Documentation ¶
Overview ¶
Copyright 2017 Authors of Cilium
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2017 Authors of Cilium ¶
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Copyright 2017 Authors of Cilium ¶
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- Variables
- type ConnTestSpec
- type PolicyTestKind
- type PolicyTestSuite
- type ResultType
- func HTTPAction(srcPod string, target string, kub *helpers.Kubectl) ResultType
- func HTTPActionPrivate(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
- func HTTPActionPublic(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
- func NetPerfAction(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
- func PingAction(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
- type Target
- func (t *Target) CreateApplyManifest(spec *TestSpec, base string) error
- func (t *Target) GetManifestName(spec *TestSpec) string
- func (t *Target) GetManifestPath(spec *TestSpec, base string) string
- func (t *Target) GetServiceName(spec *TestSpec) string
- func (t *Target) GetTarget(spec *TestSpec) (*TargetDetails, error)
- func (t *Target) SetPortNumber() int
- type TargetDetails
- type TestSpec
- func (t *TestSpec) ApplyManifest(base string) (string, error)
- func (t *TestSpec) CreateCiliumNetworkPolicy() (string, error)
- func (t *TestSpec) CreateManifests() error
- func (t *TestSpec) Destroy(delay time.Duration, base string) error
- func (t *TestSpec) ExecTest() error
- func (t *TestSpec) GetManifestName() string
- func (t *TestSpec) GetManifestsPath(base string) string
- func (t *TestSpec) GetPodMetadata() (map[string]string, error)
- func (t *TestSpec) GetTestExpects() map[string]ResultType
- func (t *TestSpec) InvalidNetworkPolicyApply(base string) (*cnpv2.CiliumNetworkPolicy, error)
- func (t *TestSpec) IsPolicyInvalid() bool
- func (t *TestSpec) NetworkPolicyApply(base string) error
- func (t *TestSpec) NetworkPolicyName() string
- func (t *TestSpec) RunTest(kub *helpers.Kubectl)
- func (t TestSpec) String() string
- type TestSpecsGroup
Constants ¶
const ( HTTP = "HTTP" HTTPPrivate = "HTTPPrivate" Ping = "Ping" UDP = "UDP" )
Variables ¶
var ( ConnTests = []string{Ping, HTTP, HTTPPrivate} ConnTestsFailedResults = []ResultType{ ResultTimeout, ResultAuth, } ConnTestsActions = map[string]func(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType{ Ping: PingAction, HTTP: HTTPActionPublic, HTTPPrivate: HTTPActionPrivate, } ConnResultAllOK = ConnTestSpec{ HTTP: ResultOK, HTTPPrivate: ResultOK, Ping: ResultOK, UDP: ResultOK, } ConnResultAllTimeout = ConnTestSpec{ HTTP: ResultTimeout, HTTPPrivate: ResultTimeout, Ping: ResultTimeout, UDP: ResultTimeout, } ConnResultOnlyHTTP = ConnTestSpec{ HTTP: ResultOK, HTTPPrivate: ResultOK, Ping: ResultTimeout, UDP: ResultTimeout, } ConnResultOnlyHTTPPrivate = ConnTestSpec{ HTTP: ResultAuth, HTTPPrivate: ResultOK, Ping: ResultTimeout, UDP: ResultTimeout, } DestinationsTypes = []Target{ {Kind: service}, {Kind: nodePort}, {Kind: direct}, } NodePortStart = 10000 ResultTimeout = ResultType{"timeout", false} ResultAuth = ResultType{"reply", false} ResultOK = ResultType{"reply", true} )
Functions ¶
This section is empty.
