Merge pull request #1738 from aledbf/cleanup

Cleanup

.travis.yml

@@ -34,16 +34,21 @@ jobs:
     - go get github.com/golang/lint/golint
     - make fmt lint vet
   - stage: Coverage
+    before_script:
+    # start minikube 
+    - test/e2e/up.sh
     script:
     - go get github.com/mattn/goveralls
     - go get github.com/modocache/gover
-    - if ! go get github.com/golang/tools/cmd/cover; then go get golang.org/x/tools/cmd/cover;
-      fi
+    - if ! go get github.com/golang/tools/cmd/cover; then go get golang.org/x/tools/cmd/cover;fi
+    - if ! go get github.com/jteeuwen/go-bindata/...; then github.com/jteeuwen/go-bindata/...;fi
     - make cover
   - stage: e2e
     before_script:
+    - if ! go get github.com/jteeuwen/go-bindata/...; then github.com/jteeuwen/go-bindata/...;fi
     - make e2e-image
     - test/e2e/up.sh
+    - test/e2e/wait-for-nginx.sh
     script:
     - make e2e-test
   # split builds to avoid job timeouts

Makefile

@@ -133,8 +133,12 @@ endif
 clean:
 	$(DOCKER) rmi -f $(MULTI_ARCH_IMG):$(TAG) || true
 
+.PHONE: gobindata
+gobindata:
+		go-bindata -o internal/file/bindata.go -prefix="rootfs" -pkg=file -ignore=Dockerfile -ignore=".DS_Store" rootfs/...
+
 .PHONY: build
-build: clean
+build: clean gobindata
 	CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} go build -a -installsuffix cgo \
 		-ldflags "-s -w -X ${PKG}/version.RELEASE=${TAG} -X ${PKG}/version.COMMIT=${COMMIT} -X ${PKG}/version.REPO=${REPO_INFO}" \
 		-o ${TEMP_DIR}/rootfs/nginx-ingress-controller ${PKG}/cmd/nginx
@@ -150,7 +154,7 @@ lint:
 	@go list -f '{{if len .TestGoFiles}}"golint {{.Dir}}/..."{{end}}' $(shell go list ${PKG}/... | grep -v vendor | grep -v '/test/e2e') | xargs -L 1 sh -c
 
 .PHONY: test
-test: fmt lint vet
+test: fmt lint vet gobindata
 	@echo "+ $@"
 	@go test -v -race -tags "$(BUILDTAGS) cgo" $(shell go list ${PKG}/... | grep -v vendor | grep -v '/test/e2e')
 
@@ -165,7 +169,7 @@ e2e-test:
 	@KUBECONFIG=${HOME}/.kube/config INGRESSNGINXCONFIG=${HOME}/.kube/config ./e2e-tests
 
 .PHONY: cover
-cover:
+cover: gobindata
 	@echo "+ $@"
 	@go list -f '{{if len .TestGoFiles}}"go test -coverprofile={{.Dir}}/.coverprofile {{.ImportPath}}"{{end}}' $(shell go list ${PKG}/... | grep -v vendor | grep -v '/test/e2e') | xargs -L 1 sh -c
 	gover

cmd/nginx/flags.go

@@ -27,15 +27,12 @@ import (
 
 	apiv1 "k8s.io/api/core/v1"
 
+	"k8s.io/ingress-nginx/internal/ingress/annotations/class"
 	"k8s.io/ingress-nginx/internal/ingress/controller"
 	ngx_config "k8s.io/ingress-nginx/internal/ingress/controller/config"
 	ing_net "k8s.io/ingress-nginx/internal/net"
 )
 
-const (
-	defIngressClass = "nginx"
-)
-
 func parseFlags() (bool, *controller.Configuration, error) {
 	var (
 		flags = pflag.NewFlagSet("", pflag.ExitOnError)
@@ -152,9 +149,11 @@ func parseFlags() (bool, *controller.Configuration, error) {
 	if *ingressClass != "" {
 		glog.Infof("Watching for ingress class: %s", *ingressClass)
 
-		if *ingressClass != defIngressClass {
+		if *ingressClass != class.DefaultClass {
 			glog.Warningf("only Ingress with class \"%v\" will be processed by this ingress controller", *ingressClass)
 		}
+
+		class.IngressClass = *ingressClass
 	}
 
