1 package destination
2
3 import (
4 "sync"
5 "testing"
6
7 pb "github.com/linkerd/linkerd2-proxy-api/go/destination"
8 "github.com/linkerd/linkerd2/controller/api/destination/watcher"
9 "github.com/linkerd/linkerd2/controller/api/util"
10 l5dcrdclient "github.com/linkerd/linkerd2/controller/gen/client/clientset/versioned"
11 "github.com/linkerd/linkerd2/controller/k8s"
12 logging "github.com/sirupsen/logrus"
13 )
14
15 func makeServer(t *testing.T) *server {
16 t.Helper()
17 srv, _ := getServerWithClient(t)
18 return srv
19 }
20
21 func getServerWithClient(t *testing.T) (*server, l5dcrdclient.Interface) {
22 meshedPodResources := []string{`
23 apiVersion: v1
24 kind: Namespace
25 metadata:
26 name: ns`,
27 `
28 apiVersion: v1
29 kind: Service
30 metadata:
31 name: name1
32 namespace: ns
33 spec:
34 type: LoadBalancer
35 ipFamilies:
36 - IPv4
37 clusterIP: 172.17.12.0
38 clusterIPs:
39 - 172.17.12.0
40 ports:
41 - port: 8989`,
42 `
43 apiVersion: discovery.k8s.io/v1
44 kind: EndpointSlice
45 metadata:
46 name: name1-ipv4
47 namespace: ns
48 labels:
49 kubernetes.io/service-name: name1
50 addressType: IPv4
51 endpoints:
52 - addresses:
53 - 172.17.0.12
54 targetRef:
55 kind: Pod
56 name: name1-1
57 namespace: ns
58 ports:
59 - port: 8989
60 protocol: TCP`,
61 `
62 apiVersion: v1
63 kind: Pod
64 metadata:
65 labels:
66 linkerd.io/control-plane-ns: linkerd
67 name: name1-1
68 namespace: ns
69 status:
70 phase: Running
71 conditions:
72 - type: Ready
73 status: "True"
74 podIP: 172.17.0.12
75 podIPs:
76 - ip: 172.17.0.12
77 spec:
78 containers:
79 - env:
80 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
81 value: 0.0.0.0:4143
82 name: linkerd-proxy`,
83 `
84 apiVersion: v1
85 kind: Service
86 metadata:
87 name: name2
88 namespace: ns
89 spec:
90 type: LoadBalancer
91 clusterIP: 172.17.99.0
92 clusterIPs:
93 - 172.17.99.0
94 - 2001:db8::99
95 ports:
96 - port: 8989`,
97 `
98 apiVersion: discovery.k8s.io/v1
99 kind: EndpointSlice
100 metadata:
101 name: name2-ipv4
102 namespace: ns
103 labels:
104 kubernetes.io/service-name: name2
105 addressType: IPv4
106 endpoints:
107 - addresses:
108 - 172.17.0.13
109 targetRef:
110 kind: Pod
111 name: name2-2
112 namespace: ns
113 ports:
114 - port: 8989
115 protocol: TCP`,
116 `
117 apiVersion: discovery.k8s.io/v1
118 kind: EndpointSlice
119 metadata:
120 name: name2-ipv6
121 namespace: ns
122 labels:
123 kubernetes.io/service-name: name2
124 addressType: IPv6
125 endpoints:
126 - addresses:
127 - 2001:db8::78
128 targetRef:
129 kind: Pod
130 name: name2-2
131 namespace: ns
132 ports:
133 - port: 8989
134 protocol: TCP`,
135 `
136 apiVersion: v1
137 kind: Pod
138 metadata:
139 name: name2-2
140 namespace: ns
141 status:
142 phase: Succeeded
143 podIP: 172.17.0.13
144 podIPs:
145 - ip: 172.17.0.13
146 - ip: 2001:db8::78`,
147 `
148 apiVersion: v1
149 kind: Pod
150 metadata:
151 name: name2-3
152 namespace: ns
