From 97ee72055c08d97a5bc06803b9276439695ea5a2 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 9 Aug 2019 17:04:09 +0100 Subject: [PATCH 01/26] #189: Updates source image to 2.6.0. --- CHANGELOG.md | 24 +- Dockerfile | 19 +- Makefile | 287 +++++++++++------- README-short.txt | 2 +- README.md | 75 ++--- command-keys.md | 67 ---- default.mk | 4 +- docker-compose.yml | 6 +- environment.mk | 27 +- ...apper.conf => 50-varnishncsa-wrapper.conf} | 6 +- ...-wrapper.conf => 80-varnishd-wrapper.conf} | 6 +- .../system/centos-ssh-varnish@.service | 8 +- src/etc/varnish/docker-default.vcl | 1 + src/opt/scmi/default.sh | 4 +- src/opt/scmi/environment.sh | 35 +-- src/opt/scmi/service-unit.sh | 4 +- src/usr/bin/healthcheck | 60 +++- src/usr/sbin/varnishd-wrapper | 83 +++-- src/usr/sbin/varnishncsa-wrapper | 56 +++- test/shpec/operation_shpec.sh | 14 +- 20 files changed, 425 insertions(+), 363 deletions(-) delete mode 100644 command-keys.md rename src/etc/supervisord.d/{varnishncsa-wrapper.conf => 50-varnishncsa-wrapper.conf} (78%) rename src/etc/supervisord.d/{varnishd-wrapper.conf => 80-varnishd-wrapper.conf} (77%) diff --git a/CHANGELOG.md b/CHANGELOG.md index b20cbb1..b18833a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,28 @@ # Change Log -## centos-7 +## 2 - centos-7 -Summary of release changes for Version 2. +Summary of release changes. -CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.2. +### 2.4.0 - Unreleased + +- Updates source image to [2.6.0](https://github.com/jdeathe/centos-ssh/releases/tag/2.6.0). +- Updates CHANGELOG.md to simplify maintenance. +- Updates README.md to simplify contents and improve readability. +- Updates README-short.txt to apply to all image variants. +- Updates Dockerfile `org.deathe.description` metadata LABEL for consistency. +- Updates supervisord configuration to send error log output to stderr. +- Updates varnishd supervisord configuration file/priority to `80-varnishd-wrapper.conf`/`80`. +- Updates varnishncsa supervisord configuration file/priority to `50-varnishncsa-wrapper.conf`/`50`. +- Fixes docker host connection status check in Makefile. +- Adds `inspect`, `reload` and `top` Makefile targets. +- Adds improved `clean` Makefile target; includes exited containers and dangling images. +- Adds `SYSTEM_TIMEZONE` handling to Makefile, scmi, systemd unit and docker-compose templates. +- Adds system time zone validation to healthcheck. +- Adds lock/state file to wrapper scripts. +- Removes `VARNISH_AUTOSTART_VARNISHD_WRAPPER`, replaced with `ENABLE_VARNISHD_WRAPPER`. +- Removes `VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER`, replaced with `ENABLE_VARNISHNCSA_WRAPPER`. +- Removes support for long image tags (i.e. centos-7-2.x.x). ### 2.3.0 - 2019-05-06 diff --git a/Dockerfile b/Dockerfile index 3a50216..d7805da 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM jdeathe/centos-ssh:2.5.1 +FROM jdeathe/centos-ssh:2.6.0 ARG RELEASE_VERSION="2.3.0" @@ -17,7 +17,7 @@ RUN { printf -- \ '1' \ '/etc/pki/tls/certs/ca-bundle.crt' \ '300'; \ - } > /etc/yum.repos.d/varnishcache_varnish61.repo \ + } > /etc/yum.repos.d/varnishcache_varnish62.repo \ && yum -y install \ --setopt=tsflags=nodocs \ --disableplugin=fastestmirror \ @@ -37,7 +37,6 @@ ADD src / # ------------------------------------------------------------------------------ # Provisioning # - Replace placeholders with values in systemd service unit template -# - Symbolic link varnish access log file to stdout # - Create directory for varnishncsa PID file # - Set permissions # ------------------------------------------------------------------------------ @@ -50,7 +49,7 @@ RUN sed -i \ varnishlog:varnish \ /var/{lib/misc,lock/subsys,run}/varnish \ && chmod 644 \ - /etc/varnish/*.vcl \ + /etc/{supervisord.d/{50-varnishncsa-wrapper,80-varnishd-wrapper}.conf,varnish/docker-default.vcl} \ && chmod 700 \ /usr/{bin/healthcheck,sbin/{varnishd,varnishncsa}-wrapper} \ && chmod 750 \ @@ -63,11 +62,11 @@ EXPOSE 80 8443 # ------------------------------------------------------------------------------ # Set default environment variables # ------------------------------------------------------------------------------ -ENV SSH_AUTOSTART_SSHD="false" \ - SSH_AUTOSTART_SSHD_BOOTSTRAP="false" \ - SSH_AUTOSTART_SUPERVISOR_STDOUT="false" \ - VARNISH_AUTOSTART_VARNISHD_WRAPPER="true" \ - VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER="false" \ +ENV \ + ENABLE_SSHD_BOOTSTRAP="false" \ + ENABLE_SSHD_WRAPPER="false" \ + ENABLE_VARNISHD_WRAPPER="true" \ + ENABLE_VARNISHNCSA_WRAPPER="false" \ VARNISH_MAX_THREADS="1000" \ VARNISH_MIN_THREADS="50" \ VARNISH_OPTIONS="" \ @@ -107,7 +106,7 @@ jdeathe/centos-ssh-varnish:${RELEASE_VERSION} \ org.deathe.license="MIT" \ org.deathe.vendor="jdeathe" \ org.deathe.url="https://github.com/jdeathe/centos-ssh-varnish" \ - org.deathe.description="CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.2." + org.deathe.description="Varnish Cache 6.2 - CentOS-7 7.6.1810 x86_64." HEALTHCHECK \ --interval=1s \ diff --git a/Makefile b/Makefile index 5ebb343..6416f1b 100644 --- a/Makefile +++ b/Makefile @@ -19,6 +19,7 @@ Targets: distclean Clean up distribution artifacts. exec COMMAND [ARG...] Run command in a the running container. help Show this help. + inspect [-f \"FORMAT\"] Return low-level information on the container. install Terminate running container and run the docker create template. images Show container's image details. @@ -32,14 +33,19 @@ Targets: pull Pull the release image from the registry. Requires the DOCKER_IMAGE_TAG variable. ps Display the details of the container process. + reload Send SIGHUP to the PID 1 container process. restart Restarts the container. rm Force remove the container. + rm-exited Force remove all containers in the exited state. rmi Untag (remove) the image. + rmi-dangling Untag (remove) images not referenced by any + container. run Execute the run container template. start Start the container in the created state. stop Stop the container when in a running state. terminate Unpause, stop and remove the container. test Run all test cases. + top [ps OPTIONS] Display the running processes of the container. unpause Unpause the container when in a paused state. Variables: @@ -60,6 +66,8 @@ Variables: artifacts are placed. - NO_CACHE When true, no cache will be used while running the build target. + - RELOAD_SIGNAL Default signal is SIGHUP. Use to set an alternative + signal value. - STARTUP_TIME Defines the number of seconds expected to complete the startup process, including the bootstrap where applicable. @@ -69,7 +77,7 @@ endef include environment.mk include default.mk -# UI constants +.DEFAULT_GOAL := build COLOUR_NEGATIVE := \033[1;31m COLOUR_POSITIVE := \033[1;32m COLOUR_RESET := \033[0m @@ -106,25 +114,22 @@ PREFIX_SUB_STEP_POSITIVE := $(shell \ "$(PREFIX_SUB_STEP)" \ "$(COLOUR_RESET)"; \ ) - -.DEFAULT_GOAL := build - -# Package prerequisites docker := $(shell \ command -v docker \ ) -xz := $(shell \ - command -v xz \ +docker-status := $(shell \ + if ! docker version > /dev/null; \ + then \ + printf -- 'ERROR'; \ + else \ + printf -- 'OK'; \ + fi \ ) - -# Testing prerequisites shpec := $(shell \ command -v shpec \ ) - -# Used to test docker host is accessible -get-docker-info := $(shell \ - $(docker) info \ +xz := $(shell \ + command -v xz \ ) define get-docker-image-id @@ -166,6 +171,7 @@ endef distclean \ exec \ help \ + inspect \ install \ images \ load \ @@ -174,14 +180,18 @@ endef pause \ pull \ ps \ + reload \ restart \ rm \ + rm-exited \ rmi \ + rmi-dangling \ run \ start \ stop \ terminate \ test \ + top \ unpause _prerequisites: @@ -193,38 +203,34 @@ ifeq ($(xz),) $(error "Please install the xz package.") endif -ifeq ($(get-docker-info),) - $(error "Unable to connect to docker host.") +ifneq ($(docker-status),OK) + $(error "Docker server host error.") endif _require-docker-container: @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; \ then \ - printf -- '%sThis operation requires the %s container.\n' \ + >&2 printf -- '%sThis operation requires the %s container.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ - "$(DOCKER_NAME)" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "$(DOCKER_NAME)"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "install" \ - >&2; \ + "install"; \ exit 1; \ fi _require-docker-container-not: @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; \ then \ - printf -- '%sThis operation requires the %s container %s.\n' \ + >&2 printf -- '%sThis operation requires the %s container %s.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "$(DOCKER_NAME)" \ - "be removed or renamed" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "be removed or renamed"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "rm" \ - >&2; \ + "rm"; \ exit 1; \ fi @@ -234,16 +240,14 @@ _require-docker-container-not-status-paused: --filter "status=paused" \ ) ]]; \ then \ - printf -- '%sThis operation requires the %s container %s.\n' \ + >&2 printf -- '%sThis operation requires the %s container %s.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "$(DOCKER_NAME)" \ - "to be unpaused" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "to be unpaused"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "unpause" \ - >&2; \ + "unpause"; \ exit 1; \ fi @@ -253,16 +257,14 @@ _require-docker-container-status-created: --filter "status=created" \ ) ]]; \ then \ - printf -- '%sThis operation requires the %s container %s.\n' \ + >&2 printf -- '%sThis operation requires the %s container %s.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "$(DOCKER_NAME)" \ - "to be created" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "to be created"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "install" \ - >&2; \ + "install"; \ exit 1; \ fi @@ -272,16 +274,14 @@ _require-docker-container-status-exited: --filter "status=exited" \ ) ]]; \ then \ - printf -- '%sThis operation requires the %s container %s.\n' \ + >&2 printf -- '%sThis operation requires the %s container %s.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "$(DOCKER_NAME)" \ - "to be exited" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "to be exited"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "stop" \ - >&2; \ + "stop"; \ exit 1; \ fi @@ -291,16 +291,14 @@ _require-docker-container-status-paused: --filter "status=paused" \ ) ]]; \ then \ - printf -- '%sThis operation requires the %s container %s.\n' \ + >&2 printf -- '%sThis operation requires the %s container %s.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "$(DOCKER_NAME)" \ - "to be paused" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "to be paused"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "pause" \ - >&2; \ + "pause"; \ exit 1; \ fi @@ -310,42 +308,37 @@ _require-docker-container-status-running: --filter "status=running" \ ) ]]; \ then \ - printf -- '%sThis operation requires the %s container %s.\n' \ + >&2 printf -- '%sThis operation requires the %s container %s.\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "$(DOCKER_NAME)" \ - "to be running" \ - >&2; \ - printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ + "to be running"; \ + >&2 printf -- '%sTry: DOCKER_NAME=%s make %s\n' \ "$(PREFIX_SUB_STEP)" \ "$(DOCKER_NAME)" \ - "start" \ - >&2; \ + "start"; \ exit 1; \ fi _require-docker-image-tag: @ if ! [[ "$(DOCKER_IMAGE_TAG)" =~ $(DOCKER_IMAGE_TAG_PATTERN) ]]; \ then \ - printf -- '%sInvalid %s value: %s\n' \ + >&2 printf -- '%sInvalid %s value: %s\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "DOCKER_IMAGE_TAG" \ - "$(DOCKER_IMAGE_TAG)" \ - >&2; \ + "$(DOCKER_IMAGE_TAG)"; \ exit 1; \ fi _require-docker-release-tag: @ if ! [[ "$(DOCKER_IMAGE_TAG)" =~ $(DOCKER_IMAGE_RELEASE_TAG_PATTERN) ]]; \ then \ - printf -- '%sInvalid %s value: %s\n' \ + >&2 printf -- '%sInvalid %s value: %s\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "DOCKER_IMAGE_TAG" \ - "$(DOCKER_IMAGE_TAG)" \ - >&2; \ - printf -- '%s%s\n' \ + "$(DOCKER_IMAGE_TAG)"; \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP)" \ - "A release tag is required for this operation." \ - >&2; \ + "A release tag is required for this operation."; \ exit 1; \ fi @@ -359,18 +352,16 @@ _require-package-path: fi; \ if [[ ! $${?} -eq 0 ]]; \ then \ - printf -- '%s%s: %s\n' \ + >&2 printf -- '%s%s: %s\n' \ "$(PREFIX_STEP_NEGATIVE)" \ "Failed to make package path" \ - "$(DIST_PATH)" \ - >&2; \ + "$(DIST_PATH)"; \ exit 1; \ elif [[ -z $(DIST_PATH) ]]; \ then \ - printf -- '%sUndefined %s\n' \ + >&2 printf -- '%sUndefined %s\n' \ "$(PREFIX_STEP_NEGATIVE)" \ - "DIST_PATH" \ - >&2; \ + "DIST_PATH"; \ exit 1; \ fi @@ -415,10 +406,9 @@ build: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Build complete"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Build error" \ - >&2; \ + "Build error"; \ exit 1; \ fi @@ -426,7 +416,9 @@ clean: \ _prerequisites \ | \ terminate \ - rmi + rm-exited \ + rmi \ + rmi-dangling create: \ _prerequisites \ @@ -456,10 +448,9 @@ create: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Container created"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Container creation failed" \ - >&2; \ + "Container creation failed"; \ exit 1; \ fi @@ -506,10 +497,9 @@ dist: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Package saved"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Package save error" \ - >&2; \ + "Package save error"; \ exit 1; \ fi; \ fi @@ -547,10 +537,9 @@ distclean: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Package cleanup complete"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Package cleanup failed" \ - >&2; \ + "Package cleanup failed"; \ exit 1; \ fi; \ else \ @@ -560,7 +549,9 @@ distclean: \ fi exec: \ - _prerequisites + _prerequisites \ + _require-docker-container \ + _require-docker-container-status-running @ $(docker) exec -it $(DOCKER_NAME) $(filter-out $@, $(MAKECMDGOALS)) %:; @: @@ -572,17 +563,29 @@ images: \ help: \ _usage +inspect: \ + _prerequisites \ + _require-docker-container \ + _require-docker-container-status-running + @ $(docker) inspect \ + --type=container \ + $(filter-out $@, $(MAKECMDGOALS)) \ + $(DOCKER_NAME) +%:; @: + install: | \ _prerequisites \ terminate \ create logs: \ - _prerequisites + _prerequisites \ + _require-docker-container @ $(docker) logs $(DOCKER_NAME) logs-delayed: \ - _prerequisites + _prerequisites \ + _require-docker-container @ sleep $(STARTUP_TIME) @ $(MAKE) logs @@ -608,15 +611,13 @@ load: \ "$(DOCKER_IMAGE_TAG)"; \ if [[ ! -s $($@_dist_path)/$($@_dist_file) ]]; \ then \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Package not found" \ - >&2; \ - printf -- '%sTry: DOCKER_IMAGE_TAG=%s make %s\n' \ + "Package not found"; \ + >&2 printf -- '%sTry: DOCKER_IMAGE_TAG=%s make %s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ "$(DOCKER_IMAGE_TAG)" \ - "dist" \ - >&2; \ + "dist"; \ exit 1; \ else \ $(xz) -dc \ @@ -632,6 +633,7 @@ load: \ pause: \ _prerequisites \ + _require-docker-container \ _require-docker-container-status-running @ printf -- '%s%s\n' \ "$(PREFIX_STEP)" \ @@ -660,10 +662,9 @@ pull: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Image pulled"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Error pulling image" \ - >&2; \ + "Error pulling image"; \ exit 1; \ fi @@ -673,6 +674,19 @@ ps: \ @ $(docker) ps -as \ --filter "name=$(DOCKER_NAME)" +reload: \ + _prerequisites \ + _require-docker-container \ + _require-docker-container-status-running + @ printf -- '%s%s\n' \ + "$(PREFIX_STEP)" \ + "Reloading container" + @ $(docker) exec $(DOCKER_NAME) \ + kill -$(RELOAD_SIGNAL) 1 + @ printf -- '%s%s\n' \ + "$(PREFIX_SUB_STEP_POSITIVE)" \ + "Container reloaded" + restart: \ _prerequisites \ _require-docker-container \ @@ -710,14 +724,33 @@ rm: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Container removed"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Container removal failed" \ - >&2; \ + "Container removal failed"; \ exit 1; \ fi; \ fi +rm-exited: \ + _prerequisites + @ if [[ -z $$($(docker) ps -aq \ + --filter "status=exited" \ + ) ]]; \ + then \ + printf -- '%s%s\n' \ + "$(PREFIX_STEP)" \ + "Exited containers removal skipped"; \ + else \ + printf -- '%s%s\n' \ + "$(PREFIX_STEP)" \ + "Removing exited containers"; \ + $(docker) rm -f \ + $$($(docker) ps -aq \ + --filter "status=exited" \ + ) \ + 1> /dev/null; \ + fi + rmi: \ _prerequisites \ _require-docker-image-tag \ @@ -742,10 +775,9 @@ rmi: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Image untagged"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Error untagging image" \ - >&2; \ + "Error untagging image"; \ exit 1; \ fi; \ else \ @@ -754,6 +786,26 @@ rmi: \ "Untagging image skipped"; \ fi +rmi-dangling: \ + _prerequisites + @ if [[ -z $$($(docker) images -q \ + --filter "dangling=true" \ + ) ]]; \ + then \ + printf -- '%s%s\n' \ + "$(PREFIX_STEP)" \ + "Untagging dangling images skipped"; \ + else \ + printf -- '%s%s\n' \ + "$(PREFIX_STEP)" \ + "Untagging dangling images"; \ + $(docker) rmi \ + $$($(docker) images -q \ + --filter "dangling=true" \ + ) \ + 1> /dev/null; \ + fi + run: \ _prerequisites \ _require-docker-image-tag @@ -783,10 +835,9 @@ run: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Container running"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Container run failed" \ - >&2; \ + "Container run failed"; \ exit 1; \ fi @@ -816,15 +867,15 @@ start: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Container started"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Container start failed" \ - >&2; \ + "Container start failed"; \ exit 1; \ fi stop: \ _prerequisites \ + _require-docker-container \ _require-docker-container-not-status-paused \ _require-docker-container-status-running @ printf -- '%s%s\n' \ @@ -847,14 +898,20 @@ stop: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Container stopped"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Error stopping container" \ - >&2; \ + "Error stopping container"; \ exit 1; \ fi; \ fi +top: \ + _prerequisites \ + _require-docker-container \ + _require-docker-container-status-running + @ $(docker) top $(DOCKER_NAME) $(filter-out $@, $(MAKECMDGOALS)) +%:; @: + terminate: \ _prerequisites @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; \ @@ -905,10 +962,9 @@ terminate: \ "$(PREFIX_SUB_STEP_POSITIVE)" \ "Container terminated"; \ else \ - printf -- '%s%s\n' \ + >&2 printf -- '%s%s\n' \ "$(PREFIX_SUB_STEP_NEGATIVE)" \ - "Container termination failed" \ - >&2; \ + "Container termination failed"; \ exit 1; \ fi; \ fi @@ -926,6 +982,7 @@ test: \ unpause: \ _prerequisites \ + _require-docker-container \ _require-docker-container-status-paused @ printf -- '%s%s\n' \ "$(PREFIX_STEP)" \ diff --git a/README-short.txt b/README-short.txt index 0d2b401..10d1f80 100644 --- a/README-short.txt +++ b/README-short.txt @@ -1 +1 @@ -CentOS-7 7.5.1804 x86_64 - Varnish Cache. \ No newline at end of file +Varnish Cache - CentOS. \ No newline at end of file diff --git a/README.md b/README.md index 1e795c5..4b6b465 100644 --- a/README.md +++ b/README.md @@ -1,42 +1,26 @@ -centos-ssh-varnish -================== +### Tags and respective `Dockerfile` links -Docker Image including: -- CentOS-6 6.10 x86_64 and Varnish Cache 4.1. -- CentOS-7 7.5.1804 x86_64 and Varnish Cache 6.2. +- `centos-7`, `2.3.0` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/Dockerfile) +- `centos-6`, `1.6.0` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/Dockerfile) -## Overview & links +## Overview -- `centos-7`, `centos-7-2.3.0`, `2.3.0` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/Dockerfile) -- `centos-6`, `centos-6-1.6.0`, `1.6.0` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/Dockerfile) +Apache PHP web server, loading only a minimal set of Apache modules by default. -#### centos-6 +This build uses the base image [jdeathe/centos-ssh](https://github.com/jdeathe/centos-ssh) so inherits it's features but with `sshd` disabled by default. [Supervisor](http://supervisord.org/) is used to start the varnishd (and optionally the varnishncsa) daemon when a docker container based on this image is run. -The latest CentOS-6 based release can be pulled from the `centos-6` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-1.6.0`or `1.6.0` for the [1.6.0](https://github.com/jdeathe/centos-ssh-varnish/tree/1.6.0) release tag. +### Image variants -#### centos-7 +- [Varnish Cache 6.2 - CentOS-7](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7) +- [Varnish Cache 4.1 - CentOS-6](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6) -The latest CentOS-7 based release can be pulled from the `centos-7` Docker tag. It is recommended to select a specific release tag - the convention is `centos-7-2.3.0`or `2.3.0` for the [2.3.0](https://github.com/jdeathe/centos-ssh-varnish/tree/2.3.0) release tag. +## Quick start -Included in the build are the [SCL](https://www.softwarecollections.org/), [EPEL](http://fedoraproject.org/wiki/EPEL) and [IUS](https://ius.io) repositories. Installed packages include [OpenSSH](http://www.openssh.com/portable.html) secure shell, [vim-minimal](http://www.vim.org/), are installed along with python-setuptools, [supervisor](http://supervisord.org/) and [supervisor-stdout](https://github.com/coderanger/supervisor-stdout). +> For production use, it is recommended to select a specific release tag as shown in the examples. -Supervisor is used to start the varnishd (and optionally the varnishncsa or sshd) daemon when a docker container based on this image is run. +Run up a container named `varnish.1` from the docker image `jdeathe/centos-ssh-varnish` on port 80 of your docker host. 1 backend host is defined mapping the host `httpd_1` to the IP address `172.17.8.101`; this is required to identify the backend host that's defined in the default Varnish VCL file. -If enabling and configuring SSH access, it is by public key authentication and, by default, the [Vagrant](http://www.vagrantup.com/) [insecure private key](https://github.com/mitchellh/vagrant/blob/master/keys/vagrant) is required. - -### SSH Alternatives - -SSH is not required in order to access a terminal for the running container. The simplest method is to use the docker exec command to run bash (or sh) as follows: - -``` -$ docker exec -it {docker-name-or-id} bash -``` - -For cases where access to docker exec is not possible the preferred method is to use Command Keys and the nsenter command. See [command-keys.md](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/command-keys.md) for details on how to set this up. - -## Quick Example - -Run up a container named `varnish.1` from the docker image `jdeathe/centos-ssh-varnish` on port 80 of your docker host. 1 backend host is defined with the IP address 172.17.8.101; this is required to identify the backend hosts from within the Varnish VCL file. +> Change `172.17.8.101` in the example below to an IP address that resolves to a valid web server on your network. ``` $ docker run -d -t \ @@ -47,7 +31,14 @@ $ docker run -d -t \ jdeathe/centos-ssh-varnish:2.3.0 ``` -Now you can verify it is initialised and running successfully by inspecting the container's logs. +Verify the named container's process status and health. + +``` +$ docker ps -a \ + -f "name=varnish.1" +``` + +Verify successful initialisation of the named container. ``` $ docker logs varnish.1 @@ -57,7 +48,9 @@ $ docker logs varnish.1 ### Running -To run the a docker container from this image you can use the standard docker commands. Alternatively, if you have a checkout of the [source repository](https://github.com/jdeathe/centos-ssh-varnish), and have make installed the Makefile provides targets to build, install, start, stop etc. where environment variables can be used to configure the container options and set custom docker run parameters. +To run the a docker container from this image you can use the standard docker commands as shown in the example below. Alternatively, there's a [docker-compose](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/docker-compose.yml) example. + +For production use, it is recommended to select a specific release tag as shown in the examples. In the following example the http service is bound to port 8000 and offloaded https on port 8500 of the docker host. Also, the environment variable `VARNISH_STORAGE` has been used to set up a 256M memory based storage instead of the default file based type. @@ -65,8 +58,8 @@ In the following example the http service is bound to port 8000 and offloaded ht ``` $ docker stop varnish.1 && \ - docker rm varnish.1 -$ docker run \ + docker rm varnish.1; \ + docker run \ --detach \ --tty \ --name varnish.1 \ @@ -85,23 +78,17 @@ $ docker run \ jdeathe/centos-ssh-varnish:2.3.0 ``` -Now you can verify it is initialised and running successfully by inspecting the container's logs: - -``` -$ docker logs varnish.1 -``` - #### Environment Variables There are several environmental variables defined at runtime which allows the operator to customise the running container. This may become necessary under special circumstances and the following show those that are most likely to be considered for review, the rest should be left unaltered and for clarification refer to the [varnishd documentation](https://www.varnish-cache.org/docs/6.0/index.html). -##### VARNISH_AUTOSTART_VARNISHD_WRAPPER +##### ENABLE_VARNISHD_WRAPPER -It may be desirable to prevent the startup of the varnishd-wrapper script. For example, when using an image built from this Dockerfile as the source for another Dockerfile you could disable varnishd from startup by setting `VARNISH_AUTOSTART_VARNISHD_WRAPPER` to `false`. +It may be desirable to prevent the startup of the varnishd-wrapper script. For example, when using an image built from this Dockerfile as the source for another Dockerfile you could disable varnishd from startup by setting `ENABLE_VARNISHD_WRAPPER` to `false`. -##### VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER +##### ENABLE_VARNISHNCSA_WRAPPER -Controls the startup of the varnishncsa-wrapper script which is not started by default. With `VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER` set to `true` the `varnishncsa` process is started to output the Varnish in-memory logs to the log file `/var/log/varnish/access_log`. Logs are in Apache / NCSA combined log format unless altered using `VARNISH_VARNISHNCSA_FORMAT`. +Controls the startup of the varnishncsa-wrapper script which is not started by default. With `ENABLE_VARNISHNCSA_WRAPPER` set to `true` the `varnishncsa` process is started to output the Varnish in-memory logs to the log file `/var/log/varnish/access_log`. Logs are in Apache / NCSA combined log format unless altered using `VARNISH_VARNISHNCSA_FORMAT`. ##### VARNISH_MIN_THREADS, VARNISH_MAX_THREADS & VARNISH_THREAD_TIMEOUT @@ -121,7 +108,7 @@ The `VARNISH_TTL` can be used to set a hard minimum time to live for cached docu ##### VARNISH_VARNISHNCSA_FORMAT -When `VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER` is set to `true` then `VARNISH_VARNISHNCSA_FORMAT` can be used to set the output log [format string](https://varnish-cache.org/docs/6.0/reference/varnishncsa.html#format). +When `ENABLE_VARNISHNCSA_WRAPPER` is set to `true` then `VARNISH_VARNISHNCSA_FORMAT` can be used to set the output log [format string](https://varnish-cache.org/docs/6.0/reference/varnishncsa.html#format). ##### VARNISH_VARNISHNCSA_OPTIONS diff --git a/command-keys.md b/command-keys.md deleted file mode 100644 index f3b4e04..0000000 --- a/command-keys.md +++ /dev/null @@ -1,67 +0,0 @@ -# Command Keys - -Using command keys to access containers (without sshd). - -Access docker containers using docker host SSH public key authentication and nsenter command to start up a bash terminal inside a container. In the following example the container name is "varnish.1" - -## Create a unique public/private key pair for each container - -``` -$ cd ~/.ssh/ && ssh-keygen -q -t rsa -f id-rsa.varnish.1 -``` - -## Prefix the public key with the nsenter command - -``` -$ sed -i '' \ - '1s#^#command="sudo nsenter -m -u -i -n -p -t $(docker inspect --format \\\"{{ .State.Pid }}\\\" varnish.1) /bin/bash" #' \ - ~/.ssh/id-rsa.varnish.1.pub -``` - -## Upload the public key to the docker host VM - -The host in this example is core-01.local that has SSH public key authentication enabled using the Vagrant insecure private key. - -### Generic Linux Host Example - -``` -$ cat ~/.ssh/id-rsa.varnish.1.pub | ssh -i ~/.vagrant.d/insecure_private_key \ - core@core-01.local \ - "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" -``` - -### CoreOS Host Example - -``` -$ cat ~/.ssh/id-rsa.varnish.1.pub | ssh -i ~/.vagrant.d/insecure_private_key \ - core@core-01.local \ - update-ssh-keys -a core@varnish.1 -``` - -### Usage - -``` -$ ssh -i ~/.ssh/id-rsa.varnish.1 \ - core@core-01.local \ - -o StrictHostKeyChecking=no -``` - -#### SSH Config - -To simplify the command required to access the running container we can add an entry to the SSH configuration file ```~/.ssh/config``` as follows: - -``` -Host core-01.varnish.1 - HostName core-01.local - Port 22 - User core - StrictHostKeyChecking no - IdentitiesOnly yes - IdentityFile ~/.ssh/id-rsa.varnish.1 -``` - -With the above entry in place we can now run the following to access the running container: - -``` -$ ssh core-01.varnish.1 -``` diff --git a/default.mk b/default.mk index cd40d45..870fced 100644 --- a/default.mk +++ b/default.mk @@ -82,8 +82,8 @@ define DOCKER_CONTAINER_PARAMETERS --ulimit "memlock=$(ULIMIT_MEMLOCK)" \ --ulimit "nofile=$(ULIMIT_NOFILE)" \ --ulimit "nproc=$(ULIMIT_NPROC)" \ ---env "VARNISH_AUTOSTART_VARNISHD_WRAPPER=$(VARNISH_AUTOSTART_VARNISHD_WRAPPER)" \ ---env "VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=$(VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER)" \ +--env "ENABLE_VARNISHD_WRAPPER=$(ENABLE_VARNISHD_WRAPPER)" \ +--env "ENABLE_VARNISHNCSA_WRAPPER=$(ENABLE_VARNISHNCSA_WRAPPER)" \ --env "VARNISH_MAX_THREADS=$(VARNISH_MAX_THREADS)" \ --env "VARNISH_MIN_THREADS=$(VARNISH_MIN_THREADS)" \ --env "VARNISH_OPTIONS=$(VARNISH_OPTIONS)" \ diff --git a/docker-compose.yml b/docker-compose.yml index 7fc7ff0..7b9f374 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,7 +34,7 @@ services: depends_on: - "apache-php" environment: - VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER: "true" + ENABLE_VARNISHNCSA_WRAPPER: "true" VARNISH_MAX_THREADS: "${VARNISH_MAX_THREADS}" VARNISH_MIN_THREADS: "${VARNISH_MIN_THREADS}" VARNISH_OPTIONS: "${VARNISH_OPTIONS}" @@ -78,7 +78,7 @@ services: APACHE_SERVER_NAME: "www.app.local" PHP_OPTIONS_SESSION_SAVE_HANDLER: "memcached" PHP_OPTIONS_SESSION_SAVE_PATH: "memcached:11211" - image: "jdeathe/centos-ssh-apache-php:3.2.0" + image: "jdeathe/centos-ssh-apache-php:3.3.2" networks: tier2: aliases: @@ -92,7 +92,7 @@ services: environment: MEMCACHED_CACHESIZE: "32" MEMCACHED_MAXCONN: "1024" - image: "jdeathe/centos-ssh-memcached:2.2.1" + image: "jdeathe/centos-ssh-memcached:2.3.0" networks: - "tier2" restart: "always" diff --git a/environment.mk b/environment.mk index dc8493b..ac7b35f 100644 --- a/environment.mk +++ b/environment.mk @@ -1,41 +1,28 @@ # ------------------------------------------------------------------------------ # Constants # ------------------------------------------------------------------------------ -DOCKER_USER := jdeathe DOCKER_IMAGE_NAME := centos-ssh-varnish +DOCKER_IMAGE_RELEASE_TAG_PATTERN := ^[1-2]\.