diff --git a/docker-compose.yml b/docker-compose.yml index 57f053a..9e4c460 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,3 @@ -version: "3.9" - services: haproxy: @@ -67,7 +65,7 @@ services: nginx3: build: - context: ./nginx2 + context: ./nginx3 dockerfile: Dockerfile ports: - 1083:443 diff --git a/haproxy/haproxy.cfg b/haproxy/haproxy.cfg index 47a0d11..fd25145 100644 --- a/haproxy/haproxy.cfg +++ b/haproxy/haproxy.cfg @@ -169,7 +169,7 @@ backend haproxy-to-varnish-cache backend servers balance roundrobin - default-server ssl verify required ca-file ca-certificates.crt sni req.hdr(Host) + default-server ssl verify required ca-file ca-certificates.crt sni req.hdr(Host) check observe layer4 inter 30 use-server %[lua.get_server_names] if TRUE backend bot_check_post_throttle diff --git a/haproxy/map/domtoacc.map b/haproxy/map/domtoacc.map index 3d56e87..de597da 100644 --- a/haproxy/map/domtoacc.map +++ b/haproxy/map/domtoacc.map @@ -1 +1,2 @@ localhost admin +localhost.com admin diff --git a/haproxy/map/hosts.map b/haproxy/map/hosts.map index d6a20a2..c324005 100644 --- a/haproxy/map/hosts.map +++ b/haproxy/map/hosts.map @@ -1,2 +1,3 @@ -localhost 127.0.0.1:1082|NA -localhost 127.0.0.1:1083|SA +localhost 127.0.0.1:1082|XX +localhost 127.0.0.1:1083|XX +localhost 127.0.0.1:1084|XX diff --git a/src/lua/scripts/register-bot-check.lua b/src/lua/scripts/register-bot-check.lua index 5a79ce6..329b46f 100644 --- a/src/lua/scripts/register-bot-check.lua +++ b/src/lua/scripts/register-bot-check.lua @@ -4,16 +4,11 @@ local bot_check = require("bot-check") local utils = require("utils") local server_cn_split_regex = "([^;]+)|(%u%u)$" local backends_map = Map.new('/etc/haproxy/map/backends.map', Map._str) -local haproxy_cn = os.getenv("HAPROXY_CONTINENT") or "XX" -- shoult never be XX but avoid typing issue +local haproxy_cn = os.getenv("HAPROXY_CONTINENT") or "XX" -- should never be XX but avoid typing issue function Get_server_names(txn) local key = txn.sf:hdr("Host") - -- local user_cn = txn:get_var("txn.xcn") or "XX" - local user_cn = txn.sf:hdr("X-Continent-Code") or "XX" - if user_cn ~= haproxy_cn then - -- dont sent to a further away backend for non-regional servers, until asvc kicks in - user_cn = haproxy_cn - end + local target_backend_cn = haproxy_cn local value = backends_map:lookup(key or "") if value ~= nil then local filtered_backends = {} @@ -22,9 +17,12 @@ function Get_server_names(txn) -- Single pass to filter and collect backends for _, backend in ipairs(vals) do local backend_server_name, backend_cn = backend:match(server_cn_split_regex) - if backend_server_name then + local server_up = txn.f:srv_is_up('servers/' .. backend_server_name) + -- print('backend_server_name: ' .. backend_server_name) + -- print('server_up: ' .. server_up) + if backend_server_name and server_up == 1 then table.insert(all_backends, backend_server_name) - if backend_cn == user_cn then + if backend_cn == target_backend_cn then table.insert(filtered_backends, backend_server_name) end end diff --git a/src/lua/scripts/register-servers.lua b/src/lua/scripts/register-servers.lua index 266ef0f..b0f0a33 100644 --- a/src/lua/scripts/register-servers.lua +++ b/src/lua/scripts/register-servers.lua @@ -43,17 +43,18 @@ function setup_servers() if verify_backend_ssl ~= nil then if verify_none ~= nil then -- for development use only tcp:send(string.format( - "add server %s %s check ssl verify none ca-file ca-certificates.crt sni req.hdr(Host);", + "add server %s %s ssl verify none ca-file ca-certificates.crt sni req.hdr(Host) check observe layer4;", server_name, backend_host)) else tcp:send(string.format( - "add server %s %s check ssl verify required ca-file ca-certificates.crt sni req.hdr(Host);", + "add server %s %s ssl verify required ca-file ca-certificates.crt sni req.hdr(Host) check observe layer4;", server_name, backend_host)) end else tcp:send(string.format("add server %s %s;", server_name, backend_host)) end tcp:send(string.format("enable server %s;", server_name)) + tcp:send(string.format("enable health %s;", server_name)) line = handle:read("*line") counter = counter + 1 end