153 status:
154 phase: Failed
155 podIP: 172.17.0.13
156 podIPs:
157 - ip: 172.17.0.13`,
158 `
159 apiVersion: v1
160 kind: Pod
161 metadata:
162 name: name2-4
163 namespace: ns
164 deletionTimestamp: 2021-01-01T00:00:00Z
165 status:
166 podIP: 172.17.0.13
167 podIPs:
168 - ip: 172.17.0.13`,
169 `
170 apiVersion: linkerd.io/v1alpha2
171 kind: ServiceProfile
172 metadata:
173 name: name1.ns.svc.mycluster.local
174 namespace: ns
175 spec:
176 routes:
177 - name: route1
178 isRetryable: false
179 condition:
180 pathRegex: "/a/b/c"`,
181 }
182
183 clientSP := []string{
184 `
185 apiVersion: linkerd.io/v1alpha2
186 kind: ServiceProfile
187 metadata:
188 name: name1.ns.svc.mycluster.local
189 namespace: client-ns
190 spec:
191 routes:
192 - name: route2
193 isRetryable: true
194 condition:
195 pathRegex: "/x/y/z"`,
196 }
197
198 unmeshedPod := `
199 apiVersion: v1
200 kind: Pod
201 metadata:
202 name: name2
203 namespace: ns
204 status:
205 phase: Running
206 conditions:
207 - type: Ready
208 status: "True"
209 podIP: 172.17.0.13
210 podIPs:
211 - ip: 172.17.0.13`
212
213 meshedOpaquePodResources := []string{
214 `
215 apiVersion: v1
216 kind: Service
217 metadata:
218 name: name3
219 namespace: ns
220 spec:
221 type: LoadBalancer
222 clusterIP: 172.17.12.1
223 ports:
224 - port: 4242`,
225 `
226 apiVersion: discovery.k8s.io/v1
227 kind: EndpointSlice
228 metadata:
229 name: name3
230 namespace: ns
231 labels:
232 kubernetes.io/service-name: name3
233 addressType: IPv4
234 endpoints:
235 - addresses:
236 - 172.17.0.14
237 targetRef:
238 kind: Pod
239 name: name3
240 namespace: ns
241 ports:
242 - port: 4242
243 protocol: TCP`,
244 `
245 apiVersion: v1
246 kind: Pod
247 metadata:
248 labels:
249 linkerd.io/control-plane-ns: linkerd
250 annotations:
251 config.linkerd.io/opaque-ports: "4242"
252 name: name3
253 namespace: ns
254 status:
255 phase: Running
256 conditions:
257 - type: Ready
258 status: "True"
259 podIP: 172.17.0.14
260 podIPs:
261 - ip: 172.17.0.14
262 spec:
263 containers:
264 - env:
265 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
266 value: 0.0.0.0:4143
267 name: linkerd-proxy`,
268 }
269
270 meshedOpaqueServiceResources := []string{
271 `
272 apiVersion: v1
273 kind: Service
274 metadata:
275 name: name4
276 namespace: ns
277 annotations:
278 config.linkerd.io/opaque-ports: "4242"`,
279 }
280
281 meshedSkippedPodResource := []string{
282 `
283 apiVersion: v1
284 kind: Service
285 metadata:
286 name: name5
287 namespace: ns
288 spec:
289 type: LoadBalancer
290 clusterIP: 172.17.13.1
291 ports:
292 - port: 24224`,
293 `
294 apiVersion: discovery.k8s.io/v1
295 kind: EndpointSlice
296 metadata:
297 name: name5
298 namespace: ns
299 labels:
300 kubernetes.io/service-name: name5
301 addressType: IPv4
302 endpoints:
303 - addresses:
304 - 172.17.0.15
305 targetRef:
306 kind: Pod
307 name: name5
308 namespace: ns
309 ports:
