forked from ianblenke/tutum-docker-clusterproxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathintegration_test.sh
executable file
·342 lines (304 loc) · 22.5 KB
/
integration_test.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
#!/bin/bash
set -e
DOCKER_HOST_IP=${DOCKER_HOST_IP:-$1}
DOCKER_HOST_IP=${DOCKER_HOST_IP:-"127.0.0.1"}
function rm_container {
set +e
docker rm -fv "$@" > /dev/null 2>&1
set -e
}
function cleanup {
echo " Removing related containers"
rm_container web-a web-b web-c web-d web-e web-f web-g lb
echo " Removing cert files"
rm -f *.pem
}
function create_cert {
openssl req -x509 -newkey rsa:2048 -keyout key$1.pem -out ca$1.pem -days 1080 -nodes -subj "/CN=$2/O=My Company Name LTD./C=US"
cp key$1.pem cert$1.pem
cat ca$1.pem >> cert$1.pem
}
function wait_for_startup {
LOOP_LIMIT=10
for (( i=0 ; ; i++ )); do
if [ ${i} -eq ${LOOP_LIMIT} ]; then
break
fi
sleep 1
curl -kL "$@" > /dev/null 2>&1 && break
done
}
echo "=> Testing running environment"
docker version
which curl > /dev/null
which awk > /dev/null
echo
echo "=> Clean up"
cleanup
echo
echo "=> Building haproxy image"
docker build -t haproxy .
echo
echo "=> Creating certificates"
create_cert 0 ${DOCKER_HOST_IP}
create_cert 1 web-a.org
create_cert 2 web-b.org
echo
echo "=> Running Tests"
echo "=> Test if haproxy is running properly"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME="web-a" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 8000:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:8000
curl -ssfL -I http://${DOCKER_HOST_IP}:8000 > /dev/null
echo
echo "=> Test Default_SSL_CERT(client verifies server)"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME="web-a" tutum/hello-world
docker run -d --name lb --link web-a:web-a -e DEFAULT_SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" -p 443:443 haproxy
wait_for_startup https://${DOCKER_HOST_IP}
curl -sSfL --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 | grep -iF "SSL certificate problem: self signed certificate" > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
echo
echo "=> Test SSL verification(server verifies client)"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME="web-a" tutum/hello-world
docker run -d --name lb --link web-a:web-a -e DEFAULT_SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" -e CA_CERT="$(awk 1 ORS='\\n' ca0.pem)" -p 443:443 haproxy
wait_for_startup https://${DOCKER_HOST_IP}
echo " Sending request without certificate"
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 > /dev/null | grep 'handshake failure' > /dev/null
echo " Sending request with a wrong certificate"
curl -sSfL --cacert ca1.pem --cert cert1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 > /dev/null | grep 'alert unknown ca' > /dev/null
echo " Sending reqeust with the correct certifcate"
curl -sSfL --cacert ca1.pem --cert cert0.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
echo
echo "=> Test virtual host"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST=web-a.org tutum/hello-world
docker run -d --name web-b -e HOSTNAME=web-b -e VIRTUAL_HOST=web-b.org tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-b.org:80:${DOCKER_HOST_IP} web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
echo
echo "=> Test multiple ssl certificates"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME="web-a" -e VIRTUAL_HOST="https://web-a.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" tutum/hello-world
docker run -d --name web-b -e HOSTNAME="web-b" -e VIRTUAL_HOST="https://web-b.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert2.pem)" tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 443:443 haproxy
wait_for_startup https://${DOCKER_HOST_IP}
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-a.org:443:${DOCKER_HOST_IP} https://web-a.org 2>&1 2>&1 | grep -iF "SSL certificate problem: self signed certificate" > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:${DOCKER_HOST_IP} https://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-b.org:443:${DOCKER_HOST_IP} https://web-b.org 2>&1 2>&1 | grep -iF "SSL certificate problem: self signed certificate" > /dev/null
echo
echo "=> Test multiple virtual host entries"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST='web-a.org, web-a.com' tutum/hello-world
docker run -d --name web-b -e HOSTNAME=web-b -e VIRTUAL_HOST='web-b.org, web-b.com' tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} http://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.com:80:${DOCKER_HOST_IP} http://web-a.com 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-b.org:80:${DOCKER_HOST_IP} http://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --resolve web-b.com:80:${DOCKER_HOST_IP} http://web-b.com 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
