const (
// EndpointHTTPPort is an endpoint HTTP port for testing.
EndpointHTTPPort = 8083
// EndpointUDPPort is an endpoint UDP port for testing.
EndpointUDPPort = 8081
// EndpointSCTPPort is an endpoint SCTP port for testing.
EndpointSCTPPort = 8082
// ClusterHTTPPort is a cluster HTTP port for testing.
ClusterHTTPPort = 80
// ClusterUDPPort is a cluster UDP port for testing.
ClusterUDPPort = 90
// ClusterSCTPPort is a cluster SCTP port for testing.
ClusterSCTPPort = 95
// SessionAffinityChecks is number of checks to hit a given set of endpoints when enable session affinity.
SessionAffinityChecks = 10
// RegexIPv4 is a regex to match IPv4 addresses
RegexIPv4 = "(?:\\d+)\\.(?:\\d+)\\.(?:\\d+)\\.(?:\\d+)"
// RegexIPv6 is a regex to match IPv6 addresses
RegexIPv6 = "(?:(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){6})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:::(?:(?:(?:[0-9a-fA-F]{1,4})):){5})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){4})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,1}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){3})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,2}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){2})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,3}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:[0-9a-fA-F]{1,4})):)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,4}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,5}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,6}(?:(?:[0-9a-fA-F]{1,4})))?::))))"
)
NetexecImageName is the image name for agnhost.
var NetexecImageName = imageutils.GetE2EImage(imageutils.Agnhost)
func BlockNetwork(ctx context.Context, from string, to string)
BlockNetwork blocks network between the given from value and the given to value. The following helper functions can block/unblock network from source host to destination host by manipulating iptable rules. This function assumes it can ssh to the source host.
Caution: Recommend to input IP instead of hostnames. Using hostnames will cause iptables to do a DNS lookup to resolve the name to an IP address, which will slow down the test and cause it to fail if DNS is absent or broken.
Suggested usage pattern:
func foo() {
...
defer UnblockNetwork(from, to)
BlockNetwork(from, to)
...
}
func EnableDualStack(config *NetworkingTestConfig)
EnableDualStack create Dual Stack services
func EnableSCTP(config *NetworkingTestConfig)
EnableSCTP listen on SCTP ports on the endpoints
func EndpointsUseHostNetwork(config *NetworkingTestConfig)
EndpointsUseHostNetwork run the endpoints pods with HostNetwork=true.
func PreferExternalAddresses(config *NetworkingTestConfig)
PreferExternalAddresses prefer node External Addresses for the tests
func TestUnderTemporaryNetworkFailure(ctx context.Context, c clientset.Interface, ns string, node *v1.Node, testFunc func(ctx context.Context))
TestUnderTemporaryNetworkFailure blocks outgoing network traffic on 'node'. Then runs testFunc and returns its status. At the end (even in case of errors), the network traffic is brought back to normal. This function executes commands on a node so it will work only for some environments.
func UnblockNetwork(ctx context.Context, from string, to string)
UnblockNetwork unblocks network between the given from value and the given to value.
func UseHostNetwork(config *NetworkingTestConfig)
UseHostNetwork run the test container with HostNetwork=true.
func WaitForService(ctx context.Context, c clientset.Interface, namespace, name string, exist bool, interval, timeout time.Duration) error
WaitForService waits until the service appears (exist == true), or disappears (exist == false)
HTTPPokeParams is a struct for HTTP poke parameters.
type HTTPPokeParams struct {
Timeout time.Duration // default = 10 secs
ExpectCode int // default = 200
BodyContains string
RetriableCodes []int
EnableHTTPS bool
}
HTTPPokeResult is a struct for HTTP poke result.
type HTTPPokeResult struct {
Status HTTPPokeStatus
Code int // HTTP code: 0 if the connection was not made
Error error // if there was any error
Body []byte // if code != 0
}
func PokeHTTP(host string, port int, path string, params *HTTPPokeParams) HTTPPokeResult
PokeHTTP tries to connect to a host on a port for a given URL path. Callers can specify additional success parameters, if desired.
The result status will be characterized as precisely as possible, given the known users of this.
The result code will be zero in case of any failure to connect, or non-zero if the HTTP transaction completed (even if the other test params make this a failure).
