github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-13 13:55:41 +00:00
Code Issues Projects Releases Wiki Activity

proxy/ipvs: refactor TestNodePort to use test tables

Browse Source 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
This commit is contained in:
Andrew Sy Kim 2019-07-30 22:04:52 -04:00
parent 9af797c51e
commit 089e0cd9ef
1 changed files with 302 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

450
pkg/proxy/ipvs/proxier_test.go
View File

@ -395,214 +395,316 @@ func TestGetNodeIPs(t *testing.T) {
} }
} }
func TestNodePortUDP(t *testing.T) { func TestNodePort(t *testing.T) {
nodeIP := net.ParseIP("100.101.102.103") tests := []struct {
ipt := iptablestest.NewFake() name string
ipvs := ipvstest.NewFake() services []*v1.Service
ipset := ipsettest.NewFake(testIPSetVersion) endpoints []*v1.Endpoints
fp := NewFakeProxier(ipt, ipvs, ipset, []net.IP{nodeIP}, nil) nodeIPs []net.IP
nodePortAddresses []string
svcIP := "10.20.30.41" expectedIPVS *ipvstest.FakeIPVS
svcPort := 80 expectedIPSets netlinktest.ExpectedIPSet
svcNodePort := 3001 expectedIptablesChains netlinktest.ExpectedIptablesChain
svcPortName := proxy.ServicePortName{ }{
NamespacedName: makeNSN("ns1", "svc1"), {
Port: "p80", name: "1 service with node port, has 2 endpoints",
} services: []*v1.Service{
makeTestService("ns1", "svc1", func(svc *v1.Service) {
makeServiceMap(fp,
makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) {
svc.Spec.Type = "NodePort" svc.Spec.Type = "NodePort"
svc.Spec.ClusterIP = svcIP svc.Spec.ClusterIP = "10.20.30.41"
svc.Spec.Ports = []v1.ServicePort{{ svc.Spec.Ports = []v1.ServicePort{{
Name: svcPortName.Port, Name: "p80",
Port: int32(svcPort), Port: int32(80),
Protocol: v1.ProtocolUDP, Protocol: v1.ProtocolTCP,
NodePort: int32(svcNodePort), NodePort: int32(3001),
}} }}
}), }),
) },
epIP := "10.180.0.1" endpoints: []*v1.Endpoints{
makeEndpointsMap(fp, makeTestEndpoints("ns1", "svc1", func(ept *v1.Endpoints) {
makeTestEndpoints(svcPortName.Namespace, svcPortName.Name, func(ept *v1.Endpoints) {
ept.Subsets = []v1.EndpointSubset{{ ept.Subsets = []v1.EndpointSubset{{
Addresses: []v1.EndpointAddress{{ Addresses: []v1.EndpointAddress{{
IP: epIP, IP: "10.180.0.1",
}, {
IP: "1002:ab8::2:10",
}}, }},
Ports: []v1.EndpointPort{{ Ports: []v1.EndpointPort{{
Name: svcPortName.Port, Name: "p80",
Port: int32(svcPort), Port: int32(80),
}}, }},
}} }}
}), }),
) },
nodeIPs: []net.IP{
fp.nodePortAddresses = []string{"0.0.0.0/0"} net.ParseIP("100.101.102.103"),
fp.syncProxyRules() net.ParseIP("2001:db8::1:1"),
},
// Check ipvs service and destinations nodePortAddresses: []string{},
epVS := &netlinktest.ExpectedVirtualServer{ expectedIPVS: &ipvstest.FakeIPVS{
VSNum: 2, IP: nodeIP.String(), Port: uint16(svcNodePort), Protocol: string(v1.ProtocolTCP), Services: map[ipvstest.ServiceKey]*utilipvs.VirtualServer{
