check

package
v0.10.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2022 License: Apache-2.0 Imports: 35 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	FlowValidationModeDisabled = "disabled"
	FlowValidationModeWarning  = "warning"
	FlowValidationModeStrict   = "strict"
)
View Source 
const (
	ClientDeploymentName  = "client"
	Client2DeploymentName = "client2"
)

Variables

View Source 
var (
	// ResultNone expects a successful command, don't match any packets.
	ResultNone = Result{
		None: true,
	}

	// ResultOK expects a successful command and a matching flow.
	ResultOK = Result{}

	// ResultDNSOK expects a successful command, only generating DNS traffic.
	ResultDNSOK = Result{
		DNSProxy: true,
	}

	// ResultDNSOKDropCurlTimeout expects a failed command, generating DNS traffic and a dropped flow.
	ResultDNSOKDropCurlTimeout = Result{
		DNSProxy: true,
		Drop:     true,
		ExitCode: ExitCurlTimeout,
	}

	// ResultDNSOKDropCurlHTTPError expects a failed command, generating DNS traffic and a dropped flow.
	ResultDNSOKDropCurlHTTPError = Result{
		DNSProxy: true,
		L7Proxy:  true,
		Drop:     true,
		ExitCode: ExitCurlHTTPError,
	}

	// ResultDrop expects a dropped flow and a failed command.
	ResultDrop = Result{
		Drop:     true,
		ExitCode: ExitAnyError,
	}

	// ResultDropCurlTimeout expects a dropped flow and a failed command.
	ResultDropCurlTimeout = Result{
		Drop:     true,
		ExitCode: ExitCurlTimeout,
	}

	// ResultDropCurlHTTPError expects a dropped flow and a failed command.
	ResultDropCurlHTTPError = Result{
		L7Proxy:  true,
		Drop:     true,
		ExitCode: ExitCurlHTTPError,
	}
)

Functions

This section is empty.

Types

type Action 

type Action struct {
	// contains filtered or unexported fields
}

Action represents an individual action (e.g. a curl call) in a Scenario between a source and a destination peer.

func (*Action) Debug 

func (a *Action) Debug(s ...interface{})

Debug logs a debug message.

func (*Action) Debugf 

func (a *Action) Debugf(format string, s ...interface{})

Debugf logs a formatted debug message.

func (*Action) Destination 

func (a *Action) Destination() TestPeer

func (*Action) ExecInPod 

func (a *Action) ExecInPod(ctx context.Context, cmd []string)

func (*Action) Fail 

func (a *Action) Fail(s ...interface{})

Fail must be called when the Action is unsuccessful.

func (*Action) Failf 

func (a *Action) Failf(format string, s ...interface{})

Failf must be called when the Action is unsuccessful.

func (*Action) Fatal 

func (a *Action) Fatal(s ...interface{})

Fatal must be called when an irrecoverable error was encountered during the Action.

func (*Action) Fatalf 

func (a *Action) Fatalf(format string, s ...interface{})

Fatalf must be called when an irrecoverable error was encountered during the Action.

func (*Action) GetEgressRequirements 

func (a *Action) GetEgressRequirements(p FlowParameters) (reqs []filters.FlowSetRequirement)

func (*Action) GetIngressRequirements 

func (a *Action) GetIngressRequirements(p FlowParameters) []filters.FlowSetRequirement

func (*Action) Info 

func (a *Action) Info(s ...interface{})

Info logs a debug message.

func (*Action) Infof 

func (a *Action) Infof(format string, s ...interface{})

Infof logs a formatted debug message.

func (*Action) Log 

func (a *Action) Log(s ...interface{})

Log logs a message.

func (*Action) Logf 

func (a *Action) Logf(format string, s ...interface{})

Logf logs a formatted message.

func (*Action) Peers 

func (a *Action) Peers() string

Peers returns the name and addr:port of the peers involved in the Action. If source or destination peers are missing, returns an empty string.

func (*Action) Run 

func (a *Action) Run(f func(*Action))

Run executes function f.

