ingress-nginx-helm/test/e2e/lua/dynamic_configuration.go

/*
Copyright 2018 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package lua

import (
	"crypto/tls"
	"fmt"
	"net/http"
	"regexp"
	"strings"
	"time"

	. "github.com/onsi/ginkgo"
	. "github.com/onsi/gomega"
	"github.com/parnurzeal/gorequest"

	extensions "k8s.io/api/extensions/v1beta1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	"k8s.io/ingress-nginx/test/e2e/framework"
)

const (
	logDynamicConfigSuccess = "Dynamic reconfiguration succeeded"
	logDynamicConfigFailure = "Dynamic reconfiguration failed"
	logRequireBackendReload = "Configuration changes detected, backend reload required"
	logBackendReloadSuccess = "Backend successfully reloaded"
	logInitialConfigSync    = "Initial synchronization of the NGINX configuration"
	waitForLuaSync          = 5 * time.Second
)

var _ = framework.IngressNginxDescribe("Dynamic Configuration", func() {
	f := framework.NewDefaultFramework("dynamic-configuration")

	BeforeEach(func() {
		f.NewEchoDeploymentWithReplicas(1)
		ensureIngress(f, "foo.com")
	})

	It("configures balancer Lua middleware correctly", func() {
		f.WaitForNginxConfiguration(func(cfg string) bool {
			return strings.Contains(cfg, "balancer.init_worker()") && strings.Contains(cfg, "balancer.balance()")
		})

		host := "foo.com"
		f.WaitForNginxServer(host, func(server string) bool {
			return strings.Contains(server, "balancer.rewrite()") && strings.Contains(server, "balancer.log()")
		})
	})

	It("sets nameservers for Lua", func() {
		f.WaitForNginxConfiguration(func(cfg string) bool {
			r := regexp.MustCompile(`configuration.nameservers = { [".,0-9a-zA-Z]+ }`)
			return r.MatchString(cfg)
		})
	})

	Context("when only backends change", func() {
		It("handles endpoints only changes", func() {
			var nginxConfig string
			f.WaitForNginxConfiguration(func(cfg string) bool {
				nginxConfig = cfg
				return true
			})

			replicas := 2
			err := framework.UpdateDeployment(f.KubeClientSet, f.IngressController.Namespace, "http-svc", replicas, nil)
			Expect(err).NotTo(HaveOccurred())
			time.Sleep(waitForLuaSync)

			ensureRequest(f, "foo.com")

			var newNginxConfig string
			f.WaitForNginxConfiguration(func(cfg string) bool {
				newNginxConfig = cfg
				return true
			})
			Expect(nginxConfig).Should(Equal(newNginxConfig))
		})

		It("handles an annotation change", func() {
			var nginxConfig string
			f.WaitForNginxConfiguration(func(cfg string) bool {
				nginxConfig = cfg
				return true
			})

			ingress, err := f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Get("foo.com", metav1.GetOptions{})
			Expect(err).ToNot(HaveOccurred())

			ingress.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/load-balance"] = "round_robin"
			_, err = f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Update(ingress)
			Expect(err).ToNot(HaveOccurred())
			time.Sleep(waitForLuaSync)

			ensureRequest(f, "foo.com")

			var newNginxConfig string
			f.WaitForNginxConfiguration(func(cfg string) bool {
				newNginxConfig = cfg
				return true
			})

			Expect(nginxConfig).Should(Equal(newNginxConfig))
		})
	})

	It("handles a non backend update", func() {
		var nginxConfig string
		f.WaitForNginxConfiguration(func(cfg string) bool {
			nginxConfig = cfg
			return true
		})

		ingress, err := f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Get("foo.com", metav1.GetOptions{})
		Expect(err).ToNot(HaveOccurred())
		ingress.Spec.TLS = []extensions.IngressTLS{
			{
				Hosts:      []string{"foo.com"},
				SecretName: "foo.com",
			},
		}
		_, err = framework.CreateIngressTLSSecret(f.KubeClientSet,
			ingress.Spec.TLS[0].Hosts,
			ingress.Spec.TLS[0].SecretName,
			ingress.Namespace)
		Expect(err).ToNot(HaveOccurred())
		_, err = f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Update(ingress)
		Expect(err).ToNot(HaveOccurred())

		var newNginxConfig string
		f.WaitForNginxConfiguration(func(cfg string) bool {
			newNginxConfig = cfg
			return true
		})
		Expect(nginxConfig).ShouldNot(Equal(newNginxConfig))
	})
})

