REGTESTS: server: test SSL/PROXY with checks for dynamic servers

Complete the dynamic servers regtest to ensure there is no implicit
interaction for checks and SSL/PROXY server settings.

diff --git a/reg-tests/server/cli_add_check_server.vtc b/reg-tests/server/cli_add_check_server.vtc
index 31d4d61cec82e8d6f364dfd1fa327e8e4c916bb0..9f48c0d65fe0b0c6b7d2c7bd70cb56b4738c953b 100644 (file)
--- a/reg-tests/server/cli_add_check_server.vtc
+++ b/reg-tests/server/cli_add_check_server.vtc
@@ -48,6 +48,18 @@ syslog S1 -level notice {
 
        barrier b1 sync
        barrier b2 sync
+
+       recv
+       expect ~ ".*Server be1/s4 is UP/READY \\(leaving forced maintenance\\)."
+       recv
+       expect ~ "Health check for server be1/s4 failed"
+
+       barrier b1 sync
+
+       recv
+       expect ~ ".*Server be1/s5 is UP/READY \\(leaving forced maintenance\\)."
+       recv
+       expect ~ "Health check for server be1/s5 succeeded."
 } -start
 
 haproxy h1 -conf {
@@ -58,6 +70,11 @@ haproxy h1 -conf {
                option log-health-checks
                option httpchk GET /
                log ${S1_addr}:${S1_port} daemon
+
+       frontend fe-proxy
+               mode http
+               bind "fd@${hapsrv}" accept-proxy
+               http-request return status 200
 } -start
 
 # check on a functional server
@@ -117,4 +134,28 @@ haproxy h1 -cli {
        expect ~ "Server deleted."
 }
 
+# check PROXY protocol interaction with checks
+haproxy h1 -cli {
+       # no explicit check-send-proxy
+       # The health check should failed.
+       send "add server be1/s4 ${h1_hapsrv_addr}:${h1_hapsrv_port} send-proxy check rise 1 fall 1"
+       expect ~ "New server registered."
+
+       send "enable server be1/s4"
+       expect ~ ".*"
+       send "enable health be1/s4"
+       expect ~ ".*"
+
+       barrier b1 sync
+
+       # explicit check-send-proxy : health check should succeeded
+       send "add server be1/s5 ${h1_hapsrv_addr}:${h1_hapsrv_port} send-proxy check rise 1 fall 1 check-send-proxy"
+       expect ~ "New server registered."
+
+       send "enable server be1/s5"
+       expect ~ ".*"
+       send "enable health be1/s5"
+       expect ~ ".*"
+}
+
 syslog S1 -wait

diff --git a/reg-tests/server/cli_add_ssl_server.vtc b/reg-tests/server/cli_add_ssl_server.vtc
index 242d05953471c7ff745d68e4191f523a7b946415..843958df31d1ac118de448fb25213a1b88792603 100644 (file)
--- a/reg-tests/server/cli_add_ssl_server.vtc
+++ b/reg-tests/server/cli_add_ssl_server.vtc
@@ -5,6 +5,24 @@ feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL)'"
 feature cmd "command -v socat"
 feature ignore_unknown_macro
 
+barrier b1 cond 2 -cyclic
+
+syslog S1 -level notice {
+       recv
+       expect ~ ".*Server li-ssl/s1 is UP/READY \\(leaving forced maintenance\\)."
+       recv
+       expect ~ ".*Server li-ssl/s2 is UP/READY \\(leaving forced maintenance\\)."
+       recv
+       expect ~ "Health check for server li-ssl/s2 failed"
+
+       barrier b1 sync
+
+       recv
+       expect ~ ".*Server li-ssl/s3 is UP/READY \\(leaving forced maintenance\\)."
+       recv
+       expect ~ "Health check for server li-ssl/s3 succeeded."
+} -start
+
 haproxy h1 -conf {
        global
                stats socket "${tmpdir}/h1/stats" level admin
@@ -14,11 +32,14 @@ haproxy h1 -conf {
                timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
                timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
                timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"
+               option log-health-checks
+               option httpchk GET /
 
        # proxy to attach a ssl server
        listen li-ssl
                bind "fd@${feSsl}"
                balance random
+               log ${S1_addr}:${S1_port} daemon
 
        # frontend used to respond to ssl connection
        frontend fe-ssl-term
@@ -61,3 +82,29 @@ client c2 -connect ${h1_feSsl_sock} {
        rxresp
        expect resp.status == 200
 } -run
+
+# test interaction between SSL and checks for dynamic servers
+haproxy h1 -cli {
+       # no explicit check-ssl
+       # The health check should failed.
+       send "add server li-ssl/s2 ${h1_feSslTerm_addr}:${h1_feSslTerm_port} ssl verify none check"
+       expect ~ "New server registered."
+
+       send "enable server li-ssl/s2"
+       expect ~ ".*"
+       send "enable health li-ssl/s2"
+       expect ~ ".*"
+
+       barrier b1 sync
+
+       # explicit check-ssl : health check should succeeded
+       send "add server li-ssl/s3 ${h1_feSslTerm_addr}:${h1_feSslTerm_port} ssl verify none check check-ssl"
+       expect ~ "New server registered."
+
+       send "enable server li-ssl/s3"
+       expect ~ ".*"
+       send "enable health li-ssl/s3"
+       expect ~ ".*"
+}
+
+syslog S1 -wait