blob: 1f39e903cddb332b800248e907dd3cc0ff4274e8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
import ./make-test.nix ({ pkgs, ...} :
let
backend =
{ pkgs, ... }:
{ services.httpd.enable = true;
services.httpd.adminAddr = "foo@example.org";
services.httpd.documentRoot = "${pkgs.valgrind.doc}/share/doc/valgrind/html";
networking.firewall.allowedTCPPorts = [ 80 ];
};
in
{
name = "proxy";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco ];
};
nodes =
{ proxy =
{ nodes, ... }:
{ services.httpd.enable = true;
services.httpd.adminAddr = "bar@example.org";
services.httpd.extraModules = [ "proxy_balancer" "lbmethod_byrequests" ];
services.httpd.extraConfig =
''
ExtendedStatus on
<Location /server-status>
Require all granted
SetHandler server-status
</Location>
<Proxy balancer://cluster>
Require all granted
BalancerMember http://${nodes.backend1.config.networking.hostName} retry=0
BalancerMember http://${nodes.backend2.config.networking.hostName} retry=0
</Proxy>
ProxyStatus full
ProxyPass /server-status !
ProxyPass / balancer://cluster/
ProxyPassReverse / balancer://cluster/
# For testing; don't want to wait forever for dead backend servers.
ProxyTimeout 5
'';
networking.firewall.allowedTCPPorts = [ 80 ];
};
backend1 = backend;
backend2 = backend;
client = { ... }: { };
};
testScript =
''
startAll;
$proxy->waitForUnit("httpd");
$backend1->waitForUnit("httpd");
$backend2->waitForUnit("httpd");
$client->waitForUnit("network.target");
# With the back-ends up, the proxy should work.
$client->succeed("curl --fail http://proxy/");
$client->succeed("curl --fail http://proxy/server-status");
# Block the first back-end.
$backend1->block;
# The proxy should still work.
$client->succeed("curl --fail http://proxy/");
$client->succeed("curl --fail http://proxy/");
# Block the second back-end.
$backend2->block;
# Now the proxy should fail as well.
$client->fail("curl --fail http://proxy/");
# But if the second back-end comes back, the proxy should start
# working again.
$backend2->unblock;
$client->succeed("curl --fail http://proxy/");
'';
})
|