diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go index 659eedb9a09..b91d4ffc28c 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go @@ -85,6 +85,10 @@ const ( // to create both TCP and UDP protocols when creating load balancer rules. ServiceAnnotationLoadBalancerMixedProtocols = "service.beta.kubernetes.io/azure-load-balancer-mixed-protocols" + // ServiceAnnotationLoadBalancerDisableTCPReset is the annotation used on the service + // to set enableTcpReset to false in load balancer rule. This only works for Azure standard load balancer backed service. + ServiceAnnotationLoadBalancerDisableTCPReset = "service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset" + // serviceTagKey is the service key applied for public IP tags. serviceTagKey = "service" // clusterNameKey is the cluster name key applied for public IP tags. @@ -739,6 +743,9 @@ func (az *Cloud) reconcileLoadBalancer(clusterName string, service *v1.Service, // update probes/rules expectedProbes, expectedRules, err := az.reconcileLoadBalancerRule(service, wantLb, lbFrontendIPConfigID, lbBackendPoolID, lbName, lbIdleTimeout) + if err != nil { + return nil, err + } // remove unwanted probes dirtyProbes := false @@ -899,6 +906,15 @@ func (az *Cloud) reconcileLoadBalancerRule( ports = []v1.ServicePort{} } + var enableTCPReset *bool + if az.useStandardLoadBalancer() { + enableTCPReset = to.BoolPtr(true) + if v, ok := service.Annotations[ServiceAnnotationLoadBalancerDisableTCPReset]; ok { + klog.V(2).Infof("reconcileLoadBalancerRule lb name (%s) flag(%s) is set to %s", lbName, ServiceAnnotationLoadBalancerDisableTCPReset, v) + enableTCPReset = to.BoolPtr(!strings.EqualFold(v, "true")) + } + } + var expectedProbes []network.Probe var expectedRules []network.LoadBalancingRule for _, port := range ports { @@ -967,7 +983,7 @@ func (az *Cloud) reconcileLoadBalancerRule( BackendPort: to.Int32Ptr(port.Port), EnableFloatingIP: to.BoolPtr(true), DisableOutboundSnat: to.BoolPtr(az.disableLoadBalancerOutboundSNAT()), - EnableTCPReset: to.BoolPtr(az.useStandardLoadBalancer()), + EnableTCPReset: enableTCPReset, }, } if protocol == v1.ProtocolTCP { diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go index 867e023a92d..fcd81719e02 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go @@ -324,7 +324,7 @@ func TestEnsureLoadBalancerDeleted(t *testing.T) { }{ { desc: "external service should be created and deleted successfully", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), }, { desc: "internal service should be created and deleted successfully", @@ -569,7 +569,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, }, }, - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), wantLB: false, expectedLB: &network.LoadBalancer{ Name: to.StringPtr("lb1"), @@ -590,7 +590,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, { desc: "getServiceLoadBalancer shall report error if there're loadbalancer mode annotations on a standard lb", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), annotations: map[string]string{ServiceAnnotationLoadBalancerMode: "__auto__"}, sku: "standard", expectedExists: false, @@ -628,7 +628,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, }, }, - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), annotations: map[string]string{ServiceAnnotationLoadBalancerMode: "__auto__"}, wantLB: true, expectedLB: &network.LoadBalancer{ @@ -644,7 +644,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, { desc: "getServiceLoadBalancer shall create a new lb otherwise", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), expectedLB: &network.LoadBalancer{ Name: to.StringPtr("testCluster"), Location: to.StringPtr("westus"), @@ -791,7 +791,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), expectedFlag: false, expectedError: false, }, @@ -804,7 +804,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), loadBalancerIP: "1.1.1.1", exsistingPIPs: []network.PublicIPAddress{ { @@ -827,7 +827,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), loadBalancerIP: "1.1.1.1", exsistingPIPs: []network.PublicIPAddress{ { @@ -850,7 +850,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), loadBalancerIP: "1.1.1.1", exsistingPIPs: []network.PublicIPAddress{ { @@ -924,7 +924,7 @@ func TestDeterminePublicIPName(t *testing.T) { } for i, test := range testCases { az := getTestCloud() - service := getTestService("test1", v1.ProtocolTCP, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, 80) service.Spec.LoadBalancerIP = test.loadBalancerIP for _, existingPIP := range test.exsistingPIPs { _, err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", "test", existingPIP) @@ -950,12 +950,12 @@ func TestReconcileLoadBalancerRule(t *testing.T) { }{ { desc: "reconcileLoadBalancerRule shall return nil if wantLb is false", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), wantLb: false, }, { - desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule otherwise", - service: getTestService("test1", v1.ProtocolTCP, 80), + desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule(blb)", + service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, 80), wantLb: true, expectedProbes: []network.Probe{ { @@ -968,6 +968,48 @@ func TestReconcileLoadBalancerRule(t *testing.T) { }, }, }, + expectedRules: []network.LoadBalancingRule{ + { + Name: to.StringPtr("atest1-TCP-80"), + LoadBalancingRulePropertiesFormat: &network.LoadBalancingRulePropertiesFormat{ + Protocol: network.TransportProtocol("Tcp"), + FrontendIPConfiguration: &network.SubResource{ + ID: to.StringPtr("frontendIPConfigID"), + }, + BackendAddressPool: &network.SubResource{ + ID: to.StringPtr("backendPoolID"), + }, + LoadDistribution: "Default", + FrontendPort: to.Int32Ptr(80), + BackendPort: to.Int32Ptr(80), + EnableFloatingIP: to.BoolPtr(true), + DisableOutboundSnat: to.BoolPtr(false), + IdleTimeoutInMinutes: to.Int32Ptr(0), + Probe: &network.SubResource{ + ID: to.StringPtr("/subscriptions/subscription/resourceGroups/rg/providers/" + + "Microsoft.Network/loadBalancers/lbname/probes/atest1-TCP-80"), + }, + EnableTCPReset: nil, + }, + }, + }, + }, + { + desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule (slb without tcp reset)", + service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "True"}, 80), + loadBalancerSku: "standard", + wantLb: true, + expectedProbes: []network.Probe{ + { + Name: to.StringPtr("atest1-TCP-80"), + ProbePropertiesFormat: &network.ProbePropertiesFormat{ + Protocol: network.ProbeProtocol("Tcp"), + Port: to.Int32Ptr(10080), + IntervalInSeconds: to.Int32Ptr(5), + NumberOfProbes: to.Int32Ptr(2), + }, + }, + }, expectedRules: []network.LoadBalancingRule{ { Name: to.StringPtr("atest1-TCP-80"), @@ -995,8 +1037,8 @@ func TestReconcileLoadBalancerRule(t *testing.T) { }, }, { - desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule otherwise", - service: getTestService("test1", v1.ProtocolTCP, 80), + desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule(slb with tcp reset)", + service: getTestService("test1", v1.ProtocolTCP, nil, 80), loadBalancerSku: "standard", wantLb: true, expectedProbes: []network.Probe{ @@ -1042,9 +1084,14 @@ func TestReconcileLoadBalancerRule(t *testing.T) { az.Config.LoadBalancerSku = test.loadBalancerSku probe, lbrule, err := az.reconcileLoadBalancerRule(&test.service, test.wantLb, "frontendIPConfigID", "backendPoolID", "lbname", to.Int32Ptr(0)) - assert.Equal(t, test.expectedProbes, probe, "TestCase[%d]: %s", i, test.desc) - assert.Equal(t, test.expectedRules, lbrule, "TestCase[%d]: %s", i, test.desc) - assert.Nil(t, err) + + if test.expectedErr != nil { + assert.Equal(t, test.expectedErr, err, "TestCase[%d]: %s", i, test.desc) + } else { + assert.Equal(t, test.expectedProbes, probe, "TestCase[%d]: %s", i, test.desc) + assert.Equal(t, test.expectedRules, lbrule, "TestCase[%d]: %s", i, test.desc) + assert.Nil(t, err) + } } } @@ -1107,10 +1154,11 @@ func getTestLoadBalancer(name, clusterName, identifier *string, service v1.Servi } func TestReconcileLoadBalancer(t *testing.T) { - service := getTestService("test1", v1.ProtocolTCP, 80) + service1 := getTestService("test1", v1.ProtocolTCP, nil, 80) + basicLb1 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service1, "Basic") - basicLb1 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service, "Basic") - basicLb2 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("testCluster"), to.StringPtr("btest1"), service, "Basic") + service2 := getTestService("test1", v1.ProtocolTCP, nil, 80) + basicLb2 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("testCluster"), to.StringPtr("btest1"), service2, "Basic") basicLb2.Name = to.StringPtr("testCluster") basicLb2.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { @@ -1120,7 +1168,9 @@ func TestReconcileLoadBalancer(t *testing.T) { }, }, } - modifiedLb1 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service, "Basic") + + service3 := getTestService("test1", v1.ProtocolTCP, nil, 80) + modifiedLb1 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service3, "Basic") modifiedLb1.