310 - port: 24224
311 protocol: TCP`,
312 `
313 apiVersion: v1
314 kind: Pod
315 metadata:
316 labels:
317 linkerd.io/control-plane-ns: linkerd
318 annotations:
319 config.linkerd.io/skip-inbound-ports: "24224"
320 name: name5
321 namespace: ns
322 status:
323 phase: Running
324 conditions:
325 - type: Ready
326 status: "True"
327 podIP: 172.17.0.15
328 podIPs:
329 - ip: 172.17.0.15
330 spec:
331 containers:
332 - env:
333 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
334 value: 0.0.0.0:4143
335 name: linkerd-proxy`,
336 }
337
338 meshedStatefulSetPodResource := []string{
339 `
340 apiVersion: v1
341 kind: Service
342 metadata:
343 name: statefulset-svc
344 namespace: ns
345 spec:
346 type: LoadBalancer
347 clusterIP: 172.17.13.5
348 ports:
349 - port: 8989`,
350 `
351 apiVersion: discovery.k8s.io/v1
352 kind: EndpointSlice
353 metadata:
354 name: statefulset-svc
355 namespace: ns
356 labels:
357 kubernetes.io/service-name: statefulset-svc
358 addressType: IPv4
359 endpoints:
360 - addresses:
361 - 172.17.13.15
362 hostname: pod-0
363 targetRef:
364 kind: Pod
365 name: pod-0
366 namespace: ns
367 ports:
368 - port: 8989
369 protocol: TCP`,
370 `
371 apiVersion: v1
372 kind: Pod
373 metadata:
374 labels:
375 linkerd.io/control-plane-ns: linkerd
376 name: pod-0
377 namespace: ns
378 status:
379 phase: Running
380 conditions:
381 - type: Ready
382 status: "True"
383 podIP: 172.17.13.15
384 podIPs:
385 - ip: 172.17.13.15`,
386 }
387
388 policyResources := []string{
389 `
390 apiVersion: v1
391 kind: Service
392 metadata:
393 name: policy-test
394 namespace: ns
395 spec:
396 type: LoadBalancer
397 clusterIP: 172.17.12.2
398 ports:
399 - port: 80`,
400 `
401 apiVersion: discovery.k8s.io/v1
402 kind: EndpointSlice
403 metadata:
404 name: policy-test
405 namespace: ns
406 labels:
407 kubernetes.io/service-name: policy-test
408 addressType: IPv4
409 endpoints:
410 - addresses:
411 - 172.17.0.16
412 targetRef:
413 kind: Pod
414 name: policy-test
415 namespace: ns
416 ports:
417 - port: 80
418 protocol: TCP`,
419 `
420 apiVersion: v1
421 kind: Pod
422 metadata:
423 labels:
424 linkerd.io/control-plane-ns: linkerd
425 app: policy-test
426 name: policy-test
427 namespace: ns
428 status:
429 phase: Running
430 conditions:
431 - type: Ready
432 status: "True"
433 podIP: 172.17.0.16
434 podIPs:
435 - ip: 172.17.0.16
436 spec:
437 containers:
438 - name: linkerd-proxy
439 env:
440 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
441 value: 0.0.0.0:4143
442 - name: app
443 image: nginx
444 ports:
445 - containerPort: 80
446 name: http
447 protocol: TCP`,
448 `
449 apiVersion: policy.linkerd.io/v1beta2
450 kind: Server
451 metadata:
452 name: policy-test
453 namespace: ns
454 spec:
455 podSelector:
456 matchLabels:
457 app: policy-test
458 port: 80
459 proxyProtocol: opaque`,
460 `
461 apiVersion: policy.linkerd.io/v1beta2
462 kind: Server