 	// check port collisions
@@ -198,7 +197,6 @@ func parseFlags() (bool, *controller.Configuration, error) {
 		EnableSSLChainCompletion: *enableSSLChainCompletion,
 		ResyncPeriod:             *resyncPeriod,
 		DefaultService:           *defaultSvc,
-		IngressClass:             *ingressClass,
 		Namespace:                *watchNamespace,
 		ConfigMapName:            *configMap,
 		TCPConfigMapName:         *tcpConfigMapName,

cmd/nginx/main.go

@@ -39,7 +39,7 @@ import (
 	"k8s.io/client-go/tools/clientcmd"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 
-	"k8s.io/ingress-nginx/internal/ingress"
+	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress/controller"
 	"k8s.io/ingress-nginx/internal/k8s"
 	"k8s.io/ingress-nginx/internal/net/ssl"
@@ -58,6 +58,11 @@ func main() {
 		glog.Fatal(err)
 	}
 
+	fs, err := file.NewLocalFS()
+	if err != nil {
+		glog.Fatal(err)
+	}
+
 	kubeClient, err := createApiserverClient(conf.APIServerHost, conf.KubeConfigFile)
 	if err != nil {
 		handleFatalInitError(err)
@@ -111,12 +116,6 @@ func main() {
 		glog.Fatalf("resync period (%vs) is too low", conf.ResyncPeriod.Seconds())
 	}
 
-	// create directory that will contains the SSL Certificates
-	err = os.MkdirAll(ingress.DefaultSSLDirectory, 0655)
-	if err != nil {
-		glog.Errorf("Failed to mkdir SSL directory: %v", err)
-	}
-
 	// create the default SSL certificate (dummy)
 	defCert, defKey := ssl.GetFakeSSLCert()
 	c, err := ssl.AddOrUpdateCertAndKey(fakeCertificate, defCert, defKey, []byte{})
@@ -128,15 +127,16 @@ func main() {
 	conf.FakeCertificateSHA = c.PemSHA
 
 	conf.Client = kubeClient
-	conf.DefaultIngressClass = defIngressClass
 
-	ngx := controller.NewNGINXController(conf)
+	ngx := controller.NewNGINXController(conf, fs)
 
 	if conf.EnableSSLPassthrough {
 		setupSSLProxy(conf.ListenPorts.HTTPS, conf.ListenPorts.SSLProxy, ngx)
 	}
 
-	go handleSigterm(ngx)
+	go handleSigterm(ngx, func(code int) {
+		os.Exit(code)
+	})
 
 	mux := http.NewServeMux()
 	go registerHandlers(conf.EnableProfiling, conf.ListenPorts.Health, ngx, mux)
@@ -144,7 +144,9 @@ func main() {
 	ngx.Start()
 }
 
-func handleSigterm(ngx *controller.NGINXController) {
+type exiter func(code int)
+
+func handleSigterm(ngx *controller.NGINXController, exit exiter) {
 	signalChan := make(chan os.Signal, 1)
 	signal.Notify(signalChan, syscall.SIGTERM)
 	<-signalChan
@@ -160,7 +162,7 @@ func handleSigterm(ngx *controller.NGINXController) {
 	time.Sleep(10 * time.Second)
 
