Pools, CLI, versioning, Debian packaging, HTTPS fix

- Replaced flat `backends: [...]` list on frontends with an ordered `pools:`
  list; each pool has a name and a map of backends with per-pool weights (0–100,
  default 100). Pools express priority: first pool with a healthy backend wins.
- Removed global backend weight (was on the backend, now lives in the pool).
- Config validation enforces non-empty pools, non-empty pool names, weight
  range, and consistent address families across all pools of a frontend.

- Added `PoolBackendInfo { name, weight }` and changed `PoolInfo.backends` from
  `repeated string` to `repeated PoolBackendInfo` so weights are visible over
  the API.

- Full interactive shell with readline, tab completion, and `?` inline help.
- Command tree parser (Walk) handles fixed keywords and dynamic slot nodes;
  prefix matching with exact-match priority.
- Commands: `show version/frontends/frontend/backends/backend/healthchecks/
  healthcheck`, `set backend <name> pause|resume`, `quit`/`exit`.
- `show frontend` output is hierarchical (pools → backends) with per-backend
  weights and `[disabled]` notation; pool section uses fixed-width formatting
  so ANSI color codes don't corrupt tabwriter alignment.
- `-color` flag (default true) wraps static field labels in dark-blue ANSI;
  works correctly with tabwriter because all labels carry identical-length
  escape sequences.

- `cmd/version.go` package holds `version`, `commit`, `date` vars set at build
  time via `-ldflags -X`.
- `make build` / `make build-amd64` / `make build-arm64` all inject
  `VERSION=0.1.1`, `COMMIT_HASH` (from `git rev-parse --short HEAD`), and
  `DATE` (UTC ISO-8601).
- `maglevc` prints version on interactive startup and exposes `show version`.
- `maglevd` logs version/commit/date at startup; `-version` flag prints and exits.

- `doHTTPProbe` was building a `https://` target URL even though TLS was already
  applied to the connection inside `inNetns`. `http.Transport` then wrapped the
  connection in a second TLS layer, producing "http: server gave HTTP response
  to HTTPS client". Fixed by always using `http://` in the target URL.
- Added `TestHTTPSProbe` using `httptest.NewTLSServer` to cover the full path.

- New `docs/user-guide.md`: maglevd flags/signals, maglevc commands, shell
  completion, and command-tree parser walkthrough.
- New `docs/healthchecks.md`: state machine, rise/fall model, probe intervals,
  all transition events with log examples.
- Updated `docs/config-guide.md`: pools design, removed global weight from
  backends, updated all examples.
- Updated `README.md`: packaging table, build paths, corrected binary locations
  (`/usr/sbin/maglevd`), config filename (`.yaml`).

- `debian/` directory contains `control.in`, `maglevd.service`, `default.maglev`,
  `maglev.yaml` (example config), `conffiles`, `postinst`, `prerm`.
- `debian/build-deb.sh` stages a package tree and calls `dpkg-deb`; emits
  `build/vpp-maglev_<version>~<commit>_<arch>.deb`.
- Cross-compiles for amd64 and arm64 in one `make pkg-deb` invocation.
- `maglevd` installed to `/usr/sbin/`, `maglevc` to `/usr/bin/`.
- Service reads `MAGLEV_CONFIG` from `/etc/default/maglev`
  (default: `/etc/maglev/maglev.yaml`).
- Man pages `maglevd(8)` and `maglevc(1)` live in `docs/` and are gzip'd into
  the package.
- All build output goes to `build/<arch>/`; `build/` is gitignored.

