Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / haproxy / ff29026efdb429b007823aa2dd149356f87a827d^! / . / .kitchen.yml
commitff29026efdb429b007823aa2dd149356f87a827d[log] [tgz]
authorOleksandr Bryndzii <obryndzii@mirantis.com>Fri Jan 18 13:06:35 2019 +0000
committerobryndzii <obryndzii@mirantis.com>Wed Jan 30 16:22:28 2019 +0000
treeb3ffaadfcd31181b2c8e89b655f405ef027fcee2
parent9cf0cfc2bb2ffa89903329fbbca948b15de4ad2c [diff] [blame]
Add haproxy rate_limit sticks

Extends haproxy rate_limit settings using acls/request/backend sticks and stick table

  haproxy:
    proxy:
      listen:
        nova_metadata_api:
          options:
          - httplog
          rate_limit:
            enabled: true
            type: string
            len: 36
            size: 12m
            duration: 10s
            acls:
              101:
                enabled: true
                value: acl too_many_requests_3 sc0_gpc0_rate() gt 3
              102:
                enabled: true
                value: acl mark_seen sc0_inc_gpc0 gt 0
              110:
                enabled: true
                value: acl x_instance_id hdr(x-instance-id) -i 4777e8e0-16e8-46ce-a3fe-0a1ad9b3ebdc
              111:
                enabled: true
                value: acl x_instance_id hdr(x-instance-id) -i ca2395dd-f73f-4d43-8fe7-f7078a0920af
              201:
                enabled: true
                value: acl too_many_requests_6 sc0_gpc0_rate() gt 6
              202:
                enabled: true
                value: acl mark_seen sc0_inc_gpc0 gt 0
              210:
                enabled: true
                value: acl x_tenant_id hdr(x-tenant-id) -i 2b76cc56a437404bb8cb6cb20dbb0ea4
            tcp_request:
              001:
                enabled: true
                value: tcp-request inspect-delay 5s
              101:
                enabled: true
                value: tcp-request content track-sc0 hdr(x-instance-id) if ! too_many_requests_3
              201:
                enabled: true
                value: tcp-request content track-sc0 hdr(x-tenant-id) if ! too_many_requests_6
            use_backend:
              101:
                enabled: true
                value: use_backend nova_metadata_api-rate_limit if mark_seen too_many_requests_3 x_instance_id
              201:
                enabled: true
                value: use_backend nova_metadata_api-rate_limit if mark_seen too_many_requests_6 x_tenant_id

Change-Id: I72a1b4feb1930a5f39174c0ab6759f39df8c702d
Related-Prod:

diff --git a/.kitchen.yml b/.kitchen.yml
index dad90a5..2e0cae8 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml

@@ -14,6 +14,10 @@
   formula: haproxy
   grains:
     noservices: True
+  dependencies:
+    - name: salt
+      repo: git
+      source: https://gerrit.mcp.mirantis.com/salt-formulas/salt
   state_top:
     base:
       "*":
@@ -29,16 +33,10 @@
   sudo: true
 
 docker_images:
-  - &xenial-20163 <%=ENV['IMAGE_XENIAL_20163'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19'%>
   - &xenial-20177 <%=ENV['IMAGE_XENIAL_20177'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19'%>
   - &xenial-stable <%=ENV['IMAGE_XENIAL_STABLE'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19'%>
 
 platforms:
-  - name: xenial-2016.3
-    driver_config:
-      image: *xenial-20163
-      platform: ubuntu
-
   - name: xenial-2017.7
     driver_config:
       image: *xenial-20177