RS: []netlinktest.ExpectedRealServer{{ {
IP: epIP, Port: uint16(svcPort), IP: "10.20.30.41",
}}} Port: 80,
checkIPVS(t, fp, epVS) Protocol: "TCP",
}: {
// check ipSet rules Address: net.ParseIP("10.20.30.41"),
epIPSet := netlinktest.ExpectedIPSet{ Protocol: "TCP",
Port: uint16(80),
Scheduler: "rr",
},
{
IP: "100.101.102.103",
Port: 3001,
Protocol: "TCP",
}: {
Address: net.ParseIP("100.101.102.103"),
Protocol: "TCP",
Port: uint16(3001),
Scheduler: "rr",
},
{
IP: "2001:db8::1:1",
Port: 3001,
Protocol: "TCP",
}: {
Address: net.ParseIP("2001:db8::1:1"),
Protocol: "TCP",
Port: uint16(3001),
Scheduler: "rr",
},
},
Destinations: map[ipvstest.ServiceKey][]*utilipvs.RealServer{
{
IP: "10.20.30.41",
Port: 80,
Protocol: "TCP",
}: {
{
Address: net.ParseIP("10.180.0.1"),
Port: uint16(80),
Weight: 1,
},
{
Address: net.ParseIP("1002:ab8::2:10"),
Port: uint16(80),
Weight: 1,
},
},
{
IP: "100.101.102.103",
Port: 3001,
Protocol: "TCP",
}: {
{
Address: net.ParseIP("10.180.0.1"),
Port: uint16(80),
Weight: 1,
},
{
Address: net.ParseIP("1002:ab8::2:10"),
Port: uint16(80),
Weight: 1,
},
},
{
IP: "2001:db8::1:1",
Port: 3001,
Protocol: "TCP",
}: {
{
Address: net.ParseIP("10.180.0.1"),
Port: uint16(80),
Weight: 1,
},
{
Address: net.ParseIP("1002:ab8::2:10"),
Port: uint16(80),
Weight: 1,
},
},
},
},
},
{
name: "1 UDP service with node port, has endpoints",
services: []*v1.Service{
makeTestService("ns1", "svc1", func(svc *v1.Service) {
svc.Spec.Type = "NodePort"
svc.Spec.ClusterIP = "10.20.30.41"
svc.Spec.Ports = []v1.ServicePort{{
Name: "p80",
Port: int32(80),
Protocol: v1.ProtocolUDP,
NodePort: int32(3001),
}}
}),
},
endpoints: []*v1.Endpoints{
makeTestEndpoints("ns1", "svc1", func(ept *v1.Endpoints) {
ept.Subsets = []v1.EndpointSubset{{
Addresses: []v1.EndpointAddress{{
IP: "10.180.0.1",
}},
Ports: []v1.EndpointPort{{
Name: "p80",
Port: int32(80),
}},
}}
}),
},
nodeIPs: []net.IP{
net.ParseIP("100.101.102.103"),
},
nodePortAddresses: []string{"0.0.0.0/0"},
expectedIPVS: &ipvstest.FakeIPVS{
Services: map[ipvstest.ServiceKey]*utilipvs.VirtualServer{
{
IP: "10.20.30.41",
Port: 80,
Protocol: "UDP",
}: {
Address: net.ParseIP("10.20.30.41"),
Protocol: "UDP",
Port: uint16(80),
Scheduler: "rr",
},
{
IP: "100.101.102.103",
Port: 3001,
Protocol: "UDP",
}: {
Address: net.ParseIP("100.101.102.103"),
Protocol: "UDP",
Port: uint16(3001),
Scheduler: "rr",
},
},
Destinations: map[ipvstest.ServiceKey][]*utilipvs.RealServer{
{
IP: "10.20.30.41",
Port: 80,
Protocol: "UDP",
}: {
{
Address: net.ParseIP("10.180.0.1"),
Port: uint16(80),
Weight: 1,
},
},
{
IP: "100.101.102.103",
Port: 3001,
Protocol: "UDP",
}: {
{
Address: net.ParseIP("10.180.0.1"),
Port: uint16(80),
Weight: 1,
},
},
},
},
expectedIPSets: netlinktest.ExpectedIPSet{
kubeNodePortSetUDP: {{ kubeNodePortSetUDP: {{
