Related to T2747
Details
Details
- Reviewers
vsellier - Group Reviewers
System administrators - Maniphest Tasks
- T2747: Create the reverse proxy to expose the staging services publicly
- Commits
- rSPSITEaee9a70879b8: reverse_proxy: Declare backend_http_* according to their environment
rSPSITE5d1cc51c6665: reverse_proxy: Expose a backend name to reuse
rSPSITE83170bb099db: varnish: use different backends per vhosts
- bin/octocatalog moma [1]
- drops default varnish backend
- installs the deposit and webapp backends (different configuration, same behavior)
- bin/octocatalog webapp0:
- drops default varnish backend
- installs the varnish webapp backend (different conf, same behavior)
- bin/octocatalog webapp.internal.staging.swh.network: do nothing (no reverse proxy there)
- bin/octocatalog deposit.internal.staging.swh.network: do nothing (no rp there)
- bin/octocatalog rp0.internal.staging.swh.network: installs the varnish backends (deposit, webapp targetting the respective staging nodes)
And vagrant:
- vagrant up staging-rp0
- vagrant up staging-deposit
- vagrant up staging-webapp
Then tamper with /etc/hosts (local and within the staging-rp0) so we can use
the same internal staging fqdn to check if the reverse proxying work (it does ;)
[1]
bin/octocatalog-diff --octocatalog-diff-args --no-truncate-details --to T2747_rp moma
Found host moma.softwareheritage.org
WARN -> Environment "open-template1" contained non-word characters, correcting name to open_template1
WARN -> Environment "wip-pg-hba-rules-in-yaml" contained non-word characters, correcting name to wip_pg_hba_rules_in_yaml
Cloning into '/tmp/swh-ocd.zLll8wDl/environments/production/data/private'...
done.
Cloning into '/tmp/swh-ocd.zLll8wDl/environments/T2747_rp/data/private'...
done.
*** Running octocatalog-diff on host moma.softwareheritage.org
I, [2020-11-06T14:57:07.661026 #29964] INFO -- : Catalogs compiled for moma.softwareheritage.org
I, [2020-11-06T14:57:10.012042 #29964] INFO -- : Diffs computed for moma.softwareheritage.org
diff origin/production/moma.softwareheritage.org current/moma.softwareheritage.org
*******************************************
- Concat::Fragment[/etc/varnish/includes.vcl:backend_default]
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:deposit] =>
parameters =>
"content": "include \"includes/01_deposit.vcl\";"
"order": "01"
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:webapp] =>
parameters =>
"content": "include \"includes/01_webapp.vcl\";"
"order": "01"
"target": "/etc/varnish/includes.vcl"
*******************************************
- Concat_fragment[/etc/varnish/includes.vcl:backend_default]
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:deposit] =>
parameters =>
"content": "include \"includes/01_deposit.vcl\";"
"order": "01"
"tag": "_etc_varnish_includes.vcl"
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:webapp] =>
parameters =>
"content": "include \"includes/01_webapp.vcl\";"
"order": "01"
"tag": "_etc_varnish_includes.vcl"
"target": "/etc/varnish/includes.vcl"
*******************************************
- File[/etc/varnish/includes/01_backend_default.vcl]
*******************************************
+ File[/etc/varnish/includes/01_deposit.vcl] =>
parameters =>
"group": "root"
"mode": "0644"
"notify": "Exec[vcl_reload]"
"owner": "root"
"content": >>>
# backend_default.vcl
#
# Default backend definition.
#
# File managed by puppet. All modifications will be lost.
backend deposit
{
.host = "::1";
.port = "9080";
}
<<<
*******************************************
+ File[/etc/varnish/includes/01_webapp.vcl] =>
parameters =>
"group": "root"
"mode": "0644"
"notify": "Exec[vcl_reload]"
"owner": "root"
