add "EXTRA_ROUTE_SETTINGS" to allow modifying server clause in the backend section

Author: tifayuki

README.md

@@ -176,6 +176,7 @@ Settings in this part is immutable, you have to redeploy HAProxy service to make
 |EXTRA_DEFAULT_SETTINGS| |comma-separated string of extra settings, and each part will be appended to DEFAULT section in the configuration file. To escape comma, use `\,`|
 |EXTRA_FRONTEND_SETTINGS_\<PORT\>| |comma-separated string of extra settings, and each part will be appended frontend section with the port number specified in the name of the envvar. To escape comma, use `\,`. E.g. `EXTRA_FRONTEND_SETTINGS_80=balance source, maxconn 2000`|
 |EXTRA_GLOBAL_SETTINGS| |comma-separated string of extra settings, and each part will be appended to GLOBAL section in the configuration file. To escape comma, use `\,`. Possible value: `tune.ssl.cachesize 20000, tune.ssl.default-dh-param 2048`|
+|EXTRA_ROUTE_SETTINGS| |a string which is append to the each backend route after the health check, can be over written in the linked services. Possible value: "send-proxy"|
 |EXTRA_SSL_CERTS| |list of extra certificate names separated by comma, eg. `CERT1, CERT2, CERT3`. You also need to specify each certificate as separate env variables like so: `CERT1="<cert-body1>"`, `CERT2="<cert-body2>"`, `CERT3="<cert-body3>"`|
 |HEALTH_CHECK|check|set health check on each backend route, possible value: "check inter 2000 rise 2 fall 3". See:[HAProxy:check](https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2-check)|
 |HTTP_BASIC_AUTH| |a comma-separated list of credentials(`<user>:<pass>`) for HTTP basic auth, which applies to all the backend routes. To escape comma, use `\,`. *Attention:* DO NOT rely on this for authentication in production|
@@ -203,6 +204,7 @@ Settings here can overwrite the settings in HAProxy, which are only applied to t
 |COOKIE|sticky session option. Possible value `SRV insert indirect nocache`. See:[HAProxy:cookie](http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-cookie)|
 |DEFAULT_SSL_CERT|similar to SSL_CERT, but stores the pem file at `/certs/cert0.pem` as the default ssl certs. If multiple `DEFAULT_SSL_CERT` are specified in linked services and HAProxy, the behavior is undefined|
 |EXCLUDE_PORTS|comma separated port numbers(e.g. 3306, 3307). By default, HAProxy will add all the ports exposed by the application services to the backend routes. You can exclude the ports that you don't want to be routed, like database port|
+|EXTRA_ROUTE_SETTINGS| |a string which is append to the each backend route after the health check,possible value: "send-proxy"|
 |EXTRA_SETTINGS|comma-separated string of extra settings, and each part will be appended to either related backend section or listen session in the configuration file. To escape comma, use `\,`. Possible value: `balance source`|
 |FORCE_SSL|if set(any value) together with ssl termination enabled. HAProxy will redirect HTTP request to HTTPS request.
 |GZIP_COMPRESSION_TYPE|enable gzip compression. The value of this envvar is a list of MIME types that will be compressed, possible value: `text/html text/plain text/css`|

haproxy/config.py

@@ -43,6 +43,7 @@ def parse_extra_frontend_settings(envvars):
 EXTRA_FRONTEND_SETTINGS = parse_extra_frontend_settings(os.environ)
 EXTRA_GLOBAL_SETTINGS = os.getenv("EXTRA_GLOBAL_SETTINGS")
 EXTRA_SSL_CERT = os.getenv("EXTRA_SSL_CERTS")
+EXTRA_ROUTE_SETTINGS=os.getenv("EXTRA_ROUTE_SETTINGS", "")
 HAPROXY_CONTAINER_URI = os.getenv("DOCKERCLOUD_CONTAINER_API_URI")
 HAPROXY_SERVICE_URI = os.getenv("DOCKERCLOUD_SERVICE_API_URI")
 HEALTH_CHECK = os.getenv("HEALTH_CHECK", "check inter 2000 rise 2 fall 3")

haproxy/helper/backend_helper.py

@@ -1,6 +1,6 @@
 import re
 
-from haproxy.config import HEALTH_CHECK, HTTP_BASIC_AUTH
+from haproxy.config import HEALTH_CHECK, HTTP_BASIC_AUTH, EXTRA_ROUTE_SETTINGS
 from haproxy.utils import get_service_attribute
 
