Commit ec3d4ae9 authored by Łukasz Nowak's avatar Łukasz Nowak

caddy-frontend: Put haproxy just before the backend

This is needed in order to provide future support for client certificates
to the backend.

Also it means that haproxy is used in all cases, with or without cache, and as
a result the "cached" version of caddy is dropped.

Let haproxy setup maxconn by itself, as it's wise enough.

Also trust that it'll detect and use proper limits, instead enforcing them in
the shell with ulimit trick (ulimit -n $(ulimit -Hn)).

As empty server alias can impact the configuration, add proper test for
checking it.
parent 80af2841
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
# not need these here). # not need these here).
[template] [template]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = 20f7a925e686949092823595c79a0523 md5sum = db3f99b99f7db132928871acefc5b56a
[template-common] [template-common]
filename = instance-common.cfg.in filename = instance-common.cfg.in
...@@ -22,7 +22,7 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b ...@@ -22,7 +22,7 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b
[template-apache-frontend] [template-apache-frontend]
filename = instance-apache-frontend.cfg.in filename = instance-apache-frontend.cfg.in
md5sum = 1eae89931b305d9b9e34769946203c1c md5sum = b4becbff2303fccec99e17e809c4bbd0
[template-caddy-replicate] [template-caddy-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
...@@ -30,7 +30,7 @@ md5sum = 6d7113ebf0c46b0e4c72c128ebb647db ...@@ -30,7 +30,7 @@ md5sum = 6d7113ebf0c46b0e4c72c128ebb647db
[template-slave-list] [template-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in _update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum = 9a5919a00a166fb8e902a72707ebc407 md5sum = 94552d98af0a8b6e431d6ee235a052d9
[template-replicate-publish-slave-information] [template-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in _update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
...@@ -38,7 +38,7 @@ md5sum = 7e3ee70c447f8203273d78f66ab519c3 ...@@ -38,7 +38,7 @@ md5sum = 7e3ee70c447f8203273d78f66ab519c3
[template-caddy-frontend-configuration] [template-caddy-frontend-configuration]
_update_hash_filename_ = templates/Caddyfile.in _update_hash_filename_ = templates/Caddyfile.in
md5sum = f0faf6d2e6c187df7e25bf717676f9df md5sum = 2503056e35463e045db3329bb8b6fae8
[caddy-backend-url-validator] [caddy-backend-url-validator]
filename = templates/caddy-backend-url-validator.in filename = templates/caddy-backend-url-validator.in
...@@ -50,11 +50,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b ...@@ -50,11 +50,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
_update_hash_filename_ = templates/default-virtualhost.conf.in _update_hash_filename_ = templates/default-virtualhost.conf.in
md5sum = 8137d3da8658d7b2d8c99c9a283a4e5e md5sum = 266f175dbdfc588af7a86b0b1884fe73
[template-cached-slave-virtualhost] [template-backend-haproxy-configuration]
_update_hash_filename_ = templates/cached-virtualhost.conf.in _update_hash_filename_ = templates/backend-haproxy.cfg.in
md5sum = e839ca3cb308f7fcdfa06c2f1b95e93f md5sum = 667e5e19e277d51a7221dcb11759d463
[template-log-access] [template-log-access]
_update_hash_filename_ = templates/template-log-access.conf.in _update_hash_filename_ = templates/template-log-access.conf.in
...@@ -94,7 +94,7 @@ md5sum = 061cc244558fd3af2b6bacf17cae5555 ...@@ -94,7 +94,7 @@ md5sum = 061cc244558fd3af2b6bacf17cae5555
[template-validate-script] [template-validate-script]
_update_hash_filename_ = templates/validate-script.sh.in _update_hash_filename_ = templates/validate-script.sh.in
md5sum = f26e11574f266c7437c9c89e3c93825a md5sum = 53e5d7ba2827bff003051f74f24ffe4f
[template-configuration-state-script] [template-configuration-state-script]
_update_hash_filename_ = templates/configuration-state-script.sh.in _update_hash_filename_ = templates/configuration-state-script.sh.in
......
...@@ -10,6 +10,7 @@ extends = ...@@ -10,6 +10,7 @@ extends =
../../component/trafficserver/buildout.cfg ../../component/trafficserver/buildout.cfg
../../component/6tunnel/buildout.cfg ../../component/6tunnel/buildout.cfg
../../component/xz-utils/buildout.cfg ../../component/xz-utils/buildout.cfg
../../component/haproxy/buildout.cfg
../../stack/caucase/buildout.cfg ../../stack/caucase/buildout.cfg
# Monitoring stack (keep on bottom) # Monitoring stack (keep on bottom)
...@@ -94,6 +95,7 @@ bin_directory = ${buildout:bin-directory} ...@@ -94,6 +95,7 @@ bin_directory = ${buildout:bin-directory}
sixtunnel = ${6tunnel:location} sixtunnel = ${6tunnel:location}
caddy = ${caddy:output} caddy = ${caddy:output}
caddy_location = ${caddy:location} caddy_location = ${caddy:location}
haproxy_executable = ${haproxy:location}/sbin/haproxy
curl = ${curl:location} curl = ${curl:location}
dash = ${dash:location} dash = ${dash:location}
gzip = ${gzip:location} gzip = ${gzip:location}
...@@ -108,7 +110,7 @@ kedifa-csr = ${:bin_directory}/kedifa-csr ...@@ -108,7 +110,7 @@ kedifa-csr = ${:bin_directory}/kedifa-csr
xz_location = ${xz-utils:location} xz_location = ${xz-utils:location}
monitor_template = ${monitor-template:output} monitor_template = ${monitor-template:output}
template_cached_slave_virtualhost = ${template-cached-slave-virtualhost:target} template_backend_haproxy_configuration = ${template-backend-haproxy-configuration:target}
template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target} template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target}
template_graceful_script = ${template-graceful-script:target} template_graceful_script = ${template-graceful-script:target}
template_validate_script = ${template-validate-script:target} template_validate_script = ${template-validate-script:target}
...@@ -184,7 +186,7 @@ mode = 640 ...@@ -184,7 +186,7 @@ mode = 640
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
<=download-template <=download-template
[template-cached-slave-virtualhost] [template-backend-haproxy-configuration]
<=download-template <=download-template
[template-log-access] [template-log-access]
......
...@@ -21,8 +21,6 @@ parts = ...@@ -21,8 +21,6 @@ parts =
promise-caddy-frontend-v4-http promise-caddy-frontend-v4-http
promise-caddy-frontend-v6-https promise-caddy-frontend-v6-https
promise-caddy-frontend-v6-http promise-caddy-frontend-v6-http
promise-caddy-frontend-cached
promise-caddy-frontend-ssl-cached
trafficserver-launcher trafficserver-launcher
trafficserver-reload trafficserver-reload
...@@ -43,6 +41,12 @@ parts = ...@@ -43,6 +41,12 @@ parts =
monitor-caddy-server-status-wrapper monitor-caddy-server-status-wrapper
monitor-verify-re6st-connectivity monitor-verify-re6st-connectivity
backend-haproxy
backend-haproxy-graceful
promise-backend-haproxy-http
promise-backend-haproxy-https
promise-backend-haproxy-configuration
# Create all needed directories # Create all needed directories
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
...@@ -147,7 +151,7 @@ context = ...@@ -147,7 +151,7 @@ context =
[software-release-path] [software-release-path]
template-empty = {{ parameter_dict['template_empty'] }} template-empty = {{ parameter_dict['template_empty'] }}
template-default-slave-virtualhost = {{ parameter_dict['template_default_slave_virtualhost'] }} template-default-slave-virtualhost = {{ parameter_dict['template_default_slave_virtualhost'] }}
template-cached-slave-virtualhost = {{ parameter_dict['template_cached_slave_virtualhost'] }} template-backend-haproxy-configuration = {{ parameter_dict['template_backend_haproxy_configuration'] }}
caddy-location = {{ parameter_dict['caddy_location'] }} caddy-location = {{ parameter_dict['caddy_location'] }}
[kedifa-login-config] [kedifa-login-config]
...@@ -220,8 +224,7 @@ organization = {{ slapparameter_dict['cluster-identification'] }} ...@@ -220,8 +224,7 @@ organization = {{ slapparameter_dict['cluster-identification'] }}
organizational-unit = {{ instance_parameter['configuration.frontend-name'] }} organizational-unit = {{ instance_parameter['configuration.frontend-name'] }}
extra-context = extra-context =
key caddy_configuration_directory caddy-directory:slave-configuration key caddy_configuration_directory caddy-directory:slave-configuration
key caddy_cached_configuration_directory caddy-directory:slave-with-cache-configuration import urlparse_module urlparse
key slave_with_cache_configuration_directory caddy-directory:slave-with-cache-configuration
key caddy_executable :caddy_executable key caddy_executable :caddy_executable
key http_port configuration:plain_http_port key http_port configuration:plain_http_port
key https_port configuration:port key https_port configuration:port
...@@ -232,7 +235,6 @@ extra-context = ...@@ -232,7 +235,6 @@ extra-context =
key autocert caddy-directory:autocert key autocert caddy-directory:autocert
key master_certificate caddy-configuration:master-certificate key master_certificate caddy-configuration:master-certificate