463 metadata:
464 name: policy-test-external-workload
465 namespace: ns
466 spec:
467 externalWorkloadSelector:
468 matchLabels:
469 app: external-workload-policy-test
470 port: 80
471 proxyProtocol: opaque`,
472 }
473
474 policyResourcesNativeSidecar := []string{
475 `
476 apiVersion: v1
477 kind: Service
478 metadata:
479 name: native
480 namespace: ns
481 spec:
482 type: LoadBalancer
483 clusterIP: 172.17.12.4
484 ports:
485 - port: 80`,
486 `
487 apiVersion: discovery.k8s.io/v1
488 kind: EndpointSlice
489 metadata:
490 name: native
491 namespace: ns
492 labels:
493 kubernetes.io/service-name: native
494 addressType: IPv4
495 endpoints:
496 - addresses:
497 - 172.17.0.18
498 targetRef:
499 kind: Pod
500 name: native
501 namespace: ns
502 ports:
503 - port: 80
504 protocol: TCP`,
505 `
506 apiVersion: v1
507 kind: Pod
508 metadata:
509 labels:
510 linkerd.io/control-plane-ns: linkerd
511 app: native
512 name: native
513 namespace: ns
514 status:
515 phase: Running
516 conditions:
517 - type: Ready
518 status: "True"
519 podIP: 172.17.0.18
520 podIPs:
521 - ip: 172.17.0.18
522 spec:
523 initContainers:
524 - name: linkerd-proxy
525 env:
526 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
527 value: 0.0.0.0:4143
528 - name: app
529 image: nginx
530 ports:
531 - containerPort: 80
532 name: http
533 protocol: TCP`,
534 `
535 apiVersion: policy.linkerd.io/v1beta2
536 kind: Server
537 metadata:
538 name: native
539 namespace: ns
540 spec:
541 podSelector:
542 matchLabels:
543 app: native
544 port: 80
545 proxyProtocol: opaque`,
546 }
547
548 hostPortMapping := []string{
549 `
550 kind: Pod
551 apiVersion: v1
552 metadata:
553 name: hostport-mapping
554 namespace: ns
555 status:
556 phase: Running
557 conditions:
558 - type: Ready
559 status: "True"
560 hostIP: 192.168.1.20
561 podIP: 172.17.0.17
562 podIPs:
563 - ip: 172.17.0.17
564 spec:
565 containers:
566 - name: nginx
567 image: nginx
568 ports:
569 - containerPort: 80
570 hostPort: 7777
571 name: nginx-7777`,
572 }
573
574 exportedServiceResources := []string{`
575 apiVersion: v1
576 kind: Namespace
577 metadata:
578 name: ns`,
579 `
580 apiVersion: v1
581 kind: Service
582 metadata:
583 name: foo
584 namespace: ns
585 spec:
586 type: LoadBalancer
587 ports:
588 - port: 80`,
589 `
590 apiVersion: discovery.k8s.io/v1
591 kind: EndpointSlice
592 metadata:
593 name: foo
594 namespace: ns
595 labels:
596 kubernetes.io/service-name: foo
597 addressType: IPv4
598 endpoints:
599 - addresses:
600 - 172.17.55.1
601 targetRef:
602 kind: Pod
603 name: foo-1
604 namespace: ns
605 ports:
606 - port: 80
607 protocol: TCP`,
608 `
609 apiVersion: v1
610 kind: Pod
611 metadata:
612 labels:
613 linkerd.io/control-plane-ns: linkerd
614 name: foo-1
615 namespace: ns
616 status:
617 phase: Running
618 conditions:
619 - type: Ready
620 status: "True"
621 podIP: 172.17.55.1
622 podIPs:
623 - ip: 172.17.55.1
