#!/bin/bash # Note: this setup is using podman in rootless mode with selinux in mind if you # want to use docker instead, replace "podman" with "docker" and probably # remove ":z" from the mount option for the haproxy container and use the # appropriate serverip # replace $serverip with the ip representing the host running the containers # ie: docker-engine uses 172.17.0.1, podman with slirp4netns 10.0.2.3 serverip=10.0.2.3 cat > haproxy.cfg << EOT global log stdout format raw local0 defaults log global mode http retries 3 timeout http-request 10s timeout queue 1m timeout connect 5s timeout client 1m timeout server 1m frontend fe_http_in bind 0.0.0.0:8100 use_backend be_bad.example.com if { req.hdr(host) bad.example.com } use_backend be_good.example.com if { req.hdr(host) good.example.com } backend be_bad.example.com server bad.example.com_8999 ${serverip}:8999 # make sure this port is not bound backend be_good.example.com option httpchk GET / HTTP/1.1\\r\\nHost:\\ localhost\\r\\nUser-Agent:\\ HAProxy server good.example.com_8070 ${serverip}:8070 check server good.example.com_8070_1 ${serverip}:8070 check server good.example.com_8070_2 ${serverip}:8070 check server good.example.com_8070_3 ${serverip}:8070 check server good.example.com_8070_4 ${serverip}:8070 check server good.example.com_8070_5 ${serverip}:8070 check server good.example.com_8070_6 ${serverip}:8070 check server good.example.com_8070_7 ${serverip}:8070 check server good.example.com_8070_8 ${serverip}:8070 check server good.example.com_8070_9 ${serverip}:8070 check listen li_bad.example.com_tcp_39100: bind 0.0.0.0:39100 mode tcp server bad.example.com_tcp_8999 ${serverip}:8999 # make sure this port is not bound listen li_good.example.com_tcp_39200: bind 0.0.0.0:39200 mode tcp server good.example.com_tcp_8071 ${serverip}:8071 check server good.example.com_tcp_8071_1 ${serverip}:8071 check server good.example.com_tcp_8071_2 ${serverip}:8071 check server good.example.com_tcp_8071_3 ${serverip}:8071 check server good.example.com_tcp_8071_4 ${serverip}:8071 check server good.example.com_tcp_8071_5 ${serverip}:8071 check server good.example.com_tcp_8071_6 ${serverip}:8071 check server good.example.com_tcp_8071_7 ${serverip}:8071 check server good.example.com_tcp_8071_8 ${serverip}:8071 check server good.example.com_tcp_8071_9 ${serverip}:8071 check EOT cat > run.sh << EOT #!/bin/bash # Note: this setup is using podman in rootless mode with selinux in mind # if you want to use docker instead, replace "podman" with "docker" and # probably remove ":z" from the mount options for the haproxy container # creating demo services podman run -d --rm \\ --name nginxdemo \\ -p 8070:80 \\ nginxdemos/hello podman run -d --rm \\ --name crccheckdemo \\ -p 8071:8000 \\ crccheck/hello-world # run haproxy podman run -d --rm \\ --name haproxy \\ -v "\${PWD}/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:z" \\ -p 8100:8100 \\ -p 39100:39100 \\ -p 39200:39200 \\ haproxy:2.0.15-alpine EOT chmod +x run.sh cat > stop.sh << EOT #!/bin/bash podman stop haproxy crccheckdemo nginxdemo EOT chmod +x stop.sh cat > tests.sh << EOT #!/bin/bash echo "testing good http (nginxdemo)" curl -sv -o /dev/null http://good.example.com --connect-to ::127.0.0.1:8100 2>&1 | grep HTTP/1 | grep -v "GET /" echo "testing good tcp (crccheckdemo)" curl -sv -o /dev/null http://127.0.0.1:39200 2>&1 | grep HTTP/1 | grep -v "GET /" echo for ((i=1; i<=25; i++)); do echo -n "\$(printf "%02d" "\${i}"): testing bad http, expecting 503 Service Unavailable " curl -sv -o /dev/null http://bad.example.com --connect-to ::127.0.0.1:8100 2>&1 | grep HTTP/1 | grep -v "GET /" | grep -v "keep alive" done for ((i=1; i<=25; i++)); do echo -n "\$(printf "%02d" "\${i}"): testing bad tcp, expecting empty response " curl -sv -o /dev/null http://127.0.0.1:39100 2>&1 | grep -P "(Empty reply|HTTP/1)" | grep -v "GET /" done EOT chmod +x tests.sh echo "You can now run './run.sh' to start the containers and test them using './tests.sh'"