2020-05-19 14:00:00 -04:00
|
|
|
|
#!/usr/bin/env bash
|
2023-03-28 23:48:58 +01:00
|
|
|
|
# Copyright (c) HashiCorp, Inc.
|
2023-08-11 09:12:13 -04:00
|
|
|
|
# SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 23:48:58 +01:00
|
|
|
|
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
set -eEuo pipefail
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
readonly self_name="$0"
|
|
|
|
|
|
2020-11-02 14:52:33 -06:00
|
|
|
|
readonly HASHICORP_DOCKER_PROXY="docker.mirror.hashicorp.services"
|
|
|
|
|
|
2019-04-29 17:27:57 +01:00
|
|
|
|
# DEBUG=1 enables set -x for this script so echos every command run
|
|
|
|
|
DEBUG=${DEBUG:-}
|
|
|
|
|
|
2022-06-28 13:15:45 +01:00
|
|
|
|
XDS_TARGET=${XDS_TARGET:-server}
|
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
# ENVOY_VERSION to run each test against
|
2024-07-05 15:19:23 -04:00
|
|
|
|
if [[ -z "${ENVOY_VERSION:-}" ]]; then
|
|
|
|
|
echo "please set Envoy version via ENVOY_VERSION"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
2020-05-19 14:00:00 -04:00
|
|
|
|
export ENVOY_VERSION
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2022-04-11 10:49:44 -05:00
|
|
|
|
export DOCKER_BUILDKIT=1
|
2022-08-29 16:13:49 -07:00
|
|
|
|
# Always run tests on amd64 because that's what the CI environment uses.
|
|
|
|
|
export DOCKER_DEFAULT_PLATFORM="linux/amd64"
|
2022-04-11 10:49:44 -05:00
|
|
|
|
|
2019-04-29 17:27:57 +01:00
|
|
|
|
if [ ! -z "$DEBUG" ] ; then
|
|
|
|
|
set -x
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
source helpers.bash
|
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
function command_error {
|
2020-01-24 10:04:58 -05:00
|
|
|
|
echo "ERR: command exited with status $1" 1>&2
|
|
|
|
|
echo " command: $2" 1>&2
|
|
|
|
|
echo " line: $3" 1>&2
|
|
|
|
|
echo " function: $4" 1>&2
|
|
|
|
|
echo " called at: $5" 1>&2
|
2019-07-24 17:01:42 -04:00
|
|
|
|
# printf '%s\n' "${FUNCNAME[@]}"
|
|
|
|
|
# printf '%s\n' "${BASH_SOURCE[@]}"
|
|
|
|
|
# printf '%s\n' "${BASH_LINENO[@]}"
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-28 16:26:05 +02:00
|
|
|
|
trap 'command_error $? "${BASH_COMMAND}" "${LINENO}" "${FUNCNAME[0]:-main}" "${BASH_SOURCE[0]}:${BASH_LINENO[0]}"' ERR
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
readonly WORKDIR_SNIPPET='-v envoy_workdir:/workdir'
|
|
|
|
|
|
|
|
|
|
function network_snippet {
|
|
|
|
|
local DC="$1"
|
|
|
|
|
echo "--net container:envoy_consul-${DC}_1"
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-21 09:54:56 -07:00
|
|
|
|
function aws_snippet {
|
2022-08-31 13:06:35 -07:00
|
|
|
|
LAMBDA_TESTS_ENABLED=${LAMBDA_TESTS_ENABLED:-false}
|
|
|
|
|
if [ "$LAMBDA_TESTS_ENABLED" != false ]; then
|
2022-08-29 16:13:49 -07:00
|
|
|
|
local snippet=""
|
|
|
|
|
|
|
|
|
|
# The Lambda integration cases assume that a Lambda function exists in $AWS_REGION with an ARN of $AWS_LAMBDA_ARN.
|
|
|
|
|
# The AWS credentials must have permission to invoke the Lambda function.
|
|
|
|
|
[ -n "$(set | grep '^AWS_ACCESS_KEY_ID=')" ] && snippet="${snippet} -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID"
|
|
|
|
|
[ -n "$(set | grep '^AWS_SECRET_ACCESS_KEY=')" ] && snippet="${snippet} -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY"
|
|
|
|
|
[ -n "$(set | grep '^AWS_SESSION_TOKEN=')" ] && snippet="${snippet} -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN"
|
|
|
|
|
[ -n "$(set | grep '^AWS_LAMBDA_REGION=')" ] && snippet="${snippet} -e AWS_LAMBDA_REGION=$AWS_LAMBDA_REGION"
|
|
|
|
|
[ -n "$(set | grep '^AWS_LAMBDA_ARN=')" ] && snippet="${snippet} -e AWS_LAMBDA_ARN=$AWS_LAMBDA_ARN"
|
|
|
|
|
|
|
|
|
|
echo "$snippet"
|
|
|
|
|
fi
|
2022-07-21 09:54:56 -07:00
|
|
|
|
}
|
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
function init_workdir {
|
2021-11-12 14:45:50 -07:00
|
|
|
|
local CLUSTER="$1"