func ensureIngress(f *framework.Framework, host string) *extensions.Ingress {
	ing := f.EnsureIngress(framework.NewSingleIngress(host, "/", host, f.IngressController.Namespace, "http-svc", 80,
		&map[string]string{"nginx.ingress.kubernetes.io/load-balance": "ewma"}))

	f.WaitForNginxServer(host,
		func(server string) bool {
			return strings.Contains(server, fmt.Sprintf("server_name %s ;", host)) &&
				strings.Contains(server, "proxy_pass http://upstream_balancer;")
		})
	time.Sleep(waitForLuaSync)
	ensureRequest(f, host)

	return ing
}

func ensureRequest(f *framework.Framework, host string) {
	resp, _, errs := gorequest.New().
		Get(f.IngressController.HTTPURL).
		Set("Host", host).
		End()
	Expect(errs).Should(BeEmpty())
	Expect(resp.StatusCode).Should(Equal(http.StatusOK))
}

func ensureHTTPSRequest(url string, host string, expectedDNSName string) {
	resp, _, errs := gorequest.New().
		Get(url).
		Set("Host", host).
		TLSClientConfig(&tls.Config{
			InsecureSkipVerify: true,
			ServerName:         host,
		}).
		End()
	Expect(errs).Should(BeEmpty())
	Expect(resp.StatusCode).Should(Equal(http.StatusOK))
	Expect(len(resp.TLS.PeerCertificates)).Should(BeNumerically("==", 1))
	Expect(resp.TLS.PeerCertificates[0].DNSNames[0]).Should(Equal(expectedDNSName))
}

func getCookie(name string, cookies []*http.Cookie) (*http.Cookie, error) {
	for _, cookie := range cookies {
		if cookie.Name == name {
			return cookie, nil
		}
	}
	return &http.Cookie{}, fmt.Errorf("Cookie does not exist")
}
e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00			`/*`
			`Copyright 2018 The Kubernetes Authors.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package lua`

			`import (`
cleanup dynamic cert e2e tests 2018-08-24 22:52:09 +00:00			`"crypto/tls"`
e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00			`"fmt"`
			`"net/http"`
Add session affinity to custom load balancing 2018-04-12 18:21:42 +00:00			`"regexp"`
e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00			`"strings"`
			`"time"`

			`. "github.com/onsi/ginkgo"`
			`. "github.com/onsi/gomega"`
			`"github.com/parnurzeal/gorequest"`

			`extensions "k8s.io/api/extensions/v1beta1"`
			`metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"`

			`"k8s.io/ingress-nginx/test/e2e/framework"`
			`)`

Clarify log messages in controller pkg 2018-06-13 18:15:45 +00:00			`const (`
			`logDynamicConfigSuccess = "Dynamic reconfiguration succeeded"`
			`logDynamicConfigFailure = "Dynamic reconfiguration failed"`
			`logRequireBackendReload = "Configuration changes detected, backend reload required"`
			`logBackendReloadSuccess = "Backend successfully reloaded"`
			`logInitialConfigSync = "Initial synchronization of the NGINX configuration"`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`waitForLuaSync = 5 * time.Second`
Clarify log messages in controller pkg 2018-06-13 18:15:45 +00:00			`)`

e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00			`var _ = framework.IngressNginxDescribe("Dynamic Configuration", func() {`
			`f := framework.NewDefaultFramework("dynamic-configuration")`

			`BeforeEach(func() {`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.NewEchoDeploymentWithReplicas(1)`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`ensureIngress(f, "foo.com")`
e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00			`})`

fix bug with balancer.lua configuration 2018-10-24 18:42:40 +00:00			`It("configures balancer Lua middleware correctly", func() {`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
fix bug with balancer.lua configuration 2018-10-24 18:42:40 +00:00			`return strings.Contains(cfg, "balancer.init_worker()") && strings.Contains(cfg, "balancer.balance()")`
			`})`

			`host := "foo.com"`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxServer(host, func(server string) bool {`
fix bug with balancer.lua configuration 2018-10-24 18:42:40 +00:00			`return strings.Contains(server, "balancer.rewrite()") && strings.Contains(server, "balancer.log()")`
			`})`
			`})`

			`It("sets nameservers for Lua", func() {`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
fix bug with lua e2e test suite 2018-07-28 17:56:41 +00:00			r := regexp.MustCompile(`configuration.nameservers = { [".,0-9a-zA-Z]+ }`)
			`return r.MatchString(cfg)`
			`})`
			`})`