echo
echo "=> Test virtual host with duplicated entries"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST='web-a.org, web-a.org:80' tutum/hello-world
docker run -d --name web-b -e HOSTNAME=web-b -e VIRTUAL_HOST='web-b.org:8080, web-b.org:8080' tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 80:80 -p 8080:8080 haproxy
wait_for_startup http://${DOCKER_HOST_IP}
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org:80 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-b.org:8080:${DOCKER_HOST_IP} web-b.org:8080 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --resolve web-b.org:8080:${DOCKER_HOST_IP} web-b.org:8080 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
echo
echo "=> Test virtual host with ports"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST='web-a.org' tutum/hello-world
docker run -d --name web-b -e HOSTNAME=web-b -e VIRTUAL_HOST='web-b.org:8080' tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 80:80 -p 8080:8080 haproxy
wait_for_startup http://${DOCKER_HOST_IP}
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org:80 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-b.org:8080:${DOCKER_HOST_IP} web-b.org:8080 ${DOCKER_HOST_IP}:8080 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --resolve web-b.org:8080:${DOCKER_HOST_IP} -H 'Host:web-b.org' web-b.org:8080 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
echo
echo "=> Test virtual host with scheme and ports"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="https://web-a.org:442" -e SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" tutum/hello-world
docker run -d --name web-b -e HOSTNAME=web-b -e VIRTUAL_HOST="http://web-b.org:8080" tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 442:442 -p 8080:8080 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:8080
curl -sSfL --cacert ca1.pem --resolve web-a.org:442:${DOCKER_HOST_IP} https://web-a.org:442 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-a.org:442:${DOCKER_HOST_IP} https://web-a.org:442 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-b.org:8080:${DOCKER_HOST_IP} web-b.org:8080 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --resolve web-b.org:8080:${DOCKER_HOST_IP} -H 'Host:web-b.org' web-b.org:8080 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
echo
echo "=> The virtual host with wildcard in host and on a non-default port"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="http://web-*.org:8080" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 8080:8080 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:8080
curl -sSfL --resolve web-a.org:8080:${DOCKER_HOST_IP} web-a.org:8080 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.org:8080:${DOCKER_HOST_IP} -H 'Host:web-a.org' web-a.org:8080 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
echo
echo "=> Test virtual host that starts with wildcard"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="*.web-a.org" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org:80 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve abc.web-a.org:80:${DOCKER_HOST_IP} abc.web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve abc.web-a.org:80:${DOCKER_HOST_IP} abc.web-a.org:80 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.com:80:${DOCKER_HOST_IP} www.web-a.com 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
echo
echo "=> Test virtual host that ends with wildcard"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="web-a.*" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.org:80:${DOCKER_HOST_IP} web-a.org:80 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.com:80:${DOCKER_HOST_IP} web-a.com 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve web-a.com:80:${DOCKER_HOST_IP} web-a.com:80 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
echo
echo "=> Test virtual path"
rm_container web-a web-b web-c web-d web-e web-f web-g lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="*/pa/, */pa, */pa/*, */*/pa/*" tutum/hello-world
docker run -d --name web-b -e HOSTNAME=web-b -e VIRTUAL_HOST="*/pb" tutum/hello-world
docker run -d --name web-c -e HOSTNAME=web-c -e VIRTUAL_HOST="*/pc/" tutum/hello-world
docker run -d --name web-d -e HOSTNAME=web-d -e VIRTUAL_HOST="*/pd/*" tutum/hello-world
docker run -d --name web-e -e HOSTNAME=web-e -e VIRTUAL_HOST="*/*/pe/*" tutum/hello-world
docker run -d --name web-f -e HOSTNAME=web-f -e VIRTUAL_HOST="*/p*f/" tutum/hello-world