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2021-11-12 14:45:50 -07:00
|
|
|
|
if test -z "$CLUSTER"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
then
|
2021-11-12 14:45:50 -07:00
|
|
|
|
CLUSTER=primary
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
# Note, we use explicit set of dirs so we don't delete .gitignore. Also,
|
|
|
|
|
# don't wipe logs between runs as they are already split and we need them to
|
|
|
|
|
# upload as artifacts later.
|
2021-11-12 14:45:50 -07:00
|
|
|
|
rm -rf workdir/${CLUSTER}
|
2022-06-28 13:15:45 +01:00
|
|
|
|
mkdir -p workdir/${CLUSTER}/{consul,consul-server,register,envoy,bats,statsd,data}
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
|
|
|
|
# Reload consul config from defaults
|
2021-11-12 14:45:50 -07:00
|
|
|
|
cp consul-base-cfg/*.hcl workdir/${CLUSTER}/consul/
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
|
|
|
|
# Add any overrides if there are any (no op if not)
|
2021-11-12 14:45:50 -07:00
|
|
|
|
find ${CASE_DIR} -maxdepth 1 -name '*.hcl' -type f -exec cp -f {} workdir/${CLUSTER}/consul \;
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
|
|
|
|
# Copy all the test files
|
2021-11-12 14:45:50 -07:00
|
|
|
|
find ${CASE_DIR} -maxdepth 1 -name '*.bats' -type f -exec cp -f {} workdir/${CLUSTER}/bats \;
|
|
|
|
|
# Copy CLUSTER specific bats
|
|
|
|
|
cp helpers.bash workdir/${CLUSTER}/bats
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2021-11-12 14:45:50 -07:00
|
|
|
|
# Add any CLUSTER overrides
|
|
|
|
|
if test -d "${CASE_DIR}/${CLUSTER}"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
then
|
2021-11-12 14:45:50 -07:00
|
|
|
|
find ${CASE_DIR}/${CLUSTER} -type f -name '*.hcl' -exec cp -f {} workdir/${CLUSTER}/consul \;
|
|
|
|
|
find ${CASE_DIR}/${CLUSTER} -type f -name '*.bats' -exec cp -f {} workdir/${CLUSTER}/bats \;
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
2020-10-30 17:59:13 -04:00
|
|
|
|
|
2020-11-09 13:59:46 -06:00
|
|
|
|
# move all of the registration files OUT of the consul config dir now
|
2021-11-12 14:45:50 -07:00
|
|
|
|
find workdir/${CLUSTER}/consul -type f -name 'service_*.hcl' -exec mv -f {} workdir/${CLUSTER}/register \;
|
2020-11-09 13:59:46 -06:00
|
|
|
|
|
2022-06-28 13:15:45 +01:00
|
|
|
|
# move the server.hcl out of the consul dir so that it doesn't get picked up
|
|
|
|
|
# by the client agent (if we're running with XDS_TARGET=client).
|
|
|
|
|
if test -f "workdir/${CLUSTER}/consul/server.hcl"
|
|
|
|
|
then
|
|
|
|
|
mv workdir/${CLUSTER}/consul/server.hcl workdir/${CLUSTER}/consul-server/server.hcl
|
|
|
|
|
fi
|
|
|
|
|
|
2021-08-24 13:48:30 +01:00
|
|
|
|
# copy the ca-certs for SDS so we can verify the right ones are served
|
|
|
|
|
mkdir -p workdir/test-sds-server/certs
|
|
|
|
|
cp test-sds-server/certs/ca-root.crt workdir/test-sds-server/certs/ca-root.crt
|
|
|
|
|
|
2020-01-24 10:04:58 -05:00
|
|
|
|
if test -d "${CASE_DIR}/data"
|
|
|
|
|
then
|
2021-11-12 14:45:50 -07:00
|
|
|
|
cp -r ${CASE_DIR}/data/* workdir/${CLUSTER}/data
|
2020-01-24 10:04:58 -05:00
|
|
|
|
fi
|
2020-10-30 17:59:13 -04:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function docker_kill_rm {
|
|
|
|
|
local name
|
|
|
|
|
local todo=()
|
|
|
|
|
for name in "$@"; do
|
|
|
|
|
name="envoy_${name}_1"
|
|
|
|
|
if docker container inspect $name &>/dev/null; then
|
|
|
|
|
if [[ "$name" == envoy_tcpdump-* ]]; then
|
|
|
|
|
echo -n "Gracefully stopping $name..."
|
|
|
|
|
docker stop $name &> /dev/null
|
|
|
|
|
echo "done"
|
|
|
|
|
fi
|
|
|
|
|
todo+=($name)
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
if [[ ${#todo[@]} -eq 0 ]]; then
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
echo -n "Killing and removing: ${todo[@]}..."
|
|
|
|
|
docker rm -v -f ${todo[@]} &> /dev/null
|
|
|
|
|
echo "done"
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
function start_consul {
|
|
|
|
|
local DC=${1:-primary}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
# 8500/8502 are for consul
|
|
|
|
|
# 9411 is for zipkin which shares the network with consul
|
|
|
|
|
# 16686 is for jaeger ui which also shares the network with consul
|
|
|
|
|
ports=(
|
|
|
|
|
'-p=8500:8500'
|
|
|
|
|
'-p=8502:8502'
|
|
|
|
|
'-p=9411:9411'
|
|
|
|
|
'-p=16686:16686'
|
|
|
|
|
)
|
2022-06-09 11:05:18 -05:00
|
|
|
|
case "$DC" in
|
|
|
|
|
secondary)
|
2020-10-22 13:20:31 -05:00
|
|
|
|
ports=(
|
|
|
|
|
'-p=9500:8500'
|
|
|
|
|
'-p=9502:8502'
|
|
|
|
|
)
|
2022-06-09 11:05:18 -05:00
|
|
|
|
;;
|
|
|
|
|
alpha)
|
|
|
|
|
ports=(
|
|
|
|
|
'-p=9510:8500'
|
|
|
|
|
'-p=9512:8502'
|
|
|
|
|
)
|
|
|
|
|
;;
|
|
|
|
|
esac
|
|
|
|
|
|
2021-05-17 16:01:32 -04:00
|
|
|
|
license="${CONSUL_LICENSE:-}"
|
|
|
|
|
# load the consul license so we can pass it into the consul
|
|
|
|
|
# containers as an env var in the case that this is a consul
|
|
|
|
|
# enterprise test
|
|
|
|
|
if test -z "$license" -a -n "${CONSUL_LICENSE_PATH:-}"
|
|
|
|
|
then
|
|
|
|
|
license=$(cat $CONSUL_LICENSE_PATH)