624 spec:
625 containers:
626 - env:
627 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
628 value: 0.0.0.0:4143
629 name: linkerd-proxy`,
630 }
631
632 destinationCredentialsResources := []string{`
633 apiVersion: v1
634 data:
635 kubeconfig: V2UncmUgbm8gc3RyYW5nZXJzIHRvIGxvdmUKWW91IGtub3cgdGhlIHJ1bGVzIGFuZCBzbyBkbyBJIChkbyBJKQpBIGZ1bGwgY29tbWl0bWVudCdzIHdoYXQgSSdtIHRoaW5raW5nIG9mCllvdSB3b3VsZG4ndCBnZXQgdGhpcyBmcm9tIGFueSBvdGhlciBndXkKSSBqdXN0IHdhbm5hIHRlbGwgeW91IGhvdyBJJ20gZmVlbGluZwpHb3R0YSBtYWtlIHlvdSB1bmRlcnN0YW5kCk5ldmVyIGdvbm5hIGdpdmUgeW91IHVwCk5ldmVyIGdvbm5hIGxldCB5b3UgZG93bgpOZXZlciBnb25uYSBydW4gYXJvdW5kIGFuZCBkZXNlcnQgeW91Ck5ldmVyIGdvbm5hIG1ha2UgeW91IGNyeQpOZXZlciBnb25uYSBzYXkgZ29vZGJ5ZQpOZXZlciBnb25uYSB0ZWxsIGEgbGllIGFuZCBodXJ0IHlvdQpXZSd2ZSBrbm93biBlYWNoIG90aGVyIGZvciBzbyBsb25nCllvdXIgaGVhcnQncyBiZWVuIGFjaGluZywgYnV0IHlvdSdyZSB0b28gc2h5IHRvIHNheSBpdCAoc2F5IGl0KQpJbnNpZGUsIHdlIGJvdGgga25vdyB3aGF0J3MgYmVlbiBnb2luZyBvbiAoZ29pbmcgb24pCldlIGtub3cgdGhlIGdhbWUgYW5kIHdlJ3JlIGdvbm5hIHBsYXkgaXQKQW5kIGlmIHlvdSBhc2sgbWUgaG93IEknbSBmZWVsaW5nCkRvbid0IHRlbGwgbWUgeW91J3JlIHRvbyBibGluZCB0byBzZWUKTmV2ZXIgZ29ubmEgZ2l2ZSB5b3UgdXAKTmV2ZXIgZ29ubmEgbGV0IHlvdSBkb3duCk5ldmVyIGdvbm5hIHJ1biBhcm91bmQgYW5kIGRlc2VydCB5b3UKTmV2ZXIgZ29ubmEgbWFrZSB5b3UgY3J5Ck5ldmVyIGdvbm5hIHNheSBnb29kYnllCk5ldmVyIGdvbm5hIHRlbGwgYSBsaWUgYW5kIGh1cnQgeW91
636 kind: Secret
637 metadata:
638 annotations:
639 multicluster.linkerd.io/cluster-domain: cluster.local
640 multicluster.linkerd.io/trust-domain: cluster.local
641 labels:
642 multicluster.linkerd.io/cluster-name: target
643 name: cluster-credentials-target
644 namespace: linkerd
645 type: mirror.linkerd.io/remote-kubeconfig`}
646
647 mirrorServiceResources := []string{`
648 apiVersion: v1
649 kind: Service
650 metadata:
651 name: foo-target
652 namespace: ns
653 labels:
654 multicluster.linkerd.io/remote-discovery: target
655 multicluster.linkerd.io/remote-service: foo
656 spec:
657 type: LoadBalancer
658 ports:
659 - port: 80`,
660 }
661
662 externalWorkloads := []string{`
663 apiVersion: workload.linkerd.io/v1beta1
664 kind: ExternalWorkload
665 metadata:
666 name: my-cool-workload
667 namespace: ns
668 annotations:
669 config.linkerd.io/opaque-ports: "4242"
670 spec:
671 meshTLS:
672 identity: spiffe://some-domain/cool
673 serverName: server.local
674 workloadIPs:
675 - ip: 200.1.1.1
676 ports:
677 - port: 8989
678 - port: 4242
679 - name: linkerd-proxy
680 port: 4143
681 status:
682 conditions:
683 - ready: true`,
684 `
685 apiVersion: workload.linkerd.io/v1beta1
686 kind: ExternalWorkload
687 metadata:
688 name: policy-test-workload
689 namespace: ns
690 labels:
691 app: external-workload-policy-test
692 spec:
693 meshTLS:
694 identity: spiffe://some-domain/cool
695 serverName: server.local
696 workloadIPs:
697 - ip: 200.1.1.2
698 ports:
699 - port: 80
700 - name: linkerd-proxy
701 port: 4143
702 status:
703 conditions:
