Make haproxy timeout configurable (#94)

* make haproxy client timeout configurable * increase minor version
moia-oss · Jan 11, 2021 · 98ff867 · 98ff867
1 parent 168ba33
commit 98ff867
Show file tree

Hide file tree

Showing 10 changed files with 10,417 additions and 24 deletions.
diff --git a/lib/bastion-host-forward-base-props.ts b/lib/bastion-host-forward-base-props.ts
@@ -34,4 +34,11 @@ export interface BastionHostForwardBaseProps {
    * doesn't allow incoming traffic and allows outbound traffic to everywhere
    */
   readonly securityGroup?: ec2.ISecurityGroup;
+
+ /**
+  * The HAProxy client timeout in minutes
+  *
+  * @default 1
+  */
+  readonly clientTimeout?: number;
 }
diff --git a/lib/bastion-host-forward-props.ts b/lib/bastion-host-forward-props.ts
@@ -11,3 +11,4 @@ export interface BastionHostForwardProps extends BastionHostForwardBaseProps {
    */
   readonly port: string;
 }
+
diff --git a/lib/bastion-host-forward.ts b/lib/bastion-host-forward.ts
@@ -46,7 +46,11 @@ export class BastionHostForward extends cdk.Construct {
     });
 
     const cfnBastionHost = this.bastionHost.instance.node.defaultChild as ec2.CfnInstance;
-    const shellCommands = this.generateEc2UserData(props.address, props.port);
+    const shellCommands = this.generateEc2UserData(
+      props.address,
+      props.port,
+      props.clientTimeout || 1,
+    );
     cfnBastionHost.userData = cdk.Fn.base64(shellCommands.render());
 
     this.instanceId = this.bastionHost.instance.instanceId;
@@ -55,11 +59,11 @@ export class BastionHostForward extends cdk.Construct {
   /*
    * Creates a Config entry for HAProxy with the given address and port
    */
-  private generateHaProxyBaseConfig(address: string, port: string): string {
+  private generateHaProxyBaseConfig(address: string, port: string, clientTimeout: number): string {
     return `listen database
   bind 0.0.0.0:${port}
   timeout connect 10s
-  timeout client 1m
+  timeout client ${clientTimeout}m
   timeout server 1m
   mode tcp
   server service ${address}:${port}\n`;
@@ -71,7 +75,7 @@ export class BastionHostForward extends cdk.Construct {
    * The User Data is written in MIME format to override the User Data
    * application behavior to be applied on every machine restart
    */
-  private generateEc2UserData(address: string, port: string): ec2.UserData {
+  private generateEc2UserData(address: string, port: string, clientTimeout: number): ec2.UserData {
     return ec2.UserData.custom(
       `Content-Type: multipart/mixed; boundary="//"
 MIME-Version: 1.0
@@ -92,7 +96,7 @@ Content-Disposition: attachment; filename="userdata.txt"
 mount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc
 yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
 yum install -y haproxy
-echo "${this.generateHaProxyBaseConfig(address, port)}" > /etc/haproxy/haproxy.cfg
+echo "${this.generateHaProxyBaseConfig(address, port, clientTimeout)}" > /etc/haproxy/haproxy.cfg
 service haproxy restart
 --//`);
   }

diff --git a/lib/rds.ts b/lib/rds.ts
@@ -50,6 +50,7 @@ export class BastionHostRDSForward extends BastionHostForward {
       securityGroup: props.securityGroup,
       address: props.rdsInstance.dbInstanceEndpointAddress,
       port: props.rdsInstance.dbInstanceEndpointPort,
+      clientTimeout: props.clientTimeout,
     });
 
     if (props.iamUser !== undefined && props.rdsResourceIdentifier !== undefined) {

diff --git a/lib/redis.ts b/lib/redis.ts
@@ -25,7 +25,8 @@ export class BastionHostRedisForward extends BastionHostForward {
       name: props.name,
       securityGroup: props.securityGroup,
       address: props.address,
-      port: props.port
+      port: props.port,
+      clientTimeout: props.clientTimeout,
     });
   }
 }