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { Name: to.StringPtr("atest1"), @@ -1137,22 +1187,23 @@ func TestReconcileLoadBalancer(t *testing.T) { } modifiedLb1.Probes = &[]network.Probe{ { - Name: to.StringPtr("atest1-" + string(service.Spec.Ports[0].Protocol) + - "-" + strconv.Itoa(int(service.Spec.Ports[0].Port))), + Name: to.StringPtr("atest1-" + string(service3.Spec.Ports[0].Protocol) + + "-" + strconv.Itoa(int(service3.Spec.Ports[0].Port))), ProbePropertiesFormat: &network.ProbePropertiesFormat{ Port: to.Int32Ptr(10080), }, }, { - Name: to.StringPtr("atest1-" + string(service.Spec.Ports[0].Protocol) + - "-" + strconv.Itoa(int(service.Spec.Ports[0].Port))), + Name: to.StringPtr("atest1-" + string(service3.Spec.Ports[0].Protocol) + + "-" + strconv.Itoa(int(service3.Spec.Ports[0].Port))), ProbePropertiesFormat: &network.ProbePropertiesFormat{ Port: to.Int32Ptr(10081), }, }, } - expectedLb1 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service, "Basic") + expectedLb1 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service3, "Basic") (*expectedLb1.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].DisableOutboundSnat = to.BoolPtr(false) + (*expectedLb1.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].EnableTCPReset = nil expectedLb1.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { Name: to.StringPtr("btest1"), @@ -1169,7 +1220,8 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - existingSLB := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service, "Standard") + service4 := getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, 80) + existingSLB := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service4, "Standard") existingSLB.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { Name: to.StringPtr("atest1"), @@ -1186,25 +1238,24 @@ func TestReconcileLoadBalancer(t *testing.T) { } existingSLB.Probes = &[]network.Probe{ { - Name: to.StringPtr("atest1-" + string(service.Spec.Ports[0].Protocol) + - "-" + strconv.Itoa(int(service.Spec.Ports[0].Port))), + Name: to.StringPtr("atest1-" + string(service4.Spec.Ports[0].Protocol) + + "-" + strconv.Itoa(int(service4.Spec.Ports[0].Port))), ProbePropertiesFormat: &network.ProbePropertiesFormat{ Port: to.Int32Ptr(10080), }, }, { - Name: to.StringPtr("atest1-" + string(service.Spec.Ports[0].Protocol) + - "-" + strconv.Itoa(int(service.Spec.Ports[0].Port))), + Name: to.StringPtr("atest1-" + string(service4.Spec.Ports[0].Protocol) + + "-" + strconv.Itoa(int(service4.Spec.Ports[0].Port))), ProbePropertiesFormat: &network.ProbePropertiesFormat{ Port: to.Int32Ptr(10081), }, }, } - // intentionally set the value to a wrong value, expect reconcileLoadBalancer to fix it - (*existingSLB.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].EnableTCPReset = to.BoolPtr(false) - expectedSLb := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service, "Standard") + expectedSLb := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service4, "Standard") (*expectedSLb.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].DisableOutboundSnat = to.BoolPtr(true) + (*expectedSLb.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].EnableTCPReset = to.BoolPtr(false) expectedSLb.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { Name: to.StringPtr("btest1"), @@ -1221,49 +1272,118 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } + service5 := getTestService("test1", v1.ProtocolTCP, nil, 80) + slb5 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service5, "Standard") + slb5.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ + { + Name: to.StringPtr("atest1"), + FrontendIPConfigurationPropertiesFormat: &network.FrontendIPConfigurationPropertiesFormat{ + PublicIPAddress: &network.PublicIPAddress{ID: to.StringPtr("id1")}, + }, + }, + { + Name: to.StringPtr("btest1"), + FrontendIPConfigurationPropertiesFormat: &network.FrontendIPConfigurationPropertiesFormat{ + PublicIPAddress: &network.PublicIPAddress{ID: to.StringPtr("id1")}, + }, + }, + } + slb5.Probes = &[]network.Probe{ + { + Name: to.StringPtr("atest1-" + string(service4.Spec.Ports[0].Protocol) + + "-" + strconv.Itoa(int(service4.Spec.Ports[0].Port))), + ProbePropertiesFormat: &network.ProbePropertiesFormat{ + Port: to.Int32Ptr(10080), + }, + }, + { + Name: to.StringPtr("atest1-" + string(service4.Spec.Ports[0].Protocol) + + "-" + strconv.Itoa(int(service4.Spec.Ports[0].Port))), + ProbePropertiesFormat: &network.ProbePropertiesFormat{ + Port: to.Int32Ptr(10081), + }, + }, + } + + //change to false to test that reconcilication will fix it + (*slb5.