This method is to be called from a Scenario implementation.

func (*Action) Source 

func (a *Action) Source() TestPeer

func (*Action) String 

func (a *Action) String() string

func (*Action) ValidateFlows 

func (a *Action) ValidateFlows(ctx context.Context, peer TestPeer, reqs []filters.FlowSetRequirement)

ValidateFlows retrieves the flow pods of the specified pod and validates that all filters find a match. On failure, t.Fail() is called.

type ConnectivityTest 

type ConnectivityTest struct {
	// contains filtered or unexported fields
}

ConnectivityTest is the root context of the connectivity test suite and holds all resources belonging to it. It implements interface ConnectivityTest and is instantiated once at the start of the program,

func NewConnectivityTest 

func NewConnectivityTest(client *k8s.Client, p Parameters) (*ConnectivityTest, error)

NewConnectivityTest returns a new ConnectivityTest.

func (*ConnectivityTest) AllFlows 

func (ct *ConnectivityTest) AllFlows() bool

func (*ConnectivityTest) CiliumBaseVersion added in v0.10.4 

func (ct *ConnectivityTest) CiliumBaseVersion() string

func (*ConnectivityTest) CiliumPods 

func (ct *ConnectivityTest) CiliumPods() map[string]Pod

func (*ConnectivityTest) ClientPods 

func (ct *ConnectivityTest) ClientPods() map[string]Pod

func (*ConnectivityTest) Debug 

func (ct *ConnectivityTest) Debug(a ...interface{})

Debug logs a debug message.

func (*ConnectivityTest) Debugf 

func (ct *ConnectivityTest) Debugf(format string, a ...interface{})

Debugf logs a formatted debug message.

func (*ConnectivityTest) EchoPods 

func (ct *ConnectivityTest) EchoPods() map[string]Pod

func (*ConnectivityTest) EchoServices 

func (ct *ConnectivityTest) EchoServices() map[string]Service

func (*ConnectivityTest) ExternalWorkloads 

func (ct *ConnectivityTest) ExternalWorkloads() map[string]ExternalWorkload

func (*ConnectivityTest) Fail 

func (ct *ConnectivityTest) Fail(a ...interface{})

Fail logs a failure message.

func (*ConnectivityTest) Failf 

func (ct *ConnectivityTest) Failf(format string, a ...interface{})

Failf logs a formatted failure message.

func (*ConnectivityTest) Fatal 

func (ct *ConnectivityTest) Fatal(a ...interface{})

Fatal logs an error.

func (*ConnectivityTest) Fatalf 

func (ct *ConnectivityTest) Fatalf(format string, a ...interface{})

Fatalf logs a formatted error.

func (*ConnectivityTest) FetchCiliumPodImageTag added in v0.10.4 

func (ct *ConnectivityTest) FetchCiliumPodImageTag() string

FetchCiliumPodImageTag fetches the first Cilium pod's image's tag (e.g. v1.11.1 from quay.io/cilium/cilium:v1.11.1).

func (*ConnectivityTest) FlowAggregation 

func (ct *ConnectivityTest) FlowAggregation() bool

func (*ConnectivityTest) Header 

func (ct *ConnectivityTest) Header(a ...interface{})

Header prints a newline followed by a formatted message.

func (*ConnectivityTest) Headerf 

func (ct *ConnectivityTest) Headerf(format string, a ...interface{})

Headerf prints a newline followed by a formatted message.

func (*ConnectivityTest) HubbleClient 

func (ct *ConnectivityTest) HubbleClient() observer.ObserverClient

func (*ConnectivityTest) Info 

func (ct *ConnectivityTest) Info(a ...interface{})

Info logs an informational message.

func (*ConnectivityTest) Infof 

func (ct *ConnectivityTest) Infof(format string, a ...interface{})

