Commit b1f42b5d authored by Łukasz Nowak's avatar Łukasz Nowak

XXX: caddy-frontend: Switch monitor ports to internal use

Instead of forcing to set monitor port in some cases, just generate them,
so it's possible to correctly instantiate caddy-frontend on one partition
scenario like in webrunner or tests.
parent f6a22cd9
......@@ -14,7 +14,7 @@
# not need these here).
[template]
filename = instance.cfg.in
md5sum = 8f0cd544851aaf4c819c4858e056ce24
md5sum = 816bc8179cf4195a35e07f22c36679fa
[template-common]
filename = instance-common.cfg.in
......@@ -22,11 +22,11 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b
[template-apache-frontend]
filename = instance-apache-frontend.cfg.in
md5sum = 378f6da53a02b2bfe7777a493fc95585
md5sum = 7dbceb62d845b7951c3c9efa8c3d5bf6
[template-caddy-replicate]
filename = instance-apache-replicate.cfg.in
md5sum = 95a4a388d0731f06c084efbdd8a56e66
md5sum = 3ada9a41527c6d457798890422b67176
[template-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
......@@ -118,4 +118,4 @@ md5sum = 38792c2dceae38ab411592ec36fff6a8
[template-kedifa]
filename = instance-kedifa.cfg.in
md5sum = 8c85dcf1e96a05b7272a6100fe8496a2
md5sum = e8d3d7dfe78682f8bcf4b308165d2971
......@@ -682,10 +682,7 @@ config-port = ${caddy-configuration:ssl-cache-through-port}
# Note: Workaround for monitor stack, which uses monitor-httpd-port parameter
# directly, and in our case it can come from the network, thus resulting
# with need to strip !py!'u'
{% set monitor_httpd_port = instance_parameter.get('configuration.monitor-httpd-port') %}
{% if monitor_httpd_port %}
monitor-httpd-port = {{ monitor_httpd_port | int }}
{% endif -%}
monitor-httpd-port = {{ instance_parameter['configuration.monitor-httpd-port'] | int }}
[monitor-conf-parameters]
private-path-list +=
......
......@@ -5,6 +5,10 @@
{%- set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
{%- set GOOD_CIPHER_LIST = ['ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-WITH-CHACHA20-POLY1305', 'ECDHE-RSA-AES256-CBC-SHA', 'ECDHE-RSA-AES128-CBC-SHA', 'ECDHE-ECDSA-AES256-CBC-SHA', 'ECDHE-ECDSA-AES128-CBC-SHA', 'RSA-AES256-CBC-SHA', 'RSA-AES128-CBC-SHA', 'ECDHE-RSA-3DES-EDE-CBC-SHA', 'RSA-3DES-EDE-CBC-SHA'] %}
{% set aikc_enabled = slapparameter_dict.get('automatic-internal-kedifa-caucase-csr', 'true').lower() in TRUE_VALUES %}
{# Ports 8401, 8402 and 8410+1..N are reserved for monitor ports on various partitions #}
{% set master_partition_monitor_monitor_httpd_port = 8401 %}
{% set kedifa_partition_monitor_httpd_port = 8402 %}
{% set frontend_monitor_httpd_base_port = 8410 %}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
rendered = ${buildout:directory}/${:filename}
......@@ -59,6 +63,7 @@ context =
{% do config_dict.__setitem__(key[config_key_length:], slapparameter_dict.pop(key)) %}
{% endif %}
{% endfor %}
{% do config_dict.__setitem__('monitor-httpd-port', frontend_monitor_httpd_base_port + i) %}
{% do frontend_list.append(frontend_name) %}
{% do frontend_section_list.append(request_section_title) %}
{% do part_list.append(request_section_title) %}
......@@ -203,7 +208,7 @@ context =
{% do authorized_slave_list.sort() %}
[monitor-instance-parameter]
monitor-httpd-port = {{ slapparameter_dict.get('monitor-httpd-port', '8196') }}
monitor-httpd-port = {{ master_partition_monitor_monitor_httpd_port }}
[replicate]
<= slap-connection
......@@ -306,6 +311,7 @@ recipe = slapos.cookbook:requestoptional.serialised
config-monitor-cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.officejs.com') }}
config-monitor-username = ${monitor-instance-parameter:username}
config-monitor-password = ${monitor-htpasswd:passwd}
config-monitor-httpd-port = {{ kedifa_partition_monitor_httpd_port }}
{% for key in ['kedifa_port', 'caucase_port'] -%}
{%- if key in slapparameter_dict %}
config-{{ key }} = {{ dumps(slapparameter_dict[key]) }}
......@@ -370,11 +376,10 @@ extra-context =
section warning_slave_information warning-slave-information
key slave_kedifa_information request-kedifa:connection-slave-kedifa-information
[monitor-conf-parameters]
monitor-url-list +=
${request-kedifa:connection-monitor-base-url}
[monitor-base-url-dict]
kedifa = ${request-kedifa:connection-monitor-base-url}
{% for frontend in frontend_section_list %}
{{ ' ${' + frontend + ':connection-monitor-base-url}' }}
{{ frontend }} = {{ '${' + frontend + ':connection-monitor-base-url}' }}
{% endfor %}
{% if aikc_enabled %}
......