|
|
|
|
|
fi
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
2022-06-28 13:15:45 +01:00
|
|
|
|
# We currently run these integration tests in two modes: one in which Envoy's
|
|
|
|
|
# xDS sessions are served directly by a Consul server, and another in which it
|
|
|
|
|
# goes through a client agent.
|
2020-10-22 13:20:31 -05:00
|
|
|
|
#
|
2022-09-14 16:13:23 -07:00
|
|
|
|
# This is necessary because servers and clients source configuration data in
|
2022-06-28 13:15:45 +01:00
|
|
|
|
# different ways (client agents use an RPC-backed cache and servers use their
|
|
|
|
|
# own local data) and we want to catch regressions in both.
|
|
|
|
|
#
|
|
|
|
|
# In the future we should also expand these tests to register services to the
|
|
|
|
|
# catalog directly (agentless) rather than relying on the server also being
|
|
|
|
|
# an agent.
|
|
|
|
|
#
|
|
|
|
|
# When XDS_TARGET=client we'll start a Consul server with its gRPC port
|
2022-07-08 12:01:13 -05:00
|
|
|
|
# disabled (but only if REQUIRE_PEERS is not set), and a client agent with
|
|
|
|
|
# its gRPC port enabled.
|
2022-06-28 13:15:45 +01:00
|
|
|
|
#
|
|
|
|
|
# When XDS_TARGET=server (or anything else) we'll run a single Consul server
|
|
|
|
|
# with its gRPC port enabled.
|
|
|
|
|
#
|
|
|
|
|
# In either case, the hostname `consul-${DC}-server` should be used as a
|
|
|
|
|
# server address (e.g. for WAN joining) and `consul-${DC}-client` should be
|
|
|
|
|
# used as a client address (e.g. for interacting with the HTTP API).
|
|
|
|
|
#
|
|
|
|
|
# Both hostnames work in both modes because we set network aliases on the
|
|
|
|
|
# containers such that both hostnames will resolve to the same container when
|
|
|
|
|
# XDS_TARGET=server.
|
|
|
|
|
#
|
|
|
|
|
# We also join containers to the network `container:consul-${DC}_1` in many
|
|
|
|
|
# places (see: network_snippet) so that we can curl localhost etc. In both
|
|
|
|
|
# modes, you can assume that this name refers to the client's container.
|
|
|
|
|
#
|
|
|
|
|
# Any .hcl files in the case/cluster directory will be given to both clients
|
|
|
|
|
# and servers (via the -config-dir flag) *except for* server.hcl which will
|
|
|
|
|
# only be applied to the server (and service registrations which will be made
|
|
|
|
|
# against the client).
|
|
|
|
|
if [[ "$XDS_TARGET" == "client" ]]
|
|
|
|
|
then
|
|
|
|
|
docker_kill_rm consul-${DC}-server
|
|
|
|
|
docker_kill_rm consul-${DC}
|
|
|
|
|
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name envoy_consul-${DC}-server_1 \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
--net=envoy-tests \
|
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
--hostname "consul-${DC}-server" \
|
|
|
|
|
--network-alias "consul-${DC}-server" \
|
|
|
|
|
-e "CONSUL_LICENSE=$license" \
|
2022-08-29 16:13:49 -07:00
|
|
|
|
consul:local \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
agent -dev -datacenter "${DC}" \
|
|
|
|
|
-config-dir "/workdir/${DC}/consul" \
|
|
|
|
|
-config-dir "/workdir/${DC}/consul-server" \
|
|
|
|
|
-client "0.0.0.0" \
|
|
|
|
|
-bind "0.0.0.0" >/dev/null
|
|
|
|
|
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name envoy_consul-${DC}_1 \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
--net=envoy-tests \
|
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
--hostname "consul-${DC}-client" \
|
|
|
|
|
--network-alias "consul-${DC}-client" \
|
|
|
|
|
-e "CONSUL_LICENSE=$license" \
|
|
|
|
|
${ports[@]} \
|
2022-08-29 16:13:49 -07:00
|
|
|
|
consul:local \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
agent -datacenter "${DC}" \
|
|
|
|
|
-config-dir "/workdir/${DC}/consul" \
|
|
|
|
|
-data-dir "/tmp/consul" \
|
|
|
|
|
-client "0.0.0.0" \
|
|
|
|
|
-grpc-port 8502 \
|
|
|
|
|
-datacenter "${DC}" \
|
|
|
|
|
-retry-join "consul-${DC}-server" >/dev/null
|
|
|
|
|
else
|
|
|
|
|
docker_kill_rm consul-${DC}
|
|
|
|
|
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name envoy_consul-${DC}_1 \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
--net=envoy-tests \
|
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
--hostname "consul-${DC}" \
|
|
|
|
|
--network-alias "consul-${DC}-client" \
|
|
|
|
|
--network-alias "consul-${DC}-server" \
|
|
|
|
|
-e "CONSUL_LICENSE=$license" \
|
|
|
|
|
${ports[@]} \
|
2022-08-29 16:13:49 -07:00
|
|
|
|
consul:local \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
agent -dev -datacenter "${DC}" \
|
|
|
|
|
-config-dir "/workdir/${DC}/consul" \
|
|
|
|
|
-config-dir "/workdir/${DC}/consul-server" \
|
|
|
|
|
-client "0.0.0.0" >/dev/null
|
|
|
|
|
fi
|
2019-07-24 17:01:42 -04:00
|
|
|
|
}
|
|
|
|
|
|
2021-11-12 14:45:50 -07:00
|
|
|
|
function start_partitioned_client {
|
|
|
|
|
local PARTITION=${1:-ap1}
|
|
|
|
|
|
|
|
|
|
# Start consul now as setup script needs it up
|
|
|
|
|
docker_kill_rm consul-${PARTITION}
|
|
|
|
|
|
|
|
|
|
license="${CONSUL_LICENSE:-}"
|
|
|
|
|
# load the consul license so we can pass it into the consul
|
|
|
|
|
# containers as an env var in the case that this is a consul
|
|
|
|
|
# enterprise test
|
|
|
|
|
if test -z "$license" -a -n "${CONSUL_LICENSE_PATH:-}"
|
|
|
|
|
then
|
|
|
|
|
license=$(cat $CONSUL_LICENSE_PATH)
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
sh -c "rm -rf /workdir/${PARTITION}/data"