 	glog.Infof("Exiting with %v", exitCode)
-	os.Exit(exitCode)
+	exit(exitCode)
 }
 
 func setupSSLProxy(sslPort, proxyPort int, n *controller.NGINXController) {

cmd/nginx/main_test.go

@@ -0,0 +1,99 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"fmt"
+	"os"
+	"syscall"
+	"testing"
+	"time"
+
+	"k8s.io/ingress-nginx/internal/file"
+	"k8s.io/ingress-nginx/internal/ingress/controller"
+)
+
+func TestCreateApiserverClient(t *testing.T) {
+	home := os.Getenv("HOME")
+	kubeConfigFile := fmt.Sprintf("%v/.kube/config", home)
+
+	cli, err := createApiserverClient("", kubeConfigFile)
+	if err != nil {
+		t.Fatalf("unexpected error creating api server client: %v", err)
+	}
+	if cli == nil {
+		t.Fatalf("expected a kubernetes client but none returned")
+	}
+
+	_, err = createApiserverClient("", "")
+	if err == nil {
+		t.Fatalf("expected an error creating api server client without an api server URL or kubeconfig file")
+	}
+}
+
+func TestHandleSigterm(t *testing.T) {
+	home := os.Getenv("HOME")
+	kubeConfigFile := fmt.Sprintf("%v/.kube/config", home)
+
+	cli, err := createApiserverClient("", kubeConfigFile)
+	if err != nil {
+		t.Fatalf("unexpected error creating api server client: %v", err)
+	}
+
+	resetForTesting(func() { t.Fatal("bad parse") })
+
+	os.Setenv("POD_NAME", "test")
+	os.Setenv("POD_NAMESPACE", "test")
+	defer os.Setenv("POD_NAME", "")
+	defer os.Setenv("POD_NAMESPACE", "")
+
+	oldArgs := os.Args
+	defer func() { os.Args = oldArgs }()
+	os.Args = []string{"cmd", "--default-backend-service", "ingress-nginx/default-backend-http", "--http-port", "0", "--https-port", "0"}
+
+	_, conf, err := parseFlags()
+	if err != nil {
+		t.Errorf("unexpected error creating NGINX controller: %v", err)
+	}
+	conf.Client = cli
+
+	fs, err := file.NewFakeFS()
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	ngx := controller.NewNGINXController(conf, fs)
+
+	go handleSigterm(ngx, func(code int) {
+		if code != 1 {
+			t.Errorf("expected exit code 1 but %v received", code)
+		}
+
+		return
+	})
+
+	time.Sleep(1 * time.Second)
+
+	t.Logf("sending SIGTERM to process PID %v", syscall.Getpid())
+	err = syscall.Kill(syscall.Getpid(), syscall.SIGTERM)
+	if err != nil {
+		t.Errorf("unexpected error sending SIGTERM signal")
+	}
+}
+
+func TestRegisterHandlers(t *testing.T) {
+}

internal/file/filesystem.go

@@ -0,0 +1,127 @@
+package file
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/golang/glog"
+
+	"k8s.io/kubernetes/pkg/util/filesystem"
+)
+
+// Filesystem is an interface that we can use to mock various filesystem operations
+type Filesystem interface {
+	filesystem.Filesystem
+}
+
+// NewLocalFS implements Filesystem using same-named functions from "os" and "io/ioutil".
+func NewLocalFS() (Filesystem, error) {
+	fs := filesystem.DefaultFs{}
+
+	err := initialize(false, fs)
+	if err != nil {
+		return nil, err
+	}
+
+	return fs, nil
+}
+
+// NewFakeFS creates an in-memory filesytem with all the required
+// paths used by the ingress controller.
+// This allows running test without polluting the local machine.
+func NewFakeFS() (Filesystem, error) {
+	fs := filesystem.NewFakeFs()
+
+	err := initialize(true, fs)
+	if err != nil {
+		return nil, err
+	}
+
+	return fs, nil
+}
+
+// initialize creates the required directory structure and when
+// runs as virtual filesystem it copies the local files to it
+func initialize(isVirtual bool, fs Filesystem) error {
+	for _, directory := range directories {
+		err := fs.MkdirAll(directory, 0655)
+		if err != nil {
+			return err
+		}
+	}
+
+	if !isVirtual {
+		return nil
+	}
+
+	for _, file := range files {
+		f, err := fs.Create(file)
+		if err != nil {
+			return err
+		}
+
+		_, err = f.Write([]byte(""))
+		if err != nil {
+			return err
+		}
+
+		err = f.Close()
+		if err != nil {
+			return err
+		}
+	}
+
+	err := fs.MkdirAll("/proc", 0655)
+	if err != nil {
+		return err
+	}
+
+	glog.Info("Restoring generated (go-bindata) assets in virtual filesystem...")
+	for _, assetName := range AssetNames() {
+		err := restoreAsset("/", assetName, fs)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// restoreAsset restores an asset under the given directory
+func restoreAsset(dir, name string, fs Filesystem) error {
+	data, err := Asset(name)
+	if err != nil {
+		return err
+	}
+	info, err := AssetInfo(name)
+	if err != nil {
+		return err
+	}
+	err = fs.MkdirAll(_filePath(dir, filepath.Dir(name)), os.FileMode(0755))
+	if err != nil {
+		return err
+	}
+
+	f, err := fs.Create(_filePath(dir, name))
+	if err != nil {
+		return err
+	}
+
+	_, err = f.Write(data)
+	if err != nil {
+		return err
+	}
+
+	err = f.Close()
+	if err != nil {
+		return err
+	}
+
+	//Missing info.Mode()
+
+	err = fs.Chtimes(_filePath(dir, name), info.ModTime(), info.ModTime())
+	if err != nil {
+		return err
+	}
+	return nil
+}

