feat(anta)!: Use HTTP HEAD request instead of a TCP connection to check if device is online #851
Conversation
dlobato
force-pushed
the
check-connection-with-head
branch
from
049202b
to
6e61446
Compare
dlobato
changed the title
There was a problem hiding this comment.
Hi David,
This changes the current behaviour, hence changing the PR name.
I understand that your use case is to actually check that eAPI is reachable behind a reverse proxy which is not possible today with the simple call to asyncio.open_connection().
I checked the behaviour of a HEAD request on the base_url and here is the result:
$ curl -k --head https://172.20.1.3
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 10 Oct 2024 15:34:22 GMT
Content-Type: text/html
Content-Length: 13
Connection: keep-alive
Location: https://172.20.1.3/eapi/
https://172.20.1.3/eapi/ is actually the eAPI Explorer.
So we can either do that, expect and 301 and test the redirect URL (https://www.python-httpx.org/quickstart/#redirection-and-history)
Or we can do a HEAD on https://{base_url}/command-api and expect a 401 if not authenticated:
$ curl -k --head https://172.20.1.3/command-api
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Thu, 10 Oct 2024 15:38:59 GMT
Content-Type: text/plain
Content-Length: 30
Connection: keep-alive
I assume the code should also expect a 200 if the asynceapi.Device instance is authenticated.
Please update the code to handle that behaviour and write unit tests :)
Regarding login, I like the idea of checking the credentials before sending the "show version" eAPI request like we do today. I've opened #871 to track this.
Thanks !
mtache
changed the title
mtache
changed the title
|
Hi Matthieu, I also think that requesting headers from command-api would be better. Since we have the credentials we can then check the status code and conclude if we can actually connect to the eAPI server. I'll update the code and add the required tests. David |
* HEAD request to /command-api url * Handle HTTPStatus error in refresh, log error message * Update unit tests
dlobato
force-pushed
the
check-connection-with-head
branch
from
6bf8440
to
0235699
Compare
|
CodSpeed Performance ReportMerging #851 will not alter performanceComparing Summary
|
Description
Use HTTP HEAD request to check connection to a device instead of pure L3 check.
This allows to check connectivity on devices behind a reverse proxy, so rather than checking the reverse proxy is alive using HTTP the request will be forwarded to the right device.
The change is as close to the original as possible, but we could potentially check if the credentials are correct as well.
Checklist:
pre-commit run)tox -e testenv)