summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-07-04 10:35:01 +0200
committerGitHub <noreply@github.com>2024-07-04 10:35:01 +0200
commit8672c5f7ee2b760d52b6f2cd6427dda44d7188b5 (patch)
tree798e5a7789d09ab646145943ba4878e41337216d
parentc0bb68e763c28d4f7ac9fd87d86c38a62c6fc730 (diff)
parentdd5908eac390294ea178953fc0e6821d803d62f6 (diff)
downloadvyos-1x-8672c5f7ee2b760d52b6f2cd6427dda44d7188b5.tar.gz
vyos-1x-8672c5f7ee2b760d52b6f2cd6427dda44d7188b5.zip
Merge pull request #3753 from jvoss/haproxy_logging
T6539: add logging options to load-balancer reverse-proxy
-rw-r--r--data/templates/load-balancing/haproxy.cfg.j217
-rw-r--r--interface-definitions/include/haproxy/logging.xml.i10
-rw-r--r--interface-definitions/load-balancing_reverse-proxy.xml.in3
-rwxr-xr-xsmoketest/scripts/cli/test_load-balancing_reverse-proxy.py41
4 files changed, 69 insertions, 2 deletions
diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2
index c18a998b8..5137966c1 100644
--- a/data/templates/load-balancing/haproxy.cfg.j2
+++ b/data/templates/load-balancing/haproxy.cfg.j2
@@ -1,8 +1,6 @@
### Autogenerated by load-balancing_reverse-proxy.py ###
global
- log /dev/log local0
- log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
@@ -11,6 +9,11 @@ global
daemon
{% if global_parameters is vyos_defined %}
+{% if global_parameters.logging is vyos_defined %}
+{% for facility, facility_config in global_parameters.logging.facility.items() %}
+ log /dev/log {{ facility }} {{ facility_config.level }}
+{% endfor %}
+{% endif %}
{% if global_parameters.max_connections is vyos_defined %}
maxconn {{ global_parameters.max_connections }}
{% endif %}
@@ -67,6 +70,11 @@ frontend {{ front }}
{% if front_config.redirect_http_to_https is vyos_defined %}
http-request redirect scheme https unless { ssl_fc }
{% endif %}
+{% if front_config.logging is vyos_defined %}
+{% for facility, facility_config in front_config.logging.facility.items() %}
+ log /dev/log {{ facility }} {{ facility_config.level }}
+{% endfor %}
+{% endif %}
mode {{ front_config.mode }}
{% if front_config.tcp_request.inspect_delay is vyos_defined %}
tcp-request inspect-delay {{ front_config.tcp_request.inspect_delay }}
@@ -166,6 +174,11 @@ backend {{ back }}
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
{% endif %}
+{% if back_config.logging is vyos_defined %}
+{% for facility, facility_config in back_config.logging.facility.items() %}
+ log /dev/log {{ facility }} {{ facility_config.level }}
+{% endfor %}
+{% endif %}
mode {{ back_config.mode }}
{% if back_config.http_response_headers is vyos_defined %}
{% for header, header_config in back_config.http_response_headers.items() %}
diff --git a/interface-definitions/include/haproxy/logging.xml.i b/interface-definitions/include/haproxy/logging.xml.i
new file mode 100644
index 000000000..e0af54fa4
--- /dev/null
+++ b/interface-definitions/include/haproxy/logging.xml.i
@@ -0,0 +1,10 @@
+<!-- include start from haproxy/logging.xml.i -->
+<node name="logging">
+ <properties>
+ <help>Logging parameters</help>
+ </properties>
+ <children>
+ #include <include/syslog-facility.xml.i>
+ </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/load-balancing_reverse-proxy.xml.in b/interface-definitions/load-balancing_reverse-proxy.xml.in
index 1a432be6d..18274622c 100644
--- a/interface-definitions/load-balancing_reverse-proxy.xml.in
+++ b/interface-definitions/load-balancing_reverse-proxy.xml.in
@@ -36,6 +36,7 @@
</leafNode>
#include <include/generic-description.xml.i>
#include <include/listen-address.xml.i>
+ #include <include/haproxy/logging.xml.i>
#include <include/haproxy/mode.xml.i>
#include <include/port-number.xml.i>
#include <include/haproxy/rule-frontend.xml.i>
@@ -91,6 +92,7 @@
<defaultValue>round-robin</defaultValue>
</leafNode>
#include <include/generic-description.xml.i>
+ #include <include/haproxy/logging.xml.i>
#include <include/haproxy/mode.xml.i>
#include <include/haproxy/http-response-headers.xml.i>
<node name="http-check">
@@ -254,6 +256,7 @@
<help>Global perfomance parameters and limits</help>
</properties>
<children>
+ #include <include/haproxy/logging.xml.i>
<leafNode name="max-connections">
<properties>
<help>Maximum allowed connections</help>
diff --git a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py
index aa796f59f..db43a78ec 100755
--- a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py
+++ b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py
@@ -458,6 +458,47 @@ class TestLoadBalancingReverseProxy(VyOSUnitTestSHIM.TestCase):
config = read_file(HAPROXY_CONF)
self.assertIn(f'option smtpchk', config)
+ def test_09_lb_reverse_proxy_logging(self):
+ # Setup base
+ self.base_config()
+ self.cli_commit()
+
+ # Ensure default logging configuration is present
+ config = read_file(HAPROXY_CONF)
+ self.assertIn('log /dev/log local0', config)
+ self.assertIn('log /dev/log local1 notice', config)
+
+ # Test global-parameters logging options
+ self.cli_set(base_path + ['global-parameters', 'logging', 'facility', 'local1', 'level', 'err'])
+ self.cli_set(base_path + ['global-parameters', 'logging', 'facility', 'local2', 'level', 'warning'])
+ self.cli_commit()
+
+ # Test global logging parameters are generated in configuration file
+ config = read_file(HAPROXY_CONF)
+ self.assertIn('log /dev/log local1 err', config)
+ self.assertIn('log /dev/log local2 warning', config)
+
+ # Test backend logging options
+ backend_path = base_path + ['backend', 'bk-01']
+ self.cli_set(backend_path + ['logging', 'facility', 'local3', 'level', 'debug'])
+ self.cli_set(backend_path + ['logging', 'facility', 'local4', 'level', 'info'])
+ self.cli_commit()
+
+ # Test backend logging parameters are generated in configuration file
+ config = read_file(HAPROXY_CONF)
+ self.assertIn('log /dev/log local3 debug', config)
+ self.assertIn('log /dev/log local4 info', config)
+
+ # Test service logging options
+ service_path = base_path + ['service', 'https_front']
+ self.cli_set(service_path + ['logging', 'facility', 'local5', 'level', 'notice'])
+ self.cli_set(service_path + ['logging', 'facility', 'local6', 'level', 'crit'])
+ self.cli_commit()
+
+ # Test service logging parameters are generated in configuration file
+ config = read_file(HAPROXY_CONF)
+ self.assertIn('log /dev/log local5 notice', config)
+ self.assertIn('log /dev/log local6 crit', config)
if __name__ == '__main__':
unittest.main(verbosity=2)