The result error will be populated for any status other than Success.
The result body will be populated if the HTTP transaction was completed, even if the other test params make this a failure).
HTTPPokeStatus is string for representing HTTP poke status.
type HTTPPokeStatus string
const (
// HTTPSuccess is HTTP poke status which is success.
HTTPSuccess HTTPPokeStatus = "Success"
// HTTPError is HTTP poke status which is error.
HTTPError HTTPPokeStatus = "UnknownError"
// HTTPTimeout is HTTP poke status which is timeout.
HTTPTimeout HTTPPokeStatus = "TimedOut"
// HTTPRefused is HTTP poke status which is connection refused.
HTTPRefused HTTPPokeStatus = "ConnectionRefused"
// HTTPRetryCode is HTTP poke status which is retry code.
HTTPRetryCode HTTPPokeStatus = "RetryCode"
// HTTPWrongCode is HTTP poke status which is wrong code.
HTTPWrongCode HTTPPokeStatus = "WrongCode"
// HTTPBadResponse is HTTP poke status which is bad response.
HTTPBadResponse HTTPPokeStatus = "BadResponse"
)
NetexecDialResponse represents the response returned by the `netexec` subcommand of `agnhost`
type NetexecDialResponse struct {
Responses []string `json:"responses"`
Errors []string `json:"errors"`
}
NetworkingTestConfig is a convenience class around some utility methods for testing kubeproxy/networking/services/endpoints.
type NetworkingTestConfig struct {
// TestContainerPod is a test pod running the netexec image. It is capable
// of executing tcp/udp requests against ip:port.
TestContainerPod *v1.Pod
// HostTestContainerPod is a pod running using the hostexec image.
HostTestContainerPod *v1.Pod
// if the HostTestContainerPod is running with HostNetwork=true.
HostNetwork bool
// if the endpoints Pods are running with HostNetwork=true.
EndpointsHostNetwork bool
// if the test pods are listening on sctp port. We need this as sctp tests
// are marked as disruptive as they may load the sctp module.
SCTPEnabled bool
// DualStackEnabled enables dual stack on services
DualStackEnabled bool
// EndpointPods are the pods belonging to the Service created by this
// test config. Each invocation of `setup` creates a service with
// 1 pod per node running the netexecImage.
EndpointPods []*v1.Pod
// NodePortService is a Service with Type=NodePort spanning over all
// endpointPods.
NodePortService *v1.Service
// SessionAffinityService is a Service with SessionAffinity=ClientIP
// spanning over all endpointPods.
SessionAffinityService *v1.Service
// Nodes is a list of nodes in the cluster.
Nodes []v1.Node
// MaxTries is the number of retries tolerated for tests run against
// endpoints and services created by this config.
MaxTries int
// The ClusterIP of the Service created by this test config.
ClusterIP string
// The SecondaryClusterIP of the Service created by this test config.
SecondaryClusterIP string
// NodeIP it's an ExternalIP if the node has one,
// or an InternalIP if not, for use in nodePort testing.
NodeIP string
// SecondaryNodeIP it's an ExternalIP of the secondary IP family if the node has one,
// or an InternalIP if not, for usein nodePort testing.
SecondaryNodeIP string
// The http/udp/sctp nodePorts of the Service.
NodeHTTPPort int
NodeUDPPort int
NodeSCTPPort int
// The kubernetes namespace within which all resources for this
// config are created
Namespace string
// Whether to prefer node External Addresses for the tests
PreferExternalAddresses bool
// contains filtered or unexported fields
}
func NewCoreNetworkingTestConfig(ctx context.Context, f *framework.Framework, hostNetwork bool) *NetworkingTestConfig
NewCoreNetworkingTestConfig creates and sets up a new test config helper for Node E2E.
func NewNetworkingTestConfig(ctx context.Context, f *framework.Framework, setters ...Option) *NetworkingTestConfig
NewNetworkingTestConfig creates and sets up a new test config helper.
func (config *NetworkingTestConfig) CreateService(ctx context.Context, serviceSpec *v1.Service) *v1.Service
CreateService creates the provided service in config.Namespace and returns created service
func (config *NetworkingTestConfig) DeleteNetProxyPod(ctx context.Context)
DeleteNetProxyPod deletes the first endpoint pod and waits for it being removed.
