From acf6c36633ead3415c42310ec94c27c67ef02a6c Mon Sep 17 00:00:00 2001
From: ZhaoBo <zhaobo6@huawei.com>
Date: Thu, 1 Nov 2018 14:24:31 +0800
Subject: [PATCH] Amp driver support sni option to send the hostname to backend

If the Tls option of Pool is True, we default configure a sni option in
the associated members configuration, which is "sni ssl_fc_sni".

Story: 2003858
Task: 26684
Change-Id: Id61e0302dac3a5471b4fcb526b4edec50ec1a6fc
---
 octavia/common/jinja/haproxy/templates/macros.j2          | 6 ++++--
 octavia/tests/unit/common/jinja/haproxy/test_jinja_cfg.py | 4 ++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/octavia/common/jinja/haproxy/templates/macros.j2 b/octavia/common/jinja/haproxy/templates/macros.j2
index 50fbc8337e..825d99fbba 100644
--- a/octavia/common/jinja/haproxy/templates/macros.j2
+++ b/octavia/common/jinja/haproxy/templates/macros.j2
@@ -212,8 +212,10 @@ frontend {{ listener.id }}
     {% endif %}
     {% if pool.tls_enabled %}
         {% set def_opt_prefix = " ssl" %}
+        {% set def_sni_opt = " sni ssl_fc_sni" %}
     {% else %}
         {% set def_opt_prefix = "" %}
+        {% set def_sni_opt = "" %}
     {% endif %}
     {% if pool.client_cert and pool.tls_enabled %}
         {% set def_crt_opt = " crt %s"|format(pool.client_cert) %}
@@ -231,11 +233,11 @@ frontend {{ listener.id }}
     {% elif pool.tls_enabled %}
         {% set def_verify_opt = " verify none" %}
     {% endif %}
-    {{ "server %s %s:%d weight %s%s%s%s%s%s%s%s%s%s%s"|e|format(
+    {{ "server %s %s:%d weight %s%s%s%s%s%s%s%s%s%s%s%s"|e|format(
         member.id, member.address, member.protocol_port, member.weight,
         hm_opt, persistence_opt, proxy_protocol_opt, member_backup_opt,
         member_enabled_opt, def_opt_prefix, def_crt_opt, ca_opt, crl_opt,
-        def_verify_opt)|trim() }}
+        def_verify_opt, def_sni_opt)|trim() }}
 {% endmacro %}
 
 
diff --git a/octavia/tests/unit/common/jinja/haproxy/test_jinja_cfg.py b/octavia/tests/unit/common/jinja/haproxy/test_jinja_cfg.py
index 845fbdee2d..92eae4e64e 100644
--- a/octavia/tests/unit/common/jinja/haproxy/test_jinja_cfg.py
+++ b/octavia/tests/unit/common/jinja/haproxy/test_jinja_cfg.py
@@ -768,7 +768,7 @@ class TestHaproxyCfg(base.TestCase):
               "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
               "{opts}\n\n").format(
             maxconn=constants.HAPROXY_MAX_MAXCONN,
-            opts="ssl crt %s verify none" % cert_file_path)
+            opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path)
         rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
             sample_configs.sample_amphora_tuple(),
             sample_configs.sample_listener_tuple(
@@ -807,7 +807,7 @@ class TestHaproxyCfg(base.TestCase):
                 "ssl", "crt", pool_client_cert,
                 "ca-file %s" % pool_ca_cert,
                 "crl-file %s" % pool_crl,
-                "verify required"))
+                "verify required sni ssl_fc_sni"))
         rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
             sample_configs.sample_amphora_tuple(),
             sample_configs.sample_listener_tuple(