From d337228a74e5acd409205ce80ee8c57d20ef7424 Mon Sep 17 00:00:00 2001 From: revolyssup Date: Wed, 21 Jun 2023 19:39:30 +0530 Subject: [PATCH 01/32] feat: allow configuring timeout and retries for upstream with ingress annotations Signed-off-by: revolyssup --- .../ingress/translation/annotations.go | 7 +- .../ingress/translation/annotations/types.go | 6 ++ .../annotations/upstream/upstream.go | 89 +++++++++++++++++ .../annotations/upstream/upstream_test.go | 98 +++++++++++++++++++ .../upstreamscheme/upstreamscheme.go | 47 --------- .../upstreamscheme/upstreamscheme_test.go | 44 --------- .../ingress/translation/translator.go | 38 +++++-- 7 files changed, 229 insertions(+), 100 deletions(-) create mode 100644 pkg/providers/ingress/translation/annotations/upstream/upstream.go create mode 100644 pkg/providers/ingress/translation/annotations/upstream/upstream_test.go delete mode 100644 pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme.go delete mode 100644 pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme_test.go diff --git a/pkg/providers/ingress/translation/annotations.go b/pkg/providers/ingress/translation/annotations.go index b341dfc6546..d143f1a01cc 100644 --- a/pkg/providers/ingress/translation/annotations.go +++ b/pkg/providers/ingress/translation/annotations.go @@ -24,7 +24,8 @@ import ( "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/plugins" "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/regex" "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/servicenamespace" - "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/upstreamscheme" + "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/upstream" + "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/websocket" apisix "github.com/apache/apisix-ingress-controller/pkg/types/apisix/v1" ) @@ -36,7 +37,7 @@ type Ingress struct { EnableWebSocket bool PluginConfigName string ServiceNamespace string - UpstreamScheme string + Upstream upstream.Upstream } var ( @@ -46,7 +47,7 @@ var ( "EnableWebSocket": websocket.NewParser(), "PluginConfigName": pluginconfig.NewParser(), "ServiceNamespace": servicenamespace.NewParser(), - "UpstreamScheme": upstreamscheme.NewParser(), + "Upstream": upstream.NewParser(), } ) diff --git a/pkg/providers/ingress/translation/annotations/types.go b/pkg/providers/ingress/translation/annotations/types.go index 56d2b622fab..30f3827f210 100644 --- a/pkg/providers/ingress/translation/annotations/types.go +++ b/pkg/providers/ingress/translation/annotations/types.go @@ -27,6 +27,12 @@ const ( AnnotationsEnableWebSocket = AnnotationsPrefix + "enable-websocket" AnnotationsPluginConfigName = AnnotationsPrefix + "plugin-config-name" AnnotationsUpstreamScheme = AnnotationsPrefix + "upstream-scheme" + + //support retries and timeouts on upstream + AnnotationsUpstreamRetry = AnnotationsPrefix + "retry" + AnnotationsUpstreamTimeoutConnect = AnnotationsPrefix + "timeout.connect" + AnnotationsUpstreamTimeoutRead = AnnotationsPrefix + "timeout.read" + AnnotationsUpstreamTimeoutSend = AnnotationsPrefix + "timeout.send" ) const ( diff --git a/pkg/providers/ingress/translation/annotations/upstream/upstream.go b/pkg/providers/ingress/translation/annotations/upstream/upstream.go new file mode 100644 index 00000000000..02692d9fc96 --- /dev/null +++ b/pkg/providers/ingress/translation/annotations/upstream/upstream.go @@ -0,0 +1,89 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package upstream + +import ( + "fmt" + "strconv" + "strings" + + "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations" + apisixv1 "github.com/apache/apisix-ingress-controller/pkg/types/apisix/v1" +) + +func NewParser() annotations.IngressAnnotationsParser { + return &Upstream{} +} + +type Upstream struct { + Scheme string + Retry int + TimeoutRead int + TimeoutConnect int + TimeoutSend int +} + +func (u *Upstream) Parse(e annotations.Extractor) (interface{}, error) { + scheme := strings.ToLower(e.GetStringAnnotation(annotations.AnnotationsUpstreamScheme)) + if scheme != "" { + _, ok := apisixv1.ValidSchemes[scheme] + if !ok { + keys := make([]string, 0, len(apisixv1.ValidSchemes)) + for key := range apisixv1.ValidSchemes { + keys = append(keys, key) + } + return nil, fmt.Errorf("scheme %s is not supported, Only { %s } are supported", scheme, strings.Join(keys, ", ")) + } + u.Scheme = scheme + } + + retry := e.GetStringAnnotation(annotations.AnnotationsUpstreamRetry) + if retry != "" { + t, err := strconv.Atoi(retry) + if err != nil { + return nil, fmt.Errorf("could not parse retry as an integer: %s", err.Error()) + } + u.Retry = t + } + + timeoutConnect := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutConnect), "s") + if timeoutConnect != "" { + t, err := strconv.Atoi(timeoutConnect) + if err != nil { + return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) + } + u.TimeoutConnect = t + } + + timeoutRead := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutRead), "s") + if timeoutRead != "" { + t, err := strconv.Atoi(timeoutRead) + if err != nil { + return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) + } + u.TimeoutRead = t + } + + timeoutSend := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutSend), "s") + if timeoutSend != "" { + t, err := strconv.Atoi(timeoutSend) + if err != nil { + return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) + } + u.TimeoutSend = t + } + + return *u, nil +} diff --git a/pkg/providers/ingress/translation/annotations/upstream/upstream_test.go b/pkg/providers/ingress/translation/annotations/upstream/upstream_test.go new file mode 100644 index 00000000000..4c998762a60 --- /dev/null +++ b/pkg/providers/ingress/translation/annotations/upstream/upstream_test.go @@ -0,0 +1,98 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package upstream_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations" + "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/upstream" +) + +func TestIPRestrictionHandler(t *testing.T) { + anno := map[string]string{ + annotations.AnnotationsUpstreamScheme: "grpcs", + } + u := upstream.NewParser() + + out, err := u.Parse(annotations.NewExtractor(anno)) + ups, ok := out.(upstream.Upstream) + if !ok { + t.Fatalf("could not parse upstream") + } + assert.Nil(t, err, "checking given error") + assert.Equal(t, "grpcs", ups.Scheme) + + anno[annotations.AnnotationsUpstreamScheme] = "gRPC" + out, err = u.Parse(annotations.NewExtractor(anno)) + ups, ok = out.(upstream.Upstream) + if !ok { + t.Fatalf("could not parse upstream") + } + assert.Nil(t, err, "checking given error") + assert.Equal(t, "grpc", ups.Scheme) + + anno[annotations.AnnotationsUpstreamScheme] = "nothing" + out, err = u.Parse(annotations.NewExtractor(anno)) + assert.NotNil(t, err, "checking given error") + assert.Nil(t, out, "checking given output") +} + +func TestRetryParsing(t *testing.T) { + anno := map[string]string{ + annotations.AnnotationsUpstreamRetry: "2", + } + u := upstream.NewParser() + out, err := u.Parse(annotations.NewExtractor(anno)) + if err != nil { + t.Fatalf(err.Error()) + } + ups, ok := out.(upstream.Upstream) + if !ok { + t.Fatalf("could not parse upstream") + } + assert.Nil(t, err, "checking given error") + assert.Equal(t, 2, ups.Retry) + + anno[annotations.AnnotationsUpstreamRetry] = "asdf" + out, err = u.Parse(annotations.NewExtractor(anno)) + assert.NotNil(t, err, "checking given error") +} + +func TestTimeoutParsing(t *testing.T) { + anno := map[string]string{ + annotations.AnnotationsUpstreamTimeoutConnect: "2s", + annotations.AnnotationsUpstreamTimeoutRead: "3s", + annotations.AnnotationsUpstreamTimeoutSend: "4s", + } + u := upstream.NewParser() + out, err := u.Parse(annotations.NewExtractor(anno)) + if err != nil { + t.Fatalf(err.Error()) + } + ups, ok := out.(upstream.Upstream) + if !ok { + t.Fatalf("could not parse upstream") + } + assert.Nil(t, err, "checking given error") + assert.Equal(t, 2, ups.TimeoutConnect) + assert.Equal(t, 3, ups.TimeoutRead) + assert.Equal(t, 4, ups.TimeoutSend) + anno[annotations.AnnotationsUpstreamRetry] = "asdf" + out, err = u.Parse(annotations.NewExtractor(anno)) + assert.NotNil(t, err, "checking given error") +} diff --git a/pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme.go b/pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme.go deleted file mode 100644 index f9ce46b6c45..00000000000 --- a/pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme.go +++ /dev/null @@ -1,47 +0,0 @@ -// Licensed to the Apache Software Foundation (ASF) under one or more -// contributor license agreements. See the NOTICE file distributed with -// this work for additional information regarding copyright ownership. -// The ASF licenses this file to You under the Apache License, Version 2.0 -// (the "License"); you may not use this file except in compliance with -// the License. You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package upstreamscheme - -import ( - "fmt" - "strings" - - "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations" - apisixv1 "github.com/apache/apisix-ingress-controller/pkg/types/apisix/v1" -) - -type upstreamscheme struct{} - -func NewParser() annotations.IngressAnnotationsParser { - return &upstreamscheme{} -} - -func (w *upstreamscheme) Parse(e annotations.Extractor) (interface{}, error) { - scheme := strings.ToLower(e.GetStringAnnotation(annotations.AnnotationsUpstreamScheme)) - if scheme == "" { - return nil, nil - } - _, ok := apisixv1.ValidSchemes[scheme] - if ok { - return scheme, nil - } - - keys := make([]string, 0, len(apisixv1.ValidSchemes)) - for key := range apisixv1.ValidSchemes { - keys = append(keys, key) - } - - return nil, fmt.Errorf("scheme %s is not supported, Only { %s } are supported", scheme, strings.Join(keys, ", ")) -} diff --git a/pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme_test.go b/pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme_test.go deleted file mode 100644 index 74741fc4e91..00000000000 --- a/pkg/providers/ingress/translation/annotations/upstreamscheme/upstreamscheme_test.go +++ /dev/null @@ -1,44 +0,0 @@ -// Licensed to the Apache Software Foundation (ASF) under one or more -// contributor license agreements. See the NOTICE file distributed with -// this work for additional information regarding copyright ownership. -// The ASF licenses this file to You under the Apache License, Version 2.0 -// (the "License"); you may not use this file except in compliance with -// the License. You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package upstreamscheme - -import ( - "testing" - - "github.com/stretchr/testify/assert" - - "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations" -) - -func TestIPRestrictionHandler(t *testing.T) { - anno := map[string]string{ - annotations.AnnotationsUpstreamScheme: "grpcs", - } - u := NewParser() - - out, err := u.Parse(annotations.NewExtractor(anno)) - assert.Nil(t, err, "checking given error") - assert.Equal(t, "grpcs", out) - - anno[annotations.AnnotationsUpstreamScheme] = "gRPC" - out, err = u.Parse(annotations.NewExtractor(anno)) - assert.Nil(t, err, "checking given error") - assert.Equal(t, "grpc", out) - - anno[annotations.AnnotationsUpstreamScheme] = "nothing" - out, err = u.Parse(annotations.NewExtractor(anno)) - assert.NotNil(t, err, "checking given error") - assert.Nil(t, out, "checking given output") -} diff --git a/pkg/providers/ingress/translation/translator.go b/pkg/providers/ingress/translation/translator.go index 92545a46cb0..28ef80fea85 100644 --- a/pkg/providers/ingress/translation/translator.go +++ b/pkg/providers/ingress/translation/translator.go @@ -182,8 +182,12 @@ func (t *translator) translateIngressV1(ing *networkingv1.Ingress, skipVerify bo return nil, err } } - if ingress.UpstreamScheme != "" { - ups.Scheme = ingress.UpstreamScheme + if ingress.Upstream.Scheme != "" { + ups.Scheme = ingress.Upstream.Scheme + } + if ingress.Upstream.Retry > 0 { + retry := ingress.Upstream.Retry + ups.Retries = &retry } ctx.AddUpstream(ups) } @@ -287,8 +291,8 @@ func (t *translator) translateIngressV1beta1(ing *networkingv1beta1.Ingress, ski return nil, err } } - if ingress.UpstreamScheme != "" { - ups.Scheme = ingress.UpstreamScheme + if ingress.Upstream.Scheme != "" { + ups.Scheme = ingress.Upstream.Scheme } ctx.AddUpstream(ups) } @@ -447,8 +451,30 @@ func (t *translator) translateIngressExtensionsV1beta1(ing *extensionsv1beta1.In return nil, err } } - if ingress.UpstreamScheme != "" { - ups.Scheme = ingress.UpstreamScheme + if ingress.Upstream.Scheme != "" { + ups.Scheme = ingress.Upstream.Scheme + } + if ingress.Upstream.Retry > 0 { + retry := ingress.Upstream.Retry + ups.Retries = &retry + } + if ingress.Upstream.TimeoutRead > 0 { + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{} + } + ups.Timeout.Read = ingress.Upstream.TimeoutRead + } + if ingress.Upstream.TimeoutConnect > 0 { + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{} + } + ups.Timeout.Connect = ingress.Upstream.TimeoutConnect + } + if ingress.Upstream.TimeoutSend > 0 { + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{} + } + ups.Timeout.Send = ingress.Upstream.TimeoutSend } ctx.AddUpstream(ups) } From 97fa8aea47047d21483898a8398612b8280f6b2f Mon Sep 17 00:00:00 2001 From: revolyssup Date: Wed, 28 Jun 2023 11:22:12 +0530 Subject: [PATCH 02/32] format go code Signed-off-by: revolyssup --- pkg/providers/ingress/translation/annotations.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/providers/ingress/translation/annotations.go b/pkg/providers/ingress/translation/annotations.go index d143f1a01cc..76a43334336 100644 --- a/pkg/providers/ingress/translation/annotations.go +++ b/pkg/providers/ingress/translation/annotations.go @@ -25,7 +25,6 @@ import ( "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/regex" "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/servicenamespace" "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/upstream" - "github.com/apache/apisix-ingress-controller/pkg/providers/ingress/translation/annotations/websocket" apisix "github.com/apache/apisix-ingress-controller/pkg/types/apisix/v1" ) From 0b486caae49c87d0d299f7134ea92d98764a85ab Mon Sep 17 00:00:00 2001 From: revolyssup Date: Thu, 3 Aug 2023 17:15:17 +0530 Subject: [PATCH 03/32] add end to end tests Signed-off-by: revolyssup --- test/e2e/scaffold/test_backend.go | 7 + test/e2e/suite-annotations/upstreamretry.go | 130 +++------------- test/e2e/testbackend/main.go | 27 ++++ .../testdata/apisix-gw-config-v3-with-sd.yaml | 58 ------- test/e2e/testdata/apisix-gw-config-v3.yaml | 51 ------ .../testdata/apisix-gw-config-with-sd.yaml | 51 ------ test/e2e/testdata/apisix-gw-config.yaml | 44 ------ test/e2e/testdata/apisix-stream-disabled.yaml | 42 ----- test/e2e/testdata/ldap/cmd.sh | 46 ------ test/e2e/testdata/ldap/docker-compose.yaml | 33 ---- test/e2e/testdata/webhook-create-cert.sh | 145 ------------------ test/e2e/testdata/wolf-rbac/cmd.sh | 85 ---------- .../testdata/wolf-rbac/docker-compose.yaml | 77 ---------- 13 files changed, 52 insertions(+), 744 deletions(-) delete mode 100644 test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml delete mode 100644 test/e2e/testdata/apisix-gw-config-v3.yaml delete mode 100644 test/e2e/testdata/apisix-gw-config-with-sd.yaml delete mode 100644 test/e2e/testdata/apisix-gw-config.yaml delete mode 100644 test/e2e/testdata/apisix-stream-disabled.yaml delete mode 100755 test/e2e/testdata/ldap/cmd.sh delete mode 100644 test/e2e/testdata/ldap/docker-compose.yaml delete mode 100644 test/e2e/testdata/webhook-create-cert.sh delete mode 100755 test/e2e/testdata/wolf-rbac/cmd.sh delete mode 100644 test/e2e/testdata/wolf-rbac/docker-compose.yaml diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index 4888070dc6e..8194f610b12 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -69,6 +69,9 @@ spec: - containerPort: 80 name: "http" protocol: "TCP" + - containerPort: 8080 + name: "http2" + protocol: "TCP" - containerPort: 443 name: "https" protocol: "TCP" @@ -98,6 +101,10 @@ spec: port: 80 protocol: TCP targetPort: 80 + - name: http2 + port: 8080 + protocol: TCP + targetPort: 8080 - name: https port: 443 protocol: TCP diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 816342f9198..8df17989939 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -16,6 +16,7 @@ package annotations import ( + "net/http" "time" ginkgo "github.com/onsi/ginkgo/v2" @@ -26,