internal/file/filesystem_test.go

@@ -0,0 +1,37 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package file
+
+import (
+	"testing"
+)
+
+func TestNewFakeFS(t *testing.T) {
+	fs, err := NewFakeFS()
+	if err != nil {
+		t.Fatalf("unexpected error creating filesystem abstraction: %v", err)
+	}
+
+	if fs == nil {
+		t.Fatal("expected a filesystem but none returned")
+	}
+
+	_, err = fs.Stat("/etc/nginx/nginx.conf")
+	if err != nil {
+		t.Fatalf("unexpected error reading default nginx.conf file: %v", err)
+	}
+}

internal/file/structure.go

@@ -0,0 +1,26 @@
+package file
+
+const (
+	// AuthDirectory default directory used to store files
+	// to authenticate request
+	AuthDirectory = "/etc/ingress-controller/auth"
+
+	// DefaultSSLDirectory defines the location where the SSL certificates will be generated
+	// This directory contains all the SSL certificates that are specified in Ingress rules.
+	// The name of each file is <namespace>-<secret name>.pem. The content is the concatenated
+	// certificate and key.
+	DefaultSSLDirectory = "/ingress-controller/ssl"
+)
+
+var (
+	directories = []string{
+		"/etc/nginx/template",
+		"/run",
+		DefaultSSLDirectory,
+		AuthDirectory,
+	}
+
+	files = []string{
+		"/run/nginx.pid",
+	}
+)

internal/ingress/annotations/class/main.go

@@ -28,10 +28,20 @@ const (
 	IngressKey = "kubernetes.io/ingress.class"
 )
 
+var (
+	// DefaultClass defines the default class used in the nginx ingres controller
+	DefaultClass = "nginx"
+
+	// IngressClass sets the runtime ingress class to use
+	// An empty string means accept all ingresses without
+	// annotation and the ones configured with class nginx
+	IngressClass = ""
+)
+
 // IsValid returns true if the given Ingress either doesn't specify
 // the ingress.class annotation, or it's set to the configured in the
 // ingress controller.
-func IsValid(ing *extensions.Ingress, controller, defClass string) bool {
+func IsValid(ing *extensions.Ingress) bool {
 	ingress, ok := ing.GetAnnotations()[IngressKey]
 	if !ok {
 		glog.V(3).Infof("annotation %v is not present in ingress %v/%v", IngressKey, ing.Namespace, ing.Name)
@@ -44,9 +54,9 @@ func IsValid(ing *extensions.Ingress, controller, defClass string) bool {
 	// and 2 invalid combinations
 	// 3 - ingress with default class | fixed annotation on ingress
 	// 4 - ingress with specific class | different annotation on ingress
-	if ingress == "" && controller == defClass {
+	if ingress == "" && IngressClass == DefaultClass {
 		return true
 	}
 
-	return ingress == controller
+	return ingress == IngressClass
 }

internal/ingress/annotations/class/main_test.go

@@ -25,6 +25,14 @@ import (
 )
 
 func TestIsValidClass(t *testing.T) {
+	dc := DefaultClass
+	ic := IngressClass
+	// restore original values after the tests
+	defer func() {
+		DefaultClass = dc
+		IngressClass = ic
+	}()
+
 	tests := []struct {
 		ingress    string
 		controller string
@@ -51,7 +59,11 @@ func TestIsValidClass(t *testing.T) {
 	ing.SetAnnotations(data)
 	for _, test := range tests {
 		ing.Annotations[IngressKey] = test.ingress
-		b := IsValid(ing, test.controller, test.defClass)
+
+		IngressClass = test.controller
+		DefaultClass = test.defClass
+
+		b := IsValid(ing)
 		if b != test.isValid {
 			t.Errorf("test %v - expected %v but %v was returned", test, test.isValid, b)
 		}

internal/ingress/controller/backend_ssl.go

@@ -172,7 +172,7 @@ func (ic *NGINXController) checkMissingSecrets() {
 	for _, obj := range ic.listers.Ingress.List() {
 		ing := obj.(*extensions.Ingress)
 