704 ready: true`,
705 `
706 apiVersion: v1
707 kind: Service
708 metadata:
709 name: policy-test-external-workload
710 namespace: ns
711 spec:
712 type: LoadBalancer
713 clusterIP: 172.17.12.3
714 ports:
715 - port: 80`,
716 `
717 apiVersion: discovery.k8s.io/v1
718 kind: EndpointSlice
719 metadata:
720 name: policy-test-external-workload
721 namespace: ns
722 labels:
723 kubernetes.io/service-name: policy-test-external-workload
724 addressType: IPv4
725 endpoints:
726 - addresses:
727 - 200.1.1.2
728 targetRef:
729 kind: ExternalWorkload
730 name: policy-test-workload
731 namespace: ns
732 ports:
733 - port: 80
734 protocol: TCP`,
735 }
736
737 externalNameResources := []string{
738 `
739 apiVersion: v1
740 kind: Service
741 metadata:
742 name: externalname
743 namespace: ns
744 spec:
745 type: ExternalName
746 externalName: linkerd.io`,
747 }
748
749 ipv6 := []string{
750 `
751 apiVersion: v1
752 kind: Service
753 metadata:
754 name: name-ipv6
755 namespace: ns
756 spec:
757 type: ClusterIP
758 ipFamilies:
759 - IPv6
760 clusterIP: 2001:db8::93
761 clusterIPs:
762 - 2001:db8::93
763 ports:
764 - port: 8989`,
765 `
766 apiVersion: discovery.k8s.io/v1
767 kind: EndpointSlice
768 metadata:
769 name: name-ipv6
770 namespace: ns
771 labels:
772 kubernetes.io/service-name: name-ipv6
773 addressType: IPv6
774 endpoints:
775 - addresses:
776 - 2001:db8::68
777 targetRef:
778 kind: Pod
779 name: name-ipv6
780 namespace: ns
781 ports:
782 - port: 8989
783 protocol: TCP`,
784 `
785 apiVersion: v1
786 kind: Pod
787 metadata:
788 labels:
789 linkerd.io/control-plane-ns: linkerd
790 name: name-ipv6
791 namespace: ns
792 status:
793 phase: Running
794 conditions:
795 - type: Ready
796 status: "True"
797 podIP: 2001:db8::68
798 podIPs:
799 - ip: 2001:db8::68
800 spec:
801 containers:
802 - env:
803 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
804 value: 0.0.0.0:4143
805 name: linkerd-proxy`,
806 }
807
808 dualStack := []string{
809 `
810 apiVersion: v1
811 kind: Service
812 metadata:
813 name: name-ds
814 namespace: ns
815 spec:
816 type: ClusterIP
817 ipFamilies:
818 - IPv4
819 - IPv6
820 clusterIP: 172.17.13.0
821 clusterIPs:
822 - 172.17.13.0
823 - 2001:db8::88
824 ports:
825 - port: 8989`,
826 `
827 apiVersion: discovery.k8s.io/v1
828 kind: EndpointSlice
829 metadata:
830 name: name-ds-ipv4
831 namespace: ns
832 labels:
833 kubernetes.io/service-name: name-ds
834 addressType: IPv4
835 endpoints:
836 - addresses:
837 - 172.17.0.19
838 targetRef:
839 kind: Pod
840 name: name-ds
841 namespace: ns
842 ports:
843 - port: 8989
844 protocol: TCP`,
845 `
846 apiVersion: discovery.k8s.io/v1
847 kind: EndpointSlice
848 metadata:
849 name: name-ds-ipv6
850 namespace: ns
851 labels:
852 kubernetes.io/service-name: name-ds
853 addressType: IPv6
854 endpoints:
855 - addresses:
856 - 2001:db8::94
857 targetRef:
858 kind: Pod
859 name: name-ds
860 namespace: ns