 
@@ -14,12 +14,14 @@ def get_backend_section(details, routes, vhosts, service_alias, routes_added):
     backend.extend(backend_settings)
 
     route_health_check = get_route_health_check(details, service_alias, HEALTH_CHECK)
-    backend_routes = get_backend_routes(route_health_check, is_sticky, routes, routes_added, service_alias)
+    extra_route_settings = get_extra_route_settings(details, service_alias, EXTRA_ROUTE_SETTINGS)
+    route_setting = " ".join([route_health_check, extra_route_settings]).strip()
+    backend_routes = get_backend_routes(route_setting, is_sticky, routes, routes_added, service_alias)
     backend.extend(backend_routes)
     return backend
 
 
-def get_backend_routes(route_health_check, is_sticky, routes, routes_added, service_alias):
+def get_backend_routes(route_setting, is_sticky, routes, routes_added, service_alias):
     backend_routes = []
     for _service_alias, routes in routes.iteritems():
         if not service_alias or _service_alias == service_alias:
@@ -35,8 +37,8 @@ def get_backend_routes(route_health_check, is_sticky, routes, routes_added, serv
                     if is_sticky:
                         backend_route.append("cookie %s" % route["container_name"])
 
-                    if route_health_check:
-                        backend_route.append(route_health_check)
+                    if route_setting:
+                        backend_route.append(route_setting)
 
                     backend_routes.append(" ".join(backend_route))
 
@@ -49,6 +51,12 @@ def get_route_health_check(details, service_alias, default_health_check):
     return health_check
 
 
+def get_extra_route_settings(details, service_alias, default_extra_route_settings):
+    extra_route_settings = get_service_attribute(details, "extra_route_settings", service_alias)
+    extra_route_settings = extra_route_settings if extra_route_settings else default_extra_route_settings
+    return extra_route_settings
+
+
 def get_websocket_setting(vhosts, service_alias):
     websocket_setting = []
     for v in vhosts:
@@ -159,4 +167,4 @@ def get_basic_auth_setting(basic_auth):
     if basic_auth:
         setting.append("acl need_auth http_auth(haproxy_userlist)")
         setting.append("http-request auth realm haproxy_basic_auth if !need_auth")
-    return setting
+    return setting

haproxy/helper/frontend_helper.py

@@ -1,6 +1,7 @@
 from collections import OrderedDict
 
-from haproxy.config import EXTRA_BIND_SETTINGS, EXTRA_FRONTEND_SETTINGS, MONITOR_URI, MONITOR_PORT, MAXCONN, SKIP_FORWARDED_PROTO
+from haproxy.config import EXTRA_BIND_SETTINGS, EXTRA_FRONTEND_SETTINGS, MONITOR_URI, MONITOR_PORT, MAXCONN, \
+    SKIP_FORWARDED_PROTO
 
 
 def check_require_default_route(routes, routes_added):

haproxy/helper/tcp_helper.py

@@ -1,6 +1,6 @@
 import re
 
-from haproxy.config import HEALTH_CHECK
+from haproxy.config import HEALTH_CHECK, EXTRA_ROUTE_SETTINGS
 from haproxy.utils import get_service_attribute
 
 
@@ -41,7 +41,9 @@ def get_tcp_routes(details, routes, port, port_num):
                         addresses_added.append(address)
                         tcp_route = ["server %s %s" % (route["container_name"], address)]
                         health_check = get_healthcheck_string(details, _service_alias)
-                        tcp_route.append(health_check)
+                        extra_route_settings = get_extra_route_settings_string(details, _service_alias)
+                        route_setting = " ".join([health_check, extra_route_settings]).strip()
+                        tcp_route.append(route_setting)
                         tcp_routes.append(" ".join(tcp_route))
                     routes_added.append(route)
 
