From 04480c4ff4b37ad6aef619d452522721a728b587 Mon Sep 17 00:00:00 2001 From: Gabriel Cocenza Date: Wed, 15 Feb 2023 19:09:25 -0300 Subject: [PATCH] Add support for HAProxy L7 checks This change add several configuration options to enable HTTP checks to the HAProxy configuration, instead of the default TCP connection checks (which continue to be the default) Closes-Bug: #1880610 Change-Id: I50a9442ae66da71793a5e9904d23c26d1fbbdf42 --- hooks/keystone_context.py | 12 ++++++++++++ tox.ini | 2 +- unit_tests/test_keystone_contexts.py | 15 ++++++++++++++- 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/hooks/keystone_context.py b/hooks/keystone_context.py index aea91cdf..f682818d 100644 --- a/hooks/keystone_context.py +++ b/hooks/keystone_context.py @@ -163,10 +163,22 @@ class HAProxyContext(context.HAProxyContext): api_port('keystone-public'), a_public_port], } + healthcheck = [{ + 'option': 'httpchk GET /healthcheck', + 'http-check': 'expect status 200', + }] + + backend_options = { + 'admin-port': healthcheck, + 'public-port': healthcheck, + } + # for haproxy.conf ctxt['service_ports'] = port_mapping # for keystone.conf ctxt['listen_ports'] = listen_ports + ctxt['backend_options'] = backend_options + ctxt['https'] = https() return ctxt diff --git a/tox.ini b/tox.ini index ae4d124c..2cb6ca16 100644 --- a/tox.ini +++ b/tox.ini @@ -25,7 +25,7 @@ setenv = VIRTUAL_ENV={envdir} commands = stestr run --slowest {posargs} allowlist_externals = charmcraft - rename.sh + {toxinidir}/rename.sh passenv = HOME TERM diff --git a/unit_tests/test_keystone_contexts.py b/unit_tests/test_keystone_contexts.py index 60fc129f..de1df730 100644 --- a/unit_tests/test_keystone_contexts.py +++ b/unit_tests/test_keystone_contexts.py @@ -86,6 +86,7 @@ class TestKeystoneContexts(CharmTestCase): 'ext_ports': [34]}) self.assertTrue(mock_https.called) + @patch('keystone_context.https') @patch('charmhelpers.contrib.openstack.context.is_ipv6_disabled') @patch('charmhelpers.contrib.openstack.context.get_relation_ip') @patch('charmhelpers.contrib.openstack.context.mkdir') @@ -103,7 +104,8 @@ class TestKeystoneContexts(CharmTestCase): self, mock_open, mock_kv, mock_log, mock_relation_get, mock_related_units, mock_relation_ids, mock_config, mock_get_address_in_network, mock_get_netmask_for_address, - mock_api_port, mock_mkdir, mock_get_relation_ip, is_ipv6_disabled): + mock_api_port, mock_mkdir, mock_get_relation_ip, + is_ipv6_disabled, mock_https): os.environ['JUJU_UNIT_NAME'] = 'keystone' mock_relation_ids.return_value = ['identity-service:0', ] @@ -116,9 +118,15 @@ class TestKeystoneContexts(CharmTestCase): self.determine_apache_port.return_value = '34' mock_api_port.return_value = '12' mock_kv().get.return_value = 'abcdefghijklmnopqrstuvwxyz123456' + mock_https.return_value = True is_ipv6_disabled.return_value = False ctxt = context.HAProxyContext() + healthcheck = [{ + 'option': 'httpchk GET /healthcheck', + 'http-check': 'expect status 200', + }] + self.maxDiff = None _ctxt = ctxt() test_ctxt = { @@ -135,6 +143,11 @@ class TestKeystoneContexts(CharmTestCase): 'admin-port': ['12', '34'], 'public-port': ['12', '34'] }, + 'backend_options': { + 'admin-port': healthcheck, + 'public-port': healthcheck, + }, + 'https': True, 'default_backend': '1.2.3.4', 'frontends': { '1.2.3.4': {