-		if !class.IsValid(ing, ic.cfg.IngressClass, ic.cfg.DefaultIngressClass) {
+		if !class.IsValid(ing) {
 			continue
 		}
 

internal/ingress/controller/controller.go

@@ -76,7 +76,7 @@ type Configuration struct {
 
 	ConfigMapName  string
 	DefaultService string
-	IngressClass   string
+
 	Namespace string
 
 	ForceNamespaceIsolation bool
@@ -87,7 +87,6 @@ type Configuration struct {
 	UDPConfigMapName string
 
 	DefaultHealthzURL     string
-	DefaultIngressClass   string
 	DefaultSSLCertificate string
 
 	// optional
@@ -173,7 +172,7 @@ func (n *NGINXController) syncIngress(item interface{}) error {
 	var ingresses []*extensions.Ingress
 	for _, ingIf := range ings {
 		ing := ingIf.(*extensions.Ingress)
-		if !class.IsValid(ing, n.cfg.IngressClass, n.cfg.DefaultIngressClass) {
+		if !class.IsValid(ing) {
 			continue
 		}
 

internal/ingress/controller/listers.go

@@ -65,7 +65,7 @@ func (n *NGINXController) createListers(stopCh chan struct{}) (*ingress.StoreLis
 	ingEventHandler := cache.ResourceEventHandlerFuncs{
 		AddFunc: func(obj interface{}) {
 			addIng := obj.(*extensions.Ingress)
-			if !class.IsValid(addIng, n.cfg.IngressClass, defIngressClass) {
+			if !class.IsValid(addIng) {
 				a, _ := parser.GetStringAnnotation(class.IngressKey, addIng, n)
 				glog.Infof("ignoring add for ingress %v based on annotation %v with value %v", addIng.Name, class.IngressKey, a)
 				return
@@ -90,7 +90,7 @@ func (n *NGINXController) createListers(stopCh chan struct{}) (*ingress.StoreLis
 					return
 				}
 			}
-			if !class.IsValid(delIng, n.cfg.IngressClass, defIngressClass) {
+			if !class.IsValid(delIng) {
 				glog.Infof("ignoring delete for ingress %v based on annotation %v", delIng.Name, class.IngressKey)
 				return
 			}
@@ -101,8 +101,8 @@ func (n *NGINXController) createListers(stopCh chan struct{}) (*ingress.StoreLis
 		UpdateFunc: func(old, cur interface{}) {
 			oldIng := old.(*extensions.Ingress)
 			curIng := cur.(*extensions.Ingress)
-			validOld := class.IsValid(oldIng, n.cfg.IngressClass, defIngressClass)
-			validCur := class.IsValid(curIng, n.cfg.IngressClass, defIngressClass)
+			validOld := class.IsValid(oldIng)
+			validCur := class.IsValid(curIng)
 			if !validOld && validCur {
 				glog.Infof("creating ingress %v based on annotation %v", curIng.Name, class.IngressKey)
 				n.recorder.Eventf(curIng, apiv1.EventTypeNormal, "CREATE", fmt.Sprintf("Ingress %s/%s", curIng.Namespace, curIng.Name))

internal/ingress/controller/nginx.go

@@ -43,6 +43,7 @@ import (
 	"k8s.io/client-go/util/flowcontrol"
 	"k8s.io/kubernetes/pkg/util/filesystem"
 
+	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
 	"k8s.io/ingress-nginx/internal/ingress/annotations"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/class"
@@ -57,6 +58,7 @@ import (
 	"k8s.io/ingress-nginx/internal/net/dns"
 	"k8s.io/ingress-nginx/internal/net/ssl"
 	"k8s.io/ingress-nginx/internal/task"
+	"k8s.io/ingress-nginx/internal/watch"
 )
 
 type statusModule string
@@ -72,13 +74,12 @@ var (
 	tmplPath    = "/etc/nginx/template/nginx.tmpl"
 	cfgPath     = "/etc/nginx/nginx.conf"
 	nginxBinary = "/usr/sbin/nginx"
-	defIngressClass = "nginx"
 )
 
