luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Uncomment listener tests

This commit is contained in:
freddygv 2021-03-17 21:37:12 -06:00
parent 6c43195e2a
commit c4ff0e6eca
1 changed files with 443 additions and 441 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

884
agent/xds/listeners_test.go
View File

@ -9,12 +9,14 @@ import (
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/agent/xds/proxysupport"
"github.com/hashicorp/consul/sdk/testutil"
"github.com/hashicorp/consul/types"
testinf "github.com/mitchellh/go-testing-interface"
"github.com/stretchr/testify/require"
"path/filepath"
"sort"
"testing"
"text/template"
"time"
)
func TestListenersFromSnapshot(t *testing.T) {
@ -32,447 +34,447 @@ func TestListenersFromSnapshot(t *testing.T) {
overrideGoldenName string
serverSetup func(*Server)
}{
// {
// name: "defaults",
// create: proxycfg.TestConfigSnapshot,
// setup: nil, // Default snapshot
// },
// {
// name: "listener-bind-address",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["bind_address"] = "127.0.0.2"
// },
// },
// {
// name: "listener-bind-port",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["bind_port"] = 8888
// },
// },
// {
// name: "listener-bind-address-port",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["bind_address"] = "127.0.0.2"
// snap.Proxy.Config["bind_port"] = 8888
// },
// },
// {
// name: "http-public-listener",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["protocol"] = "http"
// },
// },
// {
// name: "http-listener-with-timeouts",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["protocol"] = "http"
// snap.Proxy.Config["local_connect_timeout_ms"] = 1234
// snap.Proxy.Config["local_request_timeout_ms"] = 2345
// },
// },
// {
// name: "http-upstream",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Upstreams[0].Config["protocol"] = "http"
// },
// },
// {
// name: "custom-public-listener",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["envoy_public_listener_json"] =
// customListenerJSON(t, customListenerJSONOptions{
// Name: "custom-public-listen",
// })
// },
// },
// {
// name: "custom-public-listener-http",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["protocol"] = "http"
// snap.Proxy.Config["envoy_public_listener_json"] =
// customHTTPListenerJSON(t, customHTTPListenerJSONOptions{
// Name: "custom-public-listen",
// })
// },
// },
// {
// name: "custom-public-listener-http-2",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["protocol"] = "http"
// snap.Proxy.Config["envoy_public_listener_json"] =
// customHTTPListenerJSON(t, customHTTPListenerJSONOptions{
// Name: "custom-public-listen",
// HTTPConnectionManagerName: httpConnectionManagerNewName,
// })
// },
// },
// {
// name: "custom-public-listener-http-missing",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["protocol"] = "http"
// snap.Proxy.Config["envoy_public_listener_json"] =
// customListenerJSON(t, customListenerJSONOptions{
// Name: "custom-public-listen",
// })
// },
// },
// {
// name: "custom-public-listener-ignores-tls",
// create: proxycfg.TestConfigSnapshot,
// overrideGoldenName: "custom-public-listener", // should be the same
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config["envoy_public_listener_json"] =
// customListenerJSON(t, customListenerJSONOptions{
// Name: "custom-public-listen",
// // Attempt to override the TLS context should be ignored
// TLSContext: `"allowRenegotiation": false`,
// })
// },
// },
// {
// name: "custom-upstream",
// create: proxycfg.TestConfigSnapshot,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Upstreams[0].Config["envoy_listener_json"] =
// customListenerJSON(t, customListenerJSONOptions{
// Name: "custom-upstream",
// })
// },
// },
// {
// name: "custom-upstream-ignored-with-disco-chain",
// create: proxycfg.TestConfigSnapshotDiscoveryChainWithFailover,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Upstreams[0].Config["envoy_listener_json"] =
// customListenerJSON(t, customListenerJSONOptions{
// Name: "custom-upstream",
// })
// },
// },
// {
// name: "splitter-with-resolver-redirect",
// create: proxycfg.TestConfigSnapshotDiscoveryChain_SplitterWithResolverRedirectMultiDC,
// setup: nil,
// },
// {
// name: "connect-proxy-with-tcp-chain",
// create: proxycfg.TestConfigSnapshotDiscoveryChain,
// setup: nil,
// },
// {
// name: "connect-proxy-with-http-chain",
// create: func(t testinf.T) *proxycfg.ConfigSnapshot {
// return proxycfg.TestConfigSnapshotDiscoveryChainWithEntries(t,
// &structs.ProxyConfigEntry{
// Kind: structs.ProxyDefaults,
// Name: structs.ProxyConfigGlobal,
// Config: map[string]interface{}{
// "protocol": "http",
// },
// },
// )
// },
// setup: nil,
// },
// {
// name: "connect-proxy-with-http2-chain",
// create: func(t testinf.T) *proxycfg.ConfigSnapshot {
// return proxycfg.TestConfigSnapshotDiscoveryChainWithEntries(t,
// &structs.ProxyConfigEntry{
// Kind: structs.ProxyDefaults,
// Name: structs.ProxyConfigGlobal,
// Config: map[string]interface{}{
// "protocol": "http2",
// },
// },
// )
// },
// setup: nil,
// },
// {
// name: "connect-proxy-with-grpc-chain",
// create: func(t testinf.T) *proxycfg.ConfigSnapshot {
// return proxycfg.TestConfigSnapshotDiscoveryChainWithEntries(t,
// &structs.ProxyConfigEntry{
// Kind: structs.ProxyDefaults,
// Name: structs.ProxyConfigGlobal,
// Config: map[string]interface{}{
// "protocol": "grpc",
// },
// },
// )
// },
// setup: nil,
// },
// {
// name: "connect-proxy-with-chain-external-sni",
// create: proxycfg.TestConfigSnapshotDiscoveryChainExternalSNI,
// setup: nil,
// },
// {
// name: "connect-proxy-with-chain-and-overrides",
// create: proxycfg.TestConfigSnapshotDiscoveryChainWithOverrides,
// setup: nil,
// },
// {
// name: "connect-proxy-with-tcp-chain-failover-through-remote-gateway",
// create: proxycfg.TestConfigSnapshotDiscoveryChainWithFailoverThroughRemoteGateway,
// setup: nil,
// },
// {
// name: "connect-proxy-with-tcp-chain-failover-through-local-gateway",
// create: proxycfg.TestConfigSnapshotDiscoveryChainWithFailoverThroughLocalGateway,
// setup: nil,
// },
// {
// name: "expose-paths-local-app-paths",
// create: proxycfg.TestConfigSnapshotExposeConfig,
// },
// {
// name: "expose-paths-new-cluster-http2",
// create: proxycfg.TestConfigSnapshotExposeConfig,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Expose.Paths[1] = structs.ExposePath{
// LocalPathPort: 9090,
// Path: "/grpc.health.v1.Health/Check",
// ListenerPort: 21501,
// Protocol: "http2",
// }
// },
// },
// {
// // NOTE: if IPv6 is not supported in the kernel per
// // kernelSupportsIPv6() then this test will fail because the golden
// // files were generated assuming ipv6 support was present
// name: "expose-checks",
// create: proxycfg.TestConfigSnapshotExposeConfig,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Expose = structs.ExposeConfig{
// Checks: true,
// }
// },
// serverSetup: func(s *Server) {
// s.CfgFetcher = configFetcherFunc(func() string {
// return "192.0.2.1"
// })
//
// s.CheckFetcher = httpCheckFetcherFunc(func(sid structs.ServiceID) []structs.CheckType {
// if sid != structs.NewServiceID("web", nil) {
// return nil
// }
// return []structs.CheckType{{
// CheckID: types.CheckID("http"),
// Name: "http",
// HTTP: "http://127.0.0.1:8181/debug",
// ProxyHTTP: "http://:21500/debug",
// Method: "GET",
// Interval: 10 * time.Second,
// Timeout: 1 * time.Second,
// }}
// })
// },
// },
// {
// name: "mesh-gateway",
// create: proxycfg.TestConfigSnapshotMeshGateway,
// },
// {
// name: "mesh-gateway-using-federation-states",
// create: proxycfg.TestConfigSnapshotMeshGatewayUsingFederationStates,
// },
// {
// name: "mesh-gateway-no-services",
// create: proxycfg.TestConfigSnapshotMeshGatewayNoServices,
// },
// {
// name: "mesh-gateway-tagged-addresses",
// create: proxycfg.TestConfigSnapshotMeshGateway,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config = map[string]interface{}{
// "envoy_mesh_gateway_no_default_bind": true,
// "envoy_mesh_gateway_bind_tagged_addresses": true,
// }
// },
// },
// {
// name: "mesh-gateway-custom-addresses",
// create: proxycfg.TestConfigSnapshotMeshGateway,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config = map[string]interface{}{
// "envoy_mesh_gateway_bind_addresses": map[string]structs.ServiceAddress{
// "foo": {
// Address: "198.17.2.3",
// Port: 8080,
// },
// "bar": {
// Address: "2001:db8::ff",
// Port: 9999,
// },
// "baz": {
// Address: "127.0.0.1",
// Port: 8765,
// },
// },
// }
// },
// },
// {
// name: "ingress-gateway",
// create: proxycfg.TestConfigSnapshotIngressGateway,
// setup: nil,
// },
// {
// name: "ingress-gateway-bind-addrs",
// create: proxycfg.TestConfigSnapshotIngressGateway,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.TaggedAddresses = map[string]structs.ServiceAddress{
// "lan": {Address: "10.0.0.1"},
// "wan": {Address: "172.16.0.1"},
// }
// snap.Proxy.Config = map[string]interface{}{
// "envoy_gateway_no_default_bind": true,
// "envoy_gateway_bind_tagged_addresses": true,
// "envoy_gateway_bind_addresses": map[string]structs.ServiceAddress{
// "foo": {Address: "8.8.8.8"},
// },
// }
// },
// },
// {
// name: "ingress-gateway-no-services",
// create: proxycfg.TestConfigSnapshotIngressGatewayNoServices,
// setup: nil,
// },
// {
// name: "ingress-with-chain-external-sni",
// create: proxycfg.TestConfigSnapshotIngressExternalSNI,
// setup: nil,
// },
// {
// name: "ingress-with-chain-and-overrides",
// create: proxycfg.TestConfigSnapshotIngressWithOverrides,
// setup: nil,
// },
// {
// name: "ingress-with-tcp-chain-failover-through-remote-gateway",
// create: proxycfg.TestConfigSnapshotIngressWithFailoverThroughRemoteGateway,
// setup: nil,
// },
// {
// name: "ingress-with-tcp-chain-failover-through-local-gateway",
// create: proxycfg.TestConfigSnapshotIngressWithFailoverThroughLocalGateway,
// setup: nil,
// },
// {
// name: "ingress-splitter-with-resolver-redirect",
// create: proxycfg.TestConfigSnapshotIngress_SplitterWithResolverRedirectMultiDC,
// setup: nil,
// },
// {
// name: "terminating-gateway",
// create: proxycfg.TestConfigSnapshotTerminatingGateway,
// setup: nil,
// },
// {
// name: "terminating-gateway-no-services",
// create: proxycfg.TestConfigSnapshotTerminatingGatewayNoServices,
// setup: nil,
// },
// {
// name: "terminating-gateway-custom-and-tagged-addresses",
// create: proxycfg.TestConfigSnapshotTerminatingGateway,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.Proxy.Config = map[string]interface{}{
// "envoy_gateway_no_default_bind": true,
// "envoy_gateway_bind_tagged_addresses": true,
// "envoy_gateway_bind_addresses": map[string]structs.ServiceAddress{
// // This bind address should not get a listener due to deduplication and it sorts to the end
// "z-duplicate-of-tagged-wan-addr": {
// Address: "198.18.0.1",
// Port: 443,
// },
// "foo": {
// Address: "198.17.2.3",
// Port: 8080,
// },
// },
// }
// },
// },
// {
// name: "terminating-gateway-service-subsets",
// create: proxycfg.TestConfigSnapshotTerminatingGateway,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.TerminatingGateway.ServiceResolvers = map[structs.ServiceName]*structs.ServiceResolverConfigEntry{
// structs.NewServiceName("web", nil): {
// Kind: structs.ServiceResolver,
// Name: "web",
// Subsets: map[string]structs.ServiceResolverSubset{
// "v1": {
// Filter: "Service.Meta.version == 1",
// },
// "v2": {
// Filter: "Service.Meta.version == 2",
// OnlyPassing: true,
// },
// },
// },
// }
// snap.TerminatingGateway.ServiceConfigs[structs.NewServiceName("web", nil)] = &structs.ServiceConfigResponse{
// ProxyConfig: map[string]interface{}{"protocol": "http"},
// }
// },
// },
// {
// name: "ingress-http-multiple-services",
// create: proxycfg.TestConfigSnapshotIngress_HTTPMultipleServices,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.IngressGateway.Upstreams = map[proxycfg.IngressListenerKey]structs.Upstreams{
// {Protocol: "http", Port: 8080}: {
// {
// DestinationName: "foo",
// LocalBindPort: 8080,
// },
// {
// DestinationName: "bar",
// LocalBindPort: 8080,
// },
// },
// {Protocol: "http", Port: 443}: {
// {
// DestinationName: "baz",
// LocalBindPort: 443,
// },
// {
// DestinationName: "qux",
// LocalBindPort: 443,
// },
// },
// }
// },
// },
// {
// name: "terminating-gateway-no-api-cert",
// create: proxycfg.TestConfigSnapshotTerminatingGateway,
// setup: func(snap *proxycfg.ConfigSnapshot) {
// snap.TerminatingGateway.ServiceLeaves[structs.NewServiceName("api", nil)] = nil
// },
// },
// {
// name: "ingress-with-tls-listener",
// create: proxycfg.TestConfigSnapshotIngressWithTLSListener,
// setup: nil,
// },
{
name: "defaults",
create: proxycfg.TestConfigSnapshot,
setup: nil, // Default snapshot
},
{
name: "listener-bind-address",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["bind_address"] = "127.0.0.2"
},
},
{
name: "listener-bind-port",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["bind_port"] = 8888
},
},
{
name: "listener-bind-address-port",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["bind_address"] = "127.0.0.2"
snap.Proxy.Config["bind_port"] = 8888
},
},
{
name: "http-public-listener",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["protocol"] = "http"
},
},
{
name: "http-listener-with-timeouts",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["protocol"] = "http"
snap.Proxy.Config["local_connect_timeout_ms"] = 1234
snap.Proxy.Config["local_request_timeout_ms"] = 2345
},
},
{
name: "http-upstream",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Upstreams[0].Config["protocol"] = "http"
},
},
{
name: "custom-public-listener",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["envoy_public_listener_json"] =
customListenerJSON(t, customListenerJSONOptions{
Name: "custom-public-listen",
})
},
},
{
name: "custom-public-listener-http",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["protocol"] = "http"
snap.Proxy.Config["envoy_public_listener_json"] =
customHTTPListenerJSON(t, customHTTPListenerJSONOptions{
Name: "custom-public-listen",
})
},
},
{
name: "custom-public-listener-http-2",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["protocol"] = "http"
snap.Proxy.Config["envoy_public_listener_json"] =
customHTTPListenerJSON(t, customHTTPListenerJSONOptions{
Name: "custom-public-listen",
HTTPConnectionManagerName: httpConnectionManagerNewName,
})
},
},
{
name: "custom-public-listener-http-missing",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["protocol"] = "http"
snap.Proxy.Config["envoy_public_listener_json"] =
customListenerJSON(t, customListenerJSONOptions{
Name: "custom-public-listen",
})
},
},
{
name: "custom-public-listener-ignores-tls",
create: proxycfg.TestConfigSnapshot,
overrideGoldenName: "custom-public-listener", // should be the same
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config["envoy_public_listener_json"] =
customListenerJSON(t, customListenerJSONOptions{
Name: "custom-public-listen",
// Attempt to override the TLS context should be ignored
TLSContext: `"allowRenegotiation": false`,
})
},
},
{
name: "custom-upstream",
create: proxycfg.TestConfigSnapshot,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Upstreams[0].Config["envoy_listener_json"] =
customListenerJSON(t, customListenerJSONOptions{
Name: "custom-upstream",
})
},
},
{
name: "custom-upstream-ignored-with-disco-chain",
create: proxycfg.TestConfigSnapshotDiscoveryChainWithFailover,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Upstreams[0].Config["envoy_listener_json"] =
customListenerJSON(t, customListenerJSONOptions{
Name: "custom-upstream",
})
},
},
{
name: "splitter-with-resolver-redirect",
create: proxycfg.TestConfigSnapshotDiscoveryChain_SplitterWithResolverRedirectMultiDC,
setup: nil,
},
{
name: "connect-proxy-with-tcp-chain",
create: proxycfg.TestConfigSnapshotDiscoveryChain,
setup: nil,
},
{
name: "connect-proxy-with-http-chain",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotDiscoveryChainWithEntries(t,
&structs.ProxyConfigEntry{
Kind: structs.ProxyDefaults,
Name: structs.ProxyConfigGlobal,
Config: map[string]interface{}{
"protocol": "http",
},
},
)
},
setup: nil,
},
{
name: "connect-proxy-with-http2-chain",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotDiscoveryChainWithEntries(t,
&structs.ProxyConfigEntry{
Kind: structs.ProxyDefaults,
Name: structs.ProxyConfigGlobal,
Config: map[string]interface{}{
"protocol": "http2",
},
},
)
},
setup: nil,
},
{
name: "connect-proxy-with-grpc-chain",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotDiscoveryChainWithEntries(t,
&structs.ProxyConfigEntry{
Kind: structs.ProxyDefaults,
Name: structs.ProxyConfigGlobal,
Config: map[string]interface{}{
"protocol": "grpc",
},
},
)
},
setup: nil,
},
{
name: "connect-proxy-with-chain-external-sni",
create: proxycfg.TestConfigSnapshotDiscoveryChainExternalSNI,
setup: nil,
},
{
name: "connect-proxy-with-chain-and-overrides",
create: proxycfg.TestConfigSnapshotDiscoveryChainWithOverrides,
setup: nil,
},
{
name: "connect-proxy-with-tcp-chain-failover-through-remote-gateway",
create: proxycfg.TestConfigSnapshotDiscoveryChainWithFailoverThroughRemoteGateway,
setup: nil,
},
{
name: "connect-proxy-with-tcp-chain-failover-through-local-gateway",
create: proxycfg.TestConfigSnapshotDiscoveryChainWithFailoverThroughLocalGateway,
setup: nil,
},
{
name: "expose-paths-local-app-paths",
create: proxycfg.TestConfigSnapshotExposeConfig,
},
{
name: "expose-paths-new-cluster-http2",
create: proxycfg.TestConfigSnapshotExposeConfig,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Expose.Paths[1] = structs.ExposePath{
LocalPathPort: 9090,
Path: "/grpc.health.v1.Health/Check",
ListenerPort: 21501,
Protocol: "http2",
}
},
},
{
// NOTE: if IPv6 is not supported in the kernel per
// kernelSupportsIPv6() then this test will fail because the golden
// files were generated assuming ipv6 support was present
name: "expose-checks",
create: proxycfg.TestConfigSnapshotExposeConfig,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Expose = structs.ExposeConfig{
Checks: true,
}
},
serverSetup: func(s *Server) {
s.CfgFetcher = configFetcherFunc(func() string {
return "192.0.2.1"
})
s.CheckFetcher = httpCheckFetcherFunc(func(sid structs.ServiceID) []structs.CheckType {
if sid != structs.NewServiceID("web", nil) {
return nil
}
return []structs.CheckType{{
CheckID: types.CheckID("http"),
Name: "http",
HTTP: "http://127.0.0.1:8181/debug",
ProxyHTTP: "http://:21500/debug",
Method: "GET",
Interval: 10 * time.Second,
Timeout: 1 * time.Second,
}}
})
},
},
{
name: "mesh-gateway",
create: proxycfg.TestConfigSnapshotMeshGateway,
},
{
name: "mesh-gateway-using-federation-states",
create: proxycfg.TestConfigSnapshotMeshGatewayUsingFederationStates,
},
{
name: "mesh-gateway-no-services",
create: proxycfg.TestConfigSnapshotMeshGatewayNoServices,
},
{
name: "mesh-gateway-tagged-addresses",
create: proxycfg.TestConfigSnapshotMeshGateway,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config = map[string]interface{}{
"envoy_mesh_gateway_no_default_bind": true,
"envoy_mesh_gateway_bind_tagged_addresses": true,
}
},
},
{
name: "mesh-gateway-custom-addresses",
create: proxycfg.TestConfigSnapshotMeshGateway,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config = map[string]interface{}{
"envoy_mesh_gateway_bind_addresses": map[string]structs.ServiceAddress{
"foo": {
Address: "198.17.2.3",
Port: 8080,
},
"bar": {
Address: "2001:db8::ff",
Port: 9999,
},
"baz": {
Address: "127.0.0.1",
Port: 8765,
},
},
}
},
},
{
name: "ingress-gateway",
create: proxycfg.TestConfigSnapshotIngressGateway,
setup: nil,
},
{
name: "ingress-gateway-bind-addrs",
create: proxycfg.TestConfigSnapshotIngressGateway,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.TaggedAddresses = map[string]structs.ServiceAddress{
"lan": {Address: "10.0.0.1"},
"wan": {Address: "172.16.0.1"},
}
snap.Proxy.Config = map[string]interface{}{
"envoy_gateway_no_default_bind": true,
"envoy_gateway_bind_tagged_addresses": true,
"envoy_gateway_bind_addresses": map[string]structs.ServiceAddress{
"foo": {Address: "8.8.8.8"},
},
}
},
},
{
name: "ingress-gateway-no-services",
create: proxycfg.TestConfigSnapshotIngressGatewayNoServices,
setup: nil,
},
{
name: "ingress-with-chain-external-sni",
create: proxycfg.TestConfigSnapshotIngressExternalSNI,
setup: nil,
},
{
name: "ingress-with-chain-and-overrides",
create: proxycfg.TestConfigSnapshotIngressWithOverrides,
setup: nil,
},
{
name: "ingress-with-tcp-chain-failover-through-remote-gateway",
create: proxycfg.TestConfigSnapshotIngressWithFailoverThroughRemoteGateway,
setup: nil,
},
{
name: "ingress-with-tcp-chain-failover-through-local-gateway",
create: proxycfg.TestConfigSnapshotIngressWithFailoverThroughLocalGateway,
setup: nil,
},
{
name: "ingress-splitter-with-resolver-redirect",
create: proxycfg.TestConfigSnapshotIngress_SplitterWithResolverRedirectMultiDC,
setup: nil,
},
{
name: "terminating-gateway",
create: proxycfg.TestConfigSnapshotTerminatingGateway,
setup: nil,
},
{
name: "terminating-gateway-no-services",
create: proxycfg.TestConfigSnapshotTerminatingGatewayNoServices,
setup: nil,
},
{
name: "terminating-gateway-custom-and-tagged-addresses",
create: proxycfg.TestConfigSnapshotTerminatingGateway,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Config = map[string]interface{}{
"envoy_gateway_no_default_bind": true,
"envoy_gateway_bind_tagged_addresses": true,
"envoy_gateway_bind_addresses": map[string]structs.ServiceAddress{
// This bind address should not get a listener due to deduplication and it sorts to the end
"z-duplicate-of-tagged-wan-addr": {
Address: "198.18.0.1",
Port: 443,
},
"foo": {
Address: "198.17.2.3",
Port: 8080,
},
},
}
},
},
{
name: "terminating-gateway-service-subsets",
create: proxycfg.TestConfigSnapshotTerminatingGateway,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.TerminatingGateway.ServiceResolvers = map[structs.ServiceName]*structs.ServiceResolverConfigEntry{
structs.NewServiceName("web", nil): {
Kind: structs.ServiceResolver,
Name: "web",
Subsets: map[string]structs.ServiceResolverSubset{
"v1": {
Filter: "Service.Meta.version == 1",
},
"v2": {
Filter: "Service.Meta.version == 2",
OnlyPassing: true,
},
},
},
}
snap.TerminatingGateway.ServiceConfigs[structs.NewServiceName("web", nil)] = &structs.ServiceConfigResponse{
ProxyConfig: map[string]interface{}{"protocol": "http"},
}
},
},
{
name: "ingress-http-multiple-services",
create: proxycfg.TestConfigSnapshotIngress_HTTPMultipleServices,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.IngressGateway.Upstreams = map[proxycfg.IngressListenerKey]structs.Upstreams{
{Protocol: "http", Port: 8080}: {
{
DestinationName: "foo",
LocalBindPort: 8080,
},
{
DestinationName: "bar",
LocalBindPort: 8080,
},
},
{Protocol: "http", Port: 443}: {
{
DestinationName: "baz",
LocalBindPort: 443,
},
{
DestinationName: "qux",
LocalBindPort: 443,
},
},
}
},
},
{
name: "terminating-gateway-no-api-cert",
create: proxycfg.TestConfigSnapshotTerminatingGateway,
setup: func(snap *proxycfg.ConfigSnapshot) {
snap.TerminatingGateway.ServiceLeaves[structs.NewServiceName("api", nil)] = nil
},
},
{
name: "ingress-with-tls-listener",
create: proxycfg.TestConfigSnapshotIngressWithTLSListener,
setup: nil,
},
{
name: "transparent-proxy",
create: proxycfg.TestConfigSnapshot,