Types ¶
type ConnTestSpec ¶
type ConnTestSpec struct { HTTP ResultType HTTPPrivate ResultType Ping ResultType UDP ResultType }
ConnTestSpec Connectivity Test Specification. This structs contains the mapping of all protocols tested and the expected result based on the context of each test case
func (*ConnTestSpec) GetField ¶
func (conn *ConnTestSpec) GetField(field string) ResultType
GetField method to retrieve the value of any type of the struct. It is used by `TestSpec` to created expected results
type PolicyTestKind ¶
type PolicyTestKind struct {
// contains filtered or unexported fields
}
PolicyTestKind is utilized to describe a new TestCase It needs a described name, the kind of the test (Egrees or Ingress) and the expected result of `ConnTestSpec` Template field is used to render the cilium network policy.
func (*PolicyTestKind) SetTemplate ¶
func (pol *PolicyTestKind) SetTemplate(result *map[string]interface{}, spec *TestSpec) error
SetTemplate renders the template field from the PolicyTest struct using go templates. The result will be stored in the result parameter. The spec parameters is needed to retrieve the source and destination pods and pass the information to the go template.
type PolicyTestSuite ¶
type PolicyTestSuite struct {
// contains filtered or unexported fields
}
PolicyTestSuite groups together L3, L4, and L7 policy-related tests.
type ResultType ¶
type ResultType struct {
// contains filtered or unexported fields
}
ResultType defines the expected result for a connectivity test.
func HTTPAction ¶
func HTTPAction(srcPod string, target string, kub *helpers.Kubectl) ResultType
HTTPAction runs a helpers.CurlFail from specified pod to a specified target. It needs a `helpers.Kubectl` instance to run the command in the pod. It returns a ResultType struct.
func HTTPActionPrivate ¶
func HTTPActionPrivate(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
HTTPActionPrivate runs a HTTPAction to /private/ using destTargetDetails
func HTTPActionPublic ¶
func HTTPActionPublic(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
HTTPActionPublic runs a CurlAction to /public/ using destTargetDetails
func NetPerfAction ¶
func NetPerfAction(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
NetPerfAction TODO make this function (GH-2029)
func PingAction ¶
func PingAction(srcPod string, dest TargetDetails, kub *helpers.Kubectl) ResultType
PingAction executes a ping from the `srcPod` to the dest using Kubectl object. Returns a ResultType corresponding to the exit code of the ping command.
func (ResultType) String ¶
func (res ResultType) String() string
String returns the ResultType in humman readable format
type Target ¶
Target defines the destination for traffic when running tests
func (*Target) CreateApplyManifest ¶
CreateApplyManifest creates the manifest for the type of the target and applies it in kubernetes. It will fail if the service manifest cannot be created correctly or applied to Kubernetes
func (*Target) GetManifestName ¶
GetManifestName returns the manifest filename for the target using the spec parameter
func (*Target) GetManifestPath ¶
GetManifestPath returns the manifest path for the target using the spec parameter
func (*Target) GetServiceName ¶
GetServiceName returns the prefix of spec prefixed with the kind of the the target
func (*Target) GetTarget ¶
func (t *Target) GetTarget(spec *TestSpec) (*TargetDetails, error)
GetTarget returns a `TargetDetails` with the IP and Port to run the tests in spec. It needs the `TestSpec` parameter to be able to retrieve the service name. It'll return an error if the service is not defined or cannot be retrieved. This function only returns the first port mapped in the service; It'll not work with multiple ports.
func (*Target) SetPortNumber ¶
SetPortNumber returns an unused port on the host to use in a Kubernetes NodePort service
type TargetDetails ¶
TargetDetails represents the address of a TCP end point.
func (TargetDetails) String ¶
func (target TargetDetails) String() string
String combines host and port into a network address of the form "host:port" or, if host contains a colon or a percent sign, "[host]:port".