861 ports:
862 - port: 8989
863 protocol: TCP`,
864 `
865 apiVersion: v1
866 kind: Pod
867 metadata:
868 labels:
869 linkerd.io/control-plane-ns: linkerd
870 name: name-ds
871 namespace: ns
872 status:
873 phase: Running
874 conditions:
875 - type: Ready
876 status: "True"
877 podIP: 172.17.0.19
878 podIPs:
879 - ip: 172.17.0.19
880 - ip: 2001:db8::94
881 spec:
882 containers:
883 - env:
884 - name: LINKERD2_PROXY_INBOUND_LISTEN_ADDR
885 value: 0.0.0.0:4143
886 name: linkerd-proxy`,
887 `
888 apiVersion: linkerd.io/v1alpha2
889 kind: ServiceProfile
890 metadata:
891 name: name-ds.ns.svc.mycluster.local
892 namespace: ns
893 spec:
894 routes:
895 - name: route1
896 isRetryable: false
897 condition:
898 pathRegex: "/a/b/c"`,
899 }
900
901 res := append(meshedPodResources, clientSP...)
902 res = append(res, unmeshedPod)
903 res = append(res, meshedOpaquePodResources...)
904 res = append(res, meshedOpaqueServiceResources...)
905 res = append(res, meshedSkippedPodResource...)
906 res = append(res, meshedStatefulSetPodResource...)
907 res = append(res, policyResources...)
908 res = append(res, policyResourcesNativeSidecar...)
909 res = append(res, hostPortMapping...)
910 res = append(res, mirrorServiceResources...)
911 res = append(res, destinationCredentialsResources...)
912 res = append(res, externalWorkloads...)
913 res = append(res, externalNameResources...)
914 res = append(res, ipv6...)
915 res = append(res, dualStack...)
916 k8sAPI, l5dClient, err := k8s.NewFakeAPIWithL5dClient(res...)
917 if err != nil {
918 t.Fatalf("NewFakeAPIWithL5dClient returned an error: %s", err)
919 }
920 metadataAPI, err := k8s.NewFakeMetadataAPI(nil)
921 if err != nil {
922 t.Fatalf("NewFakeMetadataAPI returned an error: %s", err)
923 }
924 log := logging.WithField("test", t.Name())
925
926 defaultOpaquePorts := map[uint32]struct{}{
927 25: {},
928 443: {},
929 587: {},
930 3306: {},
931 5432: {},
932 11211: {},
933 }
934
935 err = watcher.InitializeIndexers(k8sAPI)
936 if err != nil {
937 t.Fatalf("initializeIndexers returned an error: %s", err)
938 }
939
940 workloads, err := watcher.NewWorkloadWatcher(k8sAPI, metadataAPI, log, true, defaultOpaquePorts)
941 if err != nil {
942 t.Fatalf("can't create Workloads watcher: %s", err)
943 }
944 endpoints, err := watcher.NewEndpointsWatcher(k8sAPI, metadataAPI, log, true, "local")
945 if err != nil {
946 t.Fatalf("can't create Endpoints watcher: %s", err)
947 }
948 opaquePorts, err := watcher.NewOpaquePortsWatcher(k8sAPI, log, defaultOpaquePorts)
949 if err != nil {
950 t.Fatalf("can't create opaque ports watcher: %s", err)
951 }
952 profiles, err := watcher.NewProfileWatcher(k8sAPI, log)
953 if err != nil {
954 t.Fatalf("can't create profile watcher: %s", err)
955 }
956
957 clusterStore, err := watcher.NewClusterStoreWithDecoder(k8sAPI.Client, "linkerd", true, watcher.CreateMockDecoder(exportedServiceResources...))