[0-9]+\.[0-9]+$ +DOCKER_IMAGE_TAG_PATTERN := ^(latest|[1-2]\.[0-9]+\.[0-9]+)$ +DOCKER_USER := jdeathe SHPEC_ROOT := test/shpec -# Tag validation patterns -DOCKER_IMAGE_TAG_PATTERN := ^(latest|centos-[6-7]|((1|2|centos-(6-1|7-2))\.[0-9]+\.[0-9]+))$ -DOCKER_IMAGE_RELEASE_TAG_PATTERN := ^(1|2|centos-(6-1|7-2))\.[0-9]+\.[0-9]+$ - # ------------------------------------------------------------------------------ # Variables # ------------------------------------------------------------------------------ - -# Docker image/container settings +DIST_PATH ?= ./dist DOCKER_CONTAINER_OPTS ?= DOCKER_IMAGE_TAG ?= latest DOCKER_NAME ?= varnish.1 DOCKER_PORT_MAP_TCP_80 ?= 8000 DOCKER_PORT_MAP_TCP_8443 ?= 8500 DOCKER_RESTART_POLICY ?= always - -# Docker build --no-cache parameter NO_CACHE ?= false - -# Directory path for release packages -DIST_PATH ?= ./dist - -# Number of seconds expected to complete container startup including bootstrap. +RELOAD_SIGNAL ?= HUP STARTUP_TIME ?= 4 - -# Docker --sysctl settings SYSCTL_NET_CORE_SOMAXCONN ?= 1024 SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE ?= 1024 65535 SYSCTL_NET_IPV4_ROUTE_FLUSH ?= 1 - -# Docker --ulimit settings ULIMIT_MEMLOCK ?= 82000 ULIMIT_NOFILE ?= 131072 ULIMIT_NPROC ?= 9223372036854775807 @@ -43,8 +30,8 @@ ULIMIT_NPROC ?= 9223372036854775807 # ------------------------------------------------------------------------------ # Application container configuration # ------------------------------------------------------------------------------ -VARNISH_AUTOSTART_VARNISHD_WRAPPER ?= true -VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER ?= false +ENABLE_VARNISHD_WRAPPER ?= true +ENABLE_VARNISHNCSA_WRAPPER ?= false VARNISH_MAX_THREADS ?= 1000 VARNISH_MIN_THREADS ?= 50 VARNISH_OPTIONS ?= diff --git a/src/etc/supervisord.d/varnishncsa-wrapper.conf b/src/etc/supervisord.d/50-varnishncsa-wrapper.conf similarity index 78% rename from src/etc/supervisord.d/varnishncsa-wrapper.conf rename to src/etc/supervisord.d/50-varnishncsa-wrapper.conf index 8bb1199..b89eb68 100644 --- a/src/etc/supervisord.d/varnishncsa-wrapper.conf +++ b/src/etc/supervisord.d/50-varnishncsa-wrapper.conf @@ -1,10 +1,10 @@ [program:varnishncsa-wrapper] autorestart = true -autostart = %(ENV_VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER)s +autostart = %(ENV_ENABLE_VARNISHNCSA_WRAPPER)s command = /usr/sbin/varnishncsa-wrapper --verbose -priority = 150 -startsecs = 1 +priority = 50 startretries = 0 +startsecs = 1 stderr_logfile = /dev/stderr stderr_logfile_maxbytes = 0 stdout_logfile = /dev/stdout diff --git a/src/etc/supervisord.d/varnishd-wrapper.conf b/src/etc/supervisord.d/80-varnishd-wrapper.conf similarity index 77% rename from src/etc/supervisord.d/varnishd-wrapper.conf rename to src/etc/supervisord.d/80-varnishd-wrapper.conf index 592d7cc..681704b 100644 --- a/src/etc/supervisord.d/varnishd-wrapper.conf +++ b/src/etc/supervisord.d/80-varnishd-wrapper.conf @@ -1,10 +1,10 @@ [program:varnishd-wrapper] autorestart = true -autostart = %(ENV_VARNISH_AUTOSTART_VARNISHD_WRAPPER)s +autostart = %(ENV_ENABLE_VARNISHD_WRAPPER)s command = /usr/sbin/varnishd-wrapper --verbose -priority = 100 -startsecs = 1 +priority = 80 startretries = 0 +startsecs = 1 stderr_logfile = /dev/stderr stderr_logfile_maxbytes = 0 stdout_logfile = /dev/stdout diff --git a/src/etc/systemd/system/centos-ssh-varnish@.service b/src/etc/systemd/system/centos-ssh-varnish@.service index 61007c2..9917daf 100644 --- a/src/etc/systemd/system/centos-ssh-varnish@.service +++ b/src/etc/systemd/system/centos-ssh-varnish@.service @@ -63,8 +63,8 @@ Environment="SYSCTL_NET_IPV4_ROUTE_FLUSH=1" Environment="ULIMIT_MEMLOCK=82000" Environment="ULIMIT_NOFILE=131072" Environment="ULIMIT_NPROC=9223372036854775807" -Environment="VARNISH_AUTOSTART_VARNISHD_WRAPPER=true" -Environment="VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=false" +Environment="ENABLE_VARNISHD_WRAPPER=true" +Environment="ENABLE_VARNISHNCSA_WRAPPER=false" Environment="VARNISH_MAX_THREADS=1000" Environment="VARNISH_MIN_THREADS=50" Environment="VARNISH_OPTIONS=" @@ -137,8 +137,8 @@ ExecStart=/bin/bash -c \ --ulimit \"memlock=${ULIMIT_MEMLOCK}\" \ --ulimit \"nofile=${ULIMIT_NOFILE}\" \ --ulimit \"nproc=${ULIMIT_NPROC}\" \ - --env \"VARNISH_AUTOSTART_VARNISHD_WRAPPER=${VARNISH_AUTOSTART_VARNISHD_WRAPPER}\" \ - --env \"VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER}\" \ + --env \"ENABLE_VARNISHD_WRAPPER=${ENABLE_VARNISHD_WRAPPER}\" \ + --env \"ENABLE_VARNISHNCSA_WRAPPER=${ENABLE_VARNISHNCSA_WRAPPER}\" \ --env \"VARNISH_MAX_THREADS=${VARNISH_MAX_THREADS}\" \ --env \"VARNISH_MIN_THREADS=${VARNISH_MIN_THREADS}\" \ --env \"VARNISH_OPTIONS=${VARNISH_OPTIONS}\" \ diff --git a/src/etc/varnish/docker-default.vcl b/src/etc/varnish/docker-default.vcl index e5a44c2..b01dde8 100644 --- a/src/etc/varnish/docker-default.vcl +++ b/src/etc/varnish/docker-default.vcl @@ -72,6 +72,7 @@ sub vcl_recv { std.port(local.ip) == 80) { # Port 80 set req.http.X-Forwarded-Port = "80"; + set req.http.X-Forwarded-Proto = "http"; set req.backend_hint = director_http.backend(); } else { # Reject unexpected ports diff --git a/src/opt/scmi/default.sh b/src/opt/scmi/default.sh index 3dbf3f3..f65cd11 100644 --- a/src/opt/scmi/default.sh +++ b/src/opt/scmi/default.sh @@ -95,8 +95,8 @@ DOCKER_CONTAINER_PARAMETERS="--tty \ --ulimit \"memlock=${ULIMIT_MEMLOCK}\" \ --ulimit \"nofile=${ULIMIT_NOFILE}\" \ --ulimit \"nproc=${ULIMIT_NPROC}\" \ ---env \"VARNISH_AUTOSTART_VARNISHD_WRAPPER=${VARNISH_AUTOSTART_VARNISHD_WRAPPER}\" \ ---env \"VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER}\" \ +--env \"ENABLE_VARNISHD_WRAPPER=${ENABLE_VARNISHD_WRAPPER}\" \ +--env \"ENABLE_VARNISHNCSA_WRAPPER=${ENABLE_VARNISHNCSA_WRAPPER}\" \ --env \"VARNISH_MAX_THREADS=${VARNISH_MAX_THREADS}\" \ --env \"VARNISH_MIN_THREADS=${VARNISH_MIN_THREADS}\" \ --env \"VARNISH_OPTIONS=${VARNISH_OPTIONS}\" \ diff --git a/src/opt/scmi/environment.sh b/src/opt/scmi/environment.sh index 8881c87..352b9fb 100644 --- a/src/opt/scmi/environment.sh +++ b/src/opt/scmi/environment.sh @@ -1,54 +1,39 @@ # ------------------------------------------------------------------------------ # Constants # ------------------------------------------------------------------------------ -readonly DOCKER_USER=jdeathe readonly DOCKER_IMAGE_NAME=centos-ssh-varnish - -# Tag validation patterns -readonly DOCKER_IMAGE_TAG_PATTERN='^(latest|centos-[6-7]|((1|2|centos-(6-1|7-2))\.[0-9]+\.[0-9]+))$' -readonly DOCKER_IMAGE_RELEASE_TAG_PATTERN='^(1|2|centos-(6-1|7-2))\.[0-9]+\.[0-9]+$' +readonly DOCKER_IMAGE_RELEASE_TAG_PATTERN='^[1-2]\.[0-9]+\.[0-9]+$' +readonly DOCKER_IMAGE_TAG_PATTERN='^(latest|[1-2]\.[0-9]+\.[0-9]+)$' +readonly DOCKER_USER=jdeathe # ------------------------------------------------------------------------------ # Variables # ------------------------------------------------------------------------------ - -# Docker image/container settings +DIST_PATH="${DIST_PATH:-./dist}" DOCKER_CONTAINER_OPTS="${DOCKER_CONTAINER_OPTS:-}" DOCKER_IMAGE_TAG="${DOCKER_IMAGE_TAG:-latest}" DOCKER_NAME="${DOCKER_NAME:-varnish.1}" DOCKER_PORT_MAP_TCP_80="${DOCKER_PORT_MAP_TCP_80:-8000}" DOCKER_PORT_MAP_TCP_8443="${DOCKER_PORT_MAP_TCP_8443:-8500}" DOCKER_RESTART_POLICY="${DOCKER_RESTART_POLICY:-always}" - -# Docker build --no-cache parameter NO_CACHE="${NO_CACHE:-false}" - -# Directory path for release packages -DIST_PATH="${DIST_PATH:-./dist}" - -# Number of seconds expected to complete container startup including bootstrap. +REGISTER_ETCD_PARAMETERS="${REGISTER_ETCD_PARAMETERS:-}" +REGISTER_TTL="${REGISTER_TTL:-60}" +REGISTER_UPDATE_INTERVAL="${REGISTER_UPDATE_INTERVAL:-55}" STARTUP_TIME="${STARTUP_TIME:-4}" - -# Docker --sysctl settings SYSCTL_NET_CORE_SOMAXCONN="${SYSCTL_NET_CORE_SOMAXCONN:-1024}" -SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE="${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE:-1024 65535}" +SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE="${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE:-"1024 65535"}" SYSCTL_NET_IPV4_ROUTE_FLUSH="${SYSCTL_NET_IPV4_ROUTE_FLUSH:-1}" - -# Docker --ulimit settings ULIMIT_MEMLOCK="${ULIMIT_MEMLOCK:-82000}" ULIMIT_NOFILE="${ULIMIT_NOFILE:-131072}" ULIMIT_NPROC="${ULIMIT_NPROC:-9223372036854775807}" -# ETCD register service settings -REGISTER_ETCD_PARAMETERS="${REGISTER_ETCD_PARAMETERS:-}" -REGISTER_TTL="${REGISTER_TTL:-60}" -REGISTER_UPDATE_INTERVAL="${REGISTER_UPDATE_INTERVAL:-55}" # ------------------------------------------------------------------------------ # Application container configuration # ------------------------------------------------------------------------------ -VARNISH_AUTOSTART_VARNISHD_WRAPPER="${VARNISH_AUTOSTART_VARNISHD_WRAPPER:-true}" -VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER="${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER:-false}" +ENABLE_VARNISHD_WRAPPER="${ENABLE_VARNISHD_WRAPPER:-true}" +ENABLE_VARNISHNCSA_WRAPPER="${ENABLE_VARNISHNCSA_WRAPPER:-false}" VARNISH_MAX_THREADS="${VARNISH_MAX_THREADS:-1000}" VARNISH_MIN_THREADS="${VARNISH_MIN_THREADS:-50}" VARNISH_OPTIONS="" diff --git a/src/opt/scmi/service-unit.sh b/src/opt/scmi/service-unit.sh index 2d5eed0..eb818ee 100644 --- a/src/opt/scmi/service-unit.sh +++ b/src/opt/scmi/service-unit.sh @@ -7,14 +7,14 @@ readonly SERVICE_UNIT_ENVIRONMENT_KEYS=" DOCKER_IMAGE_TAG DOCKER_PORT_MAP_TCP_80 DOCKER_PORT_MAP_TCP_8443 + ENABLE_VARNISHD_WRAPPER + ENABLE_VARNISHNCSA_WRAPPER SYSCTL_NET_CORE_SOMAXCONN SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE SYSCTL_NET_IPV4_ROUTE_FLUSH ULIMIT_MEMLOCK ULIMIT_NOFILE ULIMIT_NPROC - VARNISH_AUTOSTART_VARNISHD_WRAPPER - VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER VARNISH_MAX_THREADS VARNISH_MIN_THREADS VARNISH_OPTIONS diff --git a/src/usr/bin/healthcheck b/src/usr/bin/healthcheck index 30f0bb4..a699512 100755 --- a/src/usr/bin/healthcheck +++ b/src/usr/bin/healthcheck @@ -2,8 +2,47 @@ set -e +function __get_system_timezone () +{ + local -r default_value="${1:-UTC}" + + local value="${SYSTEM_TIMEZONE}" + + if ! __is_valid_system_timezone "${value}" + then + value="${default_value}" + fi + + printf -- '%s' "${value}" +} + +function __is_valid_system_timezone () +{ + __is_valid_zone "${@}" +} + +function __is_valid_zone () +{ + local zone="${1}" + + if [[ -n ${zone} ]] \ + && [[ -f /usr/share/zoneinfo/${zone} ]] + then + return 0 + fi + + return 1 +} + function main () { + local -r system_timezone="$( + __get_system_timezone + )" + local -r zone="$( + system-timezone -qq + )" + if ! ps axo command \ | grep -qE '^/usr/bin/python /usr/bin/supervisord' then @@ -13,14 +52,21 @@ function main () exit 1 fi - if [[ ${VARNISH_AUTOSTART_VARNISHD_WRAPPER} == false ]] \ - && [[ ${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER} == false ]] + if [[ ${system_timezone} != "${zone}" ]] + then + >&2 printf -- \ + '%s\n' \ + "system-timezone zone mismatch." + exit 1 + fi + + if [[ ${ENABLE_VARNISHD_WRAPPER} == false ]] \ + && [[ ${ENABLE_VARNISHNCSA_WRAPPER} == false ]] then exit 0 fi - # varnishd-wrapper - if [[ ${VARNISH_AUTOSTART_VARNISHD_WRAPPER} == true ]] \ + if [[ ${ENABLE_VARNISHD_WRAPPER} == true ]] \ && ! ps axo command \ | grep -qE '^/usr/sbin/varnishd ' then @@ -30,8 +76,7 @@ function main () exit 1 fi - # ready status - if [[ ${VARNISH_AUTOSTART_VARNISHD_WRAPPER} == true ]] \ + if [[ ${ENABLE_VARNISHD_WRAPPER} == true ]] \ && ! varnishadm vcl.show -v boot \ &> /dev/null then @@ -41,8 +86,7 @@ function main () exit 1 fi - # varnishncsa-wrapper - if [[ ${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER} == true ]] \ + if [[ ${ENABLE_VARNISHNCSA_WRAPPER} == true ]] \ && ! ps axo command \ | grep -qE '^/usr/bin/varnishncsa ' then diff --git a/src/usr/sbin/varnishd-wrapper b/src/usr/sbin/varnishd-wrapper index 40cc11d..1ec218e 100755 --- a/src/usr/sbin/varnishd-wrapper +++ b/src/usr/sbin/varnishd-wrapper @@ -67,6 +67,14 @@ function __get_options () "${options}" } +function __get_proxy () +{ + printf -- \ + '%s -n %s' \ + "${nice}" \ + "${niceness}" +} + function __get_timer_total () { local -r timer_end="$( @@ -197,6 +205,26 @@ function __get_varnish_vcl_conf_path () printf -- '%s' "${value}" } +function __get_varnishd_version () +{ + local semantic_version + + if ! command -v varnishd &> /dev/null + then + >&2 printf -- \ + 'ERROR: varnishd binary not installed\n' + return 1 + fi + + semantic_version="$( + 2>&1 varnishd -V \ + | grep -E -o 'varnish-\/[0-9]+\.[0-9]+\.[0-9]+' \ + | awk -F'-' '{ print $NF; }' + )" + + printf -- '%s' "${semantic_version}" +} + function __is_valid_positive_integer () { local -r positive_integer='^[0-9]+$' @@ -268,26 +296,6 @@ function __is_valid_varnish_ttl () __is_valid_positive_integer "${@}" } -function __get_varnishd_version () -{ - local semantic_version - - if ! command -v varnishd &> /dev/null - then - >&2 printf -- \ - 'ERROR: varnishd binary not installed\n' - return 1 - fi - - semantic_version="$( - 2>&1 varnishd -V \ - | grep -E -o 'varnish-\/[0-9]+\.[0-9]+\.[0-9]+' \ - | awk -F'-' '{ print $NF; }' - )" - - printf -- '%s' "${semantic_version}" -} - function __populate_psk_secret_file () { local -r file_path="${1:-/etc/varnish/secret}" @@ -301,7 +309,8 @@ function __populate_psk_secret_file () if [[ ${verbose} == true ]] then printf -- \ - 'INFO: Populating Varnish PSK secret file\n' + 'INFO: %s populating PSK secret file\n' \ + "${0##*/}" fi dd \ @@ -344,7 +353,8 @@ function __set_varnish_vcl_conf () if [[ ! ${value} =~ ${pattern_plain_text} ]] then >&2 printf -- \ - 'ERROR: Invalid VCL\n' + 'ERROR: %s invalid VCL\n' + "${0##*/}" exit 1 fi @@ -373,7 +383,8 @@ function __test_varnish_vcl_conf () set -e >&2 printf -- \ - 'ERROR: Invalid VCL\n' + 'ERROR: %s invalid VCL\n' \ + "${0##*/}" exit 1 fi } @@ -390,6 +401,7 @@ function main () )" local options + local proxy local timer_total local varnish_max_threads local varnish_min_threads @@ -400,7 +412,6 @@ function main () local varnish_vcl_conf local verbose="false" - # Parse options while [[ "${#}" -gt 0 ]] do case "${1}" in @@ -411,7 +422,7 @@ function main () esac done - if [[ -e ${lock_file} ]] + if [[ -f ${lock_file} ]] then >&2 printf -- \ 'ERROR: %s lock detected - aborting\n' \ @@ -424,7 +435,7 @@ function main () __create_lock if [[ ${verbose} == true ]] \ - && [[ ! -e ${state_file} ]] + && [[ ! -f ${state_file} ]] then varnish_max_threads="$( __get_varnish_max_threads @@ -463,6 +474,9 @@ function main () "${varnish_thread_timeout}" \ "${varnish_options}" )" + proxy="$( + __get_proxy + )" timer_total="$( __get_timer_total \ @@ -490,13 +504,11 @@ function main () options="$( __get_options )" + proxy="$( + __get_proxy + )" fi - __create_state - __cleanup - trap - \ - INT TERM EXIT - if [[ ${verbose} == true ]] then printf -- \ @@ -505,8 +517,13 @@ function main () "${bin##*/}" fi - exec ${nice} \ - -n ${niceness} \ + __create_state + __cleanup + trap - \ + INT TERM EXIT + + exec \ + ${proxy} \ ${bin} \ ${options} } diff --git a/src/usr/sbin/varnishncsa-wrapper b/src/usr/sbin/varnishncsa-wrapper index 07eb293..a1fdc76 100755 --- a/src/usr/sbin/varnishncsa-wrapper +++ b/src/usr/sbin/varnishncsa-wrapper @@ -43,6 +43,14 @@ function __get_options () "${options}" } +function __get_proxy () +{ + printf -- \ + '%s -n %s' \ + "${nice}" \ + "${niceness}" +} + function __get_timer_total () { local -r timer_end="$( @@ -54,7 +62,8 @@ function __get_timer_total () || [[ ${timer_start//.