key caddy_log_directory caddy-directory:slave-log key caddy_log_directory caddy-directory:slave-log
key caddy_log_cache_direct_directory caddy-directory:slave-log-cache-direct
key expose_csr_id_organization :organization key expose_csr_id_organization :organization
key expose_csr_id_organizational_unit :organizational-unit key expose_csr_id_organizational_unit :organizational-unit
key local_ipv4 :local_ipv4 key local_ipv4 :local_ipv4
...@@ -240,7 +242,6 @@ extra-context = ...@@ -240,7 +242,6 @@ extra-context =
key global_ipv6 slap-network-information:global-ipv6 key global_ipv6 slap-network-information:global-ipv6
key empty_template software-release-path:template-empty key empty_template software-release-path:template-empty
key template_default_slave_configuration software-release-path:template-default-slave-virtualhost key template_default_slave_configuration software-release-path:template-default-slave-virtualhost
key template_cached_slave_configuration software-release-path:template-cached-slave-virtualhost
key software_type :software_type key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key frontend_graceful_reload caddy-configuration:frontend-graceful-command key frontend_graceful_reload caddy-configuration:frontend-graceful-command
...@@ -251,9 +252,6 @@ extra-context = ...@@ -251,9 +252,6 @@ extra-context =
key enable_http2_by_default configuration:enable-http2-by-default key enable_http2_by_default configuration:enable-http2-by-default
key global_disable_http2 configuration:global-disable-http2 key global_disable_http2 configuration:global-disable-http2
key ciphers configuration:ciphers key ciphers configuration:ciphers
key request_timeout configuration:request-timeout
key proxy_try_duration configuration:proxy-try-duration
key proxy_try_interval configuration:proxy-try-interval
key access_log caddy-configuration:access-log key access_log caddy-configuration:access-log
key error_log caddy-configuration:error-log key error_log caddy-configuration:error-log
key sixtunnel_executable :sixtunnel_executable key sixtunnel_executable :sixtunnel_executable
...@@ -263,6 +261,11 @@ extra-context = ...@@ -263,6 +261,11 @@ extra-context =
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
key apache_certificate apache-certificate:rendered key apache_certificate apache-certificate:rendered
# BBB: SlapOS Master non-zero knowledge END # BBB: SlapOS Master non-zero knowledge END
## backend haproxy
key template_backend_haproxy_configuration software-release-path:template-backend-haproxy-configuration
section backend_haproxy_configuration backend-haproxy-configuration
## full configuration
section configuration configuration
# Deploy Caddy Frontend with Jinja power # Deploy Caddy Frontend with Jinja power
[dynamic-caddy-frontend-template] [dynamic-caddy-frontend-template]
...@@ -277,9 +280,6 @@ extra-context = ...@@ -277,9 +280,6 @@ extra-context =
key master_certificate caddy-configuration:master-certificate key master_certificate caddy-configuration:master-certificate
key access_log caddy-configuration:access-log key access_log caddy-configuration:access-log
key slave_configuration_directory caddy-directory:slave-configuration key slave_configuration_directory caddy-directory:slave-configuration
key cached_port caddy-configuration:cache-through-port
key ssl_cached_port caddy-configuration:ssl-cache-through-port
key slave_with_cache_configuration_directory caddy-directory:slave-with-cache-configuration
section frontend_configuration frontend-configuration section frontend_configuration frontend-configuration
key http_port configuration:plain_http_port key http_port configuration:plain_http_port
key https_port configuration:port key https_port configuration:port
...@@ -332,11 +332,9 @@ command = ln -sf {{ parameter_dict['template_not_found_html'] }} ${caddy-direct ...@@ -332,11 +332,9 @@ command = ln -sf {{ parameter_dict['template_not_found_html'] }} ${caddy-direct
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
document-root = ${directory:srv}/htdocs document-root = ${directory:srv}/htdocs
slave-configuration = ${directory:etc}/caddy-slave-conf.d/ slave-configuration = ${directory:etc}/caddy-slave-conf.d/
slave-with-cache-configuration = ${directory:etc}/caddy-slave-with-cache-conf.d/
cache = ${directory:var}/cache cache = ${directory:var}/cache
mod-ssl = ${:cache}/httpd_mod_ssl mod-ssl = ${:cache}/httpd_mod_ssl
slave-log = ${directory:log}/httpd slave-log = ${directory:log}/httpd
slave-log-cache-direct = ${directory:log}/httpd-cache-direct
autocert = ${directory:srv}/autocert autocert = ${directory:srv}/autocert
master-autocert-dir = ${:autocert}/master-autocert master-autocert-dir = ${:autocert}/master-autocert
custom-ssl-directory = ${:slave-configuration}/ssl custom-ssl-directory = ${:slave-configuration}/ssl
...@@ -351,8 +349,6 @@ not-found-file = ${caddy-directory:document-root}/${not-found-html:filename} ...@@ -351,8 +349,6 @@ not-found-file = ${caddy-directory:document-root}/${not-found-html:filename}
master-certificate = ${caddy-directory:master-autocert-dir}/master.pem master-certificate = ${caddy-directory:master-autocert-dir}/master.pem
# Communication with ATS # Communication with ATS
cache-port = ${trafficserver-variable:input-port} cache-port = ${trafficserver-variable:input-port}
cache-through-port = 26011
ssl-cache-through-port = 26012
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
[get-self-signed-fallback-access] [get-self-signed-fallback-access]
...@@ -404,9 +400,6 @@ reload-path = ${directory:etc-run}/trafficserver-reload ...@@ -404,9 +400,6 @@ reload-path = ${directory:etc-run}/trafficserver-reload
local-ip = {{ instance_parameter['ipv4-random'] }} local-ip = {{ instance_parameter['ipv4-random'] }}
input-port = 23432 input-port = 23432
hostname = ${configuration:frontend-name} hostname = ${configuration:frontend-name}
remap = map /HTTPS/ http://{{ instance_parameter['ipv4-random'] }}:${caddy-configuration:ssl-cache-through-port}
map / http://{{ instance_parameter['ipv4-random'] }}:${caddy-configuration:cache-through-port}
plugin-config = plugin-config =
ip-allow-config = src_ip=0.0.0.0-255.255.255.255 action=ip_allow ip-allow-config = src_ip=0.0.0.0-255.255.255.255 action=ip_allow
cache-path = ${trafficserver-directory:cache-path} cache-path = ${trafficserver-directory:cache-path}
...@@ -464,11 +457,18 @@ template = {{ parameter_dict['template_trafficserver_logging_config'] }} ...@@ -464,11 +457,18 @@ template = {{ parameter_dict['template_trafficserver_logging_config'] }}
filename = logging.config filename = logging.config
[trafficserver-remap-config] [trafficserver-remap-config]
< = trafficserver-jinja2-template-base <= trafficserver-jinja2-template-base
template = {{ parameter_dict['template_empty'] }} {%- raw %}
template = inline:
map /HTTPS/ http://{{ ipv4 }}:{{ https_port }}
map / http://{{ ipv4 }}:{{ http_port }}
{%- endraw %}
extra-context =
raw ipv4 {{ instance_parameter['ipv4-random'] }}
key https_port backend-haproxy-configuration:https-port
key http_port backend-haproxy-configuration:http-port
filename = remap.config filename = remap.config
context =
key content trafficserver-variable:remap
[trafficserver-plugin-config] [trafficserver-plugin-config]
< = trafficserver-jinja2-template-base < = trafficserver-jinja2-template-base
...@@ -536,7 +536,7 @@ template = {{ parameter_dict['template_configuration_state_script'] }} ...@@ -536,7 +536,7 @@ template = {{ parameter_dict['template_configuration_state_script'] }}
rendered = ${directory:bin}/${:_buildout_section_name_} rendered = ${directory:bin}/${:_buildout_section_name_}
mode = 0700 mode = 0700
path_list = ${caddy-configuration:frontend-configuration} ${frontend-configuration:log-access-configuration} ${caddy-directory:slave-configuration}/*.conf ${caddy-directory:slave-with-cache-configuration}/*.conf ${caddy-directory:master-autocert-dir}/*.key ${caddy-directory:master-autocert-dir}/*.crt ${caddy-directory:master-autocert-dir}/*.pem ${caddy-directory:autocert}/*.pem ${caddy-directory:custom-ssl-directory}/*.proxy_ca_crt ${directory:bbb-ssl-dir}/*.crt path_list = ${caddy-configuration:frontend-configuration} ${frontend-configuration:log-access-configuration} ${caddy-directory:slave-configuration}/*.conf ${caddy-directory:master-autocert-dir}/*.key ${caddy-directory:master-autocert-dir}/*.crt ${caddy-directory:master-autocert-dir}/*.pem ${caddy-directory:autocert}/*.pem ${caddy-directory:custom-ssl-directory}/*.proxy_ca_crt ${directory:bbb-ssl-dir}/*.crt
sha256sum = {{ parameter_dict['sha256sum'] }} sha256sum = {{ parameter_dict['sha256sum'] }}
extra-context = extra-context =
...@@ -568,9 +568,10 @@ template = {{ parameter_dict['template_validate_script'] }} ...@@ -568,9 +568,10 @@ template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/frontend-caddy-validate rendered = ${directory:bin}/frontend-caddy-validate
mode = 0700 mode = 0700
last_state_file = ${directory:run}/caddy_configuration_last_state last_state_file = ${directory:run}/caddy_configuration_last_state