Fixed tests 2018-04-12 23:44:09 +00:00			`Context("when only backends change", func() {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`It("handles endpoints only changes", func() {`
			`var nginxConfig string`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`nginxConfig = cfg`
			`return true`
			`})`
Fixed tests 2018-04-12 23:44:09 +00:00
			`replicas := 2`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`err := framework.UpdateDeployment(f.KubeClientSet, f.IngressController.Namespace, "http-svc", replicas, nil)`
Endpoint Awareness: Read backends data from tmp file as well Actually read from the file Logs probably shouldn't assume knowledge of implementation detail Typos Added integration test, and dynamic update config refactor Don't force the 8k default Minimal test case to make the configuration/backends request body write to temp file Leverage new safe config updating methods, and use 2 replicas instead of 4 Small refactor Better integration test, addresses other feedback Update bindata 2018-04-05 15:00:37 +00:00			`Expect(err).NotTo(HaveOccurred())`
fix bug with lua e2e test suite 2018-07-28 17:56:41 +00:00			`time.Sleep(waitForLuaSync)`
Endpoint Awareness: Read backends data from tmp file as well Actually read from the file Logs probably shouldn't assume knowledge of implementation detail Typos Added integration test, and dynamic update config refactor Don't force the 8k default Minimal test case to make the configuration/backends request body write to temp file Leverage new safe config updating methods, and use 2 replicas instead of 4 Small refactor Better integration test, addresses other feedback Update bindata 2018-04-05 15:00:37 +00:00
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`ensureRequest(f, "foo.com")`
Endpoint Awareness: Read backends data from tmp file as well Actually read from the file Logs probably shouldn't assume knowledge of implementation detail Typos Added integration test, and dynamic update config refactor Don't force the 8k default Minimal test case to make the configuration/backends request body write to temp file Leverage new safe config updating methods, and use 2 replicas instead of 4 Small refactor Better integration test, addresses other feedback Update bindata 2018-04-05 15:00:37 +00:00
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`var newNginxConfig string`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`newNginxConfig = cfg`
			`return true`
			`})`
			`Expect(nginxConfig).Should(Equal(newNginxConfig))`
Endpoint Awareness: Read backends data from tmp file as well Actually read from the file Logs probably shouldn't assume knowledge of implementation detail Typos Added integration test, and dynamic update config refactor Don't force the 8k default Minimal test case to make the configuration/backends request body write to temp file Leverage new safe config updating methods, and use 2 replicas instead of 4 Small refactor Better integration test, addresses other feedback Update bindata 2018-04-05 15:00:37 +00:00			`})`

clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`It("handles an annotation change", func() {`
			`var nginxConfig string`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`nginxConfig = cfg`
			`return true`
			`})`

Remove most of the time.Sleep from the e2e tests 2018-04-18 19:15:08 +00:00			`ingress, err := f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Get("foo.com", metav1.GetOptions{})`
Fixed tests 2018-04-12 23:44:09 +00:00			`Expect(err).ToNot(HaveOccurred())`

			`ingress.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/load-balance"] = "round_robin"`
Remove most of the time.Sleep from the e2e tests 2018-04-18 19:15:08 +00:00			`_, err = f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Update(ingress)`
Fixed tests 2018-04-12 23:44:09 +00:00			`Expect(err).ToNot(HaveOccurred())`
fix bug with lua e2e test suite 2018-07-28 17:56:41 +00:00			`time.Sleep(waitForLuaSync)`
fix flaky dynamic configuration test 2018-04-21 02:32:38 +00:00
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`ensureRequest(f, "foo.com")`

			`var newNginxConfig string`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`newNginxConfig = cfg`
			`return true`
			`})`

			`Expect(nginxConfig).Should(Equal(newNginxConfig))`
Fixed tests 2018-04-12 23:44:09 +00:00			`})`
			`})`

clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`It("handles a non backend update", func() {`
			`var nginxConfig string`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`nginxConfig = cfg`
			`return true`
			`})`