} -gt ${timer_end//.} ]] then >&2 printf -- \ - 'ERROR: invalid timer start: %s\n' \ + 'ERROR: %s invalid timer start: %s\n' \ + "${0##*/}" \ "${timer_start}" printf -- \ '0.000000' @@ -93,31 +102,50 @@ function main () local -r lock_file="/var/lock/subsys/varnish/varnishncsa-wrapper" local -r nice="/bin/nice" local -r niceness="10" - local -r prerequisite_autostart="${VARNISH_AUTOSTART_VARNISHD_WRAPPER:-true}" local -r prerequisite_state_file="/var/lib/misc/varnishd-wrapper" + local -r prerequisite_timeout="4" local -r state_file="/var/lib/misc/varnish/varnishncsa-wrapper" local -r timer_start="$( date +%s.%N )" local options + local proxy local timer_total local varnish_varnishncsa_format local varnish_varnishncsa_options local verbose="false" - if [[ ${prerequisite_autostart} == false ]] + if [[ ${verbose} == true ]] then - # block. - sleep infinity + printf -- \ + 'INFO: %s waiting on %s\n' \ + "${0##*/}" \ + "${prerequisite_state_file##*/}" fi - until [[ -e ${prerequisite_state_file} ]] + set +e + until [[ -f ${prerequisite_state_file} ]] do - sleep 0.1 + if ! inotifywait -qq \ + -e "create" \ + -t "${bootstrap_timeout}" \ + "${prerequisite_state_file%/*}" + then + break + fi done + set -e + + if ! [[ -f ${prerequisite_state_file} ]] + then + >&2 printf -- \ + 'ERROR: %s timed out waiting on %s\n' \ + "${0##*/}" \ + "${prerequisite_state_file##*/}" + exit 1 + fi - # Parse options while [[ "${#}" -gt 0 ]] do case "${1}" in @@ -131,7 +159,7 @@ function main () if [[ -e ${lock_file} ]] then >&2 printf -- \ - 'ERROR: %s lock detected - aborting.\n' \ + 'ERROR: %s lock detected - aborting\n' \ "${0##*/}" exit 1 fi @@ -155,6 +183,9 @@ function main () "${varnish_varnishncsa_format}" \ "${varnish_varnishncsa_options}" )" + proxy="$( + __get_proxy + )" timer_total="$( __get_timer_total \ @@ -177,6 +208,9 @@ function main () options="$( __get_options )" + proxy="$( + __get_proxy + )" fi __create_state @@ -192,8 +226,8 @@ function main () "${bin##*/}" fi - eval "exec ${nice} \ - -n ${niceness} \ + eval "exec \ + ${proxy} \ ${bin} \ ${options}" } diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index ead0742..f6ae07b 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -810,7 +810,7 @@ function test_custom_configuration () docker run \ --detach \ --name varnish.1 \ - --env VARNISH_AUTOSTART_VARNISHD_WRAPPER=false \ + --env ENABLE_VARNISHD_WRAPPER=false \ --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ @@ -840,7 +840,7 @@ function test_custom_configuration () docker run \ --detach \ --name varnish.1 \ - --env VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=true \ + --env ENABLE_VARNISHNCSA_WRAPPER=true \ --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ @@ -883,7 +883,7 @@ function test_custom_configuration () docker run \ --detach \ --name varnish.1 \ - --env VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=true \ + --env ENABLE_VARNISHNCSA_WRAPPER=true \ --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ @@ -942,7 +942,7 @@ function test_custom_configuration () docker run \ --detach \ --name varnish.1 \ - --env VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=true \ + --env ENABLE_VARNISHNCSA_WRAPPER=true \ --env VARNISH_VARNISHNCSA_FORMAT="%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\" %{Varnish:hitmiss}x" \ --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ @@ -1123,7 +1123,7 @@ function test_healthcheck () docker run \ --detach \ --name varnish.1 \ - --env VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=true \ + --env ENABLE_VARNISHNCSA_WRAPPER=true \ --network ${backend_network} \ jdeathe/centos-ssh-varnish:latest \ &> /dev/null @@ -1182,8 +1182,8 @@ function test_healthcheck () docker run \ --detach \ --name varnish.1 \ - --env VARNISH_AUTOSTART_VARNISHD_WRAPPER=false \ - --env VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=false \ + --env ENABLE_VARNISHD_WRAPPER=false \ + --env ENABLE_VARNISHNCSA_WRAPPER=false \ --network ${backend_network} \ jdeathe/centos-ssh-varnish:latest \ &> /dev/null From f3ccdc92475a4a82274c7cc767a5e65bf28cbdaa Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 9 Aug 2019 20:22:01 +0100 Subject: [PATCH 02/26] #189: Fixes error restarting/reloading varnishd. --- CHANGELOG.md | 1 + src/usr/sbin/varnishd-wrapper | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b18833a..a8d5dbb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ Summary of release changes. - Updates varnishd supervisord configuration file/priority to `80-varnishd-wrapper.conf`/`80`. - Updates varnishncsa supervisord configuration file/priority to `50-varnishncsa-wrapper.conf`/`50`. - Fixes docker host connection status check in Makefile. +- Fixes error when restarting/reloading varnishd. - Adds `inspect`, `reload` and `top` Makefile targets. - Adds improved `clean` Makefile target; includes exited containers and dangling images. - Adds `SYSTEM_TIMEZONE` handling to Makefile, scmi, systemd unit and docker-compose templates. diff --git a/src/usr/sbin/varnishd-wrapper b/src/usr/sbin/varnishd-wrapper index 1ec218e..9ce8eda 100755 --- a/src/usr/sbin/varnishd-wrapper +++ b/src/usr/sbin/varnishd-wrapper @@ -38,7 +38,7 @@ function __get_options () __get_varnish_options )"}" local -r storage="${2:-"$( - __get_varnish_options + __get_varnish_storage )"}" local -r thread_timeout="${6:-"$( __get_varnish_thread_timeout From ec4aee11c42b59b5b9088807c00f84017a86ccc0 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 13:06:23 +0100 Subject: [PATCH 03/26] #189: Updates docker-compose example to use redis session store for PHP app. --- .env.example | 1 + CHANGELOG.md | 1 + docker-compose.yml | 26 +++++++++++++++++++------- src/opt/scmi/environment.sh | 1 - 4 files changed, 21 insertions(+), 8 deletions(-) diff --git a/.env.example b/.env.example index 032014a..8aa5ac9 100644 --- a/.env.example +++ b/.env.example @@ -1,3 +1,4 @@ +SYSTEM_TIMEZONE=UTC VARNISH_MAX_THREADS=1000 VARNISH_MIN_THREADS=50 VARNISH_OPTIONS= diff --git a/CHANGELOG.md b/CHANGELOG.md index a8d5dbb..973e045 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ Summary of release changes. - Updates supervisord configuration to send error log output to stderr. - Updates varnishd supervisord configuration file/priority to `80-varnishd-wrapper.conf`/`80`. - Updates varnishncsa supervisord configuration file/priority to `50-varnishncsa-wrapper.conf`/`50`. +- Updates docker-compose example with redis session store replacing memcached for the apache-php service. - Fixes docker host connection status check in Makefile. - Fixes error when restarting/reloading varnishd. - Adds `inspect`, `reload` and `top` Makefile targets. diff --git a/docker-compose.yml b/docker-compose.yml index 7b9f374..a99cd16 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -35,6 +35,7 @@ services: - "apache-php" environment: ENABLE_VARNISHNCSA_WRAPPER: "true" + SYSTEM_TIMEZONE: "${SYSTEM_TIMEZONE}" VARNISH_MAX_THREADS: "${VARNISH_MAX_THREADS}" VARNISH_MIN_THREADS: "${VARNISH_MIN_THREADS}" VARNISH_OPTIONS: "${VARNISH_OPTIONS}" @@ -67,7 +68,7 @@ services: nproc: 65535 apache-php: depends_on: - - "memcached" + - "redis" environment: APACHE_CUSTOM_LOG_LOCATION: "/dev/null" APACHE_ERROR_LOG_LOCATION: "/dev/stderr" @@ -76,8 +77,10 @@ services: APACHE_MPM: "event" APACHE_SERVER_ALIAS: "app.local" APACHE_SERVER_NAME: "www.app.local" - PHP_OPTIONS_SESSION_SAVE_HANDLER: "memcached" - PHP_OPTIONS_SESSION_SAVE_PATH: "memcached:11211" + PHP_OPTIONS_DATE_TIMEZONE: "${SYSTEM_TIMEZONE}" + PHP_OPTIONS_SESSION_SAVE_HANDLER: "redis" + PHP_OPTIONS_SESSION_SAVE_PATH: "redis:6379" + SYSTEM_TIMEZONE: "${SYSTEM_TIMEZONE}" image: "jdeathe/centos-ssh-apache-php:3.3.2" networks: tier2: @@ -88,15 +91,24 @@ services: net.core.somaxconn: "1024" net.ipv4.ip_local_port_range: "1024 65535" net.ipv4.route.flush: "1" - memcached: + redis: environment: - MEMCACHED_CACHESIZE: "32" - MEMCACHED_MAXCONN: "1024" - image: "jdeathe/centos-ssh-memcached:2.3.0" + REDIS_MAXMEMORY: "32mb" + REDIS_TCP_BACKLOG: "1024" + SYSTEM_TIMEZONE: "${SYSTEM_TIMEZONE}" + image: "jdeathe/centos-ssh-redis:3.1.0" networks: - "tier2" + ports: + - "6379:6379" restart: "always" sysctls: net.core.somaxconn: "1024" net.ipv4.ip_local_port_range: "1024 65535" net.ipv4.route.flush: "1" + ulimits: + memlock: 82000 + nofile: + soft: 524288 + hard: 1048576 + nproc: 65535 diff --git a/src/opt/scmi/environment.sh b/src/opt/scmi/environment.sh index 352b9fb..a92c41f 100644 --- a/src/opt/scmi/environment.sh +++ b/src/opt/scmi/environment.sh @@ -28,7 +28,6 @@ ULIMIT_MEMLOCK="${ULIMIT_MEMLOCK:-82000}" ULIMIT_NOFILE="${ULIMIT_NOFILE:-131072}" ULIMIT_NPROC="${ULIMIT_NPROC:-9223372036854775807}" - # ------------------------------------------------------------------------------ # Application container configuration # ------------------------------------------------------------------------------ From 058388315f45713406737f29650fd3d6868c36c5 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 18:59:20 +0100 Subject: [PATCH 04/26] #189: Fix missing argument to printf error message. --- src/usr/sbin/varnishd-wrapper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/usr/sbin/varnishd-wrapper b/src/usr/sbin/varnishd-wrapper index 9ce8eda..c848211 100755 --- a/src/usr/sbin/varnishd-wrapper +++ b/src/usr/sbin/varnishd-wrapper @@ -353,7 +353,7 @@ function __set_varnish_vcl_conf () if [[ ! ${value} =~ ${pattern_plain_text} ]] then >&2 printf -- \ - 'ERROR: %s invalid VCL\n' + 'ERROR: %s invalid VCL\n' \ "${0##*/}" exit 1 fi From 5e565fc4548182391b16fc3b9b57891d3805fbae Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 19:02:21 +0100 Subject: [PATCH 05/26] #189: Fix timeout variable name in varnishncsa-wrapper. --- src/usr/sbin/varnishncsa-wrapper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/usr/sbin/varnishncsa-wrapper b/src/usr/sbin/varnishncsa-wrapper index a1fdc76..a3b52ea 100755 --- a/src/usr/sbin/varnishncsa-wrapper +++ b/src/usr/sbin/varnishncsa-wrapper @@ -129,7 +129,7 @@ function main () do if ! inotifywait -qq \ -e "create" \ - -t "${bootstrap_timeout}" \ + -t "${prerequisite_timeout}" \ "${prerequisite_state_file%/*}" then break From 71646efa5fcb3b5d216d29ef5d054956af3c280a Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 19:30:13 +0100 Subject: [PATCH 06/26] #189: Updates wrapper scripts timer function to use UTC timestamps. --- src/usr/sbin/varnishd-wrapper | 4 ++-- src/usr/sbin/varnishncsa-wrapper | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/usr/sbin/varnishd-wrapper b/src/usr/sbin/varnishd-wrapper index c848211..b55d91f 100755 --- a/src/usr/sbin/varnishd-wrapper +++ b/src/usr/sbin/varnishd-wrapper @@ -78,7 +78,7 @@ function __get_proxy () function __get_timer_total () { local -r timer_end="$( - date +%s.%N + date -u +%s.%N )" local -r timer_start="${1}" @@ -397,7 +397,7 @@ function main () local -r niceness="10" local -r state_file="/var/lib/misc/varnishd-wrapper" local -r timer_start="$( - date +%s.%N + date -u +%s.%N )" local options diff --git a/src/usr/sbin/varnishncsa-wrapper b/src/usr/sbin/varnishncsa-wrapper index a3b52ea..25dc801 100755 --- a/src/usr/sbin/varnishncsa-wrapper +++ b/src/usr/sbin/varnishncsa-wrapper @@ -54,7 +54,7 @@ function __get_proxy () function __get_timer_total () { local -r timer_end="$( - date +%s.%N + date -u +%s.%N )" local -r timer_start="${1}" @@ -106,7 +106,7 @@ function main () local -r prerequisite_timeout="4" local -r state_file="/var/lib/misc/varnish/varnishncsa-wrapper" local -r timer_start="$( - date +%s.%N + date -u +%s.%N )" local options From b18b7e87ac9bcc54d7c2934539d9d258a78fdc8a Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 19:30:58 +0100 Subject: [PATCH 07/26] #189: Updates wrapper scripts timer function to use UTC timestamps. --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 973e045..f64c9b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ Summary of release changes. - Updates varnishd supervisord configuration file/priority to `80-varnishd-wrapper.conf`/`80`. - Updates varnishncsa supervisord configuration file/priority to `50-varnishncsa-wrapper.conf`/`50`. - Updates docker-compose example with redis session store replacing memcached for the apache-php service. +- Updates wrapper scripts timer to use UTC date timestamps. - Fixes docker host connection status check in Makefile. - Fixes error when restarting/reloading varnishd. - Adds `inspect`, `reload` and `top` Makefile targets. From 48defb37cc64a1dd5fa9f4f76f3f2c9bc996ed63 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 19:32:18 +0100 Subject: [PATCH 08/26] #189: Fixes info message in varnishncsa-wrapper with verbose mode. --- src/usr/sbin/varnishncsa-wrapper | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/src/usr/sbin/varnishncsa-wrapper b/src/usr/sbin/varnishncsa-wrapper index 25dc801..7fe1d66 100755 --- a/src/usr/sbin/varnishncsa-wrapper +++ b/src/usr/sbin/varnishncsa-wrapper @@ -116,7 +116,18 @@ function main () local varnish_varnishncsa_options local verbose="false" - if [[ ${verbose} == true ]] + while [[ "${#}" -gt 0 ]] + do + case "${1}" in + -v|--verbose) + verbose="true" + shift 1 + ;; + esac + done + + if [[ ${verbose} == true ]] \ + && [[ ! -f ${prerequisite_state_file} ]] then printf -- \ 'INFO: %s waiting on %s\n' \ @@ -146,16 +157,6 @@ function main () exit 1 fi - while [[ "${#}" -gt 0 ]] - do - case "${1}" in - -v|--verbose) - verbose="true" - shift 1 - ;; - esac - done - if [[ -e ${lock_file} ]] then >&2 printf -- \ From c9bcfbc79262666f79b295fad099c01227f6d14f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 20:43:26 +0100 Subject: [PATCH 09/26] #189: Adds handling of SYSTEM_TIMEZONE in run templates. --- default.mk | 1 + environment.mk | 1 + src/etc/systemd/system/centos-ssh-varnish@.service | 6 ++++-- src/opt/scmi/default.sh | 1 + src/opt/scmi/environment.sh | 1 + src/opt/scmi/service-unit.sh | 1 + 6 files changed, 9 insertions(+), 2 deletions(-) diff --git a/default.mk b/default.mk index 870fced..c2df3b1 100644 --- a/default.mk +++ b/default.mk @@ -84,6 +84,7 @@ define DOCKER_CONTAINER_PARAMETERS --ulimit "nproc=$(ULIMIT_NPROC)" \ --env "ENABLE_VARNISHD_WRAPPER=$(ENABLE_VARNISHD_WRAPPER)" \ --env "ENABLE_VARNISHNCSA_WRAPPER=$(ENABLE_VARNISHNCSA_WRAPPER)" \ +--env "SYSTEM_TIMEZONE=$(SYSTEM_TIMEZONE)" \ --env "VARNISH_MAX_THREADS=$(VARNISH_MAX_THREADS)" \ --env "VARNISH_MIN_THREADS=$(VARNISH_MIN_THREADS)" \ --env "VARNISH_OPTIONS=$(VARNISH_OPTIONS)" \ diff --git a/environment.mk b/environment.mk index ac7b35f..150bf92 100644 --- a/environment.mk +++ b/environment.mk @@ -32,6 +32,7 @@ ULIMIT_NPROC ?= 9223372036854775807 # ------------------------------------------------------------------------------ ENABLE_VARNISHD_WRAPPER ?= true ENABLE_VARNISHNCSA_WRAPPER ?= false +SYSTEM_TIMEZONE ?= UTC VARNISH_MAX_THREADS ?= 1000 VARNISH_MIN_THREADS ?= 50 VARNISH_OPTIONS ?