validate_command = ${caddy-wrapper:rendered} -validate
extra-context = extra-context =
key wrapper caddy-wrapper:rendered key validate_command :validate_command
key caddy_configuration_state frontend-caddy-configuration-state-validate:rendered key configuration_state_command frontend-caddy-configuration-state-validate:rendered
key last_state_file :last_state_file key last_state_file :last_state_file
[frontend-caddy-lazy-graceful] [frontend-caddy-lazy-graceful]
...@@ -631,19 +632,105 @@ name = caddy_frontend_ipv6_http.py ...@@ -631,19 +632,105 @@ name = caddy_frontend_ipv6_http.py
config-hostname = {{ instance_parameter['ipv6-random'] }} config-hostname = {{ instance_parameter['ipv6-random'] }}
config-port = ${configuration:plain_http_port} config-port = ${configuration:plain_http_port}
[promise-caddy-frontend-cached] [promise-backend-haproxy-http]
<= monitor-promise-base <= monitor-promise-base
module = check_port_listening module = check_port_listening
name = caddy_cached.py name = backend_haproxy_http.py
config-hostname = {{ instance_parameter['ipv4-random'] }} config-hostname = {{ instance_parameter['ipv4-random'] }}
config-port = ${caddy-configuration:cache-through-port} config-port = ${backend-haproxy-configuration:http-port}
[promise-caddy-frontend-ssl-cached] [promise-backend-haproxy-https]
<= monitor-promise-base <= monitor-promise-base
module = check_port_listening module = check_port_listening
name = caddy_ssl_cached.py name = backend_haproxy_https.py
config-hostname = {{ instance_parameter['ipv4-random'] }} config-hostname = {{ instance_parameter['ipv4-random'] }}
config-port = ${caddy-configuration:ssl-cache-through-port} config-port = ${backend-haproxy-configuration:https-port}
[backend-haproxy-configuration]
file = ${directory:etc}/backend-haproxy.cfg
pid-file = ${directory:run}/backend-haproxy.pid
graceful-command = ${backend-haproxy-validate:rendered} && kill -USR2 $(cat ${:pid-file})
http-port = ${configuration:backend-haproxy-http-port}
https-port = ${configuration:backend-haproxy-https-port}
[backend-haproxy]
recipe = slapos.cookbook:wrapper
command-line = {{ parameter_dict['haproxy_executable'] }} -f ${backend-haproxy-configuration:file}
wrapper-path = ${directory:service}/backend-haproxy
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
[backend-haproxy-configuration-state]
<= jinja2-template-base
template = {{ parameter_dict['template_configuration_state_script'] }}
rendered = ${directory:bin}/${:_buildout_section_name_}
mode = 0700
path_list = ${backend-haproxy-configuration:file}
sha256sum = {{ parameter_dict['sha256sum'] }}
extra-context =
key path_list :path_list
key sha256sum :sha256sum
key signature_file :signature_file
[backend-haproxy-configuration-state-graceful]
<= backend-haproxy-configuration-state
signature_file = ${directory:run}/backend_haproxy_graceful_configuration_state_signature
[backend-haproxy-configuration-state-validate]
<= backend-haproxy-configuration-state
signature_file = ${directory:run}/backend_haproxy_validate_configuration_state_signature
[backend-haproxy-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_graceful_script'] }}
rendered = ${directory:etc-run}/backend-haproxy-safe-graceful
mode = 0700
extra-context =
key graceful_reload_command backend-haproxy-configuration:graceful-command
key caddy_configuration_state backend-haproxy-configuration-state-graceful:rendered
[backend-haproxy-validate]
<= jinja2-template-base
template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/backend-haproxy-validate
mode = 0700
last_state_file = ${directory:run}/backend_haproxy_configuration_last_state
validate_command = {{ parameter_dict['haproxy_executable'] }} -f ${backend-haproxy-configuration:file} -c
extra-context =
key validate_command :validate_command
key configuration_state_command backend-haproxy-configuration-state-validate:rendered
key last_state_file :last_state_file
[backend-haproxy-lazy-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_caddy_lazy_script_call'] }}
rendered = ${directory:bin}/backend-haproxy-lazy-graceful
mode = 0700
pid-file = ${directory:run}/backend-haproxy-lazy-graceful.pid
wait_time = 60
extra-context =
key pid_file :pid-file
key wait_time :wait_time
key lazy_command backend-haproxy-configuration:graceful-command
[promise-backend-haproxy-configuration]
<= monitor-promise-base
module = validate_frontend_configuration
name = backend-haproxy-configuration.py
config-verification-script = ${promise-backend-haproxy-configuration-helper:rendered}
[promise-backend-haproxy-configuration-helper]
< = jinja2-template-base
template = {{ parameter_dict['template_empty'] }}
rendered = ${directory:bin}/backend-haproxy-read-last-configuration-state
mode = 0700
content =
#!/bin/sh
exit `cat ${backend-haproxy-validate:last_state_file}`
context =
key content :content
####### #######
# Monitoring sections # Monitoring sections
......
...@@ -66,16 +66,16 @@ ...@@ -66,16 +66,16 @@
"title": "Test Verification URL", "title": "Test Verification URL",
"type": "string" "type": "string"
}, },
"proxy-try-duration": { "backend-connect-timeout": {
"default": 5, "default": 5,
"description": "A time during which Caddy will try to establish connection with a backend. Setting it to 0 will result with immediate return of 502 EOF error to the browser, even if it would be possible to (re)connect to the backend during few moments. More info in https://caddyserver.com/docs/proxy try_durtion.", "description": "Time in seconds for establishing connection to the backend.",
"title": "Duration in seconds of trying a backend", "title": "Timeout for backend connection (seconds)",
"type": "integer" "type": "integer"
}, },
"proxy-try-interval": { "backend-connect-retries": {
"default": 250, "default": 3,
"description": "How often Caddy will try to establish connection with a backend during proxy-try-duration. More info in https://caddyserver.com/docs/proxy try_interval", "description": "Amount of retries to connect to the backend. The amount of backend-connect-timeout*backend-connect-retries seconds will be spent to connect to the backend.",
"title": "Interval in milliseconds of tries during proxy-try-duration", "title": "Amount of retries to connect to the backend.",
"type": "integer" "type": "integer"
}, },
"automatic-internal-kedifa-caucase-csr": { "automatic-internal-kedifa-caucase-csr": {
......
...@@ -195,6 +195,21 @@ ...@@ -195,6 +195,21 @@
"title": "type:zope virtualhostroot-https-port", "title": "type:zope virtualhostroot-https-port",
"type": "integer" "type": "integer"
}, },
"backend-connect-timeout": {
"description": "Time in seconds for establishing connection to the backend.",
"title": "Timeout for backend connection (seconds)",
"type": "integer"
},
"backend-connect-retries": {
"description": "Amount of retries to connect to the backend. The amount of backend-connect-timeout*backend-connect-retries seconds will be spent to connect to the backend.",
"title": "Amount of retries to connect to the backend.",
"type": "integer"
},
"request-timeout": {
"description": "Timeout for HTTP requests.",
"title": "HTTP Request timeout in seconds",
"type": "integer"
},
"ciphers": { "ciphers": {
"description": "List of ciphers. Empty defaults to cluster list of ciphers, which by default are Caddy list of ciphers. See https://caddyserver.com/docs/tls for more information.", "description": "List of ciphers. Empty defaults to cluster list of ciphers, which by default are Caddy list of ciphers. See https://caddyserver.com/docs/tls for more information.",
"title": "Ordered space separated list of ciphers", "title": "Ordered space separated list of ciphers",
......
...@@ -117,5 +117,7 @@ configuration.ciphers = ...@@ -117,5 +117,7 @@ configuration.ciphers =
configuration.request-timeout = 600 configuration.request-timeout = 600
configuration.mpm-graceful-shutdown-timeout = 5 configuration.mpm-graceful-shutdown-timeout = 5
configuration.frontend-name = configuration.frontend-name =
configuration.proxy-try-duration = 5 configuration.backend-connect-timeout = 5
configuration.proxy-try-interval = 250 configuration.backend-connect-retries = 3
configuration.backend-haproxy-http-port = 21080
configuration.backend-haproxy-https-port = 21443
...@@ -2,10 +2,8 @@ ...@@ -2,10 +2,8 @@
import {{frontend_configuration.get('log-access-configuration')}} import {{frontend_configuration.get('log-access-configuration')}}
import {{ slave_configuration_directory }}/*.conf import {{ slave_configuration_directory }}/*.conf
import {{ slave_with_cache_configuration_directory }}/*.conf
{% for port in [https_port] %} :{{ https_port }} {
:{{ port }} {
tls {{ master_certificate }} {{ master_certificate }} tls {{ master_certificate }} {{ master_certificate }}
bind {{ local_ipv4 }} bind {{ local_ipv4 }}
status 404 / status 404 /
...@@ -17,10 +15,8 @@ import {{ slave_with_cache_configuration_directory }}/*.conf ...@@ -17,10 +15,8 @@ import {{ slave_with_cache_configuration_directory }}/*.conf