Remove most of the time.Sleep from the e2e tests 2018-04-18 19:15:08 +00:00			`ingress, err := f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Get("foo.com", metav1.GetOptions{})`
Fixed tests 2018-04-12 23:44:09 +00:00			`Expect(err).ToNot(HaveOccurred())`
cleanup redundant code 2018-04-21 03:41:21 +00:00			`ingress.Spec.TLS = []extensions.IngressTLS{`
Fixed tests 2018-04-12 23:44:09 +00:00			`{`
			`Hosts: []string{"foo.com"},`
			`SecretName: "foo.com",`
			`},`
			`}`
Refactor e2e framework for TLS tests 2018-04-27 12:29:08 +00:00			`_, err = framework.CreateIngressTLSSecret(f.KubeClientSet,`
Fixed tests 2018-04-12 23:44:09 +00:00			`ingress.Spec.TLS[0].Hosts,`
			`ingress.Spec.TLS[0].SecretName,`
			`ingress.Namespace)`
			`Expect(err).ToNot(HaveOccurred())`
Remove most of the time.Sleep from the e2e tests 2018-04-18 19:15:08 +00:00			`_, err = f.KubeClientSet.ExtensionsV1beta1().Ingresses(f.IngressController.Namespace).Update(ingress)`
Fixed tests 2018-04-12 23:44:09 +00:00			`Expect(err).ToNot(HaveOccurred())`

clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`var newNginxConfig string`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`f.WaitForNginxConfiguration(func(cfg string) bool {`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`newNginxConfig = cfg`
			`return true`
			`})`
			`Expect(nginxConfig).ShouldNot(Equal(newNginxConfig))`
upstream-hash-by annotation support for dynamic configuraton mode 2018-04-20 03:02:22 +00:00			`})`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`})`
upstream-hash-by annotation support for dynamic configuraton mode 2018-04-20 03:02:22 +00:00
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`func ensureIngress(f framework.Framework, host string) extensions.Ingress {`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00			`ing := f.EnsureIngress(framework.NewSingleIngress(host, "/", host, f.IngressController.Namespace, "http-svc", 80,`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`&map[string]string{"nginx.ingress.kubernetes.io/load-balance": "ewma"}))`
Remove e2e boilerplate 2018-10-29 21:39:04 +00:00
			`f.WaitForNginxServer(host,`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`func(server string) bool {`
			`return strings.Contains(server, fmt.Sprintf("server_name %s ;", host)) &&`
			`strings.Contains(server, "proxy_pass http://upstream_balancer;")`
Add session affinity to custom load balancing 2018-04-12 18:21:42 +00:00			`})`
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`time.Sleep(waitForLuaSync)`
			`ensureRequest(f, host)`
Fixed tests 2018-04-12 23:44:09 +00:00
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`return ing`
			`}`
e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00
clear dynamic configuration e2e tests 2018-08-24 02:06:16 +00:00			`func ensureRequest(f *framework.Framework, host string) {`
			`resp, _, errs := gorequest.New().`
			`Get(f.IngressController.HTTPURL).`
			`Set("Host", host).`
			`End()`
			`Expect(errs).Should(BeEmpty())`
			`Expect(resp.StatusCode).Should(Equal(http.StatusOK))`
e2e tests for dynamic configuration and Lua features and a bug fix (#2254) * e2e tests for dynamic configuration and Lua features * do not rely on force reload to dynamically configure when reload is needed * fix misspelling * skip dynamic configuration in the first template rendering * dont error on first sync 2018-04-01 20:09:27 +00:00			`}`
Add session affinity to custom load balancing 2018-04-12 18:21:42 +00:00
cleanup dynamic cert e2e tests 2018-08-24 22:52:09 +00:00			`func ensureHTTPSRequest(url string, host string, expectedDNSName string) {`
			`resp, _, errs := gorequest.New().`
			`Get(url).`
			`Set("Host", host).`
			`TLSClientConfig(&tls.Config{`
			`InsecureSkipVerify: true,`
			`ServerName: host,`
			`}).`
			`End()`
			`Expect(errs).Should(BeEmpty())`
			`Expect(resp.StatusCode).Should(Equal(http.StatusOK))`
			`Expect(len(resp.TLS.PeerCertificates)).Should(BeNumerically("==", 1))`
			`Expect(resp.TLS.PeerCertificates[0].DNSNames[0]).Should(Equal(expectedDNSName))`
			`}`

Add session affinity to custom load balancing 2018-04-12 18:21:42 +00:00			`func getCookie(name string, cookies []http.Cookie) (http.Cookie, error) {`
			`for _, cookie := range cookies {`
			`if cookie.Name == name {`
			`return cookie, nil`
			`}`
			`}`
			`return &http.Cookie{}, fmt.Errorf("Cookie does not exist")`
			`}`