Infof logs a formatted informational message.

func (*ConnectivityTest) Log 

func (ct *ConnectivityTest) Log(a ...interface{})

Log logs a message.

func (*ConnectivityTest) Logf 

func (ct *ConnectivityTest) Logf(format string, a ...interface{})

Logf logs a formatted message.

func (*ConnectivityTest) NewTest 

func (ct *ConnectivityTest) NewTest(name string) *Test

NewTest creates a new test scope within the ConnectivityTest and returns a new Test. This object can be used to set up the environment to execute different Scenarios within.

func (*ConnectivityTest) PostTestSleepDuration 

func (ct *ConnectivityTest) PostTestSleepDuration() time.Duration

func (*ConnectivityTest) PrintFlows 

func (ct *ConnectivityTest) PrintFlows() bool

func (*ConnectivityTest) RandomClientPod 

func (ct *ConnectivityTest) RandomClientPod() *Pod

func (*ConnectivityTest) Run 

func (ct *ConnectivityTest) Run(ctx context.Context) error

Run kicks off execution of all Tests registered to the ConnectivityTest. Each Test's Run() method is called within its own goroutine.

func (*ConnectivityTest) SetupAndValidate added in v0.10.4 

func (ct *ConnectivityTest) SetupAndValidate(ctx context.Context) error

SetupAndValidate sets up and validates the connectivity test infrastructure such as the client pods and validates the deployment of them along with Cilium. This must be run before Run() is called.

func (*ConnectivityTest) Warn 

func (ct *ConnectivityTest) Warn(a ...interface{})

Warn logs a warning message.

func (*ConnectivityTest) Warnf 

func (ct *ConnectivityTest) Warnf(format string, a ...interface{})

Warnf logs a formatted warning message.

type ExitCode added in v0.9.0 

type ExitCode int16
const (
	ExitAnyError    ExitCode = -1
	ExitInvalidCode ExitCode = -2

	ExitCurlHTTPError ExitCode = 22
	ExitCurlTimeout   ExitCode = 28
)

func (ExitCode) Check added in v0.9.0 

func (e ExitCode) Check(code uint8) bool

func (ExitCode) String added in v0.9.0 

func (e ExitCode) String() string

type ExpectationsFunc 

type ExpectationsFunc func(a *Action) (egress, ingress Result)

type ExternalWorkload 

type ExternalWorkload struct {
	// contains filtered or unexported fields
}

ExternalWorkload is an external workload acting as a peer in a connectivity test. It implements interface TestPeer.

func (ExternalWorkload) Address 

func (e ExternalWorkload) Address() string

Address returns the network address of the ExternalWorkload.

func (ExternalWorkload) HasLabel 

func (e ExternalWorkload) HasLabel(name, value string) bool

HasLabel checks if given label exists and value matches.

func (ExternalWorkload) Name 

func (e ExternalWorkload) Name() string

Name returns the name of the ExternalWorkload.

func (ExternalWorkload) Path added in v0.9.0 

func (e ExternalWorkload) Path() string

Path returns an empty string.

func (ExternalWorkload) Port 

func (e ExternalWorkload) Port() uint32

Port returns 0.

func (ExternalWorkload) Scheme 

func (e ExternalWorkload) Scheme() string

Scheme returns an empty string.

type FlowParameters 

type FlowParameters struct {
	// Protocol is the network protocol being tested
	Protocol L4Protocol

	// DNSRequired is true if DNS flows must be seen before the test protocol
	DNSRequired bool

	// RSTAllowed is true if TCP connection may end with either RST or FIN
	RSTAllowed bool

	// NodePort, if non-zero, indicates an alternative port number for the DstPort to be matched
	NodePort uint32
}