@@ -54,6 +56,12 @@ def get_healthcheck_string(details, service_alias):
     return health_check
 
 
+def get_extra_route_settings_string(details, service_alias):
+    extra_route_settings = get_service_attribute(details, "extra_route_settings", service_alias)
+    extra_route_settings = extra_route_settings if extra_route_settings else EXTRA_ROUTE_SETTINGS
+    return extra_route_settings
+
+
 def get_service_aliases_given_tcp_port(details, service_aliases, tcp_port):
     services = []
     for service_alias in service_aliases:

haproxy/parser/base_parser.py

@@ -184,3 +184,7 @@ def parse_option(value):
     @staticmethod
     def parse_extra_settings(value):
         return value
+
+    @staticmethod
+    def parse_extra_route_settings(value):
+        return value

tests/unit/helper/test_backend_helper.py

@@ -10,45 +10,45 @@ def test_get_backend_routes(self):
                   'WEB': [{'container_name': 'WEB_2', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.4'},
                           {'container_name': 'WEB_1', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.5'}]}
         self.assertEqual(["server HW_1 10.7.0.3:80 check", "server HW_2 10.7.0.2:80 check"],
-                         get_backend_routes(route_health_check="check", is_sticky=False,
+                         get_backend_routes(route_setting="check", is_sticky=False,
                                             routes=routes, routes_added=[], service_alias="HW"))
         self.assertEqual(["server WEB_1 10.7.0.5:8080", "server WEB_2 10.7.0.4:8080"],
-                         get_backend_routes(route_health_check="", is_sticky=False,
+                         get_backend_routes(route_setting="", is_sticky=False,
                                             routes=routes, routes_added=[], service_alias="WEB"))
         self.assertEqual(["server WEB_1 10.7.0.5:8080 cookie WEB_1", "server WEB_2 10.7.0.4:8080 cookie WEB_2"],
-                         get_backend_routes(route_health_check="", is_sticky=True,
+                         get_backend_routes(route_setting="", is_sticky=True,
                                             routes=routes, routes_added=[], service_alias="WEB"))
         self.assertEqual([],
-                         get_backend_routes(route_health_check="", is_sticky=False,
+                         get_backend_routes(route_setting="", is_sticky=False,
                                             routes={}, routes_added=[], service_alias="WEB"))
         self.assertEqual(["server WEB_2 10.7.0.4:8080"],
-                         get_backend_routes(route_health_check="", is_sticky=False,
+                         get_backend_routes(route_setting="", is_sticky=False,
                                             routes=routes, routes_added=[
                                  {'container_name': 'WEB_1', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.5'}],
                                             service_alias="WEB"))
         self.assertEqual(["server WEB_2 10.7.0.4:8080 cookie WEB_2"],
-                         get_backend_routes(route_health_check="", is_sticky=True,
+                         get_backend_routes(route_setting="", is_sticky=True,
                                             routes=routes, routes_added=[
                                  {'container_name': 'WEB_1', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.5'}],
                                             service_alias="WEB"))
         self.assertEqual(["server WEB_1 10.7.0.5:8080", "server WEB_2 10.7.0.4:8080"],
-                         get_backend_routes(route_health_check="", is_sticky=False,
+                         get_backend_routes(route_setting="", is_sticky=False,
                                             routes=routes, routes_added=[
                                  {'container_name': 'WEB_3', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.5'}],
                                             service_alias="WEB"))
         self.assertEqual([],
-                         get_backend_routes(route_health_check="", is_sticky=False,
+                         get_backend_routes(route_setting="", is_sticky=False,
                                             routes=routes, routes_added=[
                                  {'container_name': 'WEB_2', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.4'},
                                  {'container_name': 'WEB_1', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.5'}],
                                             service_alias="WEB"))
         self.assertEqual(["server HW_1 10.7.0.3:80 check", "server HW_2 10.7.0.2:80 check"],
-                         get_backend_routes(route_health_check="check", is_sticky=False,
+                         get_backend_routes(route_setting="check", is_sticky=False,
                                             routes=routes, routes_added=[
                                  {'container_name': 'WEB_3', 'proto': 'tcp', 'port': '8080', 'addr': '10.7.0.5'}],
                                             service_alias="HW"))
         self.assertEqual([],
-                         get_backend_routes(route_health_check="", is_sticky=False,
+                         get_backend_routes(route_setting="", is_sticky=False,
                                             routes=routes, routes_added=[], service_alias="HELLO"))
 