* {{ not_found_file }} * {{ not_found_file }}
} }
} }
{%- endfor %}
{% for port in [http_port, cached_port, ssl_cached_port] %} :{{ http_port }} {
:{{ port }} {
bind {{ local_ipv4 }} bind {{ local_ipv4 }}
status 404 / status 404 /
log / {{ access_log }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" { log / {{ access_log }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
...@@ -31,7 +27,6 @@ import {{ slave_with_cache_configuration_directory }}/*.conf ...@@ -31,7 +27,6 @@ import {{ slave_with_cache_configuration_directory }}/*.conf
* {{ not_found_file }} * {{ not_found_file }}
} }
} }
{%- endfor %}
# Access to server-status Caddy-style # Access to server-status Caddy-style
https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status { https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status {
......
{%- if software_type == slap_software_type %} {%- if software_type == slap_software_type %}
{%- set kedifa_updater_mapping = [] %} {%- set kedifa_updater_mapping = [] %}
{%- set cached_server_dict = {} %} {%- set cached_server_dict = {} %}
{%- set backend_slave_list = [] %}
{%- set part_list = [] %} {%- set part_list = [] %}
{%- set cache_port = caddy_configuration.get('cache-port') %} {%- set cache_port = caddy_configuration.get('cache-port') %}
{%- set cached_port = caddy_configuration.get('cache-through-port') %}
{%- set ssl_cached_port = caddy_configuration.get('ssl-cache-through-port') %}
{%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %} {%- set cache_access = "http://%s:%s" % (local_ipv4, cache_port) %}
{%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %} {%- set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) %}
{%- set backend_haproxy_http_url = 'http://%s:%s' % (local_ipv4, backend_haproxy_configuration['http-port']) %}
{%- set backend_haproxy_https_url = 'http://%s:%s' % (local_ipv4, backend_haproxy_configuration['https-port']) %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %} {%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %} {%- set generic_instance_parameter_dict = { 'cache_access': cache_access, 'local_ipv4': local_ipv4, 'http_port': http_port, 'https_port': https_port} %}
{%- set slave_log_dict = {} %} {%- set slave_log_dict = {} %}
...@@ -43,11 +44,16 @@ create = true ...@@ -43,11 +44,16 @@ create = true
[slave-log-directory-dict] [slave-log-directory-dict]
[slave-password] [slave-password]
# empty section if no cached slaves are available
[slave-log-cache-direct-directory-dict]
{#- Loop thought slave list to set up slaves #} {#- Loop thought slave list to set up slaves #}
{%- set DEFAULT_PORT = {'http': 80, 'https': 443, '': None} %}
{%- for slave_instance in slave_instance_list %} {%- for slave_instance in slave_instance_list %}
{#- prepare backend parameters #}
{%- for key, prefix in [('url', 'http_backend'), ('https-url', 'https_backend')] %}
{%- set parsed = urlparse_module.urlparse(slave_instance.get(key, '')) %}
{%- set info_dict = {'scheme': parsed.scheme, 'hostname': parsed.hostname, 'port': parsed.port or DEFAULT_PORT[parsed.scheme], 'path': parsed.path, 'fragment': parsed.fragment} %}
{%- do slave_instance.__setitem__(prefix, info_dict) %}
{%- endfor %}
{%- do slave_instance.__setitem__('ssl_proxy_verify', ('' ~ slave_instance.get('ssl-proxy-verify', '')).lower() in TRUE_VALUES) %}
{#- Manage ciphers #} {#- Manage ciphers #}
{%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %} {%- set slave_ciphers = slave_instance.get('ciphers', '').strip().split() %}
{%- if slave_ciphers %} {%- if slave_ciphers %}
...@@ -56,10 +62,34 @@ create = true ...@@ -56,10 +62,34 @@ create = true
{%- set slave_cipher_list = ciphers.strip() %} {%- set slave_cipher_list = ciphers.strip() %}
{%- endif %} {%- endif %}
{%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %} {%- do slave_instance.__setitem__('cipher_list', slave_cipher_list) %}
{#- Manage common instance parameters #}
{%- set slave_type = slave_instance.get('type', '') %} {%- set slave_type = slave_instance.get('type', '') %}
{%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %} {%- set enable_cache = (('' ~ slave_instance.get('enable_cache', '')).lower() in TRUE_VALUES and slave_type != 'redirect') %}
{%- set slave_reference = slave_instance.get('slave_reference') %} {%- set slave_reference = slave_instance.get('slave_reference') %}
{%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %} {%- set slave_kedifa = slave_kedifa_information.get(slave_reference) %}
{#- Setup backend URLs for front facing Caddy #}
{%- if slave_type == 'redirect' %}
{%- do slave_instance.__setitem__('backend-http-url', slave_instance.get('url', '').rstrip('/')) %}
{%- if slave_instance.get('https-url') %}
{%- do slave_instance.__setitem__('backend-https-url', slave_instance.get['https-url'].rstrip('/')) %}
{%- endif %}
{%- elif enable_cache %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- endif %}
{%- endif %}
{%- do slave_instance.__setitem__('backend-http-url', cache_access) %}
{%- if slave_instance.get('https-url') %}
{%- do slave_instance.__setitem__('backend-https-url', ssl_cache_access) %}
{%- endif %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{%- else %}
{%- do slave_instance.__setitem__('backend-http-url', backend_haproxy_http_url) %}
{%- if slave_instance.get('https-url') %}
{%- do slave_instance.__setitem__('backend-https-url', backend_haproxy_https_url) %}
{%- endif %}
{%- endif %}
{%- if slave_kedifa %} {%- if slave_kedifa %}
{%- set key_download_url = slave_kedifa.get('key-download-url') %} {%- set key_download_url = slave_kedifa.get('key-download-url') %}
{%- else %} {%- else %}
...@@ -70,34 +100,26 @@ create = true ...@@ -70,34 +100,26 @@ create = true
{%- set slave_publish_dict = {} %} {%- set slave_publish_dict = {} %}
{%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %} {%- set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
{%- set slave_logrotate_section = slave_reference + "-logs" %} {%- set slave_logrotate_section = slave_reference + "-logs" %}
{%- set slave_logrotate_cache_direct_section = slave_reference + "-cache-direct-logs" %}
{%- set slave_password_section = slave_reference + "-password" %} {%- set slave_password_section = slave_reference + "-password" %}
{%- set slave_ln_section = slave_reference + "-ln" %} {%- set slave_ln_section = slave_reference + "-ln" %}
{#- extend parts #} {#- extend parts #}
{%- do part_list.extend([slave_ln_section]) %} {%- do part_list.extend([slave_ln_section]) %}
{%- do part_list.extend([slave_logrotate_section, slave_section_title]) %} {%- do part_list.extend([slave_logrotate_section, slave_section_title]) %}
{%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %} {%- set slave_log_folder = '${logrotate-directory:logrotate-backup}/' + slave_reference + "-logs" %}
{%- if enable_cache %}
{%- set slave_log_cache_direct_folder = '${logrotate-directory:logrotate-backup}/' + slave_logrotate_cache_direct_section %}
{%- do part_list.extend([slave_logrotate_cache_direct_section]) %}
{%- endif %}
{#- Pass HTTP2 switch #} {#- Pass HTTP2 switch #}
{%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %} {%- do slave_instance.__setitem__('enable_http2_by_default', enable_http2_by_default) %}
{%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %} {%- do slave_instance.__setitem__('global_disable_http2', global_disable_http2) %}
{#- Pass proxy_try_duration and proxy_try_interval #} {#- Pass backend timeout values #}
{%- do slave_instance.__setitem__('proxy_try_duration', proxy_try_duration) %} {%- for key in ['backend-connect-timeout', 'backend-connect-retries', 'request-timeout'] %}
{%- do slave_instance.__setitem__('proxy_try_interval', proxy_try_interval) %} {%- if slave_instance.get(key, '') == '' %}
{%- do slave_instance.__setitem__(key, configuration[key]) %}
{%- endif %}
{%- endfor %}
{#- Set Up log files #} {#- Set Up log files #}
{%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %} {%- do slave_parameter_dict.__setitem__('access_log', '/'.join([caddy_log_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %} {%- do slave_parameter_dict.__setitem__('error_log', '/'.join([caddy_log_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %} {%- do slave_instance.__setitem__('access_log', slave_parameter_dict.get('access_log')) %}
{%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %} {%- do slave_instance.__setitem__('error_log', slave_parameter_dict.get('error_log')) %}
{%- if enable_cache %}
{%- do slave_parameter_dict.__setitem__('access_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_access_log' % slave_reference])) %}
{%- do slave_parameter_dict.__setitem__('error_log_cache_direct', '/'.join([caddy_log_cache_direct_directory, '%s_error_log' % slave_reference])) %}
{%- do slave_instance.__setitem__('access_log_cache_direct', slave_parameter_dict.get('access_log_cache_direct')) %}
{%- do slave_instance.__setitem__('error_log_cache_direct', slave_parameter_dict.get('error_log_cache_direct')) %}