"content": >>>
# backend_default.vcl
#
# Default backend definition.
#
# File managed by puppet. All modifications will be lost.
backend webapp
{
.host = "::1";
.port = "9080";
}
<<<
*******************************************
File[/etc/varnish/includes/50_vhost_archive.softwareheritage.org.vcl] =>
parameters =>
content =>
@@ -17,4 +17,5 @@
} else {
set req.http.X_FORWARDED_PROTO = "https";
+ set req.backend_hint = webapp;
}
}
*******************************************
File[/etc/varnish/includes/50_vhost_deposit.softwareheritage.org.vcl] =>
parameters =>
content =>
@@ -15,4 +15,5 @@
} else {
set req.http.X_FORWARDED_PROTO = "https";
+ set req.backend_hint = deposit;
}
}
*******************************************
- Profile::Varnish::Vcl_include[backend_default]
*******************************************
+ Profile::Varnish::Vcl_include[deposit] =>
parameters =>
"basename": "deposit"
"order": "01"
"content": >>>
# backend_default.vcl
#
# Default backend definition.
#
# File managed by puppet. All modifications will be lost.
backend deposit
{
.host = "::1";
.port = "9080";
}
<<<
*******************************************
Profile::Varnish::Vcl_include[vhost_archive.softwareheritage.org] =>
parameters =>
content =>
@@ -17,4 +17,5 @@
} else {
set req.http.X_FORWARDED_PROTO = "https";
+ set req.backend_hint = webapp;
}
}
*******************************************
Profile::Varnish::Vcl_include[vhost_deposit.softwareheritage.org] =>
parameters =>
content =>
@@ -15,4 +15,5 @@
} else {
set req.http.X_FORWARDED_PROTO = "https";
+ set req.backend_hint = deposit;
}
}
*******************************************
+ Profile::Varnish::Vcl_include[webapp] =>
parameters =>
"basename": "webapp"
"order": "01"
"content": >>>
# backend_default.vcl
#
# Default backend definition.
#
# File managed by puppet. All modifications will be lost.
backend webapp
{
.host = "::1";
.port = "9080";
}
<<<
*******************************************
Profile::Varnish::Vhost[archive.softwareheritage.org] =>
parameters =>
backend_http_host =>
+ ::1
backend_http_port =>
+ 9080
backend_name =>
+ webapp
*******************************************
Profile::Varnish::Vhost[deposit.softwareheritage.org] =>
parameters =>
backend_http_host =>
+ ::1
backend_http_port =>
+ 9080
backend_name =>
+ deposit
*******************************************
- Varnish::Vcl[/etc/varnish/includes/01_backend_default.vcl]
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/01_deposit.vcl] =>
parameters =>
"file": "/etc/varnish/includes/01_deposit.vcl"
"content": >>>
# backend_default.vcl
#
# Default backend definition.
#
# File managed by puppet. All modifications will be lost.
backend deposit
{
.host = "::1";
.port = "9080";
}
<<<
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/01_webapp.vcl] =>
parameters =>
"file": "/etc/varnish/includes/01_webapp.vcl"
"content": >>>
# backend_default.vcl
#
# Default backend definition.
#
# File managed by puppet. All modifications will be lost.
backend webapp
{
.host = "::1";
.port = "9080";
}
<<<
*******************************************
Varnish::Vcl[/etc/varnish/includes/50_vhost_archive.softwareheritage.org.vcl] =>
parameters =>
content =>
@@ -17,4 +17,5 @@
} else {
set req.http.X_FORWARDED_PROTO = "https";
+ set req.backend_hint = webapp;
}
}
*******************************************
Varnish::Vcl[/etc/varnish/includes/50_vhost_deposit.softwareheritage.org.vcl] =>
parameters =>
content =>
@@ -15,4 +15,5 @@
} else {
set req.http.X_FORWARDED_PROTO = "https";
+ set req.backend_hint = deposit;
}
}
*******************************************
*** End octocatalog-diff on moma.softwareheritage.orgDiff Detail
Diff Detail
- Repository
- rSPSITE puppet-swh-site
- Branch
- T2747_rp
- Lint
No Linters Available - Unit
No Unit Test Coverage - Build Status
Buildable 16922 Build 26106: arc lint + arc unit