= diff --git a/src/etc/systemd/system/centos-ssh-varnish@.service b/src/etc/systemd/system/centos-ssh-varnish@.service index 9917daf..1556631 100644 --- a/src/etc/systemd/system/centos-ssh-varnish@.service +++ b/src/etc/systemd/system/centos-ssh-varnish@.service @@ -57,14 +57,15 @@ Environment="DOCKER_IMAGE_TAG={{RELEASE_VERSION}}" Environment="DOCKER_PORT_MAP_TCP_80=8000" Environment="DOCKER_PORT_MAP_TCP_8443=8500" Environment="DOCKER_USER=jdeathe" +Environment="ENABLE_VARNISHD_WRAPPER=true" +Environment="ENABLE_VARNISHNCSA_WRAPPER=false" Environment="SYSCTL_NET_CORE_SOMAXCONN=1024" Environment="SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE=1024 65535" Environment="SYSCTL_NET_IPV4_ROUTE_FLUSH=1" +Environment="SYSTEM_TIMEZONE=UTC" Environment="ULIMIT_MEMLOCK=82000" Environment="ULIMIT_NOFILE=131072" Environment="ULIMIT_NPROC=9223372036854775807" -Environment="ENABLE_VARNISHD_WRAPPER=true" -Environment="ENABLE_VARNISHNCSA_WRAPPER=false" Environment="VARNISH_MAX_THREADS=1000" Environment="VARNISH_MIN_THREADS=50" Environment="VARNISH_OPTIONS=" @@ -139,6 +140,7 @@ ExecStart=/bin/bash -c \ --ulimit \"nproc=${ULIMIT_NPROC}\" \ --env \"ENABLE_VARNISHD_WRAPPER=${ENABLE_VARNISHD_WRAPPER}\" \ --env \"ENABLE_VARNISHNCSA_WRAPPER=${ENABLE_VARNISHNCSA_WRAPPER}\" \ + --env \"SYSTEM_TIMEZONE=${SYSTEM_TIMEZONE}\" \ --env \"VARNISH_MAX_THREADS=${VARNISH_MAX_THREADS}\" \ --env \"VARNISH_MIN_THREADS=${VARNISH_MIN_THREADS}\" \ --env \"VARNISH_OPTIONS=${VARNISH_OPTIONS}\" \ diff --git a/src/opt/scmi/default.sh b/src/opt/scmi/default.sh index f65cd11..9856a1a 100644 --- a/src/opt/scmi/default.sh +++ b/src/opt/scmi/default.sh @@ -97,6 +97,7 @@ DOCKER_CONTAINER_PARAMETERS="--tty \ --ulimit \"nproc=${ULIMIT_NPROC}\" \ --env \"ENABLE_VARNISHD_WRAPPER=${ENABLE_VARNISHD_WRAPPER}\" \ --env \"ENABLE_VARNISHNCSA_WRAPPER=${ENABLE_VARNISHNCSA_WRAPPER}\" \ +--env \"SYSTEM_TIMEZONE=${SYSTEM_TIMEZONE}\" \ --env \"VARNISH_MAX_THREADS=${VARNISH_MAX_THREADS}\" \ --env \"VARNISH_MIN_THREADS=${VARNISH_MIN_THREADS}\" \ --env \"VARNISH_OPTIONS=${VARNISH_OPTIONS}\" \ diff --git a/src/opt/scmi/environment.sh b/src/opt/scmi/environment.sh index a92c41f..517f07a 100644 --- a/src/opt/scmi/environment.sh +++ b/src/opt/scmi/environment.sh @@ -33,6 +33,7 @@ ULIMIT_NPROC="${ULIMIT_NPROC:-9223372036854775807}" # ------------------------------------------------------------------------------ ENABLE_VARNISHD_WRAPPER="${ENABLE_VARNISHD_WRAPPER:-true}" ENABLE_VARNISHNCSA_WRAPPER="${ENABLE_VARNISHNCSA_WRAPPER:-false}" +SYSTEM_TIMEZONE="${SYSTEM_TIMEZONE:-UTC}" VARNISH_MAX_THREADS="${VARNISH_MAX_THREADS:-1000}" VARNISH_MIN_THREADS="${VARNISH_MIN_THREADS:-50}" VARNISH_OPTIONS="" diff --git a/src/opt/scmi/service-unit.sh b/src/opt/scmi/service-unit.sh index eb818ee..86549ab 100644 --- a/src/opt/scmi/service-unit.sh +++ b/src/opt/scmi/service-unit.sh @@ -12,6 +12,7 @@ readonly SERVICE_UNIT_ENVIRONMENT_KEYS=" SYSCTL_NET_CORE_SOMAXCONN SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE SYSCTL_NET_IPV4_ROUTE_FLUSH + SYSTEM_TIMEZONE ULIMIT_MEMLOCK ULIMIT_NOFILE ULIMIT_NPROC From 33352a20eb4d4a42ab8e3e2ff8729c3ae83110fc Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 10 Aug 2019 20:57:01 +0100 Subject: [PATCH 10/26] #189: Reduce duplication in wrapper scripts and add function for lock deletion. --- src/usr/sbin/varnishd-wrapper | 23 +++++++++++++---------- src/usr/sbin/varnishncsa-wrapper | 25 ++++++++++++++----------- 2 files changed, 27 insertions(+), 21 deletions(-) diff --git a/src/usr/sbin/varnishd-wrapper b/src/usr/sbin/varnishd-wrapper index b55d91f..95318a4 100755 --- a/src/usr/sbin/varnishd-wrapper +++ b/src/usr/sbin/varnishd-wrapper @@ -4,10 +4,7 @@ set -e function __cleanup () { - if [[ -e ${lock_file} ]] - then - rm -f "${lock_file}" - fi + __delete_lock } function __create_lock () @@ -26,6 +23,14 @@ function __create_state () fi } +function __delete_lock () +{ + if [[ -f ${lock_file} ]] + then + rm -f "${lock_file}" + fi +} + function __get_options () { local -r max_threads="${5:-"$( @@ -434,6 +439,10 @@ function main () INT TERM EXIT __create_lock + proxy="$( + __get_proxy + )" + if [[ ${verbose} == true ]] \ && [[ ! -f ${state_file} ]] then @@ -474,9 +483,6 @@ function main () "${varnish_thread_timeout}" \ "${varnish_options}" )" - proxy="$( - __get_proxy - )" timer_total="$( __get_timer_total \ @@ -504,9 +510,6 @@ function main () options="$( __get_options )" - proxy="$( - __get_proxy - )" fi if [[ ${verbose} == true ]] diff --git a/src/usr/sbin/varnishncsa-wrapper b/src/usr/sbin/varnishncsa-wrapper index 7fe1d66..4912855 100755 --- a/src/usr/sbin/varnishncsa-wrapper +++ b/src/usr/sbin/varnishncsa-wrapper @@ -4,10 +4,7 @@ set -e function __cleanup () { - if [[ -e ${lock_file} ]] - then - rm -f "${lock_file}" - fi + __delete_lock } function __create_lock () @@ -26,6 +23,14 @@ function __create_state () fi } +function __delete_lock () +{ + if [[ -f ${lock_file} ]] + then + rm -f "${lock_file}" + fi +} + function __get_options () { local -r format="${1:-"$( @@ -157,7 +162,7 @@ function main () exit 1 fi - if [[ -e ${lock_file} ]] + if [[ -f ${lock_file} ]] then >&2 printf -- \ 'ERROR: %s lock detected - aborting\n' \ @@ -169,6 +174,10 @@ function main () INT TERM EXIT __create_lock + proxy="$( + __get_proxy + )" + if [[ ${verbose} == true ]] \ && [[ ! -e ${state_file} ]] then @@ -184,9 +193,6 @@ function main () "${varnish_varnishncsa_format}" \ "${varnish_varnishncsa_options}" )" - proxy="$( - __get_proxy - )" timer_total="$( __get_timer_total \ @@ -209,9 +215,6 @@ function main () options="$( __get_options )" - proxy="$( - __get_proxy - )" fi __create_state From 78e53dc069cf1dc3e31de7ee6938bbc34c7e8af1 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 11 Aug 2019 08:02:24 +0100 Subject: [PATCH 11/26] #189: Change title case for consistency in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4b6b465..6189c1a 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ $ docker stop varnish.1 && \ jdeathe/centos-ssh-varnish:2.3.0 ``` -#### Environment Variables +#### Environment variables There are several environmental variables defined at runtime which allows the operator to customise the running container. This may become necessary under special circumstances and the following show those that are most likely to be considered for review, the rest should be left unaltered and for clarification refer to the [varnishd documentation](https://www.varnish-cache.org/docs/6.0/index.html). From 3e60b76f72a9b4d91b79444f47056c30ac76f03f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 11 Aug 2019 20:04:28 +0100 Subject: [PATCH 12/26] #193: Removes Apache related info from README. --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 6189c1a..ab4d153 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,6 @@ ## Overview -Apache PHP web server, loading only a minimal set of Apache modules by default. - This build uses the base image [jdeathe/centos-ssh](https://github.com/jdeathe/centos-ssh) so inherits it's features but with `sshd` disabled by default. [Supervisor](http://supervisord.org/) is used to start the varnishd (and optionally the varnishncsa) daemon when a docker container based on this image is run. ### Image variants From 6d9d3721b367ffcea7c8994124d20ea30bf2e2d6 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 12 Aug 2019 22:38:13 +0100 Subject: [PATCH 13/26] #187: Adds URIs for handling status monitoring requests. --- CHANGELOG.md | 1 + src/etc/varnish/docker-default.vcl | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f64c9b3..5cb5767 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ Summary of release changes. - Adds `SYSTEM_TIMEZONE` handling to Makefile, scmi, systemd unit and docker-compose templates. - Adds system time zone validation to healthcheck. - Adds lock/state file to wrapper scripts. +- Adds VCL to handle `/status` and `/varnish-status` for monitoring the backend and varnish respectively. - Removes `VARNISH_AUTOSTART_VARNISHD_WRAPPER`, replaced with `ENABLE_VARNISHD_WRAPPER`. - Removes `VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER`, replaced with `ENABLE_VARNISHNCSA_WRAPPER`. - Removes support for long image tags (i.e. centos-7-2.x.x). diff --git a/src/etc/varnish/docker-default.vcl b/src/etc/varnish/docker-default.vcl index b01dde8..ce03861 100644 --- a/src/etc/varnish/docker-default.vcl +++ b/src/etc/varnish/docker-default.vcl @@ -79,6 +79,18 @@ sub vcl_recv { return (synth(403)); } + if (req.url ~ "(?i)^/status(\?.*)?$") { + if (!std.healthy(req.backend_hint)) { + return (synth(503, "Service Unavailable")); + } else { + return (synth(200, "OK")); + } + } + + if (req.url ~ "(?i)^/varnish-status(\?.*)?$") { + return (synth(200, "OK")); + } + if (std.healthy(req.backend_hint)) { # Cap grace period for healthy backends set req.grace = 15s; @@ -124,7 +136,8 @@ sub vcl_synth { # Respond with simple text error for static assets. set resp.body = resp.status + " " + resp.reason; set resp.http.Content-Type = "text/plain; charset=utf-8"; - } else if (req.url ~ "(?i)^/status\.php(\?.*)?$") { + } else if (req.url ~ "(?i)^/status\.php(\?.*)?$" || + req.url ~ "(?i)^/(?:varnish-status|status)(\?.*)?$") { # Respond with simple text error for status uri. set resp.body = resp.reason; set resp.http.Cache-Control = "no-store"; @@ -201,7 +214,8 @@ sub vcl_backend_error { # Respond with simple text error for static assets. set beresp.body = beresp.status + " " + beresp.reason; set beresp.http.Content-Type = "text/plain; charset=utf-8"; - } else if (bereq.url ~ "(?i)^/status\.php(\?.*)?$") { + } else if (bereq.url ~ "(?i)^/status\.php(\?.*)?$" || + bereq.url ~ "(?i)^/(?:varnish-status|status)(\?.*)?$") { # Respond with simple text error for status uri. set beresp.body = beresp.reason; set beresp.http.Cache-Control = "no-store"; From 829b83eaf6237ed16d6966cb2943fc9bb6cc811d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 13 Aug 2019 08:40:34 +0100 Subject: [PATCH 14/26] #187: Combines regex rules into one for status/monitoring endpoints. --- src/etc/varnish/docker-default.vcl | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/src/etc/varnish/docker-default.vcl b/src/etc/varnish/docker-default.vcl index ce03861..a3439de 100644 --- a/src/etc/varnish/docker-default.vcl +++ b/src/etc/varnish/docker-default.vcl @@ -79,15 +79,11 @@ sub vcl_recv { return (synth(403)); } - if (req.url ~ "(?i)^/status(\?.*)?$") { - if (!std.healthy(req.backend_hint)) { - return (synth(503, "Service Unavailable")); - } else { - return (synth(200, "OK")); - } - } - - if (req.url ~ "(?i)^/varnish-status(\?.*)?$") { + # Handle monitoring status endpoints /status and /varnish-status + if (req.url ~ "(?i)^/status(\?.*)?$" && + !std.healthy(req.backend_hint)) { + return (synth(503, "Service Unavailable")); + } else if (req.url ~ "(?i)^/(varnish-)?status(\?.*)?$") { return (synth(200, "OK")); } @@ -136,8 +132,7 @@ sub vcl_synth { # Respond with simple text error for static assets. set resp.body = resp.status + " " + resp.reason; set resp.http.Content-Type = "text/plain; charset=utf-8"; - } else if (req.url ~ "(?i)^/status\.php(\?.*)?$" || - req.url ~ "(?i)^/(?:varnish-status|status)(\?.*)?$") { + } else if (req.url ~ "(?i)^/(varnish-)?status(\.php)?(\?.*)?$") { # Respond with simple text error for status uri. set resp.body = resp.reason; set resp.http.Cache-Control = "no-store"; @@ -214,8 +209,7 @@ sub vcl_backend_error { # Respond with simple text error for static assets. set beresp.body = beresp.status + " " + beresp.reason; set beresp.http.Content-Type = "text/plain; charset=utf-8"; - } else if (bereq.url ~ "(?i)^/status\.php(\?.*)?$" || - bereq.url ~ "(?i)^/(?:varnish-status|status)(\?.*)?$") { + } else if (bereq.url ~ "(?i)^/(varnish-)?status(\.php)?(\?.*)?$") { # Respond with simple text error for status uri. set beresp.body = beresp.reason; set beresp.http.Cache-Control = "no-store"; From 7abf9ba1a71f1dcf261b31484187dcf713a3df9a Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 13 Aug 2019 10:30:19 +0100 Subject: [PATCH 15/26] #187: Adds increased startsecs for varnishncsa to allow it to fail on varnishd errors. --- src/etc/supervisord.d/50-varnishncsa-wrapper.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/etc/supervisord.d/50-varnishncsa-wrapper.conf b/src/etc/supervisord.d/50-varnishncsa-wrapper.conf index b89eb68..734af56 100644 --- a/src/etc/supervisord.d/50-varnishncsa-wrapper.conf +++ b/src/etc/supervisord.d/50-varnishncsa-wrapper.conf @@ -4,7 +4,7 @@ autostart = %(ENV_ENABLE_VARNISHNCSA_WRAPPER)s command = /usr/sbin/varnishncsa-wrapper --verbose priority = 50 startretries = 0 -startsecs = 1 +startsecs = 4 stderr_logfile = /dev/stderr stderr_logfile_maxbytes = 0 stdout_logfile = /dev/stdout From e73314ce76ec27875df0f472d3b175447269968d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 15 Aug 2019 09:23:25 +0100 Subject: [PATCH 16/26] #197: Updates backend tag version in test cases. --- test/shpec/operation_shpec.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index f6ae07b..3072dde 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -88,7 +88,7 @@ function __setup () local -r backend_alias="httpd_1" local -r backend_name="apache-php.1" local -r backend_network="bridge_t1" - local -r backend_release="3.1.1" + local -r backend_release="3.3.2" # Create the bridge network if [[ -z $(docker network ls -q -f name="${backend_network}") ]]; then From c21cb9b17e949b99c0f656df4ff257cedd953099 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 15 Aug 2019 09:24:12 +0100 Subject: [PATCH 17/26] #197: Updates docker logs usage in test cases to exclude stderr output. --- test/shpec/operation_shpec.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index 3072dde..9181bd4 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -925,6 +925,7 @@ function test_custom_configuration () docker logs \ --tail 3 \ varnish.1 \ + 2> /dev/null \ | grep -qE \ "^.+ .+ .+ \[.+\] \"GET (http:\/\/${backend_hostname})?/ HTTP/1\.1\" 200 .+ \".+\" \".*\"\$" \ &> /dev/null @@ -985,6 +986,7 @@ function test_custom_configuration () docker logs \ --tail 3 \ varnish.1 \ + 2> /dev/null \ | grep -qE \ "^.+ .+ .+ \[.+\] \"GET (http:\/\/${backend_hostname})?/ HTTP/1\.1\" 200 .+ \".+\" \".*\" (hit|miss)+\$" \ &> /dev/null From 367f43c34a948e78bd96a8a9db52ee78a13d7d4c Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 15 Aug 2019 09:36:32 +0100 Subject: [PATCH 18/26] #197: Updates custom varnish VCL file in tests with default VCL changes. --- test/fixture/varnish/etc/varnish/docker-default.vcl | 13 +++++++++++-- test/shpec/operation_shpec.sh | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/test/fixture/varnish/etc/varnish/docker-default.vcl b/test/fixture/varnish/etc/varnish/docker-default.vcl index 2bd26bf..b56491a 100644 --- a/test/fixture/varnish/etc/varnish/docker-default.vcl +++ b/test/fixture/varnish/etc/varnish/docker-default.vcl @@ -72,12 +72,21 @@ sub vcl_recv { std.port(local.ip) == 80) { # Port 80 set req.http.X-Forwarded-Port = "80"; + set req.http.X-Forwarded-Proto = "http"; set req.backend_hint = director_http.backend(); } else { # Reject unexpected ports return (synth(403)); } + # Handle monitoring status endpoints /status and /varnish-status + if (req.url ~ "(?i)^/status(\?.*)?$" && + !std.healthy(req.backend_hint)) { + return (synth(503, "Service Unavailable")); + } else if (req.url ~ "(?i)^/(varnish-)?status(\?.*)?