 // NewNGINXController creates a new NGINX Ingress controller.
 // If the environment variable NGINX_BINARY exists it will be used
 // as source for nginx commands
-func NewNGINXController(config *Configuration) *NGINXController {
+func NewNGINXController(config *Configuration, fs file.Filesystem) *NGINXController {
 	ngx := os.Getenv("NGINX_BINARY")
 	if ngx == "" {
 		ngx = nginxBinary
@@ -115,12 +116,12 @@ func NewNGINXController(config *Configuration) *NGINXController {
 		stopCh:   make(chan struct{}),
 		stopLock: &sync.Mutex{},
 
-		fileSystem: filesystem.DefaultFs{},
+		fileSystem: fs,
 	}
 
 	n.listers, n.controllers = n.createListers(n.stopCh)
 
-	n.stats = newStatsCollector(config.Namespace, config.IngressClass, n.binary, n.cfg.ListenPorts.Status)
+	n.stats = newStatsCollector(config.Namespace, class.IngressClass, n.binary, n.cfg.ListenPorts.Status)
 
 	n.syncQueue = task.NewTaskQueue(n.syncIngress)
 
@@ -132,8 +133,8 @@ func NewNGINXController(config *Configuration) *NGINXController {
 			PublishService:         config.PublishService,
 			IngressLister:          n.listers.Ingress,
 			ElectionID:             config.ElectionID,
-			IngressClass:           config.IngressClass,
-			DefaultIngressClass:    config.DefaultIngressClass,
+			IngressClass:           class.IngressClass,
+			DefaultIngressClass:    class.DefaultClass,
 			UpdateStatusOnShutdown: config.UpdateStatusOnShutdown,
 			UseNodeInternalIP:      config.UseNodeInternalIP,
 		})
@@ -143,7 +144,7 @@ func NewNGINXController(config *Configuration) *NGINXController {
 
 	var onChange func()
 	onChange = func() {
-		template, err := ngx_template.NewTemplate(tmplPath, onChange)
+		template, err := ngx_template.NewTemplate(tmplPath, fs)
 		if err != nil {
 			// this error is different from the rest because it must be clear why nginx is not working
 			glog.Errorf(`
@@ -154,19 +155,28 @@ Error loading new template : %v
 			return
 		}
 
-		n.t.Close()
 		n.t = template
 		glog.Info("new NGINX template loaded")
 		n.SetForceReload(true)
 	}
 
-	ngxTpl, err := ngx_template.NewTemplate(tmplPath, onChange)
+	ngxTpl, err := ngx_template.NewTemplate(tmplPath, fs)
 	if err != nil {
 		glog.Fatalf("invalid NGINX template: %v", err)
 	}
 
 	n.t = ngxTpl
 
+	// TODO: refactor
+	if _, ok := fs.(filesystem.DefaultFs); !ok {
+		watch.NewDummyFileWatcher(tmplPath, onChange)
+	} else {
+		_, err = watch.NewFileWatcher(tmplPath, onChange)
+		if err != nil {
+			glog.Fatalf("unexpected error watching template %v: %v", tmplPath, err)
+		}
+	}
+
 	return n
 }
 
@@ -246,7 +256,7 @@ func (n *NGINXController) Start() {
 	for _, obj := range n.listers.Ingress.List() {
 		ing := obj.(*extensions.Ingress)
 
-		if !class.IsValid(ing, n.cfg.IngressClass, n.cfg.DefaultIngressClass) {
+		if !class.IsValid(ing) {
 			a, _ := parser.GetStringAnnotation(class.IngressKey, ing, n)
 			glog.Infof("ignoring add for ingress %v based on annotation %v with value %v", ing.Name, class.IngressKey, a)
 			continue

internal/ingress/controller/template/template.go

@@ -29,16 +29,17 @@ import (
 	text_template "text/template"
 
 	"github.com/golang/glog"
+	"github.com/pkg/errors"
 
 	"github.com/pborman/uuid"
 
 	extensions "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ratelimit"
 	"k8s.io/ingress-nginx/internal/ingress/controller/config"
 	ing_net "k8s.io/ingress-nginx/internal/net"
-	"k8s.io/ingress-nginx/internal/watch"
 )
 
 const (
@@ -50,34 +51,29 @@ const (
 // Template ...
 type Template struct {
 	tmpl *text_template.Template
-	fw   watch.FileWatcher
+	//fw   watch.FileWatcher
 	bp *BufferPool
 }
 