debian/build-deb.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+# Build a vpp-maglev Debian package for one architecture.
+# Usage: build-deb.sh <amd64|arm64> <version> <commit>
+set -euo pipefail
+
+ARCH="${1:?usage: build-deb.sh <amd64|arm64> <version> <commit>}"
+VERSION="${2:?usage: build-deb.sh <amd64|arm64> <version> <commit>}"
+COMMIT="${3:?usage: build-deb.sh <amd64|arm64> <version> <commit>}"
+
+FULL_VERSION="${VERSION}~${COMMIT}"
+REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
+PKG="vpp-maglev_${FULL_VERSION}_${ARCH}"
+STAGING="$(mktemp -d)"
+trap 'rm -rf "$STAGING"' EXIT
+
+echo "Building ${PKG}.deb"
+
+# Directories
+install -d "$STAGING/usr/sbin"
+install -d "$STAGING/usr/bin"
+install -d "$STAGING/usr/share/man/man1"
+install -d "$STAGING/usr/share/man/man8"
+install -d "$STAGING/lib/systemd/system"
+install -d "$STAGING/etc/default"
+install -d "$STAGING/etc/maglev"
+install -d "$STAGING/DEBIAN"
+
+# Binaries
+install -m 755 "$REPO_ROOT/build/${ARCH}/maglevd" "$STAGING/usr/sbin/maglevd"
+install -m 755 "$REPO_ROOT/build/${ARCH}/maglevc" "$STAGING/usr/bin/maglevc"
+
+# Man pages
+gzip -9 -c "$REPO_ROOT/docs/maglevd.8" > "$STAGING/usr/share/man/man8/maglevd.8.gz"
+gzip -9 -c "$REPO_ROOT/docs/maglevc.1" > "$STAGING/usr/share/man/man1/maglevc.1.gz"
+
+# Systemd unit
+install -m 644 "$REPO_ROOT/debian/maglevd.service" "$STAGING/lib/systemd/system/maglevd.service"
+
+# /etc/default/maglev  (conffile — dpkg won't overwrite on upgrade)
+install -m 644 "$REPO_ROOT/debian/default.maglev" "$STAGING/etc/default/maglev"
+
+# /etc/maglev/maglev.yaml  (conffile)
+install -m 644 "$REPO_ROOT/debian/maglev.yaml" "$STAGING/etc/maglev/maglev.yaml"
+
+# DEBIAN/control  (version field uses full_version including commit)
+sed "s/@VERSION@/${FULL_VERSION}/;s/@ARCH@/${ARCH}/" \
+    "$REPO_ROOT/debian/control.in" > "$STAGING/DEBIAN/control"
+
+# DEBIAN/conffiles, postinst, prerm
+install -m 644 "$REPO_ROOT/debian/conffiles" "$STAGING/DEBIAN/conffiles"
+install -m 755 "$REPO_ROOT/debian/postinst"  "$STAGING/DEBIAN/postinst"
+install -m 755 "$REPO_ROOT/debian/prerm"     "$STAGING/DEBIAN/prerm"
+
+# Emit package into build/
+mkdir -p "$REPO_ROOT/build"
+OUT="$REPO_ROOT/build/${PKG}.deb"
+dpkg-deb --build --root-owner-group "$STAGING" "$OUT"
+echo "Built: $OUT"

debian/conffiles

@@ -0,0 +1,2 @@
+/etc/default/maglev
+/etc/maglev/maglev.yaml

debian/control.in

@@ -0,0 +1,14 @@
+Package: vpp-maglev
+Version: @VERSION@
+Architecture: @ARCH@
+Maintainer: Pim van Pelt <pim@ipng.ch>
+Section: net
+Priority: optional
+Depends: systemd
+Description: Maglev health-checker daemon and CLI client
+ maglevd monitors backends (HTTP, TCP, ICMP) with a rise/fall counter
+ model and exposes their aggregated state over a gRPC API. Configuration
+ is loaded from a YAML file and supports live reload via SIGHUP.
+ .
+ maglevc is an interactive CLI client for maglevd with tab completion,
+ inline help, and one-shot mode for scripting.

debian/default.maglev

@@ -0,0 +1,12 @@
+# Default settings for maglevd.
+# This file is sourced by /lib/systemd/system/maglevd.service.
+# After editing, run: systemctl restart maglevd
+
+# Path to the YAML configuration file.
+MAGLEV_CONFIG=/etc/maglev/maglev.yaml
+
+# gRPC listen address (default: :9090)
+#MAGLEV_GRPC_ADDR=:9090
+
+# Log level: debug, info, warn, error (default: info)
+#MAGLEV_LOG_LEVEL=info

debian/maglev.yaml

@@ -0,0 +1,56 @@
+maglev:
+  healthchecker:
+    transition-history: 5
+    # netns: dataplane  # run probes inside a named network namespace
+
+  healthchecks:
+    http-check:
+      type: http
+      port: 80
+      params:
+        path: /
+        host: www.example.com
+        response-code: "200-301"
+      interval: 5s
+      fast-interval: 1s
+      timeout: 3s
+      rise: 2
+      fall: 6
+
+    tcp-ssl-check:
+      type: tcp
+      port: 443
+      params:
+        ssl: true
+        server-name: www.example.com
+      interval: 10s
+      fast-interval: 1s
+      timeout: 3s
+      rise: 2
+      fall: 6
+
+  backends:
+    web-1:
+      address: 192.0.2.10
+      healthcheck: http-check
+    web-2:
+      address: 192.0.2.11
+      healthcheck: http-check
+    web-3:
+      address: 192.0.2.12
+      healthcheck: http-check
+
+  frontends:
+    http-vip:
+      description: "HTTP VIP"
+      address: 192.0.2.1
+      protocol: tcp
+      port: 80
+      pools:
+        - name: primary
+          backends:
+            web-1: { weight: 10 }
+            web-2: {}
+        - name: fallback
+          backends:
+            web-3: {}

debian/maglevd.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=Maglev health-checker daemon
+Documentation=man:maglevd(8)
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+EnvironmentFile=/etc/default/maglev
+ExecStart=/usr/sbin/maglevd --config ${MAGLEV_CONFIG}
+Restart=on-failure
+RestartSec=5s
+Type=simple
+
+[Install]
+WantedBy=multi-user.target

debian/postinst

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+case "$1" in
+    configure)
+        systemctl daemon-reload || true
+        systemctl enable maglevd.service || true
+        ;;
+esac

debian/prerm

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+case "$1" in
+    remove|purge)
+        systemctl stop maglevd.service || true
+        systemctl disable maglevd.service || true
+        ;;
+esac