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].EnableTCPReset = to.BoolPtr(false) + + expectedSLb5 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service5, "Standard") + (*expectedSLb5.LoadBalancerPropertiesFormat.LoadBalancingRules)[0].DisableOutboundSnat = to.BoolPtr(true) + expectedSLb5.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ + { + Name: to.StringPtr("btest1"), + FrontendIPConfigurationPropertiesFormat: &network.FrontendIPConfigurationPropertiesFormat{ + PublicIPAddress: &network.PublicIPAddress{ID: to.StringPtr("id1")}, + }, + }, + { + Name: to.StringPtr("atest1"), + FrontendIPConfigurationPropertiesFormat: &network.FrontendIPConfigurationPropertiesFormat{ + PublicIPAddress: &network.PublicIPAddress{ID: to.StringPtr("/subscriptions/subscription/" + + "resourceGroups/rg/providers/Microsoft.Network/publicIPAddresses/pipName")}, + }, + }, + } + testCases := []struct { desc string + service v1.Service loadBalancerSku string disableOutboundSnat *bool wantLb bool existingLB network.LoadBalancer expectedLB network.LoadBalancer - expectedError bool + expectedError error }{ { desc: "reconcileLoadBalancer shall return the lb deeply equal to the existingLB if there's no " + "modification needed when wantLb == true", loadBalancerSku: "basic", + service: service1, existingLB: basicLb1, wantLb: true, expectedLB: basicLb1, - expectedError: false, + expectedError: nil, }, { desc: "reconcileLoadBalancer shall return the lb deeply equal to the existingLB if there's no " + "modification needed when wantLb == false", loadBalancerSku: "basic", + service: service2, existingLB: basicLb2, wantLb: false, expectedLB: basicLb2, - expectedError: false, + expectedError: nil, }, { desc: "reconcileLoadBalancer shall remove and reconstruct the correspoind field of lb", loadBalancerSku: "basic", + service: service3, existingLB: modifiedLb1, wantLb: true, expectedLB: expectedLb1, - expectedError: false, + expectedError: nil, }, { - desc: "reconcileLoadBalancer shall remove and reconstruct the correspoind field of lb and set enableTcpReset to true in lbRule", + desc: "reconcileLoadBalancer shall remove and reconstruct the correspoind field of lb and set enableTcpReset to false in lbRule", loadBalancerSku: "standard", + service: service4, disableOutboundSnat: to.BoolPtr(true), existingLB: existingSLB, wantLb: true, expectedLB: expectedSLb, - expectedError: false, + expectedError: nil, + }, + { + desc: "reconcileLoadBalancer shall remove and reconstruct the correspoind field of lb and set enableTcpReset to true in lbRule", + loadBalancerSku: "standard", + service: service5, + disableOutboundSnat: to.BoolPtr(true), + existingLB: slb5, + wantLb: true, + expectedLB: expectedSLb5, + expectedError: nil, }, } @@ -1273,7 +1393,7 @@ func TestReconcileLoadBalancer(t *testing.T) { az.DisableOutboundSNAT = test.disableOutboundSnat clusterResources := getClusterResources(az, 3, 3) - service.Spec.LoadBalancerIP = "1.2.3.4" + test.service.Spec.LoadBalancerIP = "1.2.3.4" _, err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", "pipName", network.PublicIPAddress{ Name: to.StringPtr("pipName"), @@ -1290,15 +1410,18 @@ func TestReconcileLoadBalancer(t *testing.T) { t.Fatalf("TestCase[%d] meets unexpected error: %v", i, err) } - lb, err := az.reconcileLoadBalancer("testCluster", &service, clusterResources.nodes, test.wantLb) - assert.Equal(t, &test.expectedLB, lb, "TestCase[%d]: %s", i, test.desc) - assert.Equal(t, test.expectedError, err != nil, "TestCase[%d]: %s", i, test.desc) + lb, err := az.reconcileLoadBalancer("testCluster", &test.service, clusterResources.nodes, test.wantLb) + assert.Equal(t, test.expectedError, err, "TestCase[%d]: %s", i, test.desc) + + if test.expectedError == nil { + assert.Equal(t, &test.expectedLB, lb, "TestCase[%d]: %s", i, test.desc) + } } } func TestGetServiceLoadBalancerStatus(t *testing.T) { az := getTestCloud() - service := getTestService("test1", v1.ProtocolTCP, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, 80) internalService := getInternalTestService("test1", 80) PIPClient := newFakeAzurePIPClient(az.Config.SubscriptionID) @@ -1457,25 +1580,25 @@ func TestReconcileSecurityGroup(t *testing.T) { }, { desc: "reconcileSecurityGroup shall report error if no such sg can be found", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), expectedError: true, }, { desc: "reconcileSecurityGroup shall report error if wantLb is true and lbIP is nil", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), wantLb: true, existingSgs: map[string]network.SecurityGroup{"nsg": {}}, expectedError: true, }, { desc: "reconcileSecurityGroup shall remain the existingSgs intact if nothing needs to be modified", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), existingSgs: map[string]network.SecurityGroup{"nsg": {}}, expectedSg: &network.SecurityGroup{}, }, { desc: "reconcileSecurityGroup shall delete unwanted sgs and create needed ones", - service: getTestService("test1", v1.ProtocolTCP, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, 80), existingSgs: map[string]network.SecurityGroup{"nsg": { Name: to.StringPtr("nsg"), SecurityGroupPropertiesFormat: &network.SecurityGroupPropertiesFormat{ @@ -1578,7 +1701,7 @@ func TestSafeDeletePublicIP(t *testing.T) { if err != nil { t.Fatalf("TestCase[%d] meets unexpected error: %v", i, err) } - service := getTestService("test1", v1.ProtocolTCP, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, 80) err = az.safeDeletePublicIP(&service, "rg", test.pip, test.lb) assert.Equal(t, 0, len(*test.lb.FrontendIPConfigurations), "TestCase[%d]: %s", i, test.desc) assert.Equal(t, 0, len(*test.lb.LoadBalancingRules), "TestCase[%d]: %s", i, test.desc) @@ -1624,7 +1747,7 @@ func TestReconcilePublicIP(t *testing.T) { for i, test := range testCases { az := getTestCloud() - service := getTestService("test1", v1.ProtocolTCP, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, 80) for _, pip := range test.existingPIPs { _, err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", to.String(pip.Name), pip) if err != nil { @@ -1667,7 +1790,7 @@ func TestEnsurePublicIPExists(t *testing.T) { for i, test := range testCases { az := getTestCloud() - service := getTestService("test1", v1.ProtocolTCP, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, 80) for _, pip := range test.existingPIPs { _, err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", to.String(pip.Name), pip) if err != nil { diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go index 9797a367042..00f226d994b 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go @@ -120,7 +120,7 @@ func TestParseConfig(t *testing.T) { // Test flipServiceInternalAnnotation func TestFlipServiceInternalAnnotation(t *testing.T) { - svc := getTestService("servicea", v1.ProtocolTCP, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) svcUpdated := flipServiceInternalAnnotation(&svc) if !requiresInternalLoadBalancer(svcUpdated) { t.Errorf("Expected svc to be an internal service") @@ -145,7 +145,7 @@ func TestFlipServiceInternalAnnotation(t *testing.T) { // Test additional of a new service/port. func TestAddPort(t *testing.T) { az := getTestCloud() - svc := getTestService("servicea", v1.ProtocolTCP, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) clusterResources := getClusterResources(az, 1, 1) svc.Spec.Ports = append(svc.Spec.Ports, v1.ServicePort{ @@ -200,7 +200,7 @@ func testLoadBalancerServiceDefaultModeSelection(t *testing.T, isInternal bool) svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -255,7 +255,7 @@ func testLoadBalancerServiceAutoModeSelection(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } setLoadBalancerAutoModeAnnotation(&svc) lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -318,7 +318,7 @@ func testLoadBalancerServicesSpecifiedSelection(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } lbMode := fmt.Sprintf("%s,%s", selectedAvailabilitySetName1, selectedAvailabilitySetName2) setLoadBalancerModeAnnotation(&svc, lbMode) @@ -360,7 +360,7 @@ func testLoadBalancerMaxRulesServices(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -389,7 +389,7 @@ func testLoadBalancerMaxRulesServices(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } _, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) if err == nil { @@ -419,7 +419,7 @@ func testLoadBalancerServiceAutoModeDeleteSelection(t *testing.T, isInternal boo svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } setLoadBalancerAutoModeAnnotation(&svc) lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -438,7 +438,7 @@ func testLoadBalancerServiceAutoModeDeleteSelection(t *testing.T, isInternal boo svc = getInternalTestService(svcName, 8081) addTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) } setLoadBalancerAutoModeAnnotation(&svc) @@ -482,7 +482,7 @@ func TestReconcileLoadBalancerAddServiceOnInternalSubnet(t *testing.T) { func TestReconcileSecurityGroupFromAnyDestinationAddressPrefixToLoadBalancerIP(t *testing.T) { az := getTestCloud() - svc1 := getTestService("serviceea", v1.ProtocolTCP, 80) + svc1 := getTestService("serviceea", v1.ProtocolTCP, nil, 80) svc1.Spec.LoadBalancerIP = "192.168.0.0" sg := getTestSecurityGroup(az) // Simulate a pre-Kubernetes 1.8 NSG, where we do not specify the destination address prefix @@ -499,7 +499,7 @@ func TestReconcileSecurityGroupFromAnyDestinationAddressPrefixToLoadBalancerIP(t func TestReconcileSecurityGroupDynamicLoadBalancerIP(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicea", v1.ProtocolTCP, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80) svc1.Spec.LoadBalancerIP = "" sg := getTestSecurityGroup(az) dynamicallyAssignedIP := "192.168.0.0" @@ -514,7 +514,7 @@ func TestReconcileSecurityGroupDynamicLoadBalancerIP(t *testing.T) { func TestReconcileLoadBalancerAddServicesOnMultipleSubnets(t *testing.T) { az := getTestCloud() clusterResources := getClusterResources(az, 1, 1) - svc1 := getTestService("service1", v1.ProtocolTCP, 8081) + svc1 := getTestService("service1", v1.ProtocolTCP, nil, 8081) svc2 := getInternalTestService("service2", 8081) // Internal and External service cannot reside on the same LB resource @@ -580,7 +580,7 @@ func TestReconcileLoadBalancerEditServiceSubnet(t *testing.T) { func TestReconcileLoadBalancerNodeHealth(t *testing.T) { az := getTestCloud() clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) svc.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal svc.Spec.HealthCheckNodePort = int32(32456) @@ -601,7 +601,7 @@ func TestReconcileLoadBalancerNodeHealth(t *testing.T) { func TestReconcileLoadBalancerRemoveService(t *testing.T) { az := getTestCloud() clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) if err != nil { @@ -625,7 +625,7 @@ func TestReconcileLoadBalancerRemoveService(t *testing.T) { func TestReconcileLoadBalancerRemoveAllPortsRemovesFrontendConfig(t *testing.T) { az := getTestCloud() clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) if err != nil { @@ -633,7 +633,7 @@ func TestReconcileLoadBalancerRemoveAllPortsRemovesFrontendConfig(t *testing.T) } validateLoadBalancer(t, lb, svc) - svcUpdated := getTestService("servicea", v1.ProtocolTCP) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil) lb, err = az.reconcileLoadBalancer(testClusterName, &svcUpdated, clusterResources.nodes, false /* wantLb*/) if err != nil { t.Errorf("Unexpected error: %q", err) @@ -652,13 +652,13 @@ func TestReconcileLoadBalancerRemovesPort(t *testing.T) { az := getTestCloud() clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) if err != nil { t.Errorf("Unexpected error: %q", err) } - svcUpdated := getTestService("servicea", v1.ProtocolTCP, 80) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80) lb, err = az.reconcileLoadBalancer(testClusterName, &svcUpdated, clusterResources.nodes, true /* wantLb */) if err != nil { t.Errorf("Unexpected error: %q", err) @@ -671,8 +671,8 @@ func TestReconcileLoadBalancerRemovesPort(t *testing.T) { func TestReconcileLoadBalancerMultipleServices(t *testing.T) { az := getTestCloud() clusterResources := getClusterResources(az, 1, 1) - svc1 := getTestService("servicea", v1.ProtocolTCP, 80, 443) - svc2 := getTestService("serviceb", v1.ProtocolTCP, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc2 := getTestService("serviceb", v1.ProtocolTCP, nil, 80) updatedLoadBalancer, err := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true /* wantLb */) if err != nil { @@ -698,7 +698,7 @@ func findLBRuleForPort(lbRules []network.LoadBalancingRule, port int32) (network func TestServiceDefaultsToNoSessionPersistence(t *testing.T) { az := getTestCloud() - svc := getTestService("service-sa-omitted", v1.ProtocolTCP, 7170) + svc := getTestService("service-sa-omitted", v1.ProtocolTCP, nil, 7170) clusterResources := getClusterResources(az, 1, 1) lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) @@ -718,7 +718,7 @@ func TestServiceDefaultsToNoSessionPersistence(t *testing.T) { func TestServiceRespectsNoSessionAffinity(t *testing.T) { az := getTestCloud() - svc := getTestService("service-sa-none", v1.ProtocolTCP, 7170) + svc := getTestService("service-sa-none", v1.ProtocolTCP, nil, 7170) svc.Spec.SessionAffinity = v1.ServiceAffinityNone clusterResources := getClusterResources(az, 1, 1) @@ -741,7 +741,7 @@ func TestServiceRespectsNoSessionAffinity(t *testing.T) { func TestServiceRespectsClientIPSessionAffinity(t *testing.T) { az := getTestCloud() - svc := getTestService("service-sa-clientip", v1.ProtocolTCP, 7170) + svc := getTestService("service-sa-clientip", v1.ProtocolTCP, nil, 7170) svc.Spec.SessionAffinity = v1.ServiceAffinityClientIP clusterResources := getClusterResources(az, 1, 1) @@ -765,7 +765,7 @@ func TestServiceRespectsClientIPSessionAffinity(t *testing.T) { func TestReconcileSecurityGroupNewServiceAddsPort(t *testing.T) { az := getTestCloud() getTestSecurityGroup(az) - svc1 := getTestService("servicea", v1.ProtocolTCP, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80) clusterResources := getClusterResources(az, 1, 1) lb, _ := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true) lbStatus, _ := az.getServiceLoadBalancerStatus(&svc1, lb) @@ -797,8 +797,8 @@ func TestReconcileSecurityGroupNewInternalServiceAddsPort(t *testing.T) { func TestReconcileSecurityGroupRemoveService(t *testing.T) { az := getTestCloud() - service1 := getTestService("servicea", v1.ProtocolTCP, 81) - service2 := getTestService("serviceb", v1.ProtocolTCP, 82) + service1 := getTestService("servicea", v1.ProtocolTCP, nil, 81) + service2 := getTestService("serviceb", v1.ProtocolTCP, nil, 82) clusterResources := getClusterResources(az, 1, 1) lb, _ := az.reconcileLoadBalancer(testClusterName, &service1, clusterResources.nodes, true) @@ -819,11 +819,11 @@ func TestReconcileSecurityGroupRemoveService(t *testing.T) { func TestReconcileSecurityGroupRemoveServiceRemovesPort(t *testing.T) { az := getTestCloud() - svc := getTestService("servicea", v1.ProtocolTCP, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) clusterResources := getClusterResources(az, 1, 1) sg := getTestSecurityGroup(az, svc) - svcUpdated := getTestService("servicea", v1.ProtocolTCP, 80) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80) lb, _ := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true) lbStatus, _ := az.getServiceLoadBalancerStatus(&svc, lb) @@ -837,7 +837,7 @@ func TestReconcileSecurityGroupRemoveServiceRemovesPort(t *testing.T) { func TestReconcileSecurityWithSourceRanges(t *testing.T) { az := getTestCloud() - svc := getTestService("servicea", v1.ProtocolTCP, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) svc.Spec.LoadBalancerSourceRanges = []string{ "192.168.0.0/24", "10.0.0.0/32", @@ -864,7 +864,7 @@ func TestReconcileSecurityGroupEtagMismatch(t *testing.T) { cachedSG.Etag = to.StringPtr("1111111-0000-0000-0000-000000000000") az.nsgCache.Set(to.String(sg.Name), &cachedSG) - svc1 := getTestService("servicea", v1.ProtocolTCP, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80) clusterResources := getClusterResources(az, 1, 1) lb, _ := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true) lbStatus, _ := az.getServiceLoadBalancerStatus(&svc1, lb) @@ -877,7 +877,7 @@ func TestReconcileSecurityGroupEtagMismatch(t *testing.T) { func TestReconcilePublicIPWithNewService(t *testing.T) { az := getTestCloud() - svc := getTestService("servicea", v1.ProtocolTCP, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) pip, err := az.reconcilePublicIP(testClusterName, &svc, "", true /* wantLb*/) if err != nil { @@ -898,7 +898,7 @@ func TestReconcilePublicIPWithNewService(t *testing.T) { func TestReconcilePublicIPRemoveService(t *testing.T) { az := getTestCloud() - svc := getTestService("servicea", v1.ProtocolTCP, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) pip, err := az.reconcilePublicIP(testClusterName, &svc, "", true /* wantLb*/) if err != nil { @@ -939,7 +939,7 @@ func TestReconcilePublicIPWithExternalAndInternalSwitch(t *testing.T) { validatePublicIP(t, pip, &svc, true) // Update to external service - svcUpdated := getTestService("servicea", v1.ProtocolTCP, 80) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80) pip, err = az.reconcilePublicIP(testClusterName, &svcUpdated, "", true /* wantLb*/) if err != nil { t.Errorf("Unexpected error: %q", err) @@ -1131,7 +1131,7 @@ func getBackendPort(port int32) int32 { return port + 10000 } -func getTestService(identifier string, proto v1.Protocol, requestedPorts ...int32) v1.Service { +func getTestService(identifier string, proto v1.Protocol, annotations map[string]string, requestedPorts ...int32) v1.Service { ports := []v1.ServicePort{} for _, port := range requestedPorts { ports = append(ports, v1.ServicePort{ @@ -1151,19 +1151,23 @@ func getTestService(identifier string, proto v1.Protocol, requestedPorts ...int3 svc.Name = identifier svc.Namespace = "default" svc.UID = types.UID(identifier) - svc.Annotations = make(map[string]string) + if annotations == nil { + svc.Annotations = make(map[string]string) + } else { + svc.Annotations = annotations + } return svc } func getInternalTestService(identifier string, requestedPorts ...int32) v1.Service { - svc := getTestService(identifier, v1.ProtocolTCP, requestedPorts...) + svc := getTestService(identifier, v1.ProtocolTCP, nil, requestedPorts...) svc.Annotations[ServiceAnnotationLoadBalancerInternal] = "true" return svc } func getResourceGroupTestService(identifier, resourceGroup, loadBalancerIP string, requestedPorts ...int32) v1.Service { - svc := getTestService(identifier, v1.ProtocolTCP, requestedPorts...) + svc := getTestService(identifier, v1.ProtocolTCP, nil, requestedPorts...) svc.Spec.LoadBalancerIP = loadBalancerIP svc.Annotations[ServiceAnnotationLoadBalancerResourceGroup] = resourceGroup return svc @@ -1869,7 +1873,7 @@ func addTestSubnet(t *testing.T, az *Cloud, svc *v1.Service) { func TestIfServiceSpecifiesSharedRuleAndRuleDoesNotExistItIsCreated(t *testing.T) { az := getTestCloud() - svc := getTestService("servicesr", v1.ProtocolTCP, 80) + svc := getTestService("servicesr", v1.ProtocolTCP, nil, 80) svc.Spec.LoadBalancerIP = "192.168.77.88" svc.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -1908,7 +1912,7 @@ func TestIfServiceSpecifiesSharedRuleAndRuleDoesNotExistItIsCreated(t *testing.T func TestIfServiceSpecifiesSharedRuleAndRuleExistsThenTheServicesPortAndAddressAreAdded(t *testing.T) { az := getTestCloud() - svc := getTestService("servicesr", v1.ProtocolTCP, 80) + svc := getTestService("servicesr", v1.ProtocolTCP, nil, 80) svc.Spec.LoadBalancerIP = "192.168.77.88" svc.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -1961,11 +1965,11 @@ func TestIfServiceSpecifiesSharedRuleAndRuleExistsThenTheServicesPortAndAddressA func TestIfServicesSpecifySharedRuleButDifferentPortsThenSeparateRulesAreCreated(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2030,11 +2034,11 @@ func TestIfServicesSpecifySharedRuleButDifferentPortsThenSeparateRulesAreCreated func TestIfServicesSpecifySharedRuleButDifferentProtocolsThenSeparateRulesAreCreated(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolUDP, 4444) + svc2 := getTestService("servicesr2", v1.ProtocolUDP, nil, 4444) svc2.Spec.LoadBalancerIP = "192.168.77.88" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2097,12 +2101,12 @@ func TestIfServicesSpecifySharedRuleButDifferentProtocolsThenSeparateRulesAreCre func TestIfServicesSpecifySharedRuleButDifferentSourceAddressesThenSeparateRulesAreCreated(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 80) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 80) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Spec.LoadBalancerSourceRanges = []string{"192.168.12.0/24"} svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 80) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 80) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Spec.LoadBalancerSourceRanges = []string{"192.168.34.0/24"} svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2168,15 +2172,15 @@ func TestIfServicesSpecifySharedRuleButDifferentSourceAddressesThenSeparateRules func TestIfServicesSpecifySharedRuleButSomeAreOnDifferentPortsThenRulesAreSeparatedOrConsoliatedByPort(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2268,11 +2272,11 @@ func TestIfServicesSpecifySharedRuleButSomeAreOnDifferentPortsThenRulesAreSepara func TestIfServiceSpecifiesSharedRuleAndServiceIsDeletedThenTheServicesPortAndAddressAreRemoved(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 80) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 80) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 80) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 80) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2323,15 +2327,15 @@ func TestIfServiceSpecifiesSharedRuleAndServiceIsDeletedThenTheServicesPortAndAd func TestIfSomeServicesShareARuleAndOneIsDeletedItIsRemovedFromTheRightRule(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2430,15 +2434,15 @@ func TestIfSomeServicesShareARuleAndOneIsDeletedItIsRemovedFromTheRightRule(t *t func TestIfServiceSpecifiesSharedRuleAndLastServiceIsDeletedThenRuleIsDeleted(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2510,23 +2514,23 @@ func TestIfServiceSpecifiesSharedRuleAndLastServiceIsDeletedThenRuleIsDeleted(t func TestCanCombineSharedAndPrivateRulesInSameGroup(t *testing.T) { az := getTestCloud() - svc1 := getTestService("servicesr1", v1.ProtocolTCP, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc4 := getTestService("servicesr4", v1.ProtocolTCP, 4444) + svc4 := getTestService("servicesr4", v1.ProtocolTCP, nil, 4444) svc4.Spec.LoadBalancerIP = "192.168.22.33" svc4.Annotations[ServiceAnnotationSharedSecurityRule] = "false" - svc5 := getTestService("servicesr5", v1.ProtocolTCP, 8888) + svc5 := getTestService("servicesr5", v1.ProtocolTCP, nil, 8888) svc5.Spec.LoadBalancerIP = "192.168.22.33" svc5.Annotations[ServiceAnnotationSharedSecurityRule] = "false"