docker run -d --name web-g -e HOSTNAME=web-g -e VIRTUAL_HOST="*/*.js" tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b --link web-c:web-c --link web-d:web-d --link web-e:web-e --link web-f:web-f --link web-g:web-g -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL ${DOCKER_HOST_IP}/pa 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pa/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pa/abc 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/abc/pa/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/abc/pa/123 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/pa?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pb | grep -iF 'My hostname is web-b' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pb/ | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pb/abc | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc/pb/ | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc/pb/123 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/pb?u=user&p=pass" | grep -iF 'My hostname is web-b' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pc 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pc/ 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pc/abc 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc/pc/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc/pc/123 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/pc/?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pd 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pd/ 2>&1 | grep -iF 'My hostname is web-d' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pd/abc 2>&1 | grep -iF 'My hostname is web-d' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc/pd/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc/pd/123 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/pd/?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-d' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/pd/abc?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-d' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pe 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pe/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pe/abc 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/abc/pe/ 2>&1 | grep -iF 'My hostname is web-e' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/abc/pe/123 2>&1 | grep -iF 'My hostname is web-e' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/abc/pe/?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-e' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/abc/pe/123?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-e' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/pf 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/pf/ 2>&1 | grep -iF 'My hostname is web-f' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/p3f 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/p3f/ 2>&1 | grep -iF 'My hostname is web-f' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/pf/?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-f' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/p3f/?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-f' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/abc.js 2>&1 | grep -iF 'My hostname is web-g' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/path/123.js 2>&1 | grep -iF 'My hostname is web-g' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/abc.js?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-g' > /dev/null
curl -sSfL "${DOCKER_HOST_IP}/path/123.js?u=user&p=pass" 2>&1 | grep -iF 'My hostname is web-g' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/abc.jpg 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSL ${DOCKER_HOST_IP}/path/abc.jpg 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
echo
echo "=> Test virtual host combined with virtual path"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="http://www.web-a.org/p3/" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org/p3/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org:80/p3/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/p3/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org/p3 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web.org:80:${DOCKER_HOST_IP} www.web.org:80/p3/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
echo
echo "=> Test virtual host combined with virtual path including wildcard"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="http://www.web-*.org/p*/" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org/p1/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org:80/p/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/p3/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web.org:80:${DOCKER_HOST_IP} www.web.org 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web-a.org:80:${DOCKER_HOST_IP} www.web-a.org/p3 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
echo
echo "=> Test virtual host combined with virtual path including wildcard on a none default port"
rm_container web-a lb