 //NewTemplate returns a new Template instance or an
 //error if the specified template file contains errors
-func NewTemplate(file string, onChange func()) (*Template, error) {
-	tmpl, err := text_template.New("nginx.tmpl").Funcs(funcMap).ParseFiles(file)
+func NewTemplate(file string, fs file.Filesystem) (*Template, error) {
+	data, err := fs.ReadFile(file)
 	if err != nil {
-		return nil, err
+		return nil, errors.Wrapf(err, "unexpected error reading template %v", file)
 	}
-	fw, err := watch.NewFileWatcher(file, onChange)
+
+	tmpl, err := text_template.New("nginx.tmpl").Funcs(funcMap).Parse(string(data))
 	if err != nil {
 		return nil, err
 	}
 
 	return &Template{
 		tmpl: tmpl,
-		fw:   fw,
 		bp:   NewBufferPool(defBufferSize),
 	}, nil
 }
 
-// Close removes the file watcher
-func (t *Template) Close() {
-	t.fw.Close()
-}
-
 // Write populates a buffer using a template with NGINX configuration
 // and the servers and upstreams created by Ingress rules
 func (t *Template) Write(conf config.TemplateConfig) ([]byte, error) {

internal/ingress/controller/template/template_test.go

@@ -26,6 +26,7 @@ import (
 	"strings"
 	"testing"
 
+	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/authreq"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/rewrite"
@@ -174,13 +175,13 @@ func TestTemplateWithData(t *testing.T) {
 	if dat.ListenPorts == nil {
 		dat.ListenPorts = &config.ListenPorts{}
 	}
-	tf, err := os.Open(path.Join(pwd, "../../../../rootfs/etc/nginx/template/nginx.tmpl"))
-	if err != nil {
-		t.Errorf("unexpected error reading json file: %v", err)
-	}
-	defer tf.Close()
 
-	ngxTpl, err := NewTemplate(tf.Name(), func() {})
+	fs, err := file.NewFakeFS()
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	ngxTpl, err := NewTemplate("/etc/nginx/template/nginx.tmpl", fs)
 	if err != nil {
 		t.Errorf("invalid NGINX template: %v", err)
 	}
@@ -207,13 +208,12 @@ func BenchmarkTemplateWithData(b *testing.B) {
 		b.Errorf("unexpected error unmarshalling json: %v", err)
 	}
 
-	tf, err := os.Open(path.Join(pwd, "../../../rootfs/etc/nginx/template/nginx.tmpl"))
+	fs, err := file.NewFakeFS()
 	if err != nil {
-		b.Errorf("unexpected error reading json file: %v", err)
+		b.Fatalf("unexpected error: %v", err)
 	}
-	defer tf.Close()
 
-	ngxTpl, err := NewTemplate(tf.Name(), func() {})
+	ngxTpl, err := NewTemplate("/etc/nginx/template/nginx.tmpl", fs)
 	if err != nil {
 		b.Errorf("invalid NGINX template: %v", err)
 	}

internal/ingress/status/status.go

@@ -314,7 +314,7 @@ func (s *statusSync) updateStatus(newIngressPoint []apiv1.LoadBalancerIngress) {
 	for _, cur := range ings {
 		ing := cur.(*extensions.Ingress)
 
-		if !class.IsValid(ing, s.Config.IngressClass, s.Config.DefaultIngressClass) {
+		if !class.IsValid(ing) {
 			continue
 		}
 

internal/watch/dummy.go

@@ -0,0 +1,29 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package watch
+
+// DummyFileWatcher noop implementation of a file watcher
+type DummyFileWatcher struct{}
+
+func NewDummyFileWatcher(file string, onEvent func()) FileWatcher {
+	return DummyFileWatcher{}
+}
+
+// Close ends the watch
+func (f DummyFileWatcher) Close() error {
+	return nil
+}

internal/watch/file_watcher.go

@@ -24,8 +24,12 @@ import (
 	"gopkg.in/fsnotify.v1"
 )
 
-// FileWatcher defines a watch over a file
-type FileWatcher struct {
+type FileWatcher interface {
+	Close() error
+}
+
+// OSFileWatcher defines a watch over a file
+type OSFileWatcher struct {
 	file    string
 	watcher *fsnotify.Watcher
 	// onEvent callback to be invoked after the file being watched changes
@@ -34,7 +38,7 @@ type FileWatcher struct {
 
 // NewFileWatcher creates a new FileWatcher
 func NewFileWatcher(file string, onEvent func()) (FileWatcher, error) {
-	fw := FileWatcher{
+	fw := OSFileWatcher{
 		file:    file,
 		onEvent: onEvent,
 	}
@@ -43,12 +47,12 @@ func NewFileWatcher(file string, onEvent func()) (FileWatcher, error) {
 }
 
 // Close ends the watch
-func (f *FileWatcher) Close() error {
+func (f OSFileWatcher) Close() error {
 	return f.watcher.Close()
 }
 
 // watch creates a fsnotify watcher for a file and create of write events
-func (f *FileWatcher) watch() error {
+func (f *OSFileWatcher) watch() error {
 	watcher, err := fsnotify.NewWatcher()
 	if err != nil {
 		return err

test/e2e/up.sh

@@ -35,47 +35,3 @@ until kubectl get nodes -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True";
 do
     sleep 1;
 done
-
-echo "deploying NGINX Ingress controller"
-cat deploy/namespace.yaml | kubectl apply -f -
-cat deploy/default-backend.yaml | kubectl apply -f -
-cat deploy/configmap.yaml | kubectl apply -f -
-cat deploy/tcp-services-configmap.yaml | kubectl apply -f -
-cat deploy/udp-services-configmap.yaml | kubectl apply -f -
-cat deploy/without-rbac.yaml | kubectl apply -f -
-cat deploy/provider/baremetal/service-nodeport.yaml | kubectl apply -f -
-
-echo "updating image..."
-kubectl set image \
-    deployments \
-    --namespace ingress-nginx \
-	--selector app=ingress-nginx \
-    nginx-ingress-controller=quay.io/kubernetes-ingress-controller/nginx-ingress-controller:test
-
-sleep 5
-
-echo "waiting NGINX ingress pod..."
-
-function waitForPod() {
-    until kubectl get pods -n ingress-nginx -l app=ingress-nginx -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True";
-    do
-        sleep 1;
-    done
-}
-
-export -f waitForPod
-
-timeout 10s bash -c waitForPod
-
-if kubectl get pods -n ingress-nginx -l app=ingress-nginx -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True";
-then
-    echo "Kubernetes deployments started"
-else
-    echo "Kubernetes deployments with issues:"
-    kubectl get pods -n ingress-nginx
-
-    echo "Reason:"
-    kubectl describe pods -n ingress-nginx
-    kubectl logs -n ingress-nginx -l app=ingress-nginx
-    exit 1
-fi

test/e2e/wait-for-nginx.sh

@@ -0,0 +1,61 @@
+#!/bin/bash
+
+# Copyright 2017 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+export JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'
+
+echo "deploying NGINX Ingress controller"
+cat deploy/namespace.yaml | kubectl apply -f -
+cat deploy/default-backend.yaml | kubectl apply -f -
+cat deploy/configmap.yaml | kubectl apply -f -
+cat deploy/tcp-services-configmap.yaml | kubectl apply -f -
+cat deploy/udp-services-configmap.yaml | kubectl apply -f -
+cat deploy/without-rbac.yaml | kubectl apply -f -
+cat deploy/provider/baremetal/service-nodeport.yaml | kubectl apply -f -
+
+echo "updating image..."
+kubectl set image \
+    deployments \
+    --namespace ingress-nginx \
+	--selector app=ingress-nginx \
+    nginx-ingress-controller=quay.io/kubernetes-ingress-controller/nginx-ingress-controller:test
+
+sleep 5
+
+echo "waiting NGINX ingress pod..."
+
+function waitForPod() {
+    until kubectl get pods -n ingress-nginx -l app=ingress-nginx -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True";
+    do
+        sleep 1;
+    done
+}
+
+export -f waitForPod
+
+timeout 10s bash -c waitForPod
+
+if kubectl get pods -n ingress-nginx -l app=ingress-nginx -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True";
+then
+    echo "Kubernetes deployments started"
+else
+    echo "Kubernetes deployments with issues:"
+    kubectl get pods -n ingress-nginx
+
+    echo "Reason:"
+    kubectl describe pods -n ingress-nginx
+    kubectl logs -n ingress-nginx -l app=ingress-nginx
+    exit 1
+fi