{%- endif %}
{#- Add slave log directory to the slave log access dict #} {#- Add slave log directory to the slave log access dict #}
{%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %} {%- do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
{%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %} {%- set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
...@@ -109,18 +131,6 @@ create = true ...@@ -109,18 +131,6 @@ create = true
{%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %} {%- set domain_prefix = slave_instance.get('slave_reference').replace("-", "").replace("_", "").lower() %}
{%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %} {%- do slave_instance.__setitem__('custom_domain', "%s.%s" % (domain_prefix, slapparameter_dict.get('domain'))) %}
{%- endif %} {%- endif %}
{%- if enable_cache and 'url' in slave_instance %}
{%- if 'domain' in slave_instance %}
{%- if not slave_instance.get('custom_domain') %}
{%- do slave_instance.__setitem__('custom_domain', slave_instance.get('domain')) %}
{%- endif %}
{%- endif %}
{%- do slave_instance.__setitem__('backend_url', slave_instance.get('url')) %}
{%- do slave_instance.__setitem__('https_backend_url', slave_instance.get('https-url', slave_instance.get('url'))) %}
{%- do slave_instance.__setitem__('url', cache_access) %}
{%- do slave_instance.__setitem__('https-url', ssl_cache_access) %}
{%- do cached_server_dict.__setitem__(slave_reference, slave_configuration_section_name) %}
{%- endif %}
{%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %} {%- do slave_publish_dict.__setitem__('domain', slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %} {%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %} {%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
...@@ -129,11 +139,6 @@ create = true ...@@ -129,11 +139,6 @@ create = true
[slave-log-directory-dict] [slave-log-directory-dict]
{{slave_reference}} = {{ slave_log_folder }} {{slave_reference}} = {{ slave_log_folder }}
{%- if enable_cache %}
[slave-log-cache-direct-directory-dict]
{{slave_reference}}_cache_direct = {{ slave_log_cache_direct_folder }}
{%- endif %}
[slave-password] [slave-password]
{{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }} {{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
...@@ -143,14 +148,6 @@ create = true ...@@ -143,14 +148,6 @@ create = true
name = ${:_buildout_section_name_} name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}} log = {{slave_parameter_dict.get('access_log')}} {{slave_parameter_dict.get('error_log')}}
backup = {{ slave_log_folder }} backup = {{ slave_log_folder }}
{%- if enable_cache %}
[{{slave_logrotate_cache_direct_section}}]
<= logrotate-entry-base
name = ${:_buildout_section_name_}
log = {{slave_parameter_dict.get('access_log_cache_direct')}} {{slave_parameter_dict.get('error_log_cache_direct')}}
backup = {{ slave_log_cache_direct_folder }}
{%- endif %}
{#- integrate current logs inside #} {#- integrate current logs inside #}
...@@ -221,9 +218,6 @@ certificate = {{ certificate }} ...@@ -221,9 +218,6 @@ certificate = {{ certificate }}
https_port = {{ dumps('' ~ https_port) }} https_port = {{ dumps('' ~ https_port) }}
http_port = {{ dumps('' ~ http_port) }} http_port = {{ dumps('' ~ http_port) }}
local_ipv4 = {{ dumps('' ~ local_ipv4) }} local_ipv4 = {{ dumps('' ~ local_ipv4) }}
cached_port = {{ dumps('' ~ cached_port) }}
ssl_cached_port = {{ ('' ~ ssl_cached_port) }}
request_timeout = {{ ('' ~ request_timeout) }}
{%- for key, value in slave_instance.iteritems() %} {%- for key, value in slave_instance.iteritems() %}
{%- if value is not none %} {%- if value is not none %}
{{ key }} = {{ dumps('' ~ value) }} {{ key }} = {{ dumps('' ~ value) }}
...@@ -282,6 +276,7 @@ recipe = slapos.cookbook:publish ...@@ -282,6 +276,7 @@ recipe = slapos.cookbook:publish
{%- else %} {%- else %}
{%- do slave_instance_information_list.append(slave_publish_dict) %} {%- do slave_instance_information_list.append(slave_publish_dict) %}
{%- endif %} {%- endif %}
{%- do backend_slave_list.append(slave_instance) %}
{%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #} {%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #}
[slave-log-directories] [slave-log-directories]
...@@ -290,28 +285,9 @@ recipe = slapos.cookbook:mkdirectory ...@@ -290,28 +285,9 @@ recipe = slapos.cookbook:mkdirectory
{%- do part_list.append('slave-log-directories') %} {%- do part_list.append('slave-log-directories') %}
[slave-log-cache-direct-directories]
<= slave-log-cache-direct-directory-dict
recipe = slapos.cookbook:mkdirectory
{%- do part_list.append('slave-log-cache-direct-directories') %}
{%- do part_list.append('caddy-log-access') %} {%- do part_list.append('caddy-log-access') %}
{#- ############################################## #} {#- ############################################## #}
{#- ## Prepare virtualhost for slaves using cache #} {#- ## Prepare virtualhost for slaves using cache #}
{%- for slave_reference, slave_configuration_section_name in cached_server_dict.iteritems() %}
{%- set cached_slave_configuration_section_title = '%s-cached-virtualhost' % slave_reference %}
{%- do part_list.append(cached_slave_configuration_section_title) %}
[{{ cached_slave_configuration_section_title }}]
< = jinja2-template-base
template = {{ template_cached_slave_configuration }}
filename = {{ '%s.conf' % slave_reference }}
rendered = {{ caddy_cached_configuration_directory }}/${:filename}
extensions = jinja2.ext.do
extra-context =
section slave_parameter {{ slave_configuration_section_name }}
{{ '\n' }}
{%- endfor %}
{#- Define IPv6 to IPV4 tunneling #} {#- Define IPv6 to IPV4 tunneling #}
[tunnel-6to4-base] [tunnel-6to4-base]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
...@@ -331,16 +307,6 @@ ipv6-port = {{ http_port }} ...@@ -331,16 +307,6 @@ ipv6-port = {{ http_port }}
ipv4-port = {{ https_port }} ipv4-port = {{ https_port }}
ipv6-port = {{ https_port }} ipv6-port = {{ https_port }}
[tunnel-6to4-base-cached_port]
<= tunnel-6to4-base
ipv4-port = {{ cached_port }}
ipv6-port = {{ cached_port }}
[tunnel-6to4-base-ssl_cached_port]
<= tunnel-6to4-base
ipv4-port = {{ ssl_cached_port }}
ipv6-port = {{ ssl_cached_port }}
{#- Define log access #} {#- Define log access #}
[caddy-log-access-parameters] [caddy-log-access-parameters]
...@@ -414,6 +380,27 @@ rendered = ${:file} ...@@ -414,6 +380,27 @@ rendered = ${:file}
template = inline: # This file contain directives to serve directories with log files for shared instances, but no shared instances are defined yet. template = inline: # This file contain directives to serve directories with log files for shared instances, but no shared instances are defined yet.
rendered = {{frontend_configuration.get('log-access-configuration')}} rendered = {{frontend_configuration.get('log-access-configuration')}}
##<Backend haproxy>
[backend-haproxy-configuration]
< = jinja2-template-base
template = {{ template_backend_haproxy_configuration }}
rendered = ${backend-haproxy-config:file}
backend_slave_list = {{ dumps(sorted(backend_slave_list)) }}
extra-context =
key backend_slave_list :backend_slave_list
section configuration backend-haproxy-config
[backend-haproxy-config]
file = {{ backend_haproxy_configuration['file'] }}
pid-file = {{ backend_haproxy_configuration['pid-file'] }}
local-ipv4 = {{ dumps('' ~ local_ipv4) }}
http-port = {{ ('' ~ backend_haproxy_configuration['http-port']) }}
https-port = {{ ('' ~ backend_haproxy_configuration['https-port']) }}
request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
##<Backend haproxy>
[buildout] [buildout]
extends = extends =
{{ common_profile }} {{ common_profile }}
...@@ -423,6 +410,7 @@ extends = ...@@ -423,6 +410,7 @@ extends =
parts += parts +=
kedifa-updater kedifa-updater
kedifa-updater-run kedifa-updater-run
backend-haproxy-configuration
{%- for part in part_list %} {%- for part in part_list %}
{{ ' %s' % part }} {{ ' %s' % part }}
{%- endfor %} {%- endfor %}
...@@ -432,8 +420,6 @@ parts += ...@@ -432,8 +420,6 @@ parts +=
publish-caddy-information publish-caddy-information
tunnel-6to4-base-http_port tunnel-6to4-base-http_port
tunnel-6to4-base-https_port tunnel-6to4-base-https_port
tunnel-6to4-base-cached_port
tunnel-6to4-base-ssl_cached_port
expose-csr_id expose-csr_id
promise-expose-csr_id-ip-port promise-expose-csr_id-ip-port
......
global
pidfile {{ configuration['pid-file'] }}
# master-worker is compatible with foreground with process management
master-worker
log stderr local0
defaults
log global
mode http
option httplog
timeout queue 60s
timeout server {{ configuration['request-timeout'] }}s
timeout client {{ configuration['request-timeout'] }}s
timeout connect {{ configuration['backend-connect-timeout'] }}s
retries {{ configuration['backend-connect-retries'] }}
# tentative below https://cbonte.github.io/haproxy-dconv/2.0/configuration.html#option%20httpclose
option httpclose
  • ( sorry I'm late again ) ... @luke can you explain a bit more why we enable this option ?

