diff options
author | Christian Breunig <christian@breunig.cc> | 2024-07-04 10:35:01 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-07-04 10:35:01 +0200 |
commit | 8672c5f7ee2b760d52b6f2cd6427dda44d7188b5 (patch) | |
tree | 798e5a7789d09ab646145943ba4878e41337216d | |
parent | c0bb68e763c28d4f7ac9fd87d86c38a62c6fc730 (diff) | |
parent | dd5908eac390294ea178953fc0e6821d803d62f6 (diff) | |
download | vyos-1x-8672c5f7ee2b760d52b6f2cd6427dda44d7188b5.tar.gz vyos-1x-8672c5f7ee2b760d52b6f2cd6427dda44d7188b5.zip |
Merge pull request #3753 from jvoss/haproxy_logging
T6539: add logging options to load-balancer reverse-proxy
4 files changed, 69 insertions, 2 deletions
diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2 index c18a998b8..5137966c1 100644 --- a/data/templates/load-balancing/haproxy.cfg.j2 +++ b/data/templates/load-balancing/haproxy.cfg.j2 @@ -1,8 +1,6 @@ ### Autogenerated by load-balancing_reverse-proxy.py ### global - log /dev/log local0 - log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s @@ -11,6 +9,11 @@ global daemon {% if global_parameters is vyos_defined %} +{% if global_parameters.logging is vyos_defined %} +{% for facility, facility_config in global_parameters.logging.facility.items() %} + log /dev/log {{ facility }} {{ facility_config.level }} +{% endfor %} +{% endif %} {% if global_parameters.max_connections is vyos_defined %} maxconn {{ global_parameters.max_connections }} {% endif %} @@ -67,6 +70,11 @@ frontend {{ front }} {% if front_config.redirect_http_to_https is vyos_defined %} http-request redirect scheme https unless { ssl_fc } {% endif %} +{% if front_config.logging is vyos_defined %} +{% for facility, facility_config in front_config.logging.facility.items() %} + log /dev/log {{ facility }} {{ facility_config.level }} +{% endfor %} +{% endif %} mode {{ front_config.mode }} {% if front_config.tcp_request.inspect_delay is vyos_defined %} tcp-request inspect-delay {{ front_config.tcp_request.inspect_delay }} @@ -166,6 +174,11 @@ backend {{ back }} http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } {% endif %} +{% if back_config.logging is vyos_defined %} +{% for facility, facility_config in back_config.logging.facility.items() %} + log /dev/log {{ facility }} {{ facility_config.level }} +{% endfor %} +{% endif %} mode {{ back_config.mode }} {% if back_config.http_response_headers is vyos_defined %} {% for header, header_config in back_config.http_response_headers.items() %} diff --git a/interface-definitions/include/haproxy/logging.xml.i b/interface-definitions/include/haproxy/logging.xml.i new file mode 100644 index 000000000..e0af54fa4 --- /dev/null +++ b/interface-definitions/include/haproxy/logging.xml.i @@ -0,0 +1,10 @@ +<!-- include start from haproxy/logging.xml.i --> +<node name="logging"> + <properties> + <help>Logging parameters</help> + </properties> + <children> + #include <include/syslog-facility.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/load-balancing_reverse-proxy.xml.in b/interface-definitions/load-balancing_reverse-proxy.xml.in index 1a432be6d..18274622c 100644 --- a/interface-definitions/load-balancing_reverse-proxy.xml.in +++ b/interface-definitions/load-balancing_reverse-proxy.xml.in @@ -36,6 +36,7 @@ </leafNode> #include <include/generic-description.xml.i> #include <include/listen-address.xml.i> + #include <include/haproxy/logging.xml.i> #include <include/haproxy/mode.xml.i> #include <include/port-number.xml.i> #include <include/haproxy/rule-frontend.xml.i> @@ -91,6 +92,7 @@ <defaultValue>round-robin</defaultValue> </leafNode> #include <include/generic-description.xml.i> + #include <include/haproxy/logging.xml.i> #include <include/haproxy/mode.xml.i> #include <include/haproxy/http-response-headers.xml.i> <node name="http-check"> @@ -254,6 +256,7 @@ <help>Global perfomance parameters and limits</help> </properties> <children> + #include <include/haproxy/logging.xml.i> <leafNode name="max-connections"> <properties> <help>Maximum allowed connections</help> diff --git a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py index aa796f59f..db43a78ec 100755 --- a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py +++ b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py @@ -458,6 +458,47 @@ class TestLoadBalancingReverseProxy(VyOSUnitTestSHIM.TestCase): config = read_file(HAPROXY_CONF) self.assertIn(f'option smtpchk', config) + def test_09_lb_reverse_proxy_logging(self): + # Setup base + self.base_config() + self.cli_commit() + + # Ensure default logging configuration is present + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local0', config) + self.assertIn('log /dev/log local1 notice', config) + + # Test global-parameters logging options + self.cli_set(base_path + ['global-parameters', 'logging', 'facility', 'local1', 'level', 'err']) + self.cli_set(base_path + ['global-parameters', 'logging', 'facility', 'local2', 'level', 'warning']) + self.cli_commit() + + # Test global logging parameters are generated in configuration file + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local1 err', config) + self.assertIn('log /dev/log local2 warning', config) + + # Test backend logging options + backend_path = base_path + ['backend', 'bk-01'] + self.cli_set(backend_path + ['logging', 'facility', 'local3', 'level', 'debug']) + self.cli_set(backend_path + ['logging', 'facility', 'local4', 'level', 'info']) + self.cli_commit() + + # Test backend logging parameters are generated in configuration file + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local3 debug', config) + self.assertIn('log /dev/log local4 info', config) + + # Test service logging options + service_path = base_path + ['service', 'https_front'] + self.cli_set(service_path + ['logging', 'facility', 'local5', 'level', 'notice']) + self.cli_set(service_path + ['logging', 'facility', 'local6', 'level', 'crit']) + self.cli_commit() + + # Test service logging parameters are generated in configuration file + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local5 notice', config) + self.assertIn('log /dev/log local6 crit', config) if __name__ == '__main__': unittest.main(verbosity=2) |