FlowParameters defines parameters for test result flow matching

type FlowRequirementResults 

type FlowRequirementResults struct {
	FirstMatch         int
	LastMatch          int
	Matched            MatchMap
	Failures           int
	NeedMoreFlows      bool
	LastMatchTimestamp time.Time
}

func (*FlowRequirementResults) Merge 

func (r *FlowRequirementResults) Merge(from *FlowRequirementResults)

type HTTP 

type HTTP struct {
	Status string
	Method string
	URL    string
}

type L4Protocol 

type L4Protocol int

L4Protocol identifies the network protocol being tested 

const (
	TCP L4Protocol = iota
	UDP
	ICMP
)

type MatchMap 

type MatchMap map[int]bool

type Parameters 

type Parameters struct {
	CiliumNamespace       string
	TestNamespace         string
	SingleNode            bool
	PrintFlows            bool
	ForceDeploy           bool
	Hubble                bool
	HubbleServer          string
	MultiCluster          string
	RunTests              []*regexp.Regexp
	SkipTests             []*regexp.Regexp
	PostTestSleepDuration time.Duration
	FlowValidation        string
	AllFlows              bool
	Writer                io.ReadWriter
	Verbose               bool
	Debug                 bool
	PauseOnFail           bool
	SkipIPCacheCheck      bool
	CiliumBaseVersion     string
}

type Pod 

type Pod struct {
	// Kubernetes client of the cluster this pod is running in.
	K8sClient *k8s.Client

	// Pod is the Kubernetes Pod resource.
	Pod *corev1.Pod
	// contains filtered or unexported fields
}

Pod is a Kubernetes Pod acting as a peer in a connectivity test.

func (Pod) Address 

func (p Pod) Address() string

Address returns the network address of the Pod.

func (Pod) HasLabel 

func (p Pod) HasLabel(name, value string) bool

HasLabel checks if given label exists and value matches.

func (Pod) Name 

func (p Pod) Name() string

Name returns the absolute name of the Pod.

func (Pod) Path added in v0.9.0 

func (p Pod) Path() string

func (Pod) Port 

func (p Pod) Port() uint32

Port returns the port the Pod is listening on.

func (Pod) Scheme 

func (p Pod) Scheme() string

func (Pod) String 

func (p Pod) String() string

type Result 

type Result struct {
	// Request is dropped
	Drop bool

	// No flows are to be expected. Used for ingress when egress drops
	None bool

	// DNSProxy is true when DNS Proxy is to be expected, only valid for egress
	DNSProxy bool

	// L7Proxy is true when L7 proxy (e.g., Envoy) is to be expected
	L7Proxy bool

	// HTTPStatus is non-zero when a HTTP status code in response is to be expected
	HTTP HTTP

	// ExitCode is the expected shell exit code
	ExitCode ExitCode
}

func (Result) String 

func (r Result) String() string

type Scenario 

type Scenario interface {
	// Name returns the name of the Scenario.
	Name() string

	// Run is invoked by the testing framework to execute the Scenario.
	Run(ctx context.Context, t *Test)
}

Scenario is implemented by all test scenarios like pod-to-pod, pod-to-world, etc.

type Service 

type Service struct {
	// Service  is the Kubernetes service resource
	Service *corev1.Service
}

Service is a service acting as a peer in a connectivity test. It implements interface TestPeer.

func (Service) Address 

func (s Service) Address() string

Address returns the network address of the Service.

func (Service) HasLabel 

func (s Service) HasLabel(name, value string) bool

HasLabel checks if given label exists and value matches.

func (Service) Name 

func (s Service) Name() string

Name returns the absolute name of the service.

func (Service) Path added in v0.9.0 

func (s Service) Path() string

Path returns the string '/'.

func (Service) Port 

func (s Service) Port() uint32

Port returns the first port of the Service.

func (Service) Scheme 

func (s Service) Scheme() string

Scheme returns the string 'http'.

type Test 

type Test struct {
	// contains filtered or unexported fields
}

func (*Test) Context 

func (t *Test) Context() *ConnectivityTest

Context returns the enclosing context of the Test.

func (*Test) Debug 

func (t *Test) Debug(a ...interface{})

Debug logs a debug message.

func (*Test) Debugf 

func (t *Test) Debugf(format string, a ...interface{})

Debugf logs a formatted debug message.

func (*Test) Fail 

func (t *Test) Fail(a ...interface{})

Fail marks the Test as failed and logs a failure message.