type TestSpec ¶
type TestSpec struct { SrcPod string DestPod string Prefix string Destination Target Kub *helpers.Kubectl // contains filtered or unexported fields }
TestSpec defined a new test specification. It contains three different rules (l3, l4, l7) and a destination and source pod in which test will run. Each testSpec has a prefix, which is a label used to group all resources created by the TestSpec. Each test is executed using a type of Destination which is defined under Target struct. This struct needs a `*helpers.Kubectl` to run the needed commands
func GeneratedTestSpec ¶
func GeneratedTestSpec() []TestSpec
GeneratedTestSpec returns a `TestSpec` array with all the policies possibilities based on all combinations of `policiesTestSuite`
func GetBasicTestSpec ¶
func GetBasicTestSpec() TestSpec
GetBasicTestSpec returns a very simple TestSpec with a L4 and L7 policy that allow traffic only to /private/
func (*TestSpec) ApplyManifest ¶
ApplyManifest applies a new deployment manifest into the Kubernetes cluster. Returns an error if the manifest cannot be applied correctly
func (*TestSpec) CreateCiliumNetworkPolicy ¶
CreateCiliumNetworkPolicy returns a CiliumNetworkPolicy based on the `TestSpec` l3, l4 and l7 rules. Returns an error if any of the `PolicyTest` set Template fails or if spec cannot be dump as string
func (*TestSpec) CreateManifests ¶
CreateManifests creates a new pod manifest. It sets a random prefix for the `TestCase` and creates two new pods (srcPod and DestPod). Returns an error if the manifest cannot be created
func (*TestSpec) Destroy ¶
Destroy deletes the pods, CiliumNetworkPolicies and Destinations created by `TestSpec` after specified delay. The delay parameter is used to have the pod running for a while and keep Cilium and Kubernetes with a consider load.
func (*TestSpec) ExecTest ¶
ExecTest runs the connectivityTest for the expected `PolicyTest`. It will assert using gomega.
func (*TestSpec) GetManifestName ¶
GetManifestName returns a string with the `TestSpec` manifest name
func (*TestSpec) GetManifestsPath ¶
GetManifestsPath returns the `TestSpec` manifest path
func (*TestSpec) GetPodMetadata ¶
GetPodMetadata returns a map with the pod name and the IP for the pods used by the `TestSpec`. Returns an error in case that the pod info cannot be retrieved correctly.
func (*TestSpec) GetTestExpects ¶
func (t *TestSpec) GetTestExpects() map[string]ResultType
GetTestExpects returns a map with the connTestType and the expected result based on the `testExpect`
func (*TestSpec) InvalidNetworkPolicyApply ¶
func (t *TestSpec) InvalidNetworkPolicyApply(base string) (*cnpv2.CiliumNetworkPolicy, error)
InvalidNetworkPolicyApply it writes the policy and applies to Kubernetes, but instead of apply the policy, this return the CNP status for the TestSpec policy. This function is only used when a invalid combination of policies are created, where we need to test that the error is present.
func (*TestSpec) IsPolicyInvalid ¶
IsPolicyInvalid validates that the policy combination does not match with testSpec.exclude information. That means that if a policy cannot be installed we know that the combination is invalid.
func (*TestSpec) NetworkPolicyApply ¶
NetworkPolicyApply applies the CiliumNetworkPolicy in Kubernetes and wait until the statuses of all pods have been updated. Returns an error if the status of the pods did not update or if the policy was unable to be applied
func (*TestSpec) NetworkPolicyName ¶
NetworkPolicyName returns the name of the NetworkPolicy
func (*TestSpec) RunTest ¶
RunTest runs all the `TestSpec` methods and makes the needed assertions for Ginkgo tests. This method will create pods, wait for pods to be ready, apply a new CiliumNetworkPolicy and create a new Destination (Service, NodePort) if needed. Then it will execute `connectivityTest` and compare the results with the expected results within the test specification
type TestSpecsGroup ¶
type TestSpecsGroup []*TestSpec
TestSpecsGroup is a group of different TestSpec
func (TestSpecsGroup) ConnectivityTest ¶
func (tg TestSpecsGroup) ConnectivityTest()
ConnectivityTest runs the Connectivity test per each TestSpec defined into the TestSpecsGroup
func (TestSpecsGroup) CreateAndApplyCNP ¶
func (tg TestSpecsGroup) CreateAndApplyCNP(kub *helpers.Kubectl)
CreateAndApplyCNP creates all Cilium Network Policies and it applies those manifests to the given Kubernetes instance.
func (TestSpecsGroup) CreateAndApplyManifests ¶
func (tg TestSpecsGroup) CreateAndApplyManifests(kub *helpers.Kubectl)
CreateAndApplyManifests creates all of the pods manifests and applies those manifest to the given kubernetes instance.