Pim van Pelt
d612086a5f
- Replaced flat `backends: [...]` list on frontends with an ordered `pools:`
list; each pool has a name and a map of backends with per-pool weights (0–100,
default 100). Pools express priority: first pool with a healthy backend wins.
- Removed global backend weight (was on the backend, now lives in the pool).
- Config validation enforces non-empty pools, non-empty pool names, weight
range, and consistent address families across all pools of a frontend.
- Added `PoolBackendInfo { name, weight }` and changed `PoolInfo.backends` from
`repeated string` to `repeated PoolBackendInfo` so weights are visible over
the API.
- Full interactive shell with readline, tab completion, and `?` inline help.
- Command tree parser (Walk) handles fixed keywords and dynamic slot nodes;
prefix matching with exact-match priority.
- Commands: `show version/frontends/frontend/backends/backend/healthchecks/
healthcheck`, `set backend <name> pause|resume`, `quit`/`exit`.
- `show frontend` output is hierarchical (pools → backends) with per-backend
weights and `[disabled]` notation; pool section uses fixed-width formatting
so ANSI color codes don't corrupt tabwriter alignment.
- `-color` flag (default true) wraps static field labels in dark-blue ANSI;
works correctly with tabwriter because all labels carry identical-length
escape sequences.
- `cmd/version.go` package holds `version`, `commit`, `date` vars set at build
time via `-ldflags -X`.
- `make build` / `make build-amd64` / `make build-arm64` all inject
`VERSION=0.1.1`, `COMMIT_HASH` (from `git rev-parse --short HEAD`), and
`DATE` (UTC ISO-8601).
- `maglevc` prints version on interactive startup and exposes `show version`.
- `maglevd` logs version/commit/date at startup; `-version` flag prints and exits.
- `doHTTPProbe` was building a `https://` target URL even though TLS was already
applied to the connection inside `inNetns`. `http.Transport` then wrapped the
connection in a second TLS layer, producing "http: server gave HTTP response
to HTTPS client". Fixed by always using `http://` in the target URL.
- Added `TestHTTPSProbe` using `httptest.NewTLSServer` to cover the full path.
- New `docs/user-guide.md`: maglevd flags/signals, maglevc commands, shell
completion, and command-tree parser walkthrough.
- New `docs/healthchecks.md`: state machine, rise/fall model, probe intervals,
all transition events with log examples.
- Updated `docs/config-guide.md`: pools design, removed global weight from
backends, updated all examples.
- Updated `README.md`: packaging table, build paths, corrected binary locations
(`/usr/sbin/maglevd`), config filename (`.yaml`).
- `debian/` directory contains `control.in`, `maglevd.service`, `default.maglev`,
`maglev.yaml` (example config), `conffiles`, `postinst`, `prerm`.
- `debian/build-deb.sh` stages a package tree and calls `dpkg-deb`; emits
`build/vpp-maglev_<version>~<commit>_<arch>.deb`.
- Cross-compiles for amd64 and arm64 in one `make pkg-deb` invocation.
- `maglevd` installed to `/usr/sbin/`, `maglevc` to `/usr/bin/`.
- Service reads `MAGLEV_CONFIG` from `/etc/default/maglev`
(default: `/etc/maglev/maglev.yaml`).
- Man pages `maglevd(8)` and `maglevc(1)` live in `docs/` and are gzip'd into
the package.
- All build output goes to `build/<arch>/`; `build/` is gitignored.
232 lines
5.5 KiB
Go
232 lines
5.5 KiB
Go
// Copyright (c) 2026, Pim van Pelt <pim@ipng.ch>
|
|
|
|
package prober
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"io"
|
|
"net"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"regexp"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.ipng.ch/ipng/vpp-maglev/internal/config"
|
|
)
|
|
|
|
// dialAndProbe dials addr directly (bypassing netns/interface binding) and
|
|
// exercises the HTTP probe response-checking logic.