docker run -d --name web-a -e HOSTNAME=web-a -e VIRTUAL_HOST="http://www.web-*.org:8080/p*/" tutum/hello-world
docker run -d --name lb --link web-a:web-a -p 8080:8080 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:8080
curl -sSfL --resolve www.web-a.org:8080:${DOCKER_HOST_IP} www.web-a.org:8080/p1/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.org:8080:${DOCKER_HOST_IP} www.web-a.org:8080/p/ 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve www.web-a.org:8080:${DOCKER_HOST_IP} www.web-a.org:8080/p/ 2>&1 -H HOST:www.web-a.org| grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}:8080/p3/ 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web.org:8080:${DOCKER_HOST_IP} www.web.org:8080 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
curl -sSfL --resolve www.web-a.org:8080:${DOCKER_HOST_IP} www.web-a.org:8080/p3 2>&1 | grep -iF '503 Service Unavailable' > /dev/null
echo
echo "=> Test multiple frontends"
rm_container web-a web-b web-c lb
docker run -d --name web-a -e HOSTNAME="web-a" -e VIRTUAL_HOST="https://web-a.org:444, weba2.org:8008" -e SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" tutum/hello-world
docker run -d --name web-b -e HOSTNAME="web-b" -e VIRTUAL_HOST="https://web-b.org, http://webb2.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert2.pem)" tutum/hello-world
docker run -d --name web-c -e HOSTNAME="web-c" -e VIRTUAL_HOST="webc.org, http://webc1.org:8009, webc2.org/path/, */*.do/, *:8011/*.php/" tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b --link web-c:web-c -p 443:443 -p 444:444 -p 8008:8008 -p 8009:8009 -p 80:80 -p 8011:8011 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --cacert ca1.pem --resolve web-a.org:444:${DOCKER_HOST_IP} https://web-a.org:444 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --resolve weba2.org:8008:${DOCKER_HOST_IP} weba2.org:8008 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:${DOCKER_HOST_IP} https://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --resolve webb2.org:80:${DOCKER_HOST_IP} webb2.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --resolve webc.org:80:${DOCKER_HOST_IP} webc.org 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSfL --resolve webc1.org:8009:${DOCKER_HOST_IP} webc1.org:8009 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSfL --resolve webc2.org:80:${DOCKER_HOST_IP} webc2.org/path/ 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSfL --resolve webc3.org:80:${DOCKER_HOST_IP} webc3.org/abc.do/ 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}/abc.do/ 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSfL --resolve webc3.org:8011:${DOCKER_HOST_IP} webc3.org:8011/abc.php/ webc2.org/path 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
curl -sSfL ${DOCKER_HOST_IP}:8011/abc.php/ 2>&1 | grep -iF 'My hostname is web-c' > /dev/null
echo
echo "=> Test force_ssl with virtual host"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME="web-a" -e VIRTUAL_HOST="https://web-a.org, web-a.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert1.pem)" tutum/hello-world
docker run -d --name web-b -e HOSTNAME="web-b" -e VIRTUAL_HOST="https://web-b.org, web-b.org" -e SSL_CERT="$(awk 1 ORS='\\n' cert2.pem)" -e FORCE_SSL=true tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 443:443 -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:127.0.0.1 https://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:127.0.0.1 https://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSfL --cacert ca1.pem --resolve web-a.org:443:127.0.0.1 --resolve web-a.org:80:127.0.0.1 http://web-a.org 2>&1 | grep -iF 'My hostname is web-a' > /dev/null
curl -sSfL --cacert ca2.pem --resolve web-b.org:443:127.0.0.1 --resolve web-b.org:80:127.0.0.1 http://web-b.org 2>&1 | grep -iF 'My hostname is web-b' > /dev/null
curl -sSIL --cacert ca1.pem --resolve web-a.org:443:127.0.0.1 --resolve web-a.org:80:127.0.0.1 http://web-a.org 2>&1 | grep -iF "http/1.1" | grep -v "301" > /dev/null
curl -sSIL --cacert ca2.pem --resolve web-b.org:443:127.0.0.1 --resolve web-b.org:80:127.0.0.1 http://web-b.org 2>&1 | grep -iF '301 Moved Permanently' > /dev/null
echo
echo "=> Testing force_ssl without virtual host"
rm_container web-a web-b lb
docker run -d --name web-a -e HOSTNAME="web-ab" -e SSL_CERT="$(awk 1 ORS='\\n' cert0.pem)" tutum/hello-world
docker run -d --name web-b -e HOSTNAME="web-ab" -e FORCE_SSL=true tutum/hello-world
docker run -d --name lb --link web-a:web-a --link web-b:web-b -p 443:443 -p 80:80 haproxy
wait_for_startup http://${DOCKER_HOST_IP}:80
curl -sSfL --cacert ca0.pem ${DOCKER_HOST_IP} 2>&1 | grep -iF 'My hostname is web-ab' > /dev/null
curl -sSIL --cacert ca0.pem ${DOCKER_HOST_IP} 2>&1 | grep -iF '301 Moved Permanently' > /dev/null
echo
echo "=> Clean up"
cleanup
echo "=> Done!"