port} check inter 1s rise 1 fall 1 |
| 66 | |
| 67 | backend be3 |
| 68 | log ${S3_addr}:${S3_port} daemon |
| 69 | option log-health-checks |
| 70 | option ssl-hello-chk |
| 71 | server srv ${htst_fe3_addr}:${htst_fe3_port} check inter 1s rise 1 fall 1 |
| 72 | } -start |
| 73 | |
| 74 | syslog S1 -wait |
| 75 | syslog S2 -wait |
| 76 | syslog S3 -wait |