$") { + return (synth(200, "OK")); + } + if (std.healthy(req.backend_hint)) { # Cap grace period for healthy backends set req.grace = 15s; @@ -127,7 +136,7 @@ sub vcl_synth { # Respond with simple text error for static assets. set resp.body = resp.status + " " + resp.reason; set resp.http.Content-Type = "text/plain; charset=utf-8"; - } else if (req.url ~ "(?i)^/status\.php(\?.*)?$") { + } else if (req.url ~ "(?i)^/(varnish-)?status(\.php)?(\?.*)?$") { # Respond with simple text error for status uri. set resp.body = resp.reason; set resp.http.Cache-Control = "no-store"; @@ -204,7 +213,7 @@ sub vcl_backend_error { # Respond with simple text error for static assets. set beresp.body = beresp.status + " " + beresp.reason; set beresp.http.Content-Type = "text/plain; charset=utf-8"; - } else if (bereq.url ~ "(?i)^/status\.php(\?.*)?$") { + } else if (bereq.url ~ "(?i)^/(varnish-)?status(\.php)?(\?.*)?$") { # Respond with simple text error for status uri. set beresp.body = beresp.reason; set beresp.http.Cache-Control = "no-store"; diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index 9181bd4..6e4ee0d 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -673,7 +673,7 @@ function test_custom_configuration () --env "VARNISH_THREAD_TIMEOUT=300" \ --env "VARNISH_STORAGE=malloc,256M" \ --env "VARNISH_TTL=600" \ - --env "VARNISH_VCL_CONF=dmNsIDQuMDsKCmltcG9ydCBkaXJlY3RvcnM7CmltcG9ydCBzdGQ7CgojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEhlYWx0aGNoZWNrIHByb2JlIChiYXNpYykKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KcHJvYmUgaGVhbHRoY2hlY2sgewoJLmludGVydmFsID0gNXM7CgkudGltZW91dCA9IDJzOwoJLndpbmRvdyA9IDU7CgkudGhyZXNob2xkID0gMzsKCS5pbml0aWFsID0gMjsKCS5leHBlY3RlZF9yZXNwb25zZSA9IDIwMDsKCS5yZXF1ZXN0ID0KCQkiR0VUIC8gSFRUUC8xLjEiCgkJIkhvc3Q6IGxvY2FsaG9zdC5sb2NhbGRvbWFpbiIKCQkiQ29ubmVjdGlvbjogY2xvc2UiCgkJIlVzZXItQWdlbnQ6IFZhcm5pc2giCgkJIkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZSI7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2VuZHMKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KYmFja2VuZCBodHRwXzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4MCI7CgkuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsKCS5wcm9iZSA9IGhlYWx0aGNoZWNrOwp9CgpiYWNrZW5kIHByb3h5XzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4NDQzIjsKCS5maXJzdF9ieXRlX3RpbWVvdXQgPSAzMDBzOwoJLnByb2JlID0gaGVhbHRoY2hlY2s7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgRGlyZWN0b3JzCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfaW5pdCB7CgluZXcgZGlyZWN0b3JfaHR0cCA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfaHR0cC5hZGRfYmFja2VuZChodHRwXzEpOwoKCW5ldyBkaXJlY3Rvcl9wcm94eSA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfcHJveHkuYWRkX2JhY2tlbmQocHJveHlfMSk7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQ2xpZW50IHNpZGUKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIHZjbF9yZWN2IHsKCWlmIChyZXEuaHR0cC5Db29raWUgIT0gIiIpIHsKCQlzZXQgcmVxLmh0dHAuWC1Db29raWUgPSByZXEuaHR0cC5Db29raWU7Cgl9Cgl1bnNldCByZXEuaHR0cC5Db29raWU7Cgl1bnNldCByZXEuaHR0cC5Gb3J3YXJkZWQ7Cgl1bnNldCByZXEuaHR0cC5Qcm94eTsKCXVuc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVBvcnQ7Cgl1bnNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qcm90bzsKCglpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4NDQzIHx8CgkJc3RkLnBvcnQobG9jYWwuaXApID09IDg0NDMpIHsKCQkjIFBvcnQgODQ0MwoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjQ0MyI7CgkJc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVByb3RvID0gImh0dHBzIjsKCQlzZXQgcmVxLmJhY2tlbmRfaGludCA9IGRpcmVjdG9yX3Byb3h5LmJhY2tlbmQoKTsKCX0gZWxzZSBpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4MCB8fAoJCXN0ZC5wb3J0KGxvY2FsLmlwKSA9PSA4MCkgewoJCSMgUG9ydCA4MAoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjgwIjsKCQlzZXQgcmVxLmJhY2tlbmRfaGludCA9IGRpcmVjdG9yX2h0dHAuYmFja2VuZCgpOwoJfSBlbHNlIHsKCQkjIFJlamVjdCB1bmV4cGVjdGVkIHBvcnRzCgkJcmV0dXJuIChzeW50aCg0MDMpKTsKCX0KCglpZiAoc3RkLmhlYWx0aHkocmVxLmJhY2tlbmRfaGludCkpIHsKCQkjIENhcCBncmFjZSBwZXJpb2QgZm9yIGhlYWx0aHkgYmFja2VuZHMKCQlzZXQgcmVxLmdyYWNlID0gMTVzOwoJfQp9CgpzdWIgdmNsX2hhc2ggewoJaGFzaF9kYXRhKHJlcS51cmwpOwoKCWlmIChyZXEuaHR0cC5Ib3N0KSB7CgkJaGFzaF9kYXRhKHJlcS5odHRwLkhvc3QpOwoJfSBlbHNlIHsKCQloYXNoX2RhdGEoc2VydmVyLmlwKTsKCX0KCglpZiAocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pIHsKCQloYXNoX2RhdGEocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pOwoJfQoKCWlmIChyZXEuaHR0cC5YLUNvb2tpZSkgewoJCXNldCByZXEuaHR0cC5Db29raWUgPSByZXEuaHR0cC5YLUNvb2tpZTsKCX0KCXVuc2V0IHJlcS5odHRwLlgtQ29va2llOwoKCXJldHVybiAobG9va3VwKTsKfQoKc3ViIHZjbF9oaXQgewoJcmV0dXJuIChkZWxpdmVyKTsKfQoKc3ViIHZjbF9kZWxpdmVyIHsKCXVuc2V0IHJlc3AuaHR0cC5WaWE7CgoJaWYgKHJlc3Auc3RhdHVzID49IDQwMCkgewoJCXJldHVybiAoc3ludGgocmVzcC5zdGF0dXMpKTsKCX0KfQoKc3ViIHZjbF9zeW50aCB7CglzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiOwoJc2V0IHJlc3AuaHR0cC5SZXRyeS1BZnRlciA9ICI1IjsKCXNldCByZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IHJlc3AuaHR0cC5YLVhTUy1Qcm90ZWN0aW9uID0gIjE7IG1vZGU9YmxvY2siOwoKCWlmIChyZXEudXJsIH4gIig/aSlcLihjc3N8ZW90fGdpZnxpY298anBlP2d8anN8cG5nfHN2Z3x0dGZ8dHh0fHdvZmYyPykoXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdGljIGFzc2V0cy4KCQlzZXQgcmVzcC5ib2R5ID0gcmVzcC5zdGF0dXMgKyAiICIgKyByZXNwLnJlYXNvbjsKCQlzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAocmVxLnVybCB+ICIoP2kpXi9zdGF0dXNcLnBocChcPy4qKT8kIikgewoJCSMgUmVzcG9uZCB3aXRoIHNpbXBsZSB0ZXh0IGVycm9yIGZvciBzdGF0dXMgdXJpLgoJCXNldCByZXNwLmJvZHkgPSByZXNwLnJlYXNvbjsKCQlzZXQgcmVzcC5odHRwLkNhY2hlLUNvbnRyb2wgPSAibm8tc3RvcmUiOwoJCXNldCByZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvcGxhaW47IGNoYXJzZXQ9dXRmLTgiOwoJfSBlbHNlIGlmIChyZXNwLnN0YXR1cyA8IDUwMCkgewoJCXNldCByZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIHJlc3AucmVhc29uICsgeyI8L3RpdGxlPgoJCTxzdHlsZT4KCQkJYm9keXtjb2xvcjojNjY2O2JhY2tncm91bmQtY29sb3I6I2YxZjFmMTtmb250LWZhbWlseTpzYW5zLXNlcmlmO21hcmdpbjoxMiU7bWF4LXdpZHRoOjUwJTt9CgkJCWgxLGgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjRyZW07Zm9udC13ZWlnaHQ6NDAwO3RleHQtdHJhbnNmb3JtOnVwcGVyY2FzZTt9CgkJCWgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjJyZW07fQoJCQlwe2ZvbnQtc2l6ZToxLjVyZW07fQoJCTwvc3R5bGU+Cgk8L2hlYWQ+Cgk8Ym9keT4KCQk8aDE+In0gKyByZXNwLnN0YXR1cyArIHsiPC9oMT4KCQk8aDI+In0gKyByZXNwLnJlYXNvbiArIHsiPC9oMj4KCTwvYm9keT4KPC9odG1sPiJ9OwoJfSBlbHNlIHsKCQlzZXQgcmVzcC5ib2R5ID0geyI8IURPQ1RZUEUgaHRtbD4KPGh0bWw+Cgk8aGVhZD4KCQk8dGl0bGU+In0gKyByZXNwLnJlYXNvbiArIHsiPC90aXRsZT4KCQk8c3R5bGU+CgkJCWJvZHl7Y29sb3I6IzY2NjtiYWNrZ3JvdW5kLWNvbG9yOiNmMWYxZjE7Zm9udC1mYW1pbHk6c2Fucy1zZXJpZjttYXJnaW46MTIlO21heC13aWR0aDo1MCU7fQoJCQloMSxoMntjb2xvcjojMzMzO2ZvbnQtc2l6ZTo0cmVtO2ZvbnQtd2VpZ2h0OjQwMDt0ZXh0LXRyYW5zZm9ybTp1cHBlcmNhc2U7fQoJCQloMntjb2xvcjojMzMzO2ZvbnQtc2l6ZToycmVtO30KCQkJcHtmb250LXNpemU6MS41cmVtO30KCQk8L3N0eWxlPgoJPC9oZWFkPgoJPGJvZHk+CgkJPGgxPiJ9ICsgcmVzcC5zdGF0dXMgKyB7IjwvaDE+CgkJPGgyPiJ9ICsgcmVzcC5yZWFzb24gKyB7IjwvaDI+CgkJPHA+WElEOiAifSArIHJlcS54aWQgKyB7IjwvcD4KCTwvYm9keT4KPC9odG1sPiJ9OwoJfQoKCXJldHVybiAoZGVsaXZlcik7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2VuZAojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgdmNsX2JhY2tlbmRfcmVzcG9uc2UgewoJc2V0IGJlcmVzcC5ncmFjZSA9IDI0aDsKCglpZiAoYmVyZXEudW5jYWNoZWFibGUpIHsKCQlyZXR1cm4gKGRlbGl2ZXIpOwoJfSBlbHNlIGlmIChiZXJlc3AudHRsIDw9IDBzIHx8CgkJYmVyZXNwLmh0dHAuU2V0LUNvb2tpZSB8fAoJCWJlcmVzcC5odHRwLlN1cnJvZ2F0ZS1Db250cm9sIH4gIig/aSlebm8tc3RvcmUkIiB8fAoJCSggISBiZXJlc3AuaHR0cC5TdXJyb2dhdGUtQ29udHJvbCAmJgoJCQliZXJlc3AuaHR0cC5DYWNoZS1Db250cm9sIH4gIig/aSleKHByaXZhdGV8bm8tY2FjaGV8bm8tc3RvcmUpJCIpIHx8CgkJYmVyZXNwLmh0dHAuVmFyeSA9PSAiKiIpIHsKCQkjIE1hcmsgYXMgImhpdC1mb3ItbWlzcyIgZm9yIDIgbWludXRlcwoJCXNldCBiZXJlc3AudHRsID0gMTIwczsKCQlzZXQgYmVyZXNwLnVuY2FjaGVhYmxlID0gdHJ1ZTsKCX0KCglyZXR1cm4gKGRlbGl2ZXIpOwp9CgpzdWIgdmNsX2JhY2tlbmRfZXJyb3IgewoJc2V0IGJlcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiOwoJc2V0IGJlcmVzcC5odHRwLlJldHJ5LUFmdGVyID0gIjUiOwoJc2V0IGJlcmVzcC5odHRwLlgtRnJhbWUtT3B0aW9ucyA9ICJERU5ZIjsKCXNldCBiZXJlc3AuaHR0cC5YLVhTUy1Qcm90ZWN0aW9uID0gIjE7IG1vZGU9YmxvY2siOwoKCWlmIChiZXJlcS51cmwgfiAiKD9pKVwuKGNzc3xlb3R8Z2lmfGljb3xqcGU/Z3xqc3xwbmd8c3ZnfHR0Znx0eHR8d29mZjI/KShcPy4qKT8kIikgewoJCSMgUmVzcG9uZCB3aXRoIHNpbXBsZSB0ZXh0IGVycm9yIGZvciBzdGF0aWMgYXNzZXRzLgoJCXNldCBiZXJlc3AuYm9keSA9IGJlcmVzcC5zdGF0dXMgKyAiICIgKyBiZXJlc3AucmVhc29uOwoJCXNldCBiZXJlc3AuaHR0cC5Db250ZW50LVR5cGUgPSAidGV4dC9wbGFpbjsgY2hhcnNldD11dGYtOCI7Cgl9IGVsc2UgaWYgKGJlcmVxLnVybCB+ICIoP2kpXi9zdGF0dXNcLnBocChcPy4qKT8kIikgewoJCSMgUmVzcG9uZCB3aXRoIHNpbXBsZSB0ZXh0IGVycm9yIGZvciBzdGF0dXMgdXJpLgoJCXNldCBiZXJlc3AuYm9keSA9IGJlcmVzcC5yZWFzb247CgkJc2V0IGJlcmVzcC5odHRwLkNhY2hlLUNvbnRyb2wgPSAibm8tc3RvcmUiOwoJCXNldCBiZXJlc3AuaHR0cC5Db250ZW50LVR5cGUgPSAidGV4dC9wbGFpbjsgY2hhcnNldD11dGYtOCI7Cgl9IGVsc2UgewoJCXNldCBiZXJlc3AuYm9keSA9IHsiPCFET0NUWVBFIGh0bWw+CjxodG1sPgoJPGhlYWQ+CgkJPHRpdGxlPiJ9ICsgYmVyZXNwLnJlYXNvbiArIHsiPC90aXRsZT4KCQk8c3R5bGU+CgkJCWJvZHl7Y29sb3I6IzY2NjtiYWNrZ3JvdW5kLWNvbG9yOiNmMWYxZjE7Zm9udC1mYW1pbHk6c2Fucy1zZXJpZjttYXJnaW46MTIlO21heC13aWR0aDo1MCU7fQoJCQloMSxoMntjb2xvcjojMzMzO2ZvbnQtc2l6ZTo0cmVtO2ZvbnQtd2VpZ2h0OjQwMDt0ZXh0LXRyYW5zZm9ybTp1cHBlcmNhc2U7fQoJCQloMntjb2xvcjojMzMzO2ZvbnQtc2l6ZToycmVtO30KCQkJcHtmb250LXNpemU6MS41cmVtO30KCQk8L3N0eWxlPgoJPC9oZWFkPgoJPGJvZHk+CgkJPGgxPiJ9ICsgYmVyZXNwLnN0YXR1cyArIHsiPC9oMT4KCQk8aDI+In0gKyBiZXJlc3AucmVhc29uICsgeyI8L2gyPgoJCTxwPlhJRDogIn0gKyBiZXJlcS54aWQgKyB7IjwvcD4KCTwvYm9keT4KPC9odG1sPiJ9OwoJfQoKCXJldHVybiAoZGVsaXZlcik7Cn0K" \ + --env "VARNISH_VCL_CONF=dmNsIDQuMDsKCmltcG9ydCBkaXJlY3RvcnM7CmltcG9ydCBzdGQ7CgojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEhlYWx0aGNoZWNrIHByb2JlIChiYXNpYykKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KcHJvYmUgaGVhbHRoY2hlY2sgewoJLmludGVydmFsID0gNXM7CgkudGltZW91dCA9IDJzOwoJLndpbmRvdyA9IDU7CgkudGhyZXNob2xkID0gMzsKCS5pbml0aWFsID0gMjsKCS5leHBlY3RlZF9yZXNwb25zZSA9IDIwMDsKCS5yZXF1ZXN0ID0KCQkiR0VUIC8gSFRUUC8xLjEiCgkJIkhvc3Q6IGxvY2FsaG9zdC5sb2NhbGRvbWFpbiIKCQkiQ29ubmVjdGlvbjogY2xvc2UiCgkJIlVzZXItQWdlbnQ6IFZhcm5pc2giCgkJIkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZSI7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2VuZHMKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KYmFja2VuZCBodHRwXzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4MCI7CgkuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsKCS5wcm9iZSA9IGhlYWx0aGNoZWNrOwp9CgpiYWNrZW5kIHByb3h5XzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4NDQzIjsKCS5maXJzdF9ieXRlX3RpbWVvdXQgPSAzMDBzOwoJLnByb2JlID0gaGVhbHRoY2hlY2s7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgRGlyZWN0b3JzCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfaW5pdCB7CgluZXcgZGlyZWN0b3JfaHR0cCA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfaHR0cC5hZGRfYmFja2VuZChodHRwXzEpOwoKCW5ldyBkaXJlY3Rvcl9wcm94eSA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfcHJveHkuYWRkX2JhY2tlbmQocHJveHlfMSk7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQ2xpZW50IHNpZGUKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIHZjbF9yZWN2IHsKCWlmIChyZXEuaHR0cC5Db29raWUgIT0gIiIpIHsKCQlzZXQgcmVxLmh0dHAuWC1Db29raWUgPSByZXEuaHR0cC5Db29raWU7Cgl9Cgl1bnNldCByZXEuaHR0cC5Db29raWU7Cgl1bnNldCByZXEuaHR0cC5Gb3J3YXJkZWQ7Cgl1bnNldCByZXEuaHR0cC5Qcm94eTsKCXVuc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVBvcnQ7Cgl1bnNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qcm90bzsKCglpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4NDQzIHx8CgkJc3RkLnBvcnQobG9jYWwuaXApID09IDg0NDMpIHsKCQkjIFBvcnQgODQ0MwoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjQ0MyI7CgkJc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVByb3RvID0gImh0dHBzIjsKCQlzZXQgcmVxLmJhY2tlbmRfaGludCA9IGRpcmVjdG9yX3Byb3h5LmJhY2tlbmQoKTsKCX0gZWxzZSBpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4MCB8fAoJCXN0ZC5wb3J0KGxvY2FsLmlwKSA9PSA4MCkgewoJCSMgUG9ydCA4MAoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjgwIjsKCQlzZXQgcmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8gPSAiaHR0cCI7CgkJc2V0IHJlcS5iYWNrZW5kX2hpbnQgPSBkaXJlY3Rvcl9odHRwLmJhY2tlbmQoKTsKCX0gZWxzZSB7CgkJIyBSZWplY3QgdW5leHBlY3RlZCBwb3J0cwoJCXJldHVybiAoc3ludGgoNDAzKSk7Cgl9CgoJIyBIYW5kbGUgbW9uaXRvcmluZyBzdGF0dXMgZW5kcG9pbnRzIC9zdGF0dXMgYW5kIC92YXJuaXNoLXN0YXR1cwoJaWYgKHJlcS51cmwgfiAiKD9pKV4vc3RhdHVzKFw/LiopPyQiICYmCgkJIXN0ZC5oZWFsdGh5KHJlcS5iYWNrZW5kX2hpbnQpKSB7CgkJcmV0dXJuIChzeW50aCg1MDMsICJTZXJ2aWNlIFVuYXZhaWxhYmxlIikpOwoJfSBlbHNlIGlmIChyZXEudXJsIH4gIig/aSleLyh2YXJuaXNoLSk/c3RhdHVzKFw/LiopPyQiKSB7CgkJcmV0dXJuIChzeW50aCgyMDAsICJPSyIpKTsKCX0KCglpZiAoc3RkLmhlYWx0aHkocmVxLmJhY2tlbmRfaGludCkpIHsKCQkjIENhcCBncmFjZSBwZXJpb2QgZm9yIGhlYWx0aHkgYmFja2VuZHMKCQlzZXQgcmVxLmdyYWNlID0gMTVzOwoJfQp9CgpzdWIgdmNsX2hhc2ggewoJaGFzaF9kYXRhKHJlcS51cmwpOwoKCWlmIChyZXEuaHR0cC5Ib3N0KSB7CgkJaGFzaF9kYXRhKHJlcS5odHRwLkhvc3QpOwoJfSBlbHNlIHsKCQloYXNoX2RhdGEoc2VydmVyLmlwKTsKCX0KCglpZiAocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pIHsKCQloYXNoX2RhdGEocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pOwoJfQoKCWlmIChyZXEuaHR0cC5YLUNvb2tpZSkgewoJCXNldCByZXEuaHR0cC5Db29raWUgPSByZXEuaHR0cC5YLUNvb2tpZTsKCX0KCXVuc2V0IHJlcS5odHRwLlgtQ29va2llOwoKCXJldHVybiAobG9va3VwKTsKfQoKc3ViIHZjbF9oaXQgewoJcmV0dXJuIChkZWxpdmVyKTsKfQoKc3ViIHZjbF9kZWxpdmVyIHsKCXVuc2V0IHJlc3AuaHR0cC5WaWE7CgoJaWYgKHJlc3Auc3RhdHVzID49IDQwMCkgewoJCXJldHVybiAoc3ludGgocmVzcC5zdGF0dXMpKTsKCX0KfQoKc3ViIHZjbF9zeW50aCB7CglzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiOwoJc2V0IHJlc3AuaHR0cC5SZXRyeS1BZnRlciA9ICI1IjsKCXNldCByZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IHJlc3AuaHR0cC5YLVhTUy1Qcm90ZWN0aW9uID0gIjE7IG1vZGU9YmxvY2siOwoKCWlmIChyZXEudXJsIH4gIig/aSlcLihjc3N8ZW90fGdpZnxpY298anBlP2d8anN8cG5nfHN2Z3x0dGZ8dHh0fHdvZmYyPykoXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdGljIGFzc2V0cy4KCQlzZXQgcmVzcC5ib2R5ID0gcmVzcC5zdGF0dXMgKyAiICIgKyByZXNwLnJlYXNvbjsKCQlzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAocmVxLnVybCB+ICIoP2kpXi8odmFybmlzaC0pP3N0YXR1cyhcLnBocCk/KFw/LiopPyQiKSB7CgkJIyBSZXNwb25kIHdpdGggc2ltcGxlIHRleHQgZXJyb3IgZm9yIHN0YXR1cyB1cmkuCgkJc2V0IHJlc3AuYm9keSA9IHJlc3AucmVhc29uOwoJCXNldCByZXNwLmh0dHAuQ2FjaGUtQ29udHJvbCA9ICJuby1zdG9yZSI7CgkJc2V0IHJlc3AuaHR0cC5Db250ZW50LVR5cGUgPSAidGV4dC9wbGFpbjsgY2hhcnNldD11dGYtOCI7Cgl9IGVsc2UgaWYgKHJlc3Auc3RhdHVzIDwgNTAwKSB7CgkJc2V0IHJlc3AuYm9keSA9IHsiPCFET0NUWVBFIGh0bWw+CjxodG1sPgoJPGhlYWQ+CgkJPHRpdGxlPiJ9ICsgcmVzcC5yZWFzb24gKyB7IjwvdGl0bGU+CgkJPHN0eWxlPgoJCQlib2R5e2NvbG9yOiM2NjY7YmFja2dyb3VuZC1jb2xvcjojZjFmMWYxO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7bWFyZ2luOjEyJTttYXgtd2lkdGg6NTAlO30KCQkJaDEsaDJ7Y29sb3I6IzMzMztmb250LXNpemU6NHJlbTtmb250LXdlaWdodDo0MDA7dGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlO30KCQkJaDJ7Y29sb3I6IzMzMztmb250LXNpemU6MnJlbTt9CgkJCXB7Zm9udC1zaXplOjEuNXJlbTt9CgkJPC9zdHlsZT4KCTwvaGVhZD4KCTxib2R5PgoJCTxoMT4ifSArIHJlc3Auc3RhdHVzICsgeyI8L2gxPgoJCTxoMj4ifSArIHJlc3AucmVhc29uICsgeyI8L2gyPgoJPC9ib2R5Pgo8L2h0bWw+In07Cgl9IGVsc2UgewoJCXNldCByZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIHJlc3AucmVhc29uICsgeyI8L3RpdGxlPgoJCTxzdHlsZT4KCQkJYm9keXtjb2xvcjojNjY2O2JhY2tncm91bmQtY29sb3I6I2YxZjFmMTtmb250LWZhbWlseTpzYW5zLXNlcmlmO21hcmdpbjoxMiU7bWF4LXdpZHRoOjUwJTt9CgkJCWgxLGgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjRyZW07Zm9udC13ZWlnaHQ6NDAwO3RleHQtdHJhbnNmb3JtOnVwcGVyY2FzZTt9CgkJCWgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjJyZW07fQoJCQlwe2ZvbnQtc2l6ZToxLjVyZW07fQoJCTwvc3R5bGU+Cgk8L2hlYWQ+Cgk8Ym9keT4KCQk8aDE+In0gKyByZXNwLnN0YXR1cyArIHsiPC9oMT4KCQk8aDI+In0gKyByZXNwLnJlYXNvbiArIHsiPC9oMj4KCQk8cD5YSUQ6ICJ9ICsgcmVxLnhpZCArIHsiPC9wPgoJPC9ib2R5Pgo8L2h0bWw+In07Cgl9CgoJcmV0dXJuIChkZWxpdmVyKTsKfQoKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBCYWNrZW5kCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfYmFja2VuZF9yZXNwb25zZSB7CglzZXQgYmVyZXNwLmdyYWNlID0gMjRoOwoKCWlmIChiZXJlcS51bmNhY2hlYWJsZSkgewoJCXJldHVybiAoZGVsaXZlcik7Cgl9IGVsc2UgaWYgKGJlcmVzcC50dGwgPD0gMHMgfHwKCQliZXJlc3AuaHR0cC5TZXQtQ29va2llIHx8CgkJYmVyZXNwLmh0dHAuU3Vycm9nYXRlLUNvbnRyb2wgfiAiKD9pKV5uby1zdG9yZSQiIHx8CgkJKCAhIGJlcmVzcC5odHRwLlN1cnJvZ2F0ZS1Db250cm9sICYmCgkJCWJlcmVzcC5odHRwLkNhY2hlLUNvbnRyb2wgfiAiKD9pKV4ocHJpdmF0ZXxuby1jYWNoZXxuby1zdG9yZSkkIikgfHwKCQliZXJlc3AuaHR0cC5WYXJ5ID09ICIqIikgewoJCSMgTWFyayBhcyAiaGl0LWZvci1taXNzIiBmb3IgMiBtaW51dGVzCgkJc2V0IGJlcmVzcC50dGwgPSAxMjBzOwoJCXNldCBiZXJlc3AudW5jYWNoZWFibGUgPSB0cnVlOwoJfQoKCXJldHVybiAoZGVsaXZlcik7Cn0KCnN1YiB2Y2xfYmFja2VuZF9lcnJvciB7CglzZXQgYmVyZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvaHRtbDsgY2hhcnNldD11dGYtOCI7CglzZXQgYmVyZXNwLmh0dHAuUmV0cnktQWZ0ZXIgPSAiNSI7CglzZXQgYmVyZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IGJlcmVzcC5odHRwLlgtWFNTLVByb3RlY3Rpb24gPSAiMTsgbW9kZT1ibG9jayI7CgoJaWYgKGJlcmVxLnVybCB+ICIoP2kpXC4oY3NzfGVvdHxnaWZ8aWNvfGpwZT9nfGpzfHBuZ3xzdmd8dHRmfHR4dHx3b2ZmMj8pKFw/LiopPyQiKSB7CgkJIyBSZXNwb25kIHdpdGggc2ltcGxlIHRleHQgZXJyb3IgZm9yIHN0YXRpYyBhc3NldHMuCgkJc2V0IGJlcmVzcC5ib2R5ID0gYmVyZXNwLnN0YXR1cyArICIgIiArIGJlcmVzcC5yZWFzb247CgkJc2V0IGJlcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAoYmVyZXEudXJsIH4gIig/aSleLyh2YXJuaXNoLSk/c3RhdHVzKFwucGhwKT8oXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdHVzIHVyaS4KCQlzZXQgYmVyZXNwLmJvZHkgPSBiZXJlc3AucmVhc29uOwoJCXNldCBiZXJlc3AuaHR0cC5DYWNoZS1Db250cm9sID0gIm5vLXN0b3JlIjsKCQlzZXQgYmVyZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvcGxhaW47IGNoYXJzZXQ9dXRmLTgiOwoJfSBlbHNlIHsKCQlzZXQgYmVyZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIGJlcmVzcC5yZWFzb24gKyB7IjwvdGl0bGU+CgkJPHN0eWxlPgoJCQlib2R5e2NvbG9yOiM2NjY7YmFja2dyb3VuZC1jb2xvcjojZjFmMWYxO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7bWFyZ2luOjEyJTttYXgtd2lkdGg6NTAlO30KCQkJaDEsaDJ7Y29sb3I6IzMzMztmb250LXNpemU6NHJlbTtmb250LXdlaWdodDo0MDA7dGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlO30KCQkJaDJ7Y29sb3I6IzMzMztmb250LXNpemU6MnJlbTt9CgkJCXB7Zm9udC1zaXplOjEuNXJlbTt9CgkJPC9zdHlsZT4KCTwvaGVhZD4KCTxib2R5PgoJCTxoMT4ifSArIGJlcmVzcC5zdGF0dXMgKyB7IjwvaDE+CgkJPGgyPiJ9ICsgYmVyZXNwLnJlYXNvbiArIHsiPC9oMj4KCQk8cD5YSUQ6ICJ9ICsgYmVyZXEueGlkICsgeyI8L3A+Cgk8L2JvZHk+CjwvaHRtbD4ifTsKCX0KCglyZXR1cm4gKGRlbGl2ZXIpOwp9Cg==" \ --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ From 15aba2768bf63f8751c61fe40a695a49ba8314a0 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 15 Aug 2019 19:58:22 +0100 Subject: [PATCH 19/26] #197: Adds test cases for monitoring URIs. --- test/shpec/operation_shpec.sh | 134 ++++++++++++++++++++++++++++++++-- 1 file changed, 127 insertions(+), 7 deletions(-) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index 6e4ee0d..9b1c7f3 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -162,6 +162,7 @@ function test_basic_operations () local -r backend_network="bridge_t1" local container_port_80="" local container_port_8443="" + local curl_response_code="" local header_x_varnish="" local phpsessid="" local request_headers="" @@ -431,6 +432,64 @@ function test_basic_operations () 0 end end + + describe "Status URI" + it "Returns OK." + curl -s \ + -H "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/status \ + | grep -q 'OK' + + request_response="${?}" + + assert equal \ + "${request_response}" \ + 0 + end + + it "Returns a 200 status code." + curl_response_code="$( + curl -s \ + -o /dev/null \ + -w "%{http_code}" \ + --header "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/status + )" + + assert equal \ + "${curl_response_code}" \ + "200" + end + end + + describe "Varnish status URI" + it "Returns OK." + curl -s \ + -H "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/varnish-status \ + | grep -q 'OK' + + request_response="${?}" + + assert equal \ + "${request_response}" \ + 0 + end + + it "Returns a 200 status code." + curl_response_code="$( + curl -s \ + -o /dev/null \ + -w "%{http_code}" \ + --header "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/varnish-status + )" + + assert equal \ + "${curl_response_code}" \ + "200" + end + end end describe "Response to PROXY protocol requests" @@ -590,12 +649,12 @@ function test_basic_operations () end describe "Backend offline" + docker pause \ + ${backend_name} \ + &> /dev/null + describe "HTTP request" it "Has a cache hit." - docker stop \ - ${backend_name} \ - &> /dev/null - curl -s \ -H "Host: ${backend_hostname}" \ http://127.0.0.1:${container_port_80}/ \ @@ -622,15 +681,76 @@ function test_basic_operations () request_response="${?}" - docker start \ - ${backend_name} \ - &> /dev/null + assert equal \ + "${request_response}" \ + 0 + end + end + + # Wait for probe to register backend as down. + sleep 20 + + describe "Status URI" + it "Returns Service Unavailable." + curl -s \ + -H "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/status \ + | grep -q 'Service Unavailable' + + request_response="${?}" + + assert equal \ + "${request_response}" \ + 0 + end + + it "Returns a 503 status code." + curl_response_code="$( + curl -s \ + -o /dev/null \ + -w "%{http_code}" \ + --header "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/status + )" + + assert equal \ + "${curl_response_code}" \ + "503" + end + end + + describe "Varnish status URI" + it "Returns OK." + curl -s \ + -H "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/varnish-status \ + | grep -q 'OK' + + request_response="${?}" assert equal \ "${request_response}" \ 0 end + + it "Returns a 200 status code." + curl_response_code="$( + curl -s \ + -o /dev/null \ + -w "%{http_code}" \ + --header "Host: ${backend_hostname}" \ + http://127.0.0.1:${container_port_80}/varnish-status + )" + + assert equal \ + "${curl_response_code}" \ + "200" + end end + + docker unpause \ + ${backend_name} \ + &> /dev/null end __terminate_container \ From 25d9e03d1eaacb44db67645d0a1ad1fb8228353b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 15 Aug 2019 20:22:21 +0100 Subject: [PATCH 20/26] #197: Adds extra 10 seconds due to CI test failures. --- test/shpec/operation_shpec.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index 9b1c7f3..e134c48 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -688,7 +688,7 @@ function test_basic_operations () end # Wait for probe to register backend as down. - sleep 20 + sleep 30 describe "Status URI" it "Returns Service Unavailable." From a6535807691cfbe5f2e891d6d236bdf97fe4e28b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Aug 2019 11:48:41 +0100 Subject: [PATCH 21/26] #199: Updates healthcheck probe window to 3. --- CHANGELOG.md | 1 + src/etc/varnish/docker-default.vcl | 2 +- test/fixture/varnish/etc/varnish/docker-default.vcl | 2 +- test/shpec/operation_shpec.sh | 4 ++-- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5cb5767..1d8e709 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ Summary of release changes. - Updates varnishncsa supervisord configuration file/priority to `50-varnishncsa-wrapper.conf`/`50`. - Updates docker-compose example with redis session store replacing memcached for the apache-php service. - Updates wrapper scripts timer to use UTC date timestamps. +- Updates backend probe window from 5 to 3 to reduce time to register an offline backend. - Fixes docker host connection status check in Makefile. - Fixes error when restarting/reloading varnishd. - Adds `inspect`, `reload` and `top` Makefile targets. diff --git a/src/etc/varnish/docker-default.vcl b/src/etc/varnish/docker-default.vcl index a3439de..2907199 100644 --- a/src/etc/varnish/docker-default.vcl +++ b/src/etc/varnish/docker-default.vcl @@ -9,7 +9,7 @@ import std; probe healthcheck { .interval = 5s; .timeout = 2s; - .window = 5; + .window = 3; .threshold = 3; .initial = 2; .expected_response = 200; diff --git a/test/fixture/varnish/etc/varnish/docker-default.vcl b/test/fixture/varnish/etc/varnish/docker-default.vcl index b56491a..915fbce 100644 --- a/test/fixture/varnish/etc/varnish/docker-default.vcl +++ b/test/fixture/varnish/etc/varnish/docker-default.vcl @@ -9,7 +9,7 @@ import std; probe healthcheck { .interval = 5s; .timeout = 2s; - .window = 5; + .window = 3; .threshold = 3; .initial = 2; .expected_response = 200; diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index e134c48..a2ccc37 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -688,7 +688,7 @@ function test_basic_operations () end # Wait for probe to register backend as down. - sleep 30 + sleep 20 describe "Status URI" it "Returns Service Unavailable." @@ -793,7 +793,7 @@ function test_custom_configuration () --env "VARNISH_THREAD_TIMEOUT=300" \ --env "VARNISH_STORAGE=malloc,256M" \ --env "VARNISH_TTL=600" \ - --env "VARNISH_VCL_CONF=dmNsIDQuMDsKCmltcG9ydCBkaXJlY3RvcnM7CmltcG9ydCBzdGQ7CgojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEhlYWx0aGNoZWNrIHByb2JlIChiYXNpYykKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KcHJvYmUgaGVhbHRoY2hlY2sgewoJLmludGVydmFsID0gNXM7CgkudGltZW91dCA9IDJzOwoJLndpbmRvdyA9IDU7CgkudGhyZXNob2xkID0gMzsKCS5pbml0aWFsID0gMjsKCS5leHBlY3RlZF9yZXNwb25zZSA9IDIwMDsKCS5yZXF1ZXN0ID0KCQkiR0VUIC8gSFRUUC8xLjEiCgkJIkhvc3Q6IGxvY2FsaG9zdC5sb2NhbGRvbWFpbiIKCQkiQ29ubmVjdGlvbjogY2xvc2UiCgkJIlVzZXItQWdlbnQ6IFZhcm5pc2giCgkJIkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZSI7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2VuZHMKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KYmFja2VuZCBodHRwXzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4MCI7CgkuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsKCS5wcm9iZSA9IGhlYWx0aGNoZWNrOwp9CgpiYWNrZW5kIHByb3h5XzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4NDQzIjsKCS5maXJzdF9ieXRlX3RpbWVvdXQgPSAzMDBzOwoJLnByb2JlID0gaGVhbHRoY2hlY2s7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgRGlyZWN0b3JzCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfaW5pdCB7CgluZXcgZGlyZWN0b3JfaHR0cCA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfaHR0cC5hZGRfYmFja2VuZChodHRwXzEpOwoKCW5ldyBkaXJlY3Rvcl9wcm94eSA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfcHJveHkuYWRkX2JhY2tlbmQocHJveHlfMSk7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQ2xpZW50IHNpZGUKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIHZjbF9yZWN2IHsKCWlmIChyZXEuaHR0cC5Db29raWUgIT0gIiIpIHsKCQlzZXQgcmVxLmh0dHAuWC1Db29raWUgPSByZXEuaHR0cC5Db29raWU7Cgl9Cgl1bnNldCByZXEuaHR0cC5Db29raWU7Cgl1bnNldCByZXEuaHR0cC5Gb3J3YXJkZWQ7Cgl1bnNldCByZXEuaHR0cC5Qcm94eTsKCXVuc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVBvcnQ7Cgl1bnNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qcm90bzsKCglpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4NDQzIHx8CgkJc3RkLnBvcnQobG9jYWwuaXApID09IDg0NDMpIHsKCQkjIFBvcnQgODQ0MwoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjQ0MyI7CgkJc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVByb3RvID0gImh0dHBzIjsKCQlzZXQgcmVxLmJhY2tlbmRfaGludCA9IGRpcmVjdG9yX3Byb3h5LmJhY2tlbmQoKTsKCX0gZWxzZSBpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4MCB8fAoJCXN0ZC5wb3J0KGxvY2FsLmlwKSA9PSA4MCkgewoJCSMgUG9ydCA4MAoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjgwIjsKCQlzZXQgcmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8gPSAiaHR0cCI7CgkJc2V0IHJlcS5iYWNrZW5kX2hpbnQgPSBkaXJlY3Rvcl9odHRwLmJhY2tlbmQoKTsKCX0gZWxzZSB7CgkJIyBSZWplY3QgdW5leHBlY3RlZCBwb3J0cwoJCXJldHVybiAoc3ludGgoNDAzKSk7Cgl9CgoJIyBIYW5kbGUgbW9uaXRvcmluZyBzdGF0dXMgZW5kcG9pbnRzIC9zdGF0dXMgYW5kIC92YXJuaXNoLXN0YXR1cwoJaWYgKHJlcS51cmwgfiAiKD9pKV4vc3RhdHVzKFw/LiopPyQiICYmCgkJIXN0ZC5oZWFsdGh5KHJlcS5iYWNrZW5kX2hpbnQpKSB7CgkJcmV0dXJuIChzeW50aCg1MDMsICJTZXJ2aWNlIFVuYXZhaWxhYmxlIikpOwoJfSBlbHNlIGlmIChyZXEudXJsIH4gIig/aSleLyh2YXJuaXNoLSk/c3RhdHVzKFw/LiopPyQiKSB7CgkJcmV0dXJuIChzeW50aCgyMDAsICJPSyIpKTsKCX0KCglpZiAoc3RkLmhlYWx0aHkocmVxLmJhY2tlbmRfaGludCkpIHsKCQkjIENhcCBncmFjZSBwZXJpb2QgZm9yIGhlYWx0aHkgYmFja2VuZHMKCQlzZXQgcmVxLmdyYWNlID0gMTVzOwoJfQp9CgpzdWIgdmNsX2hhc2ggewoJaGFzaF9kYXRhKHJlcS51cmwpOwoKCWlmIChyZXEuaHR0cC5Ib3N0KSB7CgkJaGFzaF9kYXRhKHJlcS5odHRwLkhvc3QpOwoJfSBlbHNlIHsKCQloYXNoX2RhdGEoc2VydmVyLmlwKTsKCX0KCglpZiAocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pIHsKCQloYXNoX2RhdGEocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pOwoJfQoKCWlmIChyZXEuaHR0cC5YLUNvb2tpZSkgewoJCXNldCByZXEuaHR0cC5Db29raWUgPSByZXEuaHR0cC5YLUNvb2tpZTsKCX0KCXVuc2V0IHJlcS5odHRwLlgtQ29va2llOwoKCXJldHVybiAobG9va3VwKTsKfQoKc3ViIHZjbF9oaXQgewoJcmV0dXJuIChkZWxpdmVyKTsKfQoKc3ViIHZjbF9kZWxpdmVyIHsKCXVuc2V0IHJlc3AuaHR0cC5WaWE7CgoJaWYgKHJlc3Auc3RhdHVzID49IDQwMCkgewoJCXJldHVybiAoc3ludGgocmVzcC5zdGF0dXMpKTsKCX0KfQoKc3ViIHZjbF9zeW50aCB7CglzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiOwoJc2V0IHJlc3AuaHR0cC5SZXRyeS1BZnRlciA9ICI1IjsKCXNldCByZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IHJlc3AuaHR0cC5YLVhTUy1Qcm90ZWN0aW9uID0gIjE7IG1vZGU9YmxvY2siOwoKCWlmIChyZXEudXJsIH4gIig/aSlcLihjc3N8ZW90fGdpZnxpY298anBlP2d8anN8cG5nfHN2Z3x0dGZ8dHh0fHdvZmYyPykoXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdGljIGFzc2V0cy4KCQlzZXQgcmVzcC5ib2R5ID0gcmVzcC5zdGF0dXMgKyAiICIgKyByZXNwLnJlYXNvbjsKCQlzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAocmVxLnVybCB+ICIoP2kpXi8odmFybmlzaC0pP3N0YXR1cyhcLnBocCk/KFw/LiopPyQiKSB7CgkJIyBSZXNwb25kIHdpdGggc2ltcGxlIHRleHQgZXJyb3IgZm9yIHN0YXR1cyB1cmkuCgkJc2V0IHJlc3AuYm9keSA9IHJlc3AucmVhc29uOwoJCXNldCByZXNwLmh0dHAuQ2FjaGUtQ29udHJvbCA9ICJuby1zdG9yZSI7CgkJc2V0IHJlc3AuaHR0cC5Db250ZW50LVR5cGUgPSAidGV4dC9wbGFpbjsgY2hhcnNldD11dGYtOCI7Cgl9IGVsc2UgaWYgKHJlc3Auc3RhdHVzIDwgNTAwKSB7CgkJc2V0IHJlc3AuYm9keSA9IHsiPCFET0NUWVBFIGh0bWw+CjxodG1sPgoJPGhlYWQ+CgkJPHRpdGxlPiJ9ICsgcmVzcC5yZWFzb24gKyB7IjwvdGl0bGU+CgkJPHN0eWxlPgoJCQlib2R5e2NvbG9yOiM2NjY7YmFja2dyb3VuZC1jb2xvcjojZjFmMWYxO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7bWFyZ2luOjEyJTttYXgtd2lkdGg6NTAlO30KCQkJaDEsaDJ7Y29sb3I6IzMzMztmb250LXNpemU6NHJlbTtmb250LXdlaWdodDo0MDA7dGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlO30KCQkJaDJ7Y29sb3I6IzMzMztmb250LXNpemU6MnJlbTt9CgkJCXB7Zm9udC1zaXplOjEuNXJlbTt9CgkJPC9zdHlsZT4KCTwvaGVhZD4KCTxib2R5PgoJCTxoMT4ifSArIHJlc3Auc3RhdHVzICsgeyI8L2gxPgoJCTxoMj4ifSArIHJlc3AucmVhc29uICsgeyI8L2gyPgoJPC9ib2R5Pgo8L2h0bWw+In07Cgl9IGVsc2UgewoJCXNldCByZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIHJlc3AucmVhc29uICsgeyI8L3RpdGxlPgoJCTxzdHlsZT4KCQkJYm9keXtjb2xvcjojNjY2O2JhY2tncm91bmQtY29sb3I6I2YxZjFmMTtmb250LWZhbWlseTpzYW5zLXNlcmlmO21hcmdpbjoxMiU7bWF4LXdpZHRoOjUwJTt9CgkJCWgxLGgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjRyZW07Zm9udC13ZWlnaHQ6NDAwO3RleHQtdHJhbnNmb3JtOnVwcGVyY2FzZTt9CgkJCWgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjJyZW07fQoJCQlwe2ZvbnQtc2l6ZToxLjVyZW07fQoJCTwvc3R5bGU+Cgk8L2hlYWQ+Cgk8Ym9keT4KCQk8aDE+In0gKyByZXNwLnN0YXR1cyArIHsiPC9oMT4KCQk8aDI+In0gKyByZXNwLnJlYXNvbiArIHsiPC9oMj4KCQk8cD5YSUQ6ICJ9ICsgcmVxLnhpZCArIHsiPC9wPgoJPC9ib2R5Pgo8L2h0bWw+In07Cgl9CgoJcmV0dXJuIChkZWxpdmVyKTsKfQoKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBCYWNrZW5kCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfYmFja2VuZF9yZXNwb25zZSB7CglzZXQgYmVyZXNwLmdyYWNlID0gMjRoOwoKCWlmIChiZXJlcS51bmNhY2hlYWJsZSkgewoJCXJldHVybiAoZGVsaXZlcik7Cgl9IGVsc2UgaWYgKGJlcmVzcC50dGwgPD0gMHMgfHwKCQliZXJlc3AuaHR0cC5TZXQtQ29va2llIHx8CgkJYmVyZXNwLmh0dHAuU3Vycm9nYXRlLUNvbnRyb2wgfiAiKD9pKV5uby1zdG9yZSQiIHx8CgkJKCAhIGJlcmVzcC5odHRwLlN1cnJvZ2F0ZS1Db250cm9sICYmCgkJCWJlcmVzcC5odHRwLkNhY2hlLUNvbnRyb2wgfiAiKD9pKV4ocHJpdmF0ZXxuby1jYWNoZXxuby1zdG9yZSkkIikgfHwKCQliZXJlc3AuaHR0cC5WYXJ5ID09ICIqIikgewoJCSMgTWFyayBhcyAiaGl0LWZvci1taXNzIiBmb3IgMiBtaW51dGVzCgkJc2V0IGJlcmVzcC50dGwgPSAxMjBzOwoJCXNldCBiZXJlc3AudW5jYWNoZWFibGUgPSB0cnVlOwoJfQoKCXJldHVybiAoZGVsaXZlcik7Cn0KCnN1YiB2Y2xfYmFja2VuZF9lcnJvciB7CglzZXQgYmVyZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvaHRtbDsgY2hhcnNldD11dGYtOCI7CglzZXQgYmVyZXNwLmh0dHAuUmV0cnktQWZ0ZXIgPSAiNSI7CglzZXQgYmVyZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IGJlcmVzcC5odHRwLlgtWFNTLVByb3RlY3Rpb24gPSAiMTsgbW9kZT1ibG9jayI7CgoJaWYgKGJlcmVxLnVybCB+ICIoP2kpXC4oY3NzfGVvdHxnaWZ8aWNvfGpwZT9nfGpzfHBuZ3xzdmd8dHRmfHR4dHx3b2ZmMj8pKFw/LiopPyQiKSB7CgkJIyBSZXNwb25kIHdpdGggc2ltcGxlIHRleHQgZXJyb3IgZm9yIHN0YXRpYyBhc3NldHMuCgkJc2V0IGJlcmVzcC5ib2R5ID0gYmVyZXNwLnN0YXR1cyArICIgIiArIGJlcmVzcC5yZWFzb247CgkJc2V0IGJlcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAoYmVyZXEudXJsIH4gIig/aSleLyh2YXJuaXNoLSk/c3RhdHVzKFwucGhwKT8oXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdHVzIHVyaS4KCQlzZXQgYmVyZXNwLmJvZHkgPSBiZXJlc3AucmVhc29uOwoJCXNldCBiZXJlc3AuaHR0cC5DYWNoZS1Db250cm9sID0gIm5vLXN0b3JlIjsKCQlzZXQgYmVyZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvcGxhaW47IGNoYXJzZXQ9dXRmLTgiOwoJfSBlbHNlIHsKCQlzZXQgYmVyZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIGJlcmVzcC5yZWFzb24gKyB7IjwvdGl0bGU+CgkJPHN0eWxlPgoJCQlib2R5e2NvbG9yOiM2NjY7YmFja2dyb3VuZC1jb2xvcjojZjFmMWYxO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7bWFyZ2luOjEyJTttYXgtd2lkdGg6NTAlO30KCQkJaDEsaDJ7Y29sb3I6IzMzMztmb250LXNpemU6NHJlbTtmb250LXdlaWdodDo0MDA7dGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlO30KCQkJaDJ7Y29sb3I6IzMzMztmb250LXNpemU6MnJlbTt9CgkJCXB7Zm9udC1zaXplOjEuNXJlbTt9CgkJPC9zdHlsZT4KCTwvaGVhZD4KCTxib2R5PgoJCTxoMT4ifSArIGJlcmVzcC5zdGF0dXMgKyB7IjwvaDE+CgkJPGgyPiJ9ICsgYmVyZXNwLnJlYXNvbiArIHsiPC9oMj4KCQk8cD5YSUQ6ICJ9ICsgYmVyZXEueGlkICsgeyI8L3A+Cgk8L2JvZHk+CjwvaHRtbD4ifTsKCX0KCglyZXR1cm4gKGRlbGl2ZXIpOwp9Cg==" \ + --env "VARNISH_VCL_CONF=dmNsIDQuMDsKCmltcG9ydCBkaXJlY3RvcnM7CmltcG9ydCBzdGQ7CgojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEhlYWx0aGNoZWNrIHByb2JlIChiYXNpYykKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KcHJvYmUgaGVhbHRoY2hlY2sgewoJLmludGVydmFsID0gNXM7CgkudGltZW91dCA9IDJzOwoJLndpbmRvdyA9IDM7CgkudGhyZXNob2xkID0gMzsKCS5pbml0aWFsID0gMjsKCS5leHBlY3RlZF9yZXNwb25zZSA9IDIwMDsKCS5yZXF1ZXN0ID0KCQkiR0VUIC8gSFRUUC8xLjEiCgkJIkhvc3Q6IGxvY2FsaG9zdC5sb2NhbGRvbWFpbiIKCQkiQ29ubmVjdGlvbjogY2xvc2UiCgkJIlVzZXItQWdlbnQ6IFZhcm5pc2giCgkJIkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZSI7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2VuZHMKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KYmFja2VuZCBodHRwXzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4MCI7CgkuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsKCS5wcm9iZSA9IGhlYWx0aGNoZWNrOwp9CgpiYWNrZW5kIHByb3h5XzEgewoJLmhvc3QgPSAiaHR0cGRfMSI7CgkucG9ydCA9ICI4NDQzIjsKCS5maXJzdF9ieXRlX3RpbWVvdXQgPSAzMDBzOwoJLnByb2JlID0gaGVhbHRoY2hlY2s7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgRGlyZWN0b3JzCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfaW5pdCB7CgluZXcgZGlyZWN0b3JfaHR0cCA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfaHR0cC5hZGRfYmFja2VuZChodHRwXzEpOwoKCW5ldyBkaXJlY3Rvcl9wcm94eSA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfcHJveHkuYWRkX2JhY2tlbmQocHJveHlfMSk7Cn0KCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQ2xpZW50IHNpZGUKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIHZjbF9yZWN2IHsKCWlmIChyZXEuaHR0cC5Db29raWUgIT0gIiIpIHsKCQlzZXQgcmVxLmh0dHAuWC1Db29raWUgPSByZXEuaHR0cC5Db29raWU7Cgl9Cgl1bnNldCByZXEuaHR0cC5Db29raWU7Cgl1bnNldCByZXEuaHR0cC5Gb3J3YXJkZWQ7Cgl1bnNldCByZXEuaHR0cC5Qcm94eTsKCXVuc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVBvcnQ7Cgl1bnNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qcm90bzsKCglpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4NDQzIHx8CgkJc3RkLnBvcnQobG9jYWwuaXApID09IDg0NDMpIHsKCQkjIFBvcnQgODQ0MwoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjQ0MyI7CgkJc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVByb3RvID0gImh0dHBzIjsKCQlzZXQgcmVxLmJhY2tlbmRfaGludCA9IGRpcmVjdG9yX3Byb3h5LmJhY2tlbmQoKTsKCX0gZWxzZSBpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4MCB8fAoJCXN0ZC5wb3J0KGxvY2FsLmlwKSA9PSA4MCkgewoJCSMgUG9ydCA4MAoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjgwIjsKCQlzZXQgcmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8gPSAiaHR0cCI7CgkJc2V0IHJlcS5iYWNrZW5kX2hpbnQgPSBkaXJlY3Rvcl9odHRwLmJhY2tlbmQoKTsKCX0gZWxzZSB7CgkJIyBSZWplY3QgdW5leHBlY3RlZCBwb3J0cwoJCXJldHVybiAoc3ludGgoNDAzKSk7Cgl9CgoJIyBIYW5kbGUgbW9uaXRvcmluZyBzdGF0dXMgZW5kcG9pbnRzIC9zdGF0dXMgYW5kIC92YXJuaXNoLXN0YXR1cwoJaWYgKHJlcS51cmwgfiAiKD9pKV4vc3RhdHVzKFw/LiopPyQiICYmCgkJIXN0ZC5oZWFsdGh5KHJlcS5iYWNrZW5kX2hpbnQpKSB7CgkJcmV0dXJuIChzeW50aCg1MDMsICJTZXJ2aWNlIFVuYXZhaWxhYmxlIikpOwoJfSBlbHNlIGlmIChyZXEudXJsIH4gIig/aSleLyh2YXJuaXNoLSk/c3RhdHVzKFw/LiopPyQiKSB7CgkJcmV0dXJuIChzeW50aCgyMDAsICJPSyIpKTsKCX0KCglpZiAoc3RkLmhlYWx0aHkocmVxLmJhY2tlbmRfaGludCkpIHsKCQkjIENhcCBncmFjZSBwZXJpb2QgZm9yIGhlYWx0aHkgYmFja2VuZHMKCQlzZXQgcmVxLmdyYWNlID0gMTVzOwoJfQp9CgpzdWIgdmNsX2hhc2ggewoJaGFzaF9kYXRhKHJlcS51cmwpOwoKCWlmIChyZXEuaHR0cC5Ib3N0KSB7CgkJaGFzaF9kYXRhKHJlcS5odHRwLkhvc3QpOwoJfSBlbHNlIHsKCQloYXNoX2RhdGEoc2VydmVyLmlwKTsKCX0KCglpZiAocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pIHsKCQloYXNoX2RhdGEocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pOwoJfQoKCWlmIChyZXEuaHR0cC5YLUNvb2tpZSkgewoJCXNldCByZXEuaHR0cC5Db29raWUgPSByZXEuaHR0cC5YLUNvb2tpZTsKCX0KCXVuc2V0IHJlcS5odHRwLlgtQ29va2llOwoKCXJldHVybiAobG9va3VwKTsKfQoKc3ViIHZjbF9oaXQgewoJcmV0dXJuIChkZWxpdmVyKTsKfQoKc3ViIHZjbF9kZWxpdmVyIHsKCXVuc2V0IHJlc3AuaHR0cC5WaWE7CgoJaWYgKHJlc3Auc3RhdHVzID49IDQwMCkgewoJCXJldHVybiAoc3ludGgocmVzcC5zdGF0dXMpKTsKCX0KfQoKc3ViIHZjbF9zeW50aCB7CglzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiOwoJc2V0IHJlc3AuaHR0cC5SZXRyeS1BZnRlciA9ICI1IjsKCXNldCByZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IHJlc3AuaHR0cC5YLVhTUy1Qcm90ZWN0aW9uID0gIjE7IG1vZGU9YmxvY2siOwoKCWlmIChyZXEudXJsIH4gIig/aSlcLihjc3N8ZW90fGdpZnxpY298anBlP2d8anN8cG5nfHN2Z3x0dGZ8dHh0fHdvZmYyPykoXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdGljIGFzc2V0cy4KCQlzZXQgcmVzcC5ib2R5ID0gcmVzcC5zdGF0dXMgKyAiICIgKyByZXNwLnJlYXNvbjsKCQlzZXQgcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAocmVxLnVybCB+ICIoP2kpXi8odmFybmlzaC0pP3N0YXR1cyhcLnBocCk/KFw/LiopPyQiKSB7CgkJIyBSZXNwb25kIHdpdGggc2ltcGxlIHRleHQgZXJyb3IgZm9yIHN0YXR1cyB1cmkuCgkJc2V0IHJlc3AuYm9keSA9IHJlc3AucmVhc29uOwoJCXNldCByZXNwLmh0dHAuQ2FjaGUtQ29udHJvbCA9ICJuby1zdG9yZSI7CgkJc2V0IHJlc3AuaHR0cC5Db250ZW50LVR5cGUgPSAidGV4dC9wbGFpbjsgY2hhcnNldD11dGYtOCI7Cgl9IGVsc2UgaWYgKHJlc3Auc3RhdHVzIDwgNTAwKSB7CgkJc2V0IHJlc3AuYm9keSA9IHsiPCFET0NUWVBFIGh0bWw+CjxodG1sPgoJPGhlYWQ+CgkJPHRpdGxlPiJ9ICsgcmVzcC5yZWFzb24gKyB7IjwvdGl0bGU+CgkJPHN0eWxlPgoJCQlib2R5e2NvbG9yOiM2NjY7YmFja2dyb3VuZC1jb2xvcjojZjFmMWYxO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7bWFyZ2luOjEyJTttYXgtd2lkdGg6NTAlO30KCQkJaDEsaDJ7Y29sb3I6IzMzMztmb250LXNpemU6NHJlbTtmb250LXdlaWdodDo0MDA7dGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlO30KCQkJaDJ7Y29sb3I6IzMzMztmb250LXNpemU6MnJlbTt9CgkJCXB7Zm9udC1zaXplOjEuNXJlbTt9CgkJPC9zdHlsZT4KCTwvaGVhZD4KCTxib2R5PgoJCTxoMT4ifSArIHJlc3Auc3RhdHVzICsgeyI8L2gxPgoJCTxoMj4ifSArIHJlc3AucmVhc29uICsgeyI8L2gyPgoJPC9ib2R5Pgo8L2h0bWw+In07Cgl9IGVsc2UgewoJCXNldCByZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIHJlc3AucmVhc29uICsgeyI8L3RpdGxlPgoJCTxzdHlsZT4KCQkJYm9keXtjb2xvcjojNjY2O2JhY2tncm91bmQtY29sb3I6I2YxZjFmMTtmb250LWZhbWlseTpzYW5zLXNlcmlmO21hcmdpbjoxMiU7bWF4LXdpZHRoOjUwJTt9CgkJCWgxLGgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjRyZW07Zm9udC13ZWlnaHQ6NDAwO3RleHQtdHJhbnNmb3JtOnVwcGVyY2FzZTt9CgkJCWgye2NvbG9yOiMzMzM7Zm9udC1zaXplOjJyZW07fQoJCQlwe2ZvbnQtc2l6ZToxLjVyZW07fQoJCTwvc3R5bGU+Cgk8L2hlYWQ+Cgk8Ym9keT4KCQk8aDE+In0gKyByZXNwLnN0YXR1cyArIHsiPC9oMT4KCQk8aDI+In0gKyByZXNwLnJlYXNvbiArIHsiPC9oMj4KCQk8cD5YSUQ6ICJ9ICsgcmVxLnhpZCArIHsiPC9wPgoJPC9ib2R5Pgo8L2h0bWw+In07Cgl9CgoJcmV0dXJuIChkZWxpdmVyKTsKfQoKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBCYWNrZW5kCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiB2Y2xfYmFja2VuZF9yZXNwb25zZSB7CglzZXQgYmVyZXNwLmdyYWNlID0gMjRoOwoKCWlmIChiZXJlcS51bmNhY2hlYWJsZSkgewoJCXJldHVybiAoZGVsaXZlcik7Cgl9IGVsc2UgaWYgKGJlcmVzcC50dGwgPD0gMHMgfHwKCQliZXJlc3AuaHR0cC5TZXQtQ29va2llIHx8CgkJYmVyZXNwLmh0dHAuU3Vycm9nYXRlLUNvbnRyb2wgfiAiKD9pKV5uby1zdG9yZSQiIHx8CgkJKCAhIGJlcmVzcC5odHRwLlN1cnJvZ2F0ZS1Db250cm9sICYmCgkJCWJlcmVzcC5odHRwLkNhY2hlLUNvbnRyb2wgfiAiKD9pKV4ocHJpdmF0ZXxuby1jYWNoZXxuby1zdG9yZSkkIikgfHwKCQliZXJlc3AuaHR0cC5WYXJ5ID09ICIqIikgewoJCSMgTWFyayBhcyAiaGl0LWZvci1taXNzIiBmb3IgMiBtaW51dGVzCgkJc2V0IGJlcmVzcC50dGwgPSAxMjBzOwoJCXNldCBiZXJlc3AudW5jYWNoZWFibGUgPSB0cnVlOwoJfQoKCXJldHVybiAoZGVsaXZlcik7Cn0KCnN1YiB2Y2xfYmFja2VuZF9lcnJvciB7CglzZXQgYmVyZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvaHRtbDsgY2hhcnNldD11dGYtOCI7CglzZXQgYmVyZXNwLmh0dHAuUmV0cnktQWZ0ZXIgPSAiNSI7CglzZXQgYmVyZXNwLmh0dHAuWC1GcmFtZS1PcHRpb25zID0gIkRFTlkiOwoJc2V0IGJlcmVzcC5odHRwLlgtWFNTLVByb3RlY3Rpb24gPSAiMTsgbW9kZT1ibG9jayI7CgoJaWYgKGJlcmVxLnVybCB+ICIoP2kpXC4oY3NzfGVvdHxnaWZ8aWNvfGpwZT9nfGpzfHBuZ3xzdmd8dHRmfHR4dHx3b2ZmMj8pKFw/LiopPyQiKSB7CgkJIyBSZXNwb25kIHdpdGggc2ltcGxlIHRleHQgZXJyb3IgZm9yIHN0YXRpYyBhc3NldHMuCgkJc2V0IGJlcmVzcC5ib2R5ID0gYmVyZXNwLnN0YXR1cyArICIgIiArIGJlcmVzcC5yZWFzb247CgkJc2V0IGJlcmVzcC5odHRwLkNvbnRlbnQtVHlwZSA9ICJ0ZXh0L3BsYWluOyBjaGFyc2V0PXV0Zi04IjsKCX0gZWxzZSBpZiAoYmVyZXEudXJsIH4gIig/aSleLyh2YXJuaXNoLSk/c3RhdHVzKFwucGhwKT8oXD8uKik/JCIpIHsKCQkjIFJlc3BvbmQgd2l0aCBzaW1wbGUgdGV4dCBlcnJvciBmb3Igc3RhdHVzIHVyaS4KCQlzZXQgYmVyZXNwLmJvZHkgPSBiZXJlc3AucmVhc29uOwoJCXNldCBiZXJlc3AuaHR0cC5DYWNoZS1Db250cm9sID0gIm5vLXN0b3JlIjsKCQlzZXQgYmVyZXNwLmh0dHAuQ29udGVudC1UeXBlID0gInRleHQvcGxhaW47IGNoYXJzZXQ9dXRmLTgiOwoJfSBlbHNlIHsKCQlzZXQgYmVyZXNwLmJvZHkgPSB7IjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCTxoZWFkPgoJCTx0aXRsZT4ifSArIGJlcmVzcC5yZWFzb24gKyB7IjwvdGl0bGU+CgkJPHN0eWxlPgoJCQlib2R5e2NvbG9yOiM2NjY7YmFja2dyb3VuZC1jb2xvcjojZjFmMWYxO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7bWFyZ2luOjEyJTttYXgtd2lkdGg6NTAlO30KCQkJaDEsaDJ7Y29sb3I6IzMzMztmb250LXNpemU6NHJlbTtmb250LXdlaWdodDo0MDA7dGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlO30KCQkJaDJ7Y29sb3I6IzMzMztmb250LXNpemU6MnJlbTt9CgkJCXB7Zm9udC1zaXplOjEuNXJlbTt9CgkJPC9zdHlsZT4KCTwvaGVhZD4KCTxib2R5PgoJCTxoMT4ifSArIGJlcmVzcC5zdGF0dXMgKyB7IjwvaDE+CgkJPGgyPiJ9ICsgYmVyZXNwLnJlYXNvbiArIHsiPC9oMj4KCQk8cD5YSUQ6ICJ9ICsgYmVyZXEueGlkICsgeyI8L3A+Cgk8L2JvZHk+CjwvaHRtbD4ifTsKCX0KCglyZXR1cm4gKGRlbGl2ZXIpOwp9Cg==" \ --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ From 7d2fdcd00be287f7dc39e09ea43db267d9af0044 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Aug 2019 19:35:39 +0100 Subject: [PATCH 22/26] Release changes for 1.7.0 and 2.4.0. --- CHANGELOG.md | 2 +- Dockerfile | 2 +- README.md | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d8e709..47406c0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ Summary of release changes. -### 2.4.0 - Unreleased +### 2.4.0 - 2019-08-16 - Updates source image to [2.6.0](https://github.com/jdeathe/centos-ssh/releases/tag/2.6.0). - Updates CHANGELOG.md to simplify maintenance. diff --git a/Dockerfile b/Dockerfile index d7805da..c56686c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM jdeathe/centos-ssh:2.6.0 -ARG RELEASE_VERSION="2.3.0" +ARG RELEASE_VERSION="2.4.0" # ------------------------------------------------------------------------------ # Base install of required packages diff --git a/README.md b/README.md index ab4d153..a564f8d 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ ### Tags and respective `Dockerfile` links -- `centos-7`, `2.3.0` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/Dockerfile) -- `centos-6`, `1.6.0` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/Dockerfile) +- `centos-7`, `2.4.0` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/Dockerfile) +- `centos-6`, `1.7.0` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/Dockerfile) ## Overview @@ -26,7 +26,7 @@ $ docker run -d -t \ -p 80:80 \ --sysctl "net.core.somaxconn=1024" \ --add-host httpd_1:172.17.8.101 \ - jdeathe/centos-ssh-varnish:2.3.0 + jdeathe/centos-ssh-varnish:2.4.0 ``` Verify the named container's process status and health. @@ -73,7 +73,7 @@ $ docker stop varnish.1 && \ --env "VARNISH_MAX_THREADS=2000" \ --env "VARNISH_MIN_THREADS=100" \ --add-host httpd_1:172.17.8.101 \ - jdeathe/centos-ssh-varnish:2.3.0 + jdeathe/centos-ssh-varnish:2.4.0 ``` #### Environment variables From 2c5830c25e9b9a8849d77e4b6cde24ee8fab5833 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Aug 2019 23:25:33 +0100 Subject: [PATCH 23/26] Add extra time for tests that intermittently fail on CI. --- test/shpec/operation_shpec.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index a2ccc37..914efa0 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -1040,7 +1040,7 @@ function test_custom_configuration () http://127.0.0.1:${container_port_80}/ \ &> /dev/null - sleep 2 + sleep 4 docker logs \ --tail 3 \ @@ -1101,7 +1101,7 @@ function test_custom_configuration () http://127.0.0.1:${container_port_80}/ \ &> /dev/null - sleep 2 + sleep 4 docker logs \ --tail 3 \ From 9587c3da783cbe348eb80f0dc198de7803aed0cf Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Aug 2019 23:39:00 +0100 Subject: [PATCH 24/26] Adds increased healthcheck interval for tests that intermittently fail on CI. --- test/shpec/operation_shpec.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index 914efa0..e8cf43c 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -1007,6 +1007,7 @@ function test_custom_configuration () --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ + --health-interval 30 \ jdeathe/centos-ssh-varnish:latest \ &> /dev/null @@ -1040,7 +1041,7 @@ function test_custom_configuration () http://127.0.0.1:${container_port_80}/ \ &> /dev/null - sleep 4 + sleep 2 docker logs \ --tail 3 \ @@ -1068,6 +1069,7 @@ function test_custom_configuration () --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ + --health-interval 30 \ jdeathe/centos-ssh-varnish:latest \ &> /dev/null @@ -1101,7 +1103,7 @@ function test_custom_configuration () http://127.0.0.1:${container_port_80}/ \ &> /dev/null - sleep 4 + sleep 2 docker logs \ --tail 3 \ From 774edebc013365c3e51f5c273dd6fba1dfec02f0 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Aug 2019 23:40:35 +0100 Subject: [PATCH 25/26] Push back release date due to intermittent failures on CI. --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 47406c0..0212efb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ Summary of release changes. -### 2.4.0 - 2019-08-16 +### 2.4.0 - 2019-08-17 - Updates source image to [2.6.0](https://github.com/jdeathe/centos-ssh/releases/tag/2.6.0). - Updates CHANGELOG.md to simplify maintenance. From 95b67fde76d434cda9aa3a7e95a6100720c9279b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Aug 2019 23:58:47 +0100 Subject: [PATCH 26/26] Fixes time value for --health-interval in tests. --- test/shpec/operation_shpec.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/shpec/operation_shpec.sh b/test/shpec/operation_shpec.sh index e8cf43c..81330ea 100644 --- a/test/shpec/operation_shpec.sh +++ b/test/shpec/operation_shpec.sh @@ -1007,7 +1007,7 @@ function test_custom_configuration () --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ - --health-interval 30 \ + --health-interval 30s \ jdeathe/centos-ssh-varnish:latest \ &> /dev/null @@ -1069,7 +1069,7 @@ function test_custom_configuration () --network ${backend_network} \ --publish ${DOCKER_PORT_MAP_TCP_80}:80 \ --publish ${DOCKER_PORT_MAP_TCP_8443}:8443 \ - --health-interval 30 \ + --health-interval 30s \ jdeathe/centos-ssh-varnish:latest \ &> /dev/null