     def test_get_route_health(self):
@@ -59,9 +59,20 @@ def test_get_route_health(self):
 
         self.assertEqual("health_check_web_a", get_route_health_check(details, 'web-a', default_health_check))
         self.assertEqual(default_health_check, get_route_health_check(details, 'web-b', default_health_check))
-        self.assertEqual(default_health_check, get_route_health_check(details, 'web-b', default_health_check))
+        self.assertEqual(default_health_check, get_route_health_check(details, 'web-c', default_health_check))
         self.assertEqual(default_health_check, get_route_health_check(details, 'web-d', default_health_check))
 
+    def test_get_extra_route_settings(self):
+        details = {'web-a': {'extra_route_settings': 'extra_route_settings_web_a'},
+                   'web-b': {'extra_route_settings': ''},
+                   'web-c': {}}
+        default_route_settings = 'default_routsettings'
+
+        self.assertEqual("extra_route_settings_web_a", get_extra_route_settings(details, 'web-a', default_route_settings))
+        self.assertEqual(default_route_settings, get_extra_route_settings(details, 'web-b', default_route_settings))
+        self.assertEqual(default_route_settings, get_extra_route_settings(details, 'web-c', default_route_settings))
+        self.assertEqual(default_route_settings, get_extra_route_settings(details, 'web-d', default_route_settings))
+
     def test_get_websocket_setting(self):
         vhosts = [{'service_alias': 'web-a', 'path': '', 'host': 'a.com', 'scheme': 'http', 'port': '8080'},
                   {'service_alias': 'web-a', 'path': '', 'host': 'ws.a.com', 'scheme': 'ws', 'port': '8080'},

tests/unit/helper/test_tcp_helper.py

@@ -92,8 +92,16 @@ def test_get_healthcheck_string(self):
                    'WEB': {'tcp_ports': ['22'], 'health_check': 'checked'}}
         self.assertEqual(HEALTH_CHECK, get_healthcheck_string(details, "HW"))
         self.assertEqual("checked", get_healthcheck_string(details, "WEB"))
-        self.assertEqual(HEALTH_CHECK, get_healthcheck_string(details, "NOT_EXIT"))
-        self.assertEqual(HEALTH_CHECK, get_healthcheck_string({}, "NOT_EXIT"))
+        self.assertEqual(HEALTH_CHECK, get_healthcheck_string(details, "NOT_EXIST"))
+        self.assertEqual(HEALTH_CHECK, get_healthcheck_string({}, "NOT_EXIST"))
+
+    def test_get_extra_route_settings_string(self):
+        details = {'HW': {'tcp_ports': ['22']},
+                   'WEB': {'tcp_ports': ['22'], 'extra_route_settings': 'extra settings'}}
+        self.assertEqual(EXTRA_ROUTE_SETTINGS, get_extra_route_settings_string(details, "HW"))
+        self.assertEqual("extra settings", get_extra_route_settings_string(details, "WEB"))
+        self.assertEqual(EXTRA_ROUTE_SETTINGS, get_extra_route_settings_string(details, "NOT_EXIST"))
+        self.assertEqual(EXTRA_ROUTE_SETTINGS, get_extra_route_settings_string({}, "NOT_EXIST"))
 
     def test_get_service_aliases_given_tcp_port(self):
         details = {'HW': {'tcp_ports': ['22', '33']},