func (config *NetworkingTestConfig) DeleteNodePortService(ctx context.Context)
DeleteNodePortService deletes NodePort service.
func (config *NetworkingTestConfig) DialEchoFromTestContainer(ctx context.Context, protocol, targetIP string, targetPort, maxTries, minTries int, echoMessage string) error
DialEchoFromTestContainer executes a curl via kubectl exec in a test container. The response is expected to match the echoMessage, Returns an error to be handled by the caller.
func (config *NetworkingTestConfig) DialFromContainer(ctx context.Context, protocol, dialCommand, containerIP, targetIP string, containerHTTPPort, targetPort, maxTries, minTries int, expectedResponses sets.String) error
DialFromContainer executes a curl via kubectl exec in a test container, which might then translate to a tcp or udp request based on the protocol argument in the url.
maxTries == minTries will confirm that we see the expected endpoints and no more for maxTries. Use this if you want to eg: fail a readiness check on a pod and confirm it doesn't show up as an endpoint. Returns nil if no error, or error message if failed after trying maxTries.
func (config *NetworkingTestConfig) DialFromEndpointContainer(ctx context.Context, protocol, targetIP string, targetPort, maxTries, minTries int, expectedEps sets.String) error
DialFromEndpointContainer executes a curl via kubectl exec in an endpoint container. Returns an error to be handled by the caller.
func (config *NetworkingTestConfig) DialFromNode(ctx context.Context, protocol, targetIP string, targetPort, maxTries, minTries int, expectedEps sets.String) error
DialFromNode executes a tcp/udp curl/nc request based on protocol via kubectl exec in a test container running with host networking.
func (config *NetworkingTestConfig) DialFromTestContainer(ctx context.Context, protocol, targetIP string, targetPort, maxTries, minTries int, expectedEps sets.String) error
DialFromTestContainer executes a curl via kubectl exec in a test container. Returns an error to be handled by the caller.
func (config *NetworkingTestConfig) EndpointHostnames() sets.String
EndpointHostnames returns a set of hostnames for existing endpoints.
func (config *NetworkingTestConfig) GetEndpointsFromContainer(ctx context.Context, protocol, containerIP, targetIP string, containerHTTPPort, targetPort, tries int) (sets.String, error)
GetEndpointsFromContainer executes a curl via kubectl exec in a test container, which might then translate to a tcp or udp request based on the protocol argument in the url. It returns all different endpoints from multiple retries.
func (config *NetworkingTestConfig) GetEndpointsFromTestContainer(ctx context.Context, protocol, targetIP string, targetPort, tries int) (sets.String, error)
GetEndpointsFromTestContainer executes a curl via kubectl exec in a test container.
func (config *NetworkingTestConfig) GetHTTPCodeFromTestContainer(ctx context.Context, path, targetIP string, targetPort int) (int, error)
GetHTTPCodeFromTestContainer executes a curl via kubectl exec in a test container and returns the status code.
func (config *NetworkingTestConfig) GetResponseFromContainer(ctx context.Context, protocol, dialCommand, containerIP, targetIP string, containerHTTPPort, targetPort int) (NetexecDialResponse, error)
GetResponseFromContainer executes a curl via kubectl exec in a container.
func (config *NetworkingTestConfig) GetResponseFromTestContainer(ctx context.Context, protocol, dialCommand, targetIP string, targetPort int) (NetexecDialResponse, error)
GetResponseFromTestContainer executes a curl via kubectl exec in a test container.
func (config *NetworkingTestConfig) GetSelfURL(ctx context.Context, port int32, path string, expected string)
GetSelfURL executes a curl against the given path via kubectl exec into a test container running with host networking, and fails if the output doesn't match the expected string.
func (config *NetworkingTestConfig) GetSelfURLStatusCode(ctx context.Context, port int32, path string, expected string)
GetSelfURLStatusCode executes a curl against the given path via kubectl exec into a test container running with host networking, and fails if the returned status code doesn't match the expected string.
Option is used to configure the NetworkingTest object
type Option func(*NetworkingTestConfig)