    I'm worried that this would make the connection between frontend and backend to be cut and re-established between each request (including the TLS handshake).

    But I'm wondering, because I think we had a test checking the connection was kept (checking process connection with psutil), but maybe I'm wrong here.

    /cc @tomo

  • Better late then never!!

    Thank you, as you see I written tentative, and it slipped my radar.

    I wanted to drop this option, in frontend context.

  • I already fixed it on master 63e91928, my initial idea anyway was to keep connection alive to the backends. This shall never end up here.

  • Thanks @luke !

    For reference, it seems to be technically possible to have this covered in test suite, using similar technique as what we did here to inspect the TCP connections of a process. We could make a request to frontend and check that after the request there's still an connection in ESTABLISHED state between frontend and backend.

Please register or sign in to reply
{%- macro frontend_entry(slave_instance, scheme) %}
{%- set host_list = (slave_instance.get('server-alias') or '').split() %}
{%- if slave_instance.get('custom_domain') not in host_list %}
{%- do host_list.append(slave_instance.get('custom_domain')) %}
{%- endif %}
{%- for host in host_list %}
{%- if host.startswith('*.') %}
{#- hdr_sub has to be used, as anyway something.example.com shall match *.example.com[:port], with optional port #}
acl is_{{ slave_instance['slave_reference'] }} hdr_sub(host) -i {{ host[2:] }}
{%- else %}
acl is_{{ slave_instance['slave_reference'] }} hdr_dom(host) -i {{ host }}
{%- endif %}
{%- endfor %}
use_backend {{ slave_instance['slave_reference'] }}-{{ scheme }} if is_{{ slave_instance['slave_reference'] }}
{%- endmacro %}
frontend http-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
{%- for slave_instance in backend_slave_list %}
{{ frontend_entry(slave_instance, 'http') }}
{%- endfor %}
frontend https-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['https-port'] }}
{%- for slave_instance in backend_slave_list %}
{{ frontend_entry(slave_instance, 'https') }}
{%- endfor %}
{%- for slave_instance in backend_slave_list %}
{%- for (scheme, prefix) in [('http', 'http_backend'), ('https', 'https_backend')] %}
{%- set info_dict = slave_instance[prefix] %}
{%- if info_dict['scheme'] == 'https' %}
{%- set ssl = ['ssl verify'] %}
{%- set path_to_ssl_proxy_ca_crt = slave_instance.get('path_to_ssl_proxy_ca_crt') %}
{%- if slave_instance['ssl_proxy_verify'] %}
{%- if path_to_ssl_proxy_ca_crt %}
{%- do ssl.append('required ca-file %s' % (path_to_ssl_proxy_ca_crt,)) %}
{%- else %}
{#- Backend SSL shall be verified, but not CA provided, disallow connection #}
{#- Simply dropping hostname from the dict will result with ignoring it... #}
{%- do info_dict.__setitem__('hostname', '') %}
{%- endif %}
{%- else %}
{%- do ssl.append('none') %}
{%- endif %}
{%- set ssl = ' '.join(ssl) %}
{%- else %}
{%- set ssl = '' %}
{%- endif %}
backend {{ slave_instance['slave_reference'] }}-{{ scheme }}
{%- set hostname = info_dict['hostname'] %}
{%- set port = info_dict['port'] %}
{%- set path = info_dict['path'].rstrip('/') %}
{%- if hostname and port %}
timeout server {{ slave_instance['request-timeout'] }}s
timeout connect {{ slave_instance['backend-connect-timeout'] }}s
retries {{ slave_instance['backend-connect-retries'] }}
server backend {{ hostname }}:{{ port }} {{ ssl }}
{%- if path %}
http-request set-path {{ path }}%[path]
{%- endif %}
{%- endif %}
{%- endfor %}
{%- endfor %}
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] %}
{%- set server_alias_list = slave_parameter.get('server-alias', '').split() %}
{%- set ssl_proxy_verify = ('' ~ slave_parameter.get('ssl-proxy-verify', '')).lower() in TRUE_VALUES %}
{%- set host_list = [] %}
{%- for host in [slave_parameter.get('custom_domain')] + server_alias_list %}
{%- if host not in host_list %}
{%- do host_list.append(host) %}
{%- endif %}
{%- endfor %}
{%- set http_backend_host_list = [] %}
{%- set https_backend_host_list = [] %}
{%- for host in host_list %}
{%- do http_backend_host_list.append('http://%s:%s' % (host, slave_parameter['cached_port'])) %}
{%- do https_backend_host_list.append('http://%s:%s' % (host, slave_parameter['ssl_cached_port'])) %}
{%- endfor %}
# SSL-disabled backends
{{ http_backend_host_list|join(', ') }} {
bind {{ slave_parameter['local_ipv4'] }}
# Rewrite part
proxy / {{ slave_parameter.get('backend_url', '') }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream Host {host}
{# header_upstream -X-Forwarded-For - caddy behaviour while removing and setting header is unstable, so for now original header has to be kept, even if in that case it comes from after ATS caddy itself #}
header_upstream X-Forwarded-For {>X-Forwarded-For-Real}
header_upstream -X-Forwarded-For-Real
timeout {{ slave_parameter['request_timeout'] }}s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %}
{%- else %}
insecure_skip_verify
{%- endif %}
}
log / {{ slave_parameter.get('access_log_cache_direct') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log_cache_direct') }} {
rotate_size 0
}
}
# SSL-enabled backends
{{ https_backend_host_list|join(', ') }} {
bind {{ slave_parameter['local_ipv4'] }}
proxy / {{ slave_parameter.get('https_backend_url', '') }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
header_upstream Host {host}
{# header_upstream -X-Forwarded-For - caddy behaviour while removing and setting header is unstable, so for now original header has to be kept, even if in that case it comes from after ATS caddy itself #}
header_upstream X-Forwarded-For {>X-Forwarded-For-Real}
header_upstream -X-Forwarded-For-Real
timeout {{ slave_parameter['request_timeout'] }}s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %}
{%- else %}
insecure_skip_verify
{%- endif %}
}
log / {{ slave_parameter.get('access_log_cache_direct') }} "{remote} - {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" {
rotate_size 0
}
errors {{ slave_parameter.get('error_log_cache_direct') }} {
rotate_size 0
}
}
...@@ -9,7 +9,6 @@ ...@@ -9,7 +9,6 @@
{%- endif %} {#- if prefer_gzip #} {%- endif %} {#- if prefer_gzip #}
{%- set server_alias_list = slave_parameter.get('server-alias', '').split() %} {%- set server_alias_list = slave_parameter.get('server-alias', '').split() %}
{%- set enable_h2 = slave_parameter['global_disable_http2'].lower() not in TRUE_VALUES and slave_parameter.get('enable-http2', slave_parameter['enable_http2_by_default']).lower() in TRUE_VALUES %} {%- set enable_h2 = slave_parameter['global_disable_http2'].lower() not in TRUE_VALUES and slave_parameter.get('enable-http2', slave_parameter['enable_http2_by_default']).lower() in TRUE_VALUES %}
{%- set ssl_proxy_verify = slave_parameter.get('ssl-proxy-verify', '').lower() in TRUE_VALUES %}
{%- set disabled_cookie_list = slave_parameter.get('disabled-cookie-list', '').split() %} {%- set disabled_cookie_list = slave_parameter.get('disabled-cookie-list', '').split() %}
{%- set https_only = slave_parameter.get('https-only', 'true').lower() in TRUE_VALUES %} {%- set https_only = slave_parameter.get('https-only', 'true').lower() in TRUE_VALUES %}
{%- set slave_type = slave_parameter.get('type', '') %} {%- set slave_type = slave_parameter.get('type', '') %}
...@@ -41,31 +40,18 @@ ...@@ -41,31 +40,18 @@
{%- endif %} {%- endif %}
{%- macro proxy_header() %} {%- macro proxy_header() %}
try_duration {{ slave_parameter['proxy_try_duration'] }}s timeout {{ slave_parameter['request-timeout'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms
timeout {{ slave_parameter['request_timeout'] }}s
{%- if ssl_proxy_verify %}
{%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #}
# force reset of X-Forwarded-For # force reset of X-Forwarded-For
header_upstream X-Forwarded-For {remote} header_upstream X-Forwarded-For {remote}
{%- if enable_cache %}
# provide a header for other components
header_upstream X-Forwarded-For-Real {remote}
{%- endif %}
{%- endmacro %} {# proxy_header #} {%- endmacro %} {# proxy_header #}
{%- for tls in [True, False] %} {%- for tls in [True, False] %}
{%- if tls %} {%- if tls %}
{%- set backend_url = slave_parameter.get('https-url', slave_parameter.get('url', '')).rstrip('/') %} {%- set backend_url = slave_parameter.get('backend-https-url', slave_parameter.get('backend-http-url')) %}
# SSL enabled hosts # SSL enabled hosts
{{ https_host_list|join(', ') }} { {{ https_host_list|join(', ') }} {
{%- else %} {%- else %}
{%- set backend_url = slave_parameter.get('url', '').rstrip('/') %} {%- set backend_url = slave_parameter['backend-http-url'] %}
# SSL-disabled hosts # SSL-disabled hosts
{{ http_host_list|join(', ') }} { {{ http_host_list|join(', ') }} {
{%- endif %} {%- endif %}
...@@ -178,11 +164,13 @@ ...@@ -178,11 +164,13 @@
{%- endif %} {%- endif %}
} {# rewrite #} } {# rewrite #}
{%- endif %} {#- if prefer_gzip #} {%- endif %} {#- if prefer_gzip #}
{%- elif slave_type == 'redirect' and backend_url %} {#- if slave_type == 'zope' and backend_url #} {%- elif slave_type == 'redirect' %}
{%- if backend_url %}
# Redirect configuration # Redirect configuration
redir 302 { redir 302 {
/ {{ backend_url }}{rewrite_uri} / {{ backend_url }}{rewrite_uri}
} {# redir #} }
{%- endif %}
{%- elif slave_type == 'notebook' %} {%- elif slave_type == 'notebook' %}
proxy / {{ backend_url }} { proxy / {{ backend_url }} {
{{ proxy_header() }} {{ proxy_header() }}
...@@ -204,6 +192,8 @@ ...@@ -204,6 +192,8 @@
{{ proxy_header() }} {{ proxy_header() }}
{%- if websocket_transparent %} {%- if websocket_transparent %}
transparent transparent
{%- else %}
header_upstream Host {host}
{%- endif %} {%- endif %}
} }
{%- for websocket_path in websocket_path_list %} {%- for websocket_path in websocket_path_list %}
...@@ -212,6 +202,8 @@ ...@@ -212,6 +202,8 @@
websocket websocket
{%- if websocket_transparent %} {%- if websocket_transparent %}
transparent transparent
{%- else %}
header_upstream Host {host}
{%- endif %} {%- endif %}
} }
{%- endfor %} {%- endfor %}
...@@ -221,6 +213,8 @@ ...@@ -221,6 +213,8 @@
websocket websocket
{%- if websocket_transparent %} {%- if websocket_transparent %}
transparent transparent
{%- else %}
header_upstream Host {host}
{%- endif %} {%- endif %}
} }
{%- endif %} {%- endif %}
......
...@@ -10,10 +10,10 @@ if [ -f $LAST_STATE_FILE ] ; then ...@@ -10,10 +10,10 @@ if [ -f $LAST_STATE_FILE ] ; then
old_found=$(find $LAST_STATE_FILE -mmin +120 | wc -l) old_found=$(find $LAST_STATE_FILE -mmin +120 | wc -l)
fi fi
if [ "$old_found" -eq 1 ] || {{ caddy_configuration_state }} ; then if [ "$old_found" -eq 1 ] || {{ configuration_state_command }} ; then
# do not catch errors during validation # do not catch errors during validation
set +e set +e
{{ wrapper }} -validate {{ validate_command }}
echo $? > $LAST_STATE_FILE echo $? > $LAST_STATE_FILE
set -e set -e
fi fi
......
...@@ -404,6 +404,13 @@ class TestDataMixin(object): ...@@ -404,6 +404,13 @@ class TestDataMixin(object):
'caddy-%s' % (partition_id)] = generateHashFromFiles( 'caddy-%s' % (partition_id)] = generateHashFromFiles(
[caddy_wrapper_path] + hash_file_list [caddy_wrapper_path] + hash_file_list
) )
for backend_haproxy_wrapper_path in glob.glob(os.path.join(
self.instance_path, '*', 'bin', 'backend-haproxy-wrapper')):
partition_id = backend_haproxy_wrapper_path.split('/')[-3]
hash_value_dict[
'backend-haproxy-%s' % (partition_id)] = generateHashFromFiles(
[backend_haproxy_wrapper_path] + hash_file_list
)
for rejected_slave_publish_path in glob.glob(os.path.join( for rejected_slave_publish_path in glob.glob(os.path.join(
self.instance_path, '*', 'etc', 'Caddyfile-rejected-slave')): self.instance_path, '*', 'etc', 'Caddyfile-rejected-slave')):
partition_id = rejected_slave_publish_path.split('/')[-3] partition_id = rejected_slave_publish_path.split('/')[-3]