|
|
func dialAndProbe(ctx context.Context, addr string, cfg ProbeConfig) (bool, error) {
|
|
if cfg.HTTP == nil {
|
|
return false, fmt.Errorf("dialAndProbe requires HTTP params")
|
|
}
|
|
p := cfg.HTTP
|
|
|
|
path := p.Path
|
|
if path == "" {
|
|
path = "/"
|
|
}
|
|
|
|
conn, err := net.DialTimeout("tcp", addr, cfg.Timeout)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
transport := &http.Transport{
|
|
DialContext: func(_ context.Context, _, _ string) (net.Conn, error) {
|
|
return conn, nil
|
|
},
|
|
DisableKeepAlives: true,
|
|
}
|
|
client := &http.Client{
|
|
Transport: transport,
|
|
Timeout: cfg.Timeout,
|
|
CheckRedirect: func(_ *http.Request, _ []*http.Request) error {
|
|
return http.ErrUseLastResponse
|
|
},
|
|
}
|
|
|
|
target := "http://" + addr + path
|
|
req, err := http.NewRequestWithContext(ctx, http.MethodGet, target, nil)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
if p.Host != "" {
|
|
req.Host = p.Host
|
|
}
|
|
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
defer resp.Body.Close()
|
|
|
|
if resp.StatusCode < p.ResponseCodeMin || resp.StatusCode > p.ResponseCodeMax {
|
|
return false, nil
|
|
}
|
|
if p.ResponseRegexp != nil {
|
|
body, _ := io.ReadAll(resp.Body)
|
|
if !p.ResponseRegexp.Match(body) {
|
|
return false, nil
|
|
}
|
|
}
|
|
return true, nil
|
|
}
|
|
|
|
func TestHTTPProbeStatusCode(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
|
w.WriteHeader(http.StatusOK)
|
|
fmt.Fprint(w, "healthy")
|
|
}))
|
|
defer srv.Close()
|
|
|
|
cfg := ProbeConfig{
|
|
Timeout: 2 * time.Second,
|
|
HTTP: &config.HTTPParams{
|
|
Path: "/healthz",
|
|
ResponseCodeMin: 200,
|
|
ResponseCodeMax: 200,
|
|
},
|
|
}
|
|
ok, err := dialAndProbe(context.Background(), srv.Listener.Addr().String(), cfg)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if !ok {
|
|
t.Error("expected probe success")
|
|
}
|
|
}
|
|
|
|
func TestHTTPProbeWrongStatusCode(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
|
w.WriteHeader(http.StatusServiceUnavailable)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
cfg := ProbeConfig{
|
|
Timeout: 2 * time.Second,
|
|
HTTP: &config.HTTPParams{
|
|
Path: "/",
|
|
ResponseCodeMin: 200,
|
|
ResponseCodeMax: 200,
|
|
},
|
|
}
|
|
ok, err := dialAndProbe(context.Background(), srv.Listener.Addr().String(), cfg)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if ok {
|
|
t.Error("expected probe failure on wrong status code")
|
|
}
|
|
}
|
|
|
|
func TestHTTPProbeRegexpMatch(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
|
fmt.Fprint(w, `{"status":"ok"}`)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
cfg := ProbeConfig{
|
|
Timeout: 2 * time.Second,
|
|
HTTP: &config.HTTPParams{
|
|
Path: "/",
|
|
ResponseCodeMin: 200,
|
|
ResponseCodeMax: 200,
|
|
ResponseRegexp: regexp.MustCompile(`"status":"ok"`),
|
|
},
|
|
}
|
|
ok, err := dialAndProbe(context.Background(), srv.Listener.Addr().String(), cfg)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if !ok {
|
|
t.Error("expected probe success with matching regexp")
|
|
}
|
|
}
|
|
|
|
func TestHTTPProbeRegexpNoMatch(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
|
fmt.Fprint(w, `{"status":"degraded"}`)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
cfg := ProbeConfig{
|
|
Timeout: 2 * time.Second,
|
|
HTTP: &config.HTTPParams{
|
|
Path: "/",
|
|
ResponseCodeMin: 200,
|
|
ResponseCodeMax: 200,
|
|
ResponseRegexp: regexp.MustCompile(`"status":"ok"`),
|
|
},
|
|
}
|
|
ok, err := dialAndProbe(context.Background(), srv.Listener.Addr().String(), cfg)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if ok {
|
|
t.Error("expected probe failure when regexp does not match")
|
|
}
|
|
}
|
|
|
|
func TestHTTPSProbe(t *testing.T) {
|
|
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
|
w.WriteHeader(http.StatusOK)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
host, portStr, _ := net.SplitHostPort(srv.Listener.Addr().String())
|
|
port := uint16(0)
|
|
fmt.Sscanf(portStr, "%d", &port)
|
|
|
|
cfg := ProbeConfig{
|
|
Target: net.ParseIP(host),
|
|
Port: port,
|
|
Timeout: 2 * time.Second,
|
|
HTTP: &config.HTTPParams{
|
|
Path: "/",
|
|
ResponseCodeMin: 200,
|
|
ResponseCodeMax: 200,
|
|
InsecureSkipVerify: true,
|
|
},
|
|
}
|
|
|
|
// Verify HTTPSProbe succeeds (TLS conn reused, no double-wrap).
|
|
result := HTTPSProbe(context.Background(), cfg)
|
|
if !result.OK {
|
|
t.Errorf("HTTPSProbe failed: code=%s detail=%s", result.Code, result.Detail)
|
|
}
|
|
|
|
// Verify HTTPProbe (plain) against the TLS server fails at the TLS layer,
|
|
// not with a double-TLS confusion error.
|
|
result = HTTPProbe(context.Background(), cfg)
|
|
if result.OK {
|
|
t.Error("plain HTTPProbe against TLS server should fail")
|
|
}
|
|
}
|
|
|
|
func TestHTTPProbeNoRedirect(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
http.Redirect(w, r, "/other", http.StatusFound)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
// Probe expects 302 — redirect is not followed.
|
|
cfg := ProbeConfig{
|
|
Timeout: 2 * time.Second,
|
|
HTTP: &config.HTTPParams{
|
|
Path: "/",
|
|
ResponseCodeMin: 302,
|
|
ResponseCodeMax: 302,
|
|
},
|
|
}
|
|
ok, err := dialAndProbe(context.Background(), srv.Listener.Addr().String(), cfg)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if !ok {
|
|
t.Error("expected success when probe expects 302 and server returns 302")
|
|
}
|
|
}
|