958 if err != nil {
959 t.Fatalf("can't create cluster store: %s", err)
960 }
961
962
963
964 k8sAPI.Sync(nil)
965 metadataAPI.Sync(nil)
966 clusterStore.Sync(nil)
967
968 return &server{
969 pb.UnimplementedDestinationServer{},
970 Config{
971 EnableH2Upgrade: true,
972 EnableIPv6: true,
973 ControllerNS: "linkerd",
974 ClusterDomain: "mycluster.local",
975 IdentityTrustDomain: "trust.domain",
976 DefaultOpaquePorts: defaultOpaquePorts,
977 },
978 workloads,
979 endpoints,
980 opaquePorts,
981 profiles,
982 clusterStore,
983 k8sAPI,
984 metadataAPI,
985 log,
986 make(<-chan struct{}),
987 }, l5dClient
988 }
989
990 type bufferingGetStream struct {
991 updates chan *pb.Update
992 util.MockServerStream
993 }
994
995 func (bgs *bufferingGetStream) Send(update *pb.Update) error {
996 bgs.updates <- update
997 return nil
998 }
999
1000 type bufferingGetProfileStream struct {
1001 updates []*pb.DestinationProfile
1002 util.MockServerStream
1003 mu sync.Mutex
1004 }
1005
1006 func (bgps *bufferingGetProfileStream) Send(profile *pb.DestinationProfile) error {
1007 bgps.mu.Lock()
1008 defer bgps.mu.Unlock()
1009 bgps.updates = append(bgps.updates, profile)
1010 return nil
1011 }
1012
1013 func (bgps *bufferingGetProfileStream) Updates() []*pb.DestinationProfile {
1014 bgps.mu.Lock()
1015 defer bgps.mu.Unlock()
1016 return bgps.updates
1017 }
1018
1019 type mockDestinationGetServer struct {
1020 util.MockServerStream
1021 updatesReceived chan *pb.Update
1022 }
1023
1024 func (m *mockDestinationGetServer) Send(update *pb.Update) error {
1025 m.updatesReceived <- update
1026 return nil
1027 }
1028
1029 type mockDestinationGetProfileServer struct {
1030 util.MockServerStream
1031 profilesReceived chan *pb.DestinationProfile
1032 }
1033
1034 func (m *mockDestinationGetProfileServer) Send(profile *pb.DestinationProfile) error {
1035 m.profilesReceived <- profile
1036 return nil
1037 }
1038
1039 func makeEndpointTranslator(t *testing.T) (*mockDestinationGetServer, *endpointTranslator) {
1040 t.Helper()
1041 node := `apiVersion: v1
1042 kind: Node
1043 metadata:
1044 annotations:
1045 kubeadm.alpha.kubernetes.io/cri-socket: /run/containerd/containerd.sock
1046 node.alpha.kubernetes.io/ttl: "0"
1047 labels:
1048 beta.kubernetes.io/arch: amd64
1049 kubernetes.io/os: linux
1050 kubernetes.io/arch: amd64
1051 kubernetes.io/hostname: kind-worker
1052 kubernetes.io/os: linux
1053 topology.kubernetes.io/region: west
1054 topology.kubernetes.io/zone: west-1a
1055 name: test-123
1056 `
1057 metadataAPI, err := k8s.NewFakeMetadataAPI([]string{node})
1058 if err != nil {
1059 t.Fatalf("NewFakeMetadataAPI returned an error: %s", err)
1060 }
1061 metadataAPI.Sync(nil)
1062
1063 mockGetServer := &mockDestinationGetServer{updatesReceived: make(chan *pb.Update, 50)}
1064 translator := newEndpointTranslator(
1065 "linkerd",
1066 "trust.domain",
1067 true,
1068 true,
1069 true,
1070 false,
1071 nil,
1072 "service-name.service-ns",
1073 "test-123",
1074 map[uint32]struct{}{},
1075 metadataAPI,
1076 mockGetServer,
1077 nil,
1078 logging.WithField("test", t.Name()),
1079 )
1080 return mockGetServer, translator
1081 }
1082
View as plain text