Flushes the Test's internal log buffer. Any further logs against the Test will go directly to the user-specified writer.

func (*Test) Failf 

func (t *Test) Failf(format string, a ...interface{})

Failf marks the Test as failed and logs a formatted failure message.

Flushes the Test's internal log buffer. Any further logs against the Test will go directly to the user-specified writer.

func (*Test) Fatal 

func (t *Test) Fatal(a ...interface{})

Fatal marks the test as failed, logs an error and exits the calling goroutine.

func (*Test) Fatalf 

func (t *Test) Fatalf(format string, a ...interface{})

Fatalf marks the test as failed, logs a formatted error and exits the calling goroutine.

func (*Test) Headerf 

func (t *Test) Headerf(format string, a ...interface{})

Headerf prints a formatted, indented header inside the test log scope. Headers are not internally buffered.

func (*Test) Info 

func (t *Test) Info(a ...interface{})

Info logs an informational message.

func (*Test) Infof 

func (t *Test) Infof(format string, a ...interface{})

Infof logs a formatted informational message.

func (*Test) Log 

func (t *Test) Log(a ...interface{})

Log logs a message.

func (*Test) Logf 

func (t *Test) Logf(format string, a ...interface{})

Logf logs a formatted message.

func (*Test) Name 

func (t *Test) Name() string

Name returns the name of the test.

func (*Test) NewAction 

func (t *Test) NewAction(s Scenario, name string, src *Pod, dst TestPeer) *Action

NewAction creates a new Action. s must be the Scenario the Action is created for, name should be a visually-distinguishable name, src is the execution Pod of the action, and dst is the network target the Action will connect to.

func (*Test) Run 

func (t *Test) Run(ctx context.Context) error

Run executes all Scenarios registered to the Test.

func (*Test) String 

func (t *Test) String() string

func (*Test) WithExpectations 

func (t *Test) WithExpectations(f ExpectationsFunc) *Test

WithExpectations sets the getExpectations test result function to use during tests

func (*Test) WithPolicy 

func (t *Test) WithPolicy(policy string) *Test

WithPolicy takes a string containing a YAML policy document and adds the polic(y)(ies) to the scope of the Test, to be applied when the test starts running.

func (*Test) WithScenarios 

func (t *Test) WithScenarios(sl ...Scenario) *Test

WithScenarios adds Scenarios to Test in the given order.

type TestPeer 

type TestPeer interface {
	// Name must return the absolute name of the peer.
	Name() string

	// Scheme must return the scheme to be used in a connection string
	// to connect to this peer, e.g. 'http' or 'https'. Can be an empty string.
	Scheme() string

	// Path must return the path in the URL used, if any. Can be an empty
	// string. Must include the leading '/' when not empty.
	Path() string

	// Address must return the network address of the peer. This can be a
	// DNS name or an IP address.
	Address() string

	// Port must return the destination port number used by the test traffic to the peer.
	Port() uint32

	// HasLabel checks if given label with the given name and value exists.
	HasLabel(name, value string) bool
}

TestPeer is the abstraction used for all peer types (pods, services, IPs, DNS names) used for connectivity testing

func HTTPEndpoint 

func HTTPEndpoint(name, rawurl string) TestPeer

HTTPEndpoint returns a new endpoint with the given name and raw URL. Panics if rawurl cannot be parsed.

func ICMPEndpoint 

func ICMPEndpoint(name, host string) TestPeer

ICMPEndpoint returns a new ICMP endpoint.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.