|
|
|
|
|
|
|
|
|
|
# Run consul and expose some ports to the host to make debugging locally a
|
|
|
|
|
# bit easier.
|
|
|
|
|
#
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name envoy_consul-${PARTITION}_1 \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
--net=envoy-tests \
|
|
|
|
|
$WORKDIR_SNIPPET \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
--hostname "consul-${PARTITION}-client" \
|
|
|
|
|
--network-alias "consul-${PARTITION}-client" \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
-e "CONSUL_LICENSE=$license" \
|
2022-08-29 16:13:49 -07:00
|
|
|
|
consul:local agent \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
-datacenter "primary" \
|
2022-06-28 13:15:45 +01:00
|
|
|
|
-retry-join "consul-primary-server" \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
-grpc-port 8502 \
|
|
|
|
|
-data-dir "/tmp/consul" \
|
|
|
|
|
-config-dir "/workdir/${PARTITION}/consul" \
|
|
|
|
|
-client "0.0.0.0" >/dev/null
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
function pre_service_setup {
|
2021-11-12 14:45:50 -07:00
|
|
|
|
local CLUSTER=${1:-primary}
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
|
|
|
|
# Run test case setup (e.g. generating Envoy bootstrap, starting containers)
|
2021-11-12 14:45:50 -07:00
|
|
|
|
if [ -f "${CASE_DIR}/${CLUSTER}/setup.sh" ]
|
2019-07-24 17:01:42 -04:00
|
|
|
|
then
|
2021-11-12 14:45:50 -07:00
|
|
|
|
source ${CASE_DIR}/${CLUSTER}/setup.sh
|
2019-07-24 17:01:42 -04:00
|
|
|
|
else
|
2020-05-19 14:00:00 -04:00
|
|
|
|
source ${CASE_DIR}/setup.sh
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function start_services {
|
2023-04-19 10:19:29 -06:00
|
|
|
|
# Push the state to the shared docker volume
|
2019-07-24 17:01:42 -04:00
|
|
|
|
docker cp workdir/. envoy_workdir_1:/workdir
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
# Start containers required
|
|
|
|
|
if [ ! -z "$REQUIRED_SERVICES" ] ; then
|
2020-10-22 13:20:31 -05:00
|
|
|
|
docker_kill_rm $REQUIRED_SERVICES
|
|
|
|
|
run_containers $REQUIRED_SERVICES
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function verify {
|
2021-11-12 14:45:50 -07:00
|
|
|
|
local CLUSTER="$1"
|
|
|
|
|
if test -z "$CLUSTER"; then
|
|
|
|
|
CLUSTER="primary"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Execute tests
|
|
|
|
|
res=0
|
|
|
|
|
|
|
|
|
|
# Nuke any previous case's verify container.
|
2021-11-12 14:45:50 -07:00
|
|
|
|
docker_kill_rm verify-${CLUSTER}
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
2021-11-12 14:45:50 -07:00
|
|
|
|
echo "Running ${CLUSTER} verification step for ${CASE_DIR}..."
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2021-10-20 15:50:45 -05:00
|
|
|
|
# need to tell the PID 1 inside of the container that it won't be actual PID
|
|
|
|
|
# 1 because we're using --pid=host so we use TINI_SUBREAPER
|
2024-04-17 15:49:33 -04:00
|
|
|
|
if docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 --name envoy_verify-${CLUSTER}_1 -t \
|
2021-10-20 15:50:45 -05:00
|
|
|
|
-e TINI_SUBREAPER=1 \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
-e ENVOY_VERSION \
|
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
--pid=host \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
$(network_snippet $CLUSTER) \
|
2022-07-21 09:54:56 -07:00
|
|
|
|
$(aws_snippet) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
bats-verify \
|
2022-10-04 08:35:19 -07:00
|
|
|
|
--formatter tap /workdir/${CLUSTER}/bats ; then
|
|
|
|
|
echo "✓ PASS"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
else
|
2022-10-04 08:35:19 -07:00
|
|
|
|
echo "⨯ FAIL"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
res=1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
return $res
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function capture_logs {
|
2020-10-22 13:20:31 -05:00
|
|
|
|
local LOG_DIR="workdir/logs/${CASE_DIR}/${ENVOY_VERSION}"
|
2020-06-02 19:24:52 -04:00
|
|
|
|
|
|
|
|
|
init_vars
|
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
echo "Capturing Logs"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
mkdir -p "$LOG_DIR"
|
2022-06-28 13:15:45 +01:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
services="$REQUIRED_SERVICES consul-primary"
|
2022-06-28 13:15:45 +01:00
|
|
|
|
if [[ "$XDS_TARGET" == "client" ]]
|
|
|
|
|
then
|
|
|
|
|
services="$services consul-primary-server"
|
|
|
|
|
fi
|
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
if is_set $REQUIRE_SECONDARY
|
|
|
|
|
then
|
|
|
|
|
services="$services consul-secondary"
|
2022-06-28 13:15:45 +01:00
|
|
|
|
|
|
|
|
|
if [[ "$XDS_TARGET" == "client" ]]
|
|
|
|
|
then
|
|
|
|
|
services="$services consul-secondary-server"
|
|
|
|
|
fi
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
