github.com/apprenda/kismatic@v1.12.0/integration-tests/ingress.go (about) 1 package integration_tests 2 3 import ( 4 "crypto/tls" 5 "fmt" 6 "net/http" 7 "time" 8 9 "github.com/apprenda/kismatic/pkg/retry" 10 . "github.com/onsi/ginkgo" 11 ) 12 13 func verifyIngressNodes(master NodeDeets, ingressNodes []NodeDeets, sshKey string) error { 14 By("Adding a service and an ingress resource") 15 addIngressResource(master, sshKey) 16 17 By("Verifying the service is accessible via the ingress point(s)") 18 for _, ingNode := range ingressNodes { 19 if err := verifyIngressPoint(ingNode); err != nil { 20 // For debugging purposes... 21 runViaSSH([]string{"sudo kubectl --kubeconfig /root/.kube/config describe -f /tmp/ingress.yaml", "sudo kubectl --kubeconfig /root/.kube/config describe pods"}, []NodeDeets{master}, sshKey, 1*time.Minute) 22 return err 23 } 24 } 25 26 return nil 27 } 28 29 func addIngressResource(node NodeDeets, sshKey string) { 30 err := copyFileToRemote("test-resources/ingress.yaml", "/tmp/ingress.yaml", node, sshKey, 1*time.Minute) 31 FailIfError(err, "Error copying ingress test file") 32 33 err = runViaSSH([]string{"sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/tls.key -out /tmp/tls.crt -subj \"/CN=kismaticintegration.com\""}, []NodeDeets{node}, sshKey, 1*time.Minute) 34 FailIfError(err, "Error creating certificates for HTTPs") 35 36 err = runViaSSH([]string{"sudo kubectl --kubeconfig /root/.kube/config create secret tls kismaticintegration-tls --cert=/tmp/tls.crt --key=/tmp/tls.key"}, []NodeDeets{node}, sshKey, 1*time.Minute) 37 FailIfError(err, "Error creating tls secret") 38 39 err = runViaSSH([]string{"sudo kubectl --kubeconfig /root/.kube/config apply -f /tmp/ingress.yaml"}, []NodeDeets{node}, sshKey, 1*time.Minute) 40 FailIfError(err, "Error creating ingress resources") 41 } 42 43 func verifyIngressPoint(node NodeDeets) error { 44 // HTTP ingress 45 url := "http://" + node.PublicIP + "/echo" 46 if err := retry.WithBackoff(func() error { return ingressRequest(url) }, 7); err != nil { 47 return err 48 } 49 // HTTPS ingress 50 url = "https://" + node.PublicIP + "/echo-tls" 51 if err := retry.WithBackoff(func() error { return ingressRequest(url) }, 7); err != nil { 52 return err 53 } 54 return nil 55 } 56 57 func ingressRequest(url string) error { 58 tr := &http.Transport{ 59 TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, 60 } 61 client := http.Client{ 62 Timeout: 1000 * time.Millisecond, 63 Transport: tr, 64 } 65 req, err := http.NewRequest(http.MethodGet, url, nil) 66 if err != nil { 67 return fmt.Errorf("Could not create request for ingress via %s, %v", url, err) 68 } 69 // Set the host header since this is not a real domain, curl $IP/echo -H 'Host: kismaticintegration.com' 70 req.Host = "kismaticintegration.com" 71 resp, err := client.Do(req) 72 if err != nil { 73 return fmt.Errorf("Could not reach ingress via %s, %v", url, err) 74 } 75 if resp.StatusCode != 200 { 76 return fmt.Errorf("Ingress status code is not 200, got %d vi %s", resp.StatusCode, url) 77 } 78 79 return nil 80 }