...@@ -1101,11 +1108,18 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1101,11 +1108,18 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
'url_https-url': { 'url_https-url': {
'url': cls.backend_url + 'http', 'url': cls.backend_url + 'http',
'https-url': cls.backend_url + 'https', 'https-url': cls.backend_url + 'https',
'backend-connect-timeout': 10,
'backend-connect-retries': 5,
'request-timeout': 15,
}, },
'server-alias': { 'server-alias': {
'url': cls.backend_url, 'url': cls.backend_url,
'server-alias': 'alias1.example.com alias2.example.com', 'server-alias': 'alias1.example.com alias2.example.com',
}, },
'server-alias-empty': {
'url': cls.backend_url,
'server-alias': '',
},
'server-alias-wildcard': { 'server-alias-wildcard': {
'url': cls.backend_url, 'url': cls.backend_url,
'server-alias': '*.alias1.example.com', 'server-alias': '*.alias1.example.com',
...@@ -1500,9 +1514,9 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1500,9 +1514,9 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
expected_parameter_dict = { expected_parameter_dict = {
'monitor-base-url': 'https://[%s]:8401' % self._ipv6_address, 'monitor-base-url': 'https://[%s]:8401' % self._ipv6_address,
'domain': 'example.com', 'domain': 'example.com',
'accepted-slave-amount': '51', 'accepted-slave-amount': '52',
'rejected-slave-amount': '0', 'rejected-slave-amount': '0',
'slave-amount': '51', 'slave-amount': '52',
'rejected-slave-dict': { 'rejected-slave-dict': {
} }
} }
...@@ -1551,7 +1565,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1551,7 +1565,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.certificate_pem, self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.SERVICE_UNAVAILABLE, result.status_code)
# check that log file contains verbose log # check that log file contains verbose log
log_file = glob.glob( log_file = glob.glob(
...@@ -1561,7 +1575,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1561,7 +1575,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
log_regexp = r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} - - ' \ log_regexp = r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} - - ' \
r'\[\d{2}\/.{3}\/\d{4}\:\d{2}\:\d{2}\:\d{2} \+\d{4}\] ' \ r'\[\d{2}\/.{3}\/\d{4}\:\d{2}\:\d{2}\:\d{2} \+\d{4}\] ' \
r'"GET \/test-path HTTP\/1.1" 404 \d+ "-" '\ r'"GET \/test-path HTTP\/1.1" \d{3} \d+ "-" '\
r'"python-requests.*" \d+' r'"python-requests.*" \d+'
self.assertRegexpMatches( self.assertRegexpMatches(
...@@ -1616,16 +1630,12 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1616,16 +1630,12 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
if ignore_header_list is None: if ignore_header_list is None:
ignore_header_list = [] ignore_header_list = []
self.assertFalse('remote_user' in backend_header_dict.keys()) self.assertFalse('remote_user' in backend_header_dict.keys())
self.assertFalse('x-forwarded-for-real' in backend_header_dict.keys())
if 'Host' not in ignore_header_list: if 'Host' not in ignore_header_list:
self.assertEqual( self.assertEqual(
backend_header_dict['host'], backend_header_dict['host'],
'%s:%s' % (domain, port)) '%s:%s' % (domain, port))
# XXX It's really hard to play with Caddy headers, thus we have to keep
# some of them. As other solutions will come in future, more control
# over sent X-Forwarded-For will be possible
self.assertEqual( self.assertEqual(
backend_header_dict['x-forwarded-for'].split(',')[0], backend_header_dict['x-forwarded-for'],
source_ip source_ip
) )
self.assertEqual( self.assertEqual(
...@@ -1644,7 +1654,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1644,7 +1654,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
parameter_dict['domain'], parameter_dict['public-ipv4'], parameter_dict['domain'], parameter_dict['public-ipv4'],
'test-path/deep/.././deeper', 'test-path/deep/.././deeper',
headers={ headers={
'Timeout': '10', # more than default proxy-try-duration == 5 'Timeout': '10', # more than default backend-connect-timeout == 5
'Accept-Encoding': 'gzip', 'Accept-Encoding': 'gzip',
} }
) )
...@@ -1683,13 +1693,20 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1683,13 +1693,20 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
result_http.headers['Location'] result_http.headers['Location']
) )
# check that try_duration == 5 in the test_url slave # check that timeouts are correctly set in the haproxy configuration
slave_configuration_file = glob.glob(os.path.join( backend_configuration_file = glob.glob(os.path.join(
self.instance_path, '*', 'etc', '*slave-conf.d', '_Url.conf'))[0] self.instance_path, '*', 'etc', 'backend-haproxy.cfg'))[0]
with open(slave_configuration_file) as fh: with open(backend_configuration_file) as fh:
content = fh.read() content = fh.read()
self.assertTrue('try_duration 5s' in content) self.assertTrue("""backend _Url-http
self.assertTrue('try_interval 250ms' in content) timeout server 12s
timeout connect 5s
retries 3""" in content)
self.assertTrue(""" timeout queue 60s
timeout server 12s
timeout client 12s
timeout connect 5s
retries 3""" in content)
def test_compressed_result(self): def test_compressed_result(self):
parameter_dict = self.assertSlaveBase('Url') parameter_dict = self.assertSlaveBase('Url')
...@@ -1852,6 +1869,38 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -1852,6 +1869,38 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.certificate_pem, self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
def test_server_alias_empty(self):
parameter_dict = self.assertSlaveBase('server-alias-empty')
result = fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'],
'test-path/deep/.././deeper',
headers={
'Timeout': '10', # more than default backend-connect-timeout == 5
'Accept-Encoding': 'gzip',
}
)
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path/deeper')
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertEqual(j['Incoming Headers']['timeout'], '10')
self.assertFalse('Content-Encoding' in result.headers)
self.assertBackendHeaders(j['Incoming Headers'], parameter_dict['domain'])
self.assertEqual(
'secured=value;secure, nonsecured=value',
result.headers['Set-Cookie']
)
def test_server_alias_wildcard(self): def test_server_alias_wildcard(self):
parameter_dict = self.parseSlaveParameterDict('server-alias-wildcard') parameter_dict = self.parseSlaveParameterDict('server-alias-wildcard')
self.assertLogAccessUrlWithPop(parameter_dict) self.assertLogAccessUrlWithPop(parameter_dict)
...@@ -2649,7 +2698,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2649,7 +2698,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
except Exception: except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,)) raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertBackendHeaders(j['Incoming Headers'], parameter_dict['domain']) self.assertBackendHeaders(j['Incoming Headers'], parameter_dict['domain'])
self.assertFalse('connection' in j['Incoming Headers'].keys())
self.assertTrue('x-real-ip' in j['Incoming Headers']) self.assertTrue('x-real-ip' in j['Incoming Headers'])
result = fakeHTTPSResult( result = fakeHTTPSResult(
...@@ -2724,7 +2772,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2724,7 +2772,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.assertBackendHeaders( self.assertBackendHeaders(
j['Incoming Headers'], parsed.hostname, port='17', proto='irc', j['Incoming Headers'], parsed.hostname, port='17', proto='irc',
ignore_header_list=['Host']) ignore_header_list=['Host'])
self.assertFalse('connection' in j['Incoming Headers'].keys())
self.assertFalse('x-real-ip' in j['Incoming Headers']) self.assertFalse('x-real-ip' in j['Incoming Headers'])
result = fakeHTTPSResult( result = fakeHTTPSResult(
...@@ -2872,7 +2919,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2872,7 +2919,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.BAD_GATEWAY, httplib.SERVICE_UNAVAILABLE,
result.status_code result.status_code
) )
...@@ -2949,7 +2996,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2949,7 +2996,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.BAD_GATEWAY, httplib.SERVICE_UNAVAILABLE,
result.status_code result.status_code
) )
...@@ -2984,7 +3031,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2984,7 +3031,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.BAD_GATEWAY, httplib.SERVICE_UNAVAILABLE,
result.status_code result.status_code
) )
...@@ -3037,47 +3084,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3037,47 +3084,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
headers headers
) )
result_direct = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
port=26011)
self.assertEqualResultJson(result_direct, 'Path', '/test-path')
try:
j = result_direct.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result_direct.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertFalse('Content-Encoding' in result_direct.headers)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_direct.headers['Set-Cookie']
)
result_direct_https_backend = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
port=26012)
self.assertEqualResultJson(
result_direct_https_backend, 'Path', '/test-path')
try:
j = result_direct_https_backend.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (
result_direct_https_backend.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertFalse(
'Content-Encoding' in result_direct_https_backend.headers)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_direct_https_backend.headers['Set-Cookie']
)
def test_enable_cache_ssl_proxy_verify_unverified(self): def test_enable_cache_ssl_proxy_verify_unverified(self):
parameter_dict = self.assertSlaveBase( parameter_dict = self.assertSlaveBase(
'enable_cache-ssl-proxy-verify-unverified') 'enable_cache-ssl-proxy-verify-unverified')
...@@ -3090,7 +3096,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3090,7 +3096,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.BAD_GATEWAY, httplib.SERVICE_UNAVAILABLE,
result.status_code result.status_code
) )
...@@ -3123,7 +3129,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3123,7 +3129,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.BAD_GATEWAY, httplib.SERVICE_UNAVAILABLE,
result.status_code result.status_code
) )
...@@ -3192,7 +3198,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3192,7 +3198,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.BAD_GATEWAY, httplib.SERVICE_UNAVAILABLE,
result.status_code result.status_code
) )
...@@ -3206,7 +3212,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3206,7 +3212,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.certificate_pem, self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.SERVICE_UNAVAILABLE, result.status_code)
result_http = fakeHTTPResult( result_http = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
...@@ -3243,7 +3249,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3243,7 +3249,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.certificate_pem, self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.SERVICE_UNAVAILABLE, result.status_code)
result_http = fakeHTTPResult( result_http = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
...@@ -3281,7 +3287,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3281,7 +3287,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self.certificate_pem, self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.SERVICE_UNAVAILABLE, result.status_code)
result_http = fakeHTTPResult( result_http = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
...@@ -3472,37 +3478,24 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3472,37 +3478,24 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# real check: cache access provides old data, access cache directly, as # real check: cache access provides old data, access cache directly, as