Port: svcNodePort, Port: 3001,
Protocol: strings.ToLower(string(v1.ProtocolUDP)), Protocol: strings.ToLower(string(v1.ProtocolUDP)),
SetType: utilipset.BitmapPort, SetType: utilipset.BitmapPort,
}}, }},
} },
checkIPSet(t, fp, epIPSet) expectedIptablesChains: netlinktest.ExpectedIptablesChain{
// Check iptables chain and rules
epIpt := netlinktest.ExpectedIptablesChain{
string(KubeNodePortChain): {{ string(KubeNodePortChain): {{
JumpChain: string(KubeMarkMasqChain), MatchSet: kubeNodePortSetUDP, JumpChain: string(KubeMarkMasqChain), MatchSet: kubeNodePortSetUDP,
}}, }},
string(kubeServicesChain): {{ string(kubeServicesChain): {{
JumpChain: string(KubeNodePortChain), MatchSet: "", JumpChain: string(KubeNodePortChain), MatchSet: "",
}}, }},
},
},
{
name: "service has node port but no endpoints",
services: []*v1.Service{
makeTestService("ns1", "svc1", func(svc *v1.Service) {
svc.Spec.Type = "NodePort"
svc.Spec.ClusterIP = "10.20.30.41"
svc.Spec.Ports = []v1.ServicePort{{
Name: "p80",
Port: int32(80),
Protocol: v1.ProtocolTCP,
NodePort: int32(3001),
}}
}),
},
endpoints: []*v1.Endpoints{},
nodeIPs: []net.IP{
net.ParseIP("100.101.102.103"),
},
nodePortAddresses: []string{},
expectedIPVS: &ipvstest.FakeIPVS{
Services: map[ipvstest.ServiceKey]*utilipvs.VirtualServer{
{
IP: "10.20.30.41",
Port: 80,
Protocol: "TCP",
}: {
Address: net.ParseIP("10.20.30.41"),
Protocol: "TCP",
Port: uint16(80),
Scheduler: "rr",
},
{
IP: "100.101.102.103",
Port: 3001,
Protocol: "TCP",
}: {
Address: net.ParseIP("100.101.102.103"),
Protocol: "TCP",
Port: uint16(3001),
Scheduler: "rr",
},
},
Destinations: map[ipvstest.ServiceKey][]*utilipvs.RealServer{
{
IP: "10.20.30.41",
Port: 80,
Protocol: "TCP",
}: {}, // no real servers corresponding to no endpoints
{
IP: "100.101.102.103",
Port: 3001,
Protocol: "TCP",
}: {}, // no real servers corresponding to no endpoints
},
},
},
} }
checkIptables(t, ipt, epIpt)
}
func TestNodePort(t *testing.T) { for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
ipt := iptablestest.NewFake() ipt := iptablestest.NewFake()
ipvs := ipvstest.NewFake() ipvs := ipvstest.NewFake()
ipset := ipsettest.NewFake(testIPSetVersion) ipset := ipsettest.NewFake(testIPSetVersion)
nodeIPv4 := net.ParseIP("100.101.102.103") fp := NewFakeProxier(ipt, ipvs, ipset, test.nodeIPs, nil)
nodeIPv6 := net.ParseIP("2001:db8::1:1") fp.nodePortAddresses = test.nodePortAddresses
nodeIPs := sets.NewString(nodeIPv4.String(), nodeIPv6.String())
fp := NewFakeProxier(ipt, ipvs, ipset, []net.IP{nodeIPv4, nodeIPv6}, nil)
svcIP := "10.20.30.41"
svcPort := 80
svcNodePort := 3001
svcPortName := proxy.ServicePortName{
NamespacedName: makeNSN("ns1", "svc1"),
Port: "p80",
}
makeServiceMap(fp, makeServiceMap(fp, test.services...)
makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) { makeEndpointsMap(fp, test.endpoints...)
