diff options
author | Christian Breunig <christian@breunig.cc> | 2024-07-31 11:07:07 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-07-31 11:07:07 +0200 |
commit | c332e96cd1f33b047dad72929137f64b992f34f6 (patch) | |
tree | fdc97e92e7c051684325a69111f60c44401f8cfb | |
parent | 6a6b8616a9f2cae6f2fa3e31b7ff75365bae86e6 (diff) | |
parent | fb07945a9d52d5c4b594f4378de95b46a654dbb7 (diff) | |
download | vyos-1x-c332e96cd1f33b047dad72929137f64b992f34f6.tar.gz vyos-1x-c332e96cd1f33b047dad72929137f64b992f34f6.zip |
Merge pull request #3913 from vyos/mergify/bp/sagitta/pr-3753
T6539: add logging options to load-balancer reverse-proxy (backport #3753)
4 files changed, 69 insertions, 2 deletions
diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2 index c18a998b8..5137966c1 100644 --- a/data/templates/load-balancing/haproxy.cfg.j2 +++ b/data/templates/load-balancing/haproxy.cfg.j2 @@ -1,8 +1,6 @@ ### Autogenerated by load-balancing_reverse-proxy.py ### global - log /dev/log local0 - log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s @@ -11,6 +9,11 @@ global daemon {% if global_parameters is vyos_defined %} +{% if global_parameters.logging is vyos_defined %} +{% for facility, facility_config in global_parameters.logging.facility.items() %} + log /dev/log {{ facility }} {{ facility_config.level }} +{% endfor %} +{% endif %} {% if global_parameters.max_connections is vyos_defined %} maxconn {{ global_parameters.max_connections }} {% endif %} @@ -67,6 +70,11 @@ frontend {{ front }} {% if front_config.redirect_http_to_https is vyos_defined %} http-request redirect scheme https unless { ssl_fc } {% endif %} +{% if front_config.logging is vyos_defined %} +{% for facility, facility_config in front_config.logging.facility.items() %} + log /dev/log {{ facility }} {{ facility_config.level }} +{% endfor %} +{% endif %} mode {{ front_config.mode }} {% if front_config.tcp_request.inspect_delay is vyos_defined %} tcp-request inspect-delay {{ front_config.tcp_request.inspect_delay }} @@ -166,6 +174,11 @@ backend {{ back }} http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } {% endif %} +{% if back_config.logging is vyos_defined %} +{% for facility, facility_config in back_config.logging.facility.items() %} + log /dev/log {{ facility }} {{ facility_config.level }} +{% endfor %} +{% endif %} mode {{ back_config.mode }} {% if back_config.http_response_headers is vyos_defined %} {% for header, header_config in back_config.http_response_headers.items() %} diff --git a/interface-definitions/include/haproxy/logging.xml.i b/interface-definitions/include/haproxy/logging.xml.i new file mode 100644 index 000000000..e0af54fa4 --- /dev/null +++ b/interface-definitions/include/haproxy/logging.xml.i @@ -0,0 +1,10 @@ +<!-- include start from haproxy/logging.xml.i --> +<node name="logging"> + <properties> + <help>Logging parameters</help> + </properties> + <children> + #include <include/syslog-facility.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/load-balancing_reverse-proxy.xml.in b/interface-definitions/load-balancing_reverse-proxy.xml.in index 1a432be6d..18274622c 100644 --- a/interface-definitions/load-balancing_reverse-proxy.xml.in +++ b/interface-definitions/load-balancing_reverse-proxy.xml.in @@ -36,6 +36,7 @@ </leafNode> #include <include/generic-description.xml.i> #include <include/listen-address.xml.i> + #include <include/haproxy/logging.xml.i> #include <include/haproxy/mode.xml.i> #include <include/port-number.xml.i> #include <include/haproxy/rule-frontend.xml.i> @@ -91,6 +92,7 @@ <defaultValue>round-robin</defaultValue> </leafNode> #include <include/generic-description.xml.i> + #include <include/haproxy/logging.xml.i> #include <include/haproxy/mode.xml.i> #include <include/haproxy/http-response-headers.xml.i> <node name="http-check"> @@ -254,6 +256,7 @@ <help>Global perfomance parameters and limits</help> </properties> <children> + #include <include/haproxy/logging.xml.i> <leafNode name="max-connections"> <properties> <help>Maximum allowed connections</help> diff --git a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py index aa796f59f..db43a78ec 100755 --- a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py +++ b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py @@ -458,6 +458,47 @@ class TestLoadBalancingReverseProxy(VyOSUnitTestSHIM.TestCase): config = read_file(HAPROXY_CONF) self.assertIn(f'option smtpchk', config) + def test_09_lb_reverse_proxy_logging(self): + # Setup base + self.base_config() + self.cli_commit() + + # Ensure default logging configuration is present + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local0', config) + self.assertIn('log /dev/log local1 notice', config) + + # Test global-parameters logging options + self.cli_set(base_path + ['global-parameters', 'logging', 'facility', 'local1', 'level', 'err']) + self.cli_set(base_path + ['global-parameters', 'logging', 'facility', 'local2', 'level', 'warning']) + self.cli_commit() + + # Test global logging parameters are generated in configuration file + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local1 err', config) + self.assertIn('log /dev/log local2 warning', config) + + # Test backend logging options + backend_path = base_path + ['backend', 'bk-01'] + self.cli_set(backend_path + ['logging', 'facility', 'local3', 'level', 'debug']) + self.cli_set(backend_path + ['logging', 'facility', 'local4', 'level', 'info']) + self.cli_commit() + + # Test backend logging parameters are generated in configuration file + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local3 debug', config) + self.assertIn('log /dev/log local4 info', config) + + # Test service logging options + service_path = base_path + ['service', 'https_front'] + self.cli_set(service_path + ['logging', 'facility', 'local5', 'level', 'notice']) + self.cli_set(service_path + ['logging', 'facility', 'local6', 'level', 'crit']) + self.cli_commit() + + # Test service logging parameters are generated in configuration file + config = read_file(HAPROXY_CONF) + self.assertIn('log /dev/log local5 notice', config) + self.assertIn('log /dev/log local6 crit', config) if __name__ == '__main__': unittest.main(verbosity=2) |