Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 1 | varnishtest "Health-checks: LDAP health-check" |
| 2 | #REQUIRE_VERSION=2.2 |
| 3 | #REGTEST_TYPE=slow |
| 4 | feature ignore_unknown_macro |
| 5 | |
| 6 | # This scripts tests health-checks for LDAP application, enabled using |
| 7 | # "option ldap-check" line. A intermediate listener is used to validate |
| 8 | # the request because it is impossible with VTEST to read and match raw |
| 9 | # text. |
| 10 | |
| 11 | server s1 { |
| 12 | recv 14 |
| 13 | sendhex "300C020101 61 070A01 00 04000400" |
| 14 | } -start |
| 15 | |
| 16 | server s2 { |
| 17 | recv 14 |
| 18 | sendhex "300C020101 60 070A01 00 04000400" |
| 19 | } -start |
| 20 | |
| 21 | server s3 { |
| 22 | recv 14 |
| 23 | sendhex "300C020101 61 070A01 01 04000400" |
| 24 | } -start |
| 25 | |
Christopher Faulet | 8a0e5f8 | 2021-09-16 16:01:09 +0200 | [diff] [blame] | 26 | server s4 { |
| 27 | recv 14 |
| 28 | sendhex "308400000010020101 61 84000000070A01" |
| 29 | delay 0.1 |
| 30 | sendhex "00 04000400" |
| 31 | } -start |
| 32 | |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 33 | syslog S1 -level notice { |
| 34 | recv |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 35 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer7 check passed.+info: \"Success\".+check duration: [[:digit:]]+ms, status: 1/1 UP." |
| 36 | } -start |
| 37 | |
| 38 | syslog S2 -level notice { |
| 39 | recv |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 40 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer7 invalid response.+info: \"Not LDAPv3 protocol\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." |
| 41 | } -start |
| 42 | |
| 43 | syslog S3 -level notice { |
| 44 | recv |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 45 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer7 wrong status.+code: 1.+info: \"See RFC: http://tools.ietf.org/html/rfc4511#section-4.1.9\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." |
| 46 | } -start |
| 47 | |
Christopher Faulet | 8a0e5f8 | 2021-09-16 16:01:09 +0200 | [diff] [blame] | 48 | syslog S4 -level notice { |
| 49 | recv |
| 50 | expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be4/srv succeeded, reason: Layer7 check passed.+info: \"Success\".+check duration: [[:digit:]]+ms, status: 1/1 UP." |
| 51 | } -start |
| 52 | |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 53 | haproxy h1 -conf { |
| 54 | defaults |
| 55 | mode tcp |
Willy Tarreau | f673923 | 2021-11-18 17:46:22 +0100 | [diff] [blame] | 56 | timeout client "${HAPROXY_TEST_TIMEOUT-5s}" |
| 57 | timeout server "${HAPROXY_TEST_TIMEOUT-5s}" |
| 58 | timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 59 | |
| 60 | backend be1 |
| 61 | log ${S1_addr}:${S1_port} daemon |
| 62 | option log-health-checks |
| 63 | option ldap-check |
| 64 | server srv ${h1_ldap1_addr}:${h1_ldap1_port} check inter 1s rise 1 fall 1 |
| 65 | |
| 66 | backend be2 |
| 67 | log ${S2_addr}:${S2_port} daemon |
| 68 | option log-health-checks |
| 69 | option ldap-check |
| 70 | server srv ${s2_addr}:${s2_port} check inter 1s rise 1 fall 1 |
| 71 | |
| 72 | backend be3 |
| 73 | log ${S3_addr}:${S3_port} daemon |
| 74 | option log-health-checks |
| 75 | option ldap-check |
| 76 | server srv ${s3_addr}:${s3_port} check inter 1s rise 1 fall 1 |
| 77 | |
Christopher Faulet | 8a0e5f8 | 2021-09-16 16:01:09 +0200 | [diff] [blame] | 78 | backend be4 |
| 79 | log ${S4_addr}:${S4_port} daemon |
| 80 | option log-health-checks |
| 81 | option ldap-check |
| 82 | server srv ${s4_addr}:${s4_port} check inter 1s rise 1 fall 1 |
| 83 | |
Christopher Faulet | aec7f76 | 2020-04-22 15:16:58 +0200 | [diff] [blame] | 84 | listen ldap1 |
| 85 | bind "fd@${ldap1}" |
| 86 | tcp-request inspect-delay 100ms |
| 87 | tcp-request content accept if { req.len eq 14 } { req.payload(0,14) -m bin "300C020101600702010304008000" } |
| 88 | tcp-request content reject |
| 89 | server srv ${s1_addr}:${s1_port} |
| 90 | |
| 91 | } -start |
| 92 | |
| 93 | syslog S1 -wait |
| 94 | syslog S2 -wait |
| 95 | syslog S3 -wait |
Christopher Faulet | 8a0e5f8 | 2021-09-16 16:01:09 +0200 | [diff] [blame] | 96 | syslog S4 -wait |