svc.Spec.Type = "NodePort"
svc.Spec.ClusterIP = svcIP
svc.Spec.Ports = []v1.ServicePort{{
Name: svcPortName.Port,
Port: int32(svcPort),
Protocol: v1.ProtocolTCP,
NodePort: int32(svcNodePort),
}}
}),
)
epIPv4 := "10.180.0.1"
epIPv6 := "1002:ab8::2:10"
epIPs := sets.NewString(epIPv4, epIPv6)
makeEndpointsMap(fp,
makeTestEndpoints(svcPortName.Namespace, svcPortName.Name, func(ept *v1.Endpoints) {
ept.Subsets = []v1.EndpointSubset{{
Addresses: []v1.EndpointAddress{{
IP: epIPv4,
}, {
IP: epIPv6,
}},
Ports: []v1.EndpointPort{{
Name: svcPortName.Port,
Port: int32(svcPort),
}},
}}
}),
)
fp.nodePortAddresses = []string{"0.0.0.0/0"}
fp.syncProxyRules() fp.syncProxyRules()
// Check ipvs service and destinations if !reflect.DeepEqual(ipvs, test.expectedIPVS) {
services, err := ipvs.GetVirtualServers() t.Logf("actual ipvs state: %v", ipvs)
if err != nil { t.Logf("expected ipvs state: %v", test.expectedIPVS)
t.Errorf("Failed to get ipvs services, err: %v", err) t.Errorf("unexpected IPVS state")
}
if len(services) != 3 {
t.Errorf("Expect 3 ipvs services, got %d", len(services))
}
found := false
for _, svc := range services {
if nodeIPs.Has(svc.Address.String()) && svc.Port == uint16(svcNodePort) && svc.Protocol == string(v1.ProtocolTCP) {
found = true
destinations, err := ipvs.GetRealServers(svc)
if err != nil {
t.Errorf("Failed to get ipvs destinations, err: %v", err)
}
for _, dest := range destinations {
if !epIPs.Has(dest.Address.String()) || dest.Port != uint16(svcPort) {
t.Errorf("service Endpoint mismatch ipvs service destination")
}
}
break
}
}
if !found {
t.Errorf("Expect node port type service, got none")
}
}
func TestNodePortNoEndpoint(t *testing.T) {
ipt := iptablestest.NewFake()
ipvs := ipvstest.NewFake()
ipset := ipsettest.NewFake(testIPSetVersion)
nodeIP := net.ParseIP("100.101.102.103")
fp := NewFakeProxier(ipt, ipvs, ipset, []net.IP{nodeIP}, nil)
svcIP := "10.20.30.41"
svcPort := 80
svcNodePort := 3001
svcPortName := proxy.ServicePortName{
NamespacedName: makeNSN("ns1", "svc1"),
Port: "p80",
} }
makeServiceMap(fp, if test.expectedIPSets != nil {
makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) { checkIPSet(t, fp, test.expectedIPSets)
svc.Spec.Type = "NodePort" }
svc.Spec.ClusterIP = svcIP
svc.Spec.Ports = []v1.ServicePort{{
Name: svcPortName.Port,
Port: int32(svcPort),
Protocol: v1.ProtocolTCP,
NodePort: int32(svcNodePort),
}}
}),
)
makeEndpointsMap(fp)
fp.nodePortAddresses = []string{"0.0.0.0/0"} if test.expectedIptablesChains != nil {
checkIptables(t, ipt, test.expectedIptablesChains)
fp.syncProxyRules()
// Check ipvs service and destinations
services, err := ipvs.GetVirtualServers()
if err != nil {
t.Errorf("Failed to get ipvs services, err: %v", err)
} }
if len(services) != 2 { })
t.Errorf("Expect 2 ipvs services, got %d", len(services))
}
found := false
for _, svc := range services {
if svc.Address.Equal(nodeIP) && svc.Port == uint16(svcNodePort) && svc.Protocol == string(v1.ProtocolTCP) {
found = true
destinations, _ := ipvs.GetRealServers(svc)
if len(destinations) != 0 {
t.Errorf("Unexpected %d destinations, expect 0 destinations", len(destinations))
}
break
}
}
if !found {
t.Errorf("Expect node port type service, got none")
} }
} }