2022-06-28 13:15:45 +01:00
|
|
|
|
|
2021-11-12 14:45:50 -07:00
|
|
|
|
if is_set $REQUIRE_PARTITIONS
|
|
|
|
|
then
|
|
|
|
|
services="$services consul-ap1"
|
|
|
|
|
fi
|
2022-06-09 11:05:18 -05:00
|
|
|
|
if is_set $REQUIRE_PEERS
|
|
|
|
|
then
|
2022-06-28 13:15:45 +01:00
|
|
|
|
services="$services consul-alpha"
|
|
|
|
|
|
|
|
|
|
if [[ "$XDS_TARGET" == "client" ]]
|
|
|
|
|
then
|
|
|
|
|
services="$services consul-alpha-server"
|
|
|
|
|
fi
|
2022-06-09 11:05:18 -05:00
|
|
|
|
fi
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
if [ -f "${CASE_DIR}/capture.sh" ]
|
2019-07-24 17:01:42 -04:00
|
|
|
|
then
|
2020-05-19 14:00:00 -04:00
|
|
|
|
echo "Executing ${CASE_DIR}/capture.sh"
|
|
|
|
|
source ${CASE_DIR}/capture.sh || true
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
for cont in $services; do
|
2019-07-24 17:01:42 -04:00
|
|
|
|
echo "Capturing log for $cont"
|
2020-10-22 13:20:31 -05:00
|
|
|
|
docker logs "envoy_${cont}_1" &> "${LOG_DIR}/${cont}.log" || {
|
|
|
|
|
echo "EXIT CODE $?" > "${LOG_DIR}/${cont}.log"
|
|
|
|
|
}
|
2019-07-24 17:01:42 -04:00
|
|
|
|
done
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function stop_services {
|
|
|
|
|
# Teardown
|
2020-10-22 13:20:31 -05:00
|
|
|
|
docker_kill_rm $REQUIRED_SERVICES
|
|
|
|
|
|
2022-06-28 13:15:45 +01:00
|
|
|
|
docker_kill_rm consul-primary consul-primary-server consul-secondary consul-secondary-server consul-ap1 consul-alpha consul-alpha-server
|
2019-07-24 17:01:42 -04:00
|
|
|
|
}
|
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
function init_vars {
|
2019-07-24 17:01:42 -04:00
|
|
|
|
source "defaults.sh"
|
2020-05-19 14:00:00 -04:00
|
|
|
|
if [ -f "${CASE_DIR}/vars.sh" ] ; then
|
|
|
|
|
source "${CASE_DIR}/vars.sh"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
fi
|
|
|
|
|
}
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-03-09 15:59:02 -05:00
|
|
|
|
function global_setup {
|
2020-05-19 14:00:00 -04:00
|
|
|
|
if [ -f "${CASE_DIR}/global-setup.sh" ] ; then
|
|
|
|
|
source "${CASE_DIR}/global-setup.sh"
|
2020-03-09 15:59:02 -05:00
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function wipe_volumes {
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 --rm -i \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
--net=none \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/alpine" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
sh -c 'rm -rf /workdir/*'
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
function run_tests {
|
|
|
|
|
CASE_DIR="${CASE_DIR?CASE_DIR must be set to the path of the test case}"
|
|
|
|
|
CASE_NAME=$( basename $CASE_DIR | cut -c6- )
|
|
|
|
|
export CASE_NAME
|
2021-08-27 23:23:34 +01:00
|
|
|
|
export SKIP_CASE=""
|
2020-05-19 14:00:00 -04:00
|
|
|
|
|
|
|
|
|
init_vars
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
# Initialize the workdir
|
|
|
|
|
init_workdir primary
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
if is_set $REQUIRE_SECONDARY
|
|
|
|
|
then
|
|
|
|
|
init_workdir secondary
|
|
|
|
|
fi
|
2021-11-12 14:45:50 -07:00
|
|
|
|
if is_set $REQUIRE_PARTITIONS
|
|
|
|
|
then
|
|
|
|
|
init_workdir ap1
|
|
|
|
|
fi
|
2022-06-09 11:05:18 -05:00
|
|
|
|
if is_set $REQUIRE_PEERS
|
|
|
|
|
then
|
|
|
|
|
init_workdir alpha
|
|
|
|
|
fi
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-03-09 15:59:02 -05:00
|
|
|
|
global_setup
|
|
|
|
|
|
2021-08-27 23:23:34 +01:00
|
|
|
|
# Allow vars.sh to set a reason to skip this test case based on the ENV
|
|
|
|
|
if [ "$SKIP_CASE" != "" ] ; then
|
2022-10-04 08:35:19 -07:00
|
|
|
|
echo "SKIPPING CASE: $SKIP_CASE"
|
2021-08-27 23:23:34 +01:00
|
|
|
|
return 0
|
|
|
|
|
fi
|
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
# Wipe state
|
2020-10-22 13:20:31 -05:00
|
|
|
|
wipe_volumes
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2023-04-19 10:19:29 -06:00
|
|
|
|
# Push the state to the shared docker volume
|
2019-07-24 17:01:42 -04:00
|
|
|
|
docker cp workdir/. envoy_workdir_1:/workdir
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2019-07-24 17:01:42 -04:00
|
|
|
|
start_consul primary
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-06-02 19:24:52 -04:00
|
|
|
|
if is_set $REQUIRE_SECONDARY; then
|
2019-07-24 17:01:42 -04:00
|
|
|
|
start_consul secondary
|
|
|
|
|
fi
|
2021-11-12 14:45:50 -07:00
|
|
|
|
if is_set $REQUIRE_PARTITIONS; then
|
2021-12-03 00:14:50 -07:00
|
|
|
|
docker_consul "primary" consul partition create -name ap1 > /dev/null
|
2021-11-12 14:45:50 -07:00
|
|
|
|
start_partitioned_client ap1
|
|
|
|
|
fi
|
2022-06-09 11:05:18 -05:00
|
|
|
|
if is_set $REQUIRE_PEERS; then
|
|
|
|
|
start_consul alpha
|
|
|
|
|
fi
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-01-24 10:04:58 -05:00