......@@ -20,6 +20,12 @@ parts =
expose-csr_id
promise-expose-csr_id-ip-port
[monitor-instance-parameter]
# Note: Workaround for monitor stack, which uses monitor-httpd-port parameter
# directly, and in our case it can come from the network, thus resulting
# with need to strip !py!'u'
monitor-httpd-port = {{ instance_parameter['configuration.monitor-httpd-port'] | int }}
[caucased]
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
......
......@@ -122,7 +122,6 @@ configuration.ciphers =
configuration.request-timeout = 600
configuration.enable-quic = false
configuration.mpm-graceful-shutdown-timeout = 5
configuration.monitor-httpd-port = 8072
configuration.frontend-name =
configuration.proxy-try-duration = 5
configuration.proxy-try-interval = 250
......@@ -73,9 +73,6 @@ setUpModule, SlapOSInstanceTestCase = makeModuleSetUpAndTestCaseClass(
# ports chosen to not collide with test systems
HTTP_PORT = '11080'
HTTPS_PORT = '11443'
MONITOR_HTTPD_PORT = '13000'
MONITOR_F1_HTTPD_PORT = '13001'
MONITOR_F2_HTTPD_PORT = '13002'
CAUCASE_PORT = '15090'
KEDIFA_PORT = '15080'
......@@ -944,7 +941,6 @@ class TestMasterRequestDomain(SlaveHttpFrontendTestCase, TestDataMixin):
'domain': 'example.com',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -981,7 +977,6 @@ class TestMasterRequest(SlaveHttpFrontendTestCase, TestDataMixin):
return {
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -1080,8 +1075,6 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'_apache_custom_http_s-accepted _caddy_custom_http_s-accepted',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -4118,9 +4111,6 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
'-frontend-2-state': 'stopped',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'-frontend-config-2-monitor-httpd-port': MONITOR_F2_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -4189,9 +4179,6 @@ class TestReplicateSlaveOtherDestroyed(SlaveHttpFrontendTestCase):
'-frontend-2-state': 'destroyed',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'-frontend-config-2-monitor-httpd-port': MONITOR_F2_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -4231,8 +4218,6 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
'enable-http2-by-default': 'false',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -4325,8 +4310,6 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
'public-ipv4': cls._ipv4_address,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -4417,8 +4400,6 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase,
return {
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -4477,8 +4458,6 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase,
return {
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
're6st-verification-url': 'some-re6st-verification-url',
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
......@@ -4540,8 +4519,6 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
'public-ipv4': cls._ipv4_address,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
}
......@@ -4691,8 +4668,6 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin):
'enable-quic': 'true',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'mpm-graceful-shutdown-timeout': 2,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
......@@ -4792,8 +4767,6 @@ class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin):
'public-ipv4': cls._ipv4_address,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'mpm-graceful-shutdown-timeout': 2,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
......@@ -5203,8 +5176,6 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
'public-ipv4': cls._ipv4_address,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'mpm-graceful-shutdown-timeout': 2,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
......@@ -5460,8 +5431,6 @@ class TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster(
'apache-key': cls.key_pem,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -5601,8 +5570,6 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
'apache-key': cls.key_pem,
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -6352,8 +6319,6 @@ class TestSlaveSlapOSMasterCertificateCompatibilityUpdate(
'domain': 'example.com',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
'mpm-graceful-shutdown-timeout': 2,
......@@ -6465,8 +6430,6 @@ class TestSlaveCiphers(SlaveHttpFrontendTestCase, TestDataMixin):
'_apache_custom_http_s-accepted _caddy_custom_http_s-accepted',
'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT,
'monitor-httpd-port': MONITOR_HTTPD_PORT,
'-frontend-config-1-monitor-httpd-port': MONITOR_F1_HTTPD_PORT,
'kedifa_port': KEDIFA_PORT,
'caucase_port': CAUCASE_PORT,
'mpm-graceful-shutdown-timeout': 2,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment