Merge pull request #63886 from agau4779/neg-healthchecks

Automatic merge from submit-queue (batch tested with PRs 63886, 63857, 63824). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. [GCE] Check for NEG healthcheck **What this PR does / why we need it**: In `backendMode`, also check for HealthCheck with the same name as BackendService. **Release note**: ```release-note NONE ```
2025-07-23 19:56:01 +00:00 · 2018-05-17 02:08:52 -07:00 · 2018-05-17 02:08:52 -07:00 · e981085a14
commit e981085a14
parent da8e25c63d 2c73d99fce
5 changed files with 86 additions and 8 deletions
--- a/test/e2e/framework/ingress_utils.go
+++ b/test/e2e/framework/ingress_utils.go
@ -924,32 +924,53 @@ func (cont *GCEIngressController) backendMode(svcPorts map[string]v1.ServicePort
 		return false, fmt.Errorf("failed to list backend services: %v", err)
 	}

+	hcList, err := gceCloud.ListHealthChecks()
+	if err != nil {
+		return false, fmt.Errorf("failed to list health checks: %v", err)
+	}
+
 	uid := cont.UID
 	if len(uid) > 8 {
 		uid = uid[:8]
 	}

 	matchingBackendService := 0
-	for _, bs := range beList {
+	for svcName, sp := range svcPorts {
 		match := false
-		for svcName, sp := range svcPorts {
-			// Non-NEG BackendServices are named with the Nodeport in the name.
-			// NEG BackendServices' names contain the a sha256 hash of a string.
-			negString := strings.Join([]string{uid, cont.Ns, svcName, sp.TargetPort.String()}, ";")
-			negHash := fmt.Sprintf("%x", sha256.Sum256([]byte(negString)))[:8]
-
+		bsMatch := &compute.BackendService{}
+		// Non-NEG BackendServices are named with the Nodeport in the name.
+		// NEG BackendServices' names contain the a sha256 hash of a string.
+		negString := strings.Join([]string{uid, cont.Ns, svcName, sp.TargetPort.String()}, ";")
+		negHash := fmt.Sprintf("%x", sha256.Sum256([]byte(negString)))[:8]
+		for _, bs := range beList {
 			if strings.Contains(bs.Name, strconv.Itoa(int(sp.NodePort))) ||
 				strings.Contains(bs.Name, negHash) {
 				match = true
+				bsMatch = bs
 				matchingBackendService += 1
+				break
 			}
 		}
+
 		if match {
-			for _, be := range bs.Backends {
+			for _, be := range bsMatch.Backends {
 				if !strings.Contains(be.Group, keyword) {
 					return false, nil
 				}
 			}
+
+			// Check that the correct HealthCheck exists for the BackendService
+			hcMatch := false
+			for _, hc := range hcList {
+				if hc.Name == bsMatch.Name {
+					hcMatch = true
+					break
+				}
+			}
+
+			if !hcMatch {
+				return false, fmt.Errorf("missing healthcheck for backendservice: %v", bsMatch.Name)
+			}
 		}
 	}
 	return matchingBackendService == len(svcPorts), nil
--- a/test/e2e/network/ingress.go
+++ b/test/e2e/network/ingress.go
@ -539,6 +539,22 @@ var _ = SIGDescribe("Loadbalancing: L7", func() {
 			jig.WaitForIngress(true)
 		})

+		It("should be able to create a ClusterIP service [Unreleased]", func() {
+			var err error
+			By("Create a basic HTTP ingress using NEG")
+			jig.CreateIngress(filepath.Join(framework.IngressManifestPath, "neg-clusterip"), ns, map[string]string{}, map[string]string{})
+			jig.WaitForIngress(true)
+			svcPorts := jig.GetServicePorts(false)
+			usingNEG, err := gceController.BackendServiceUsingNEG(svcPorts)
+			Expect(err).NotTo(HaveOccurred())
+			Expect(usingNEG).To(BeTrue())
+
+			// ClusterIP ServicePorts have no NodePort
+			for _, sp := range svcPorts {
+				Expect(sp.NodePort).To(Equal(int32(0)))
+			}
+		})
+
 		It("should sync endpoints to NEG", func() {
 			name := "hostname"
 			scaleAndValidateNEG := func(num int) {
--- a/test/e2e/testing-manifests/ingress/neg-clusterip/ing.yaml
+++ b/test/e2e/testing-manifests/ingress/neg-clusterip/ing.yaml
@ -0,0 +1,8 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: hostname
+spec:
+  backend:
+    serviceName: hostname
+    servicePort: 80
--- a/test/e2e/testing-manifests/ingress/neg-clusterip/rc.yaml
+++ b/test/e2e/testing-manifests/ingress/neg-clusterip/rc.yaml
@ -0,0 +1,18 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  labels:
+    run: hostname
+  name: hostname
+spec:
+  minReadySeconds: 60
+  template:
+    metadata:
+      labels:
+        run: hostname
+    spec:
+      containers:
+      - image: gcr.io/kubernetes-e2e-test-images/serve-hostname-amd64:1.1
+        imagePullPolicy: IfNotPresent
+        name: hostname
+      terminationGracePeriodSeconds: 120
--- a/test/e2e/testing-manifests/ingress/neg-clusterip/svc.yaml
+++ b/test/e2e/testing-manifests/ingress/neg-clusterip/svc.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: hostname
+  annotations:
+    alpha.cloud.google.com/load-balancer-neg: "true"
+spec:
+  ports:
+  - port: 80
+    protocol: TCP
+    targetPort: 9376
+  selector:
+    run: hostname
+  sessionAffinity: None
+  type: ClusterIP