|
|
|
|
echo "Setting up the primary datacenter"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
pre_service_setup primary
|
|
|
|
|
|
2020-06-02 19:24:52 -04:00
|
|
|
|
if is_set $REQUIRE_SECONDARY; then
|
2020-01-24 10:04:58 -05:00
|
|
|
|
echo "Setting up the secondary datacenter"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
pre_service_setup secondary
|
|
|
|
|
fi
|
2021-11-12 14:45:50 -07:00
|
|
|
|
if is_set $REQUIRE_PARTITIONS; then
|
|
|
|
|
echo "Setting up the non-default partition"
|
|
|
|
|
pre_service_setup ap1
|
|
|
|
|
fi
|
2022-06-09 11:05:18 -05:00
|
|
|
|
if is_set $REQUIRE_PEERS; then
|
|
|
|
|
echo "Setting up the alpha peer"
|
|
|
|
|
pre_service_setup alpha
|
|
|
|
|
fi
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2020-01-24 10:04:58 -05:00
|
|
|
|
echo "Starting services"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
start_services
|
|
|
|
|
|
|
|
|
|
# Run the verify container and report on the output
|
2021-11-12 14:45:50 -07:00
|
|
|
|
echo "Verifying the primary datacenter"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
verify primary
|
|
|
|
|
|
2020-06-02 19:24:52 -04:00
|
|
|
|
if is_set $REQUIRE_SECONDARY; then
|
2021-11-12 14:45:50 -07:00
|
|
|
|
echo "Verifying the secondary datacenter"
|
2019-07-24 17:01:42 -04:00
|
|
|
|
verify secondary
|
|
|
|
|
fi
|
2022-06-09 11:05:18 -05:00
|
|
|
|
if is_set $REQUIRE_PEERS; then
|
|
|
|
|
echo "Verifying the alpha peer"
|
|
|
|
|
verify alpha
|
|
|
|
|
fi
|
2020-06-02 19:24:52 -04:00
|
|
|
|
}
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2020-06-02 19:24:52 -04:00
|
|
|
|
function test_teardown {
|
|
|
|
|
init_vars
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
stop_services
|
|
|
|
|
}
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function workdir_cleanup {
|
|
|
|
|
docker_kill_rm workdir
|
|
|
|
|
docker volume rm -f envoy_workdir &>/dev/null || true
|
2019-07-24 17:01:42 -04:00
|
|
|
|
}
|
2019-05-02 12:53:06 +01:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
function suite_setup {
|
|
|
|
|
# Cleanup from any previous unclean runs.
|
2020-10-22 13:20:31 -05:00
|
|
|
|
suite_teardown
|
|
|
|
|
|
|
|
|
|
docker network create envoy-tests &>/dev/null
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
# Start the volume container
|
2020-10-22 13:20:31 -05:00
|
|
|
|
#
|
|
|
|
|
# This is a dummy container that we use to create volume and keep it
|
|
|
|
|
# accessible while other containers are down.
|
|
|
|
|
docker volume create envoy_workdir &>/dev/null
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name envoy_workdir_1 \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
--net=none \
|
2024-08-26 12:39:35 -04:00
|
|
|
|
registry.k8s.io/pause &>/dev/null
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
|
|
|
|
# pre-build the verify container
|
|
|
|
|
echo "Rebuilding 'bats-verify' image..."
|
2022-08-08 12:02:17 -04:00
|
|
|
|
retry_default docker build -t bats-verify -f Dockerfile-bats .
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
2022-05-03 11:21:32 -05:00
|
|
|
|
echo "Checking bats image..."
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 --rm -t bats-verify -v
|
2022-05-03 11:21:32 -05:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
# pre-build the consul+envoy container
|
|
|
|
|
echo "Rebuilding 'consul-dev-envoy:${ENVOY_VERSION}' image..."
|
2022-08-08 12:02:17 -04:00
|
|
|
|
retry_default docker build -t consul-dev-envoy:${ENVOY_VERSION} \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
--build-arg ENVOY_VERSION=${ENVOY_VERSION} \
|
|
|
|
|
-f Dockerfile-consul-envoy .
|
2021-08-24 13:48:30 +01:00
|
|
|
|
|
|
|
|
|
# pre-build the test-sds-server container
|
|
|
|
|
echo "Rebuilding 'test-sds-server' image..."
|
2023-03-29 09:51:21 -07:00
|
|
|
|
retry_default docker build -t test-sds-server -f test-sds-server/Dockerfile test-sds-server
|
2020-05-19 14:00:00 -04:00
|
|
|
|
}
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
function suite_teardown {
|
2022-06-09 11:05:18 -05:00
|
|
|
|
docker_kill_rm verify-primary verify-secondary verify-alpha
|
2019-07-24 17:01:42 -04:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
# this is some hilarious magic
|
|
|
|
|
docker_kill_rm $(grep "^function run_container_" $self_name | \
|
|
|
|
|
sed 's/^function run_container_\(.*\) {/\1/g')
|
|
|
|
|
|
2022-06-28 13:15:45 +01:00
|
|
|
|
docker_kill_rm consul-primary consul-primary-server consul-secondary consul-secondary-server consul-ap1 consul-alpha consul-alpha-server
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
|
|
|
|
if docker network inspect envoy-tests &>/dev/null ; then
|
|
|
|
|
echo -n "Deleting network 'envoy-tests'..."
|
|
|
|
|
docker network rm envoy-tests
|
|
|
|
|
echo "done"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
workdir_cleanup
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_containers {
|
|
|
|
|
for name in $@ ; do
|
|
|
|
|
run_container $name
|
|
|
|
|
done
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container {
|
|
|
|
|
docker_kill_rm "$1"
|
|
|
|
|
"run_container_$1"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function common_run_container_service {
|
|
|
|
|
local service="$1"
|
2021-11-12 14:45:50 -07:00
|
|
|
|
local CLUSTER="$2"
|
2020-10-22 13:20:31 -05:00
|
|
|
|
local httpPort="$3"
|
|
|
|
|
local grpcPort="$4"
|
|
|
|
|
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name_prev) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
-e "FORTIO_NAME=${service}" \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
$(network_snippet $CLUSTER) \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/fortio/fortio" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
server \
|
|
|
|
|
-http-port ":$httpPort" \
|
|
|
|
|
-grpc-port ":$grpcPort" \
|
|
|
|
|
-redirect-port disabled >/dev/null
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s1 {
|
|
|
|
|
common_run_container_service s1 primary 8080 8079
|
2020-05-19 14:00:00 -04:00
|
|
|
|
}
|
2019-05-02 12:53:06 +01:00
|
|
|
|
|
2021-11-12 14:45:50 -07:00
|
|
|
|
function run_container_s1-ap1 {
|
|
|
|
|
common_run_container_service s1 ap1 8080 8079
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function run_container_s2 {
|
|
|
|
|
common_run_container_service s2 primary 8181 8179
|
|
|
|
|
}
|
|
|
|
|
function run_container_s2-v1 {
|
|
|
|
|
common_run_container_service s2-v1 primary 8182 8178
|
|
|
|
|
}
|
|
|
|
|
function run_container_s2-v2 {
|
|
|
|
|
common_run_container_service s2-v2 primary 8183 8177
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s3 {
|
|
|
|
|
common_run_container_service s3 primary 8282 8279
|
|
|
|
|
}
|
|
|
|
|
function run_container_s3-v1 {
|
|
|
|
|
common_run_container_service s3-v1 primary 8283 8278
|
|
|
|
|
}
|
|
|
|
|
function run_container_s3-v2 {
|
|
|
|
|
common_run_container_service s3-v2 primary 8284 8277
|
|
|
|
|
}
|
|
|
|
|
function run_container_s3-alt {
|
|
|
|
|
common_run_container_service s3-alt primary 8286 8280
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s4 {
|
|
|
|
|
common_run_container_service s4 primary 8382 8281
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s1-secondary {
|
|
|
|
|
common_run_container_service s1-secondary secondary 8080 8079
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s2-secondary {
|
|
|
|
|
common_run_container_service s2-secondary secondary 8181 8179
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-12 18:57:05 -07:00
|
|
|
|
function run_container_s2-ap1 {
|
|
|
|
|
common_run_container_service s2 ap1 8480 8479
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s3-ap1 {
|
|
|
|
|
common_run_container_service s3 ap1 8580 8579
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-09 11:05:18 -05:00
|
|
|
|
function run_container_s1-alpha {
|
|
|
|
|
common_run_container_service s1-alpha alpha 8080 8079
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s2-alpha {
|
|
|
|
|
common_run_container_service s2-alpha alpha 8181 8179
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-28 14:52:25 -05:00
|
|
|
|
function run_container_s3-alpha {
|
|
|
|
|
common_run_container_service s3-alpha alpha 8282 8279
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function common_run_container_sidecar_proxy {
|
|
|
|
|
local service="$1"
|
2021-11-12 14:45:50 -07:00
|
|
|
|
local CLUSTER="$2"
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
|
|
|
|
# Hot restart breaks since both envoys seem to interact with each other
|
|
|
|
|
# despite separate containers that don't share IPC namespace. Not quite
|
|
|
|
|
# sure how this happens but may be due to unix socket being in some shared
|
|
|
|
|
# location?
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name_prev) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
$(network_snippet $CLUSTER) \
|
2022-07-21 09:54:56 -07:00
|
|
|
|
$(aws_snippet) \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/envoyproxy/envoy:v${ENVOY_VERSION}" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
envoy \
|
2021-11-12 14:45:50 -07:00
|
|
|
|
-c /workdir/${CLUSTER}/envoy/${service}-bootstrap.json \
|
2022-06-09 11:05:18 -05:00
|
|
|
|
-l trace \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
--disable-hot-restart \
|
|
|
|
|
--drain-time-s 1 >/dev/null
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s1-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s1 primary
|
|
|
|
|
}
|
2021-11-12 14:45:50 -07:00
|
|
|
|
|
|
|
|
|
function run_container_s1-ap1-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s1 ap1
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function run_container_s1-sidecar-proxy-consul-exec {
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$(network_snippet primary) \
|
|
|
|
|
consul-dev-envoy:${ENVOY_VERSION} \
|
|
|
|
|
consul connect envoy -sidecar-for s1 \
|
|
|
|
|
-envoy-version ${ENVOY_VERSION} \
|
|
|
|
|
-- \
|
2022-06-09 11:05:18 -05:00
|
|
|
|
-l trace >/dev/null
|
2020-10-22 13:20:31 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s2-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s2 primary
|
|
|
|
|
}
|
|
|
|
|
function run_container_s2-v1-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s2-v1 primary
|
|
|
|
|
}
|
|
|
|
|
function run_container_s2-v2-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s2-v2 primary
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s3-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s3 primary
|
|
|
|
|
}
|
|
|
|
|
function run_container_s3-v1-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s3-v1 primary
|
|
|
|
|
}
|
|
|
|
|
function run_container_s3-v2-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s3-v2 primary
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s3-alt-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s3-alt primary
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s1-sidecar-proxy-secondary {
|
|
|
|
|
common_run_container_sidecar_proxy s1 secondary
|
|
|
|
|
}
|
|
|
|
|
function run_container_s2-sidecar-proxy-secondary {
|
|
|
|
|
common_run_container_sidecar_proxy s2 secondary
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-12 18:57:05 -07:00
|
|
|
|
function run_container_s2-ap1-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s2 ap1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_s3-ap1-sidecar-proxy {
|
|
|
|
|
common_run_container_sidecar_proxy s3 ap1
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-09 11:05:18 -05:00
|
|
|
|
function run_container_s1-sidecar-proxy-alpha {
|
|
|
|
|
common_run_container_sidecar_proxy s1 alpha
|
|
|
|
|
}
|
|
|
|
|
function run_container_s2-sidecar-proxy-alpha {
|
|
|
|
|
common_run_container_sidecar_proxy s2 alpha
|
|
|
|
|
}
|
2022-06-28 14:52:25 -05:00
|
|
|
|
function run_container_s3-sidecar-proxy-alpha {
|
|
|
|
|
common_run_container_sidecar_proxy s3 alpha
|
|
|
|
|
}
|
2022-06-09 11:05:18 -05:00
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function common_run_container_gateway {
|
|
|
|
|
local name="$1"
|
|
|
|
|
local DC="$2"
|
|
|
|
|
|
|
|
|
|
# Hot restart breaks since both envoys seem to interact with each other
|
|
|
|
|
# despite separate containers that don't share IPC namespace. Not quite
|
|
|
|
|
# sure how this happens but may be due to unix socket being in some shared
|
|
|
|
|
# location?
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name_prev) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
$(network_snippet $DC) \
|
2022-07-21 09:54:56 -07:00
|
|
|
|
$(aws_snippet) \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/envoyproxy/envoy:v${ENVOY_VERSION}" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
envoy \
|
|
|
|
|
-c /workdir/${DC}/envoy/${name}-bootstrap.json \
|
2022-06-09 11:05:18 -05:00
|
|
|
|
-l trace \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
--disable-hot-restart \
|
|
|
|
|
--drain-time-s 1 >/dev/null
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_gateway-primary {
|
|
|
|
|
common_run_container_gateway mesh-gateway primary
|
|
|
|
|
}
|
2023-08-24 16:44:14 -06:00
|
|
|
|
function run_container_gateway-ap1 {
|
|
|
|
|
common_run_container_gateway mesh-gateway ap1
|
|
|
|
|
}
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function run_container_gateway-secondary {
|
|
|
|
|
common_run_container_gateway mesh-gateway secondary
|
|
|
|
|
}
|
2022-06-09 11:05:18 -05:00
|
|
|
|
function run_container_gateway-alpha {
|
|
|
|
|
common_run_container_gateway mesh-gateway alpha
|
|
|
|
|
}
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
|
|
|
|
function run_container_ingress-gateway-primary {
|
|
|
|
|
common_run_container_gateway ingress-gateway primary
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 11:32:10 -05:00
|
|
|
|
function run_container_api-gateway-primary {
|
|
|
|
|
common_run_container_gateway api-gateway primary
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function run_container_terminating-gateway-primary {
|
|
|
|
|
common_run_container_gateway terminating-gateway primary
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_fake-statsd {
|
|
|
|
|
# This magic SYSTEM incantation is needed since Envoy doesn't add newlines and so
|
|
|
|
|
# we need each packet to be passed to echo to add a new line before
|
|
|
|
|
# appending.
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
$(network_snippet primary) \
|
2021-01-06 17:31:33 -05:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/alpine/socat:1.7.3.4-r1" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
-u UDP-RECVFROM:8125,fork,reuseaddr \
|
|
|
|
|
SYSTEM:'xargs -0 echo >> /workdir/primary/statsd/statsd.log'
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_zipkin {
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
$(network_snippet primary) \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/openzipkin/zipkin"
|
2020-10-22 13:20:31 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_jaeger {
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
$(network_snippet primary) \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/jaegertracing/all-in-one:1.11" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
--collector.zipkin.http-port=9411
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-24 13:48:30 +01:00
|
|
|
|
function run_container_test-sds-server {
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name) \
|
2021-08-24 13:48:30 +01:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
$(network_snippet primary) \
|
|
|
|
|
"test-sds-server"
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 13:20:31 -05:00
|
|
|
|
function container_name {
|
|
|
|
|
echo "envoy_${FUNCNAME[1]/#run_container_/}_1"
|
|
|
|
|
}
|
|
|
|
|
function container_name_prev {
|
|
|
|
|
echo "envoy_${FUNCNAME[2]/#run_container_/}_1"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# This is a debugging tool. Run via './run-tests.sh debug_dump_volumes'
|
|
|
|
|
function debug_dump_volumes {
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 --rm -it \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$WORKDIR_SNIPPET \
|
|
|
|
|
-v ./:/cwd \
|
|
|
|
|
--net=none \
|
2020-11-02 14:52:33 -06:00
|
|
|
|
"${HASHICORP_DOCKER_PROXY}/alpine" \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
cp -r /workdir/. /cwd/workdir/
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function run_container_tcpdump-primary {
|
|
|
|
|
# To use add "tcpdump-primary" to REQUIRED_SERVICES
|
|
|
|
|
common_run_container_tcpdump primary
|
|
|
|
|
}
|
|
|
|
|
function run_container_tcpdump-secondary {
|
|
|
|
|
# To use add "tcpdump-secondary" to REQUIRED_SERVICES
|
|
|
|
|
common_run_container_tcpdump secondary
|
|
|
|
|
}
|
2022-06-09 11:05:18 -05:00
|
|
|
|
function run_container_tcpdump-alpha {
|
|
|
|
|
# To use add "tcpdump-alpha" to REQUIRED_SERVICES
|
|
|
|
|
common_run_container_tcpdump alpha
|
|
|
|
|
}
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
|
|
|
|
function common_run_container_tcpdump {
|
|
|
|
|
local DC="$1"
|
|
|
|
|
|
|
|
|
|
# we cant run this in circle but its only here to temporarily enable.
|
|
|
|
|
|
2022-08-08 12:02:17 -04:00
|
|
|
|
retry_default docker build -t envoy-tcpdump -f Dockerfile-tcpdump .
|
2020-10-22 13:20:31 -05:00
|
|
|
|
|
2024-04-17 15:49:33 -04:00
|
|
|
|
docker run --sysctl net.ipv6.conf.all.disable_ipv6=1 -d --name $(container_name_prev) \
|
2020-10-22 13:20:31 -05:00
|
|
|
|
$(network_snippet $DC) \
|
|
|
|
|
-v $(pwd)/workdir/${DC}/envoy/:/data \
|
|
|
|
|
--privileged \
|
|
|
|
|
envoy-tcpdump \
|
|
|
|
|
-v -i any \
|
|
|
|
|
-w "/data/${DC}.pcap"
|
|
|
|
|
}
|
2019-04-29 17:27:57 +01:00
|
|
|
|
|
2020-05-19 14:00:00 -04:00
|
|
|
|
case "${1-}" in
|
|
|
|
|
"")
|
|
|
|
|
echo "command required"
|
|
|
|
|
exit 1 ;;
|
|
|
|
|
*)
|
|
|
|
|
"$@" ;;
|
|
|
|
|
esac
|