# caddy has to be stopped # caddy has to be stopped
try: try:
# stop caddy, to have error on while connecting to the backend # stop the backend, to have error on while connecting to it
caddy_process_name = [ self.stopServerProcess()
':'.join([q['group'], q['name']]) for q in
self.callSupervisorMethod('getAllProcessInfo') result = fakeHTTPSResult(
if 'caddy' in q['name'] and 'on-watch' in q['name']][0] parameter_dict['domain'], parameter_dict['public-ipv4'],
self.callSupervisorMethod('stopProcess', caddy_process_name) 'test-path/deep/.././deeper', headers={
# sanity check: see that it is impossible to connect to caddy
with self.assertRaises(requests.ConnectionError):
fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'],
'test-path/deep/.././deeper', headers={
'X-Reply-Header-Cache-Control': 'max-age=1, stale-while-'
'revalidate=3600, stale-if-error=3600'})
result = fakeHTTPResult(
# append with :HTTP_PORT to mimic access in ATS
parameter_dict['domain'] + ':' + HTTPS_PORT,
parameter_dict['public-ipv4'],
# prepend with HTTPS to mimic access via https in ATS
# use simple path, as it is changed in Caddy
'HTTPS/test-path/deeper',
port=23432, headers={
'X-Reply-Header-Cache-Control': 'max-age=1, stale-while-' 'X-Reply-Header-Cache-Control': 'max-age=1, stale-while-'
'revalidate=3600, stale-if-error=3600'}) 'revalidate=3600, stale-if-error=3600',
},
source_ip=source_ip
)
self.assertEqual(result.status_code, httplib.OK) self.assertEqual(result.status_code, httplib.OK)
self.assertEqualResultJson(result, 'Path', '/test-path/deeper') self.assertEqualResultJson(result, 'Path', '/test-path/deeper')
headers = result.headers.copy() headers = result.headers.copy()
self.assertKeyWithPop('Server', headers) self.assertKeyWithPop('Server', headers)
self.assertKeyWithPop('Date', headers) self.assertKeyWithPop('Date', headers)
self.assertKeyWithPop('Age', headers) self.assertKeyWithPop('Age', headers)
self.assertKeyWithPop('Expires', headers)
# drop keys appearing randomly in headers # drop keys appearing randomly in headers
headers.pop('Transfer-Encoding', None) headers.pop('Transfer-Encoding', None)
headers.pop('Content-Length', None) headers.pop('Content-Length', None)
...@@ -3518,7 +3511,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3518,7 +3511,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# 'Set-Cookie': 'secured=value;secure, nonsecured=value', # 'Set-Cookie': 'secured=value;secure, nonsecured=value',
'Cache-Control': 'max-age=1, stale-while-revalidate=3600, ' 'Cache-Control': 'max-age=1, stale-while-revalidate=3600, '
'stale-if-error=3600', 'stale-if-error=3600',
'Warning': '111 ApacheTrafficServer/7.1.6'
}, },
headers headers
) )
...@@ -3538,46 +3530,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3538,46 +3530,6 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
time.sleep(2) time.sleep(2)
# END: check stale-if-error support # END: check stale-if-error support
result_direct = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
port=26011)
self.assertEqualResultJson(result_direct, 'Path', '/test-path')
try:
j = result_direct.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result_direct.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertFalse('Content-Encoding' in result_direct.headers)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_direct.headers['Set-Cookie']
)
result_direct_https_backend = fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
port=26012)
self.assertEqualResultJson(
result_direct_https_backend, 'Path', '/test-path')
try:
j = result_direct_https_backend.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (
result_direct_https_backend.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertFalse('Content-Encoding' in result_direct_https_backend.headers)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_direct_https_backend.headers['Set-Cookie']
)
def test_enable_cache_ats_timeout(self): def test_enable_cache_ats_timeout(self):
parameter_dict = self.assertSlaveBase('enable_cache') parameter_dict = self.assertSlaveBase('enable_cache')
# check that timeout seen by ATS does not result in many queries done # check that timeout seen by ATS does not result in many queries done
...@@ -3595,21 +3547,21 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3595,21 +3547,21 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
result.status_code result.status_code
) )
caddy_log_file = glob.glob( backend_haproxy_log_file = glob.glob(
os.path.join( os.path.join(
self.instance_path, '*', 'var', 'log', 'httpd-cache-direct', self.instance_path, '*', 'var', 'log', 'backend-haproxy.log'
'_enable_cache_access_log'
))[0] ))[0]
matching_line_amount = 0 matching_line_amount = 0
pattern = re.compile( pattern = re.compile(
r'.*GET .test_enable_cache_ats_timeout.*" 499.*') r'.* _enable_cache-http.backend .* 504 .*'
with open(caddy_log_file) as fh: '"GET .test_enable_cache_ats_timeout HTTP.1.1"$')
with open(backend_haproxy_log_file) as fh:
for line in fh.readlines(): for line in fh.readlines():
if pattern.match(line): if pattern.match(line):
matching_line_amount += 1 matching_line_amount += 1
# Caddy used between ATS and the backend received maximum one connection # Haproxy backend received maximum one connection
self.assertIn(matching_line_amount, [0, 1]) self.assertIn(matching_line_amount, [0, 1])
timeout = 5 timeout = 5
...@@ -4056,6 +4008,16 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -4056,6 +4008,16 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
result_http.headers['Location'] result_http.headers['Location']
) )
# check that timeouts are correctly set in the haproxy configuration
backend_configuration_file = glob.glob(os.path.join(
self.instance_path, '*', 'etc', 'backend-haproxy.cfg'))[0]
with open(backend_configuration_file) as fh:
content = fh.read()
self.assertTrue("""backend _url_https-url-http
timeout server 15s
timeout connect 10s
retries 5""" in content)
@skip('Impossible to instantiate cluster with stopped partition') @skip('Impossible to instantiate cluster with stopped partition')
class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_dummy-cached_access_log
T-2/var/log/httpd-cache-direct/_dummy-cached_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
T-2/var/log/httpd/_dummy-cached_error_log T-2/var/log/httpd/_dummy-cached_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_default_access_log
T-2/var/log/httpd-cache-direct/_default_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_default_access_log T-2/var/log/httpd/_default_access_log
T-2/var/log/httpd/_default_error_log T-2/var/log/httpd/_default_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,22 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,22 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_Url_access_log T-2/var/log/httpd/_Url_access_log
T-2/var/log/httpd/_Url_error_log T-2/var/log/httpd/_Url_error_log
...@@ -74,6 +58,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log ...@@ -74,6 +58,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log
T-2/var/log/httpd/_server-alias-duplicated_access_log T-2/var/log/httpd/_server-alias-duplicated_access_log
T-2/var/log/httpd/_server-alias-duplicated_error_log T-2/var/log/httpd/_server-alias-duplicated_error_log
T-2/var/log/httpd/_server-alias-empty_access_log
T-2/var/log/httpd/_server-alias-empty_error_log
T-2/var/log/httpd/_server-alias-wildcard_access_log T-2/var/log/httpd/_server-alias-wildcard_access_log
T-2/var/log/httpd/_server-alias-wildcard_error_log T-2/var/log/httpd/_server-alias-wildcard_error_log
T-2/var/log/httpd/_server-alias_access_log T-2/var/log/httpd/_server-alias_access_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py
T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,10 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,10 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_default_ciphers_access_log
T-2/var/log/httpd-cache-direct/_default_ciphers_error_log
T-2/var/log/httpd-cache-direct/_own_ciphers_access_log
T-2/var/log/httpd-cache-direct/_own_ciphers_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_default_ciphers_access_log T-2/var/log/httpd/_default_ciphers_access_log
T-2/var/log/httpd/_default_ciphers_error_log T-2/var/log/httpd/_default_ciphers_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,22 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,22 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-no-cache-request_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-disable-via-header_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log
T-2/var/log/httpd-cache-direct/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_custom_domain_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_error_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_access_log
T-2/var/log/httpd-cache-direct/_enable_cache_server_alias_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_Url_access_log T-2/var/log/httpd/_Url_access_log
T-2/var/log/httpd/_Url_error_log T-2/var/log/httpd/_Url_error_log
...@@ -74,6 +58,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log ...@@ -74,6 +58,8 @@ T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_access_log
T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log T-2/var/log/httpd/_prefer-gzip-encoding-to-backend_error_log
T-2/var/log/httpd/_server-alias-duplicated_access_log T-2/var/log/httpd/_server-alias-duplicated_access_log
T-2/var/log/httpd/_server-alias-duplicated_error_log T-2/var/log/httpd/_server-alias-duplicated_error_log
T-2/var/log/httpd/_server-alias-empty_access_log
T-2/var/log/httpd/_server-alias-empty_error_log
T-2/var/log/httpd/_server-alias-wildcard_access_log T-2/var/log/httpd/_server-alias-wildcard_access_log
T-2/var/log/httpd/_server-alias-wildcard_error_log T-2/var/log/httpd/_server-alias-wildcard_error_log
T-2/var/log/httpd/_server-alias_access_log T-2/var/log/httpd/_server-alias_access_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py
T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_ssl_from_master_access_log
T-2/var/log/httpd-cache-direct/_ssl_from_master_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_error_log T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_ssl_from_master_kedifa_overrides_master_certificate_access_log
T-2/var/log/httpd-cache-direct/_ssl_from_master_kedifa_overrides_master_certificate_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_error_log T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log ...@@ -7,8 +7,6 @@ T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd-cache-direct/_ssl_from_master_access_log
T-2/var/log/httpd-cache-direct/_ssl_from_master_error_log
T-2/var/log/httpd-csr_id/expose-csr_id.log T-2/var/log/httpd-csr_id/expose-csr_id.log
T-2/var/log/httpd/_ssl_from_master_access_log T-2/var/log/httpd/_ssl_from_master_access_log
T-2/var/log/httpd/_ssl_from_master_error_log T-2/var/log/httpd/_ssl_from_master_error_log
......
...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py ...@@ -17,13 +17,14 @@ T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/__init__.py T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_cached.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caddy_ssl_cached.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr_id-ip-port-listening.py
......
T-0/var/run/monitor-httpd.pid T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/graceful_configuration_state_signature T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid T-2/var/run/monitor-httpd.pid
...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING ...@@ -17,8 +17,8 @@ T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26011-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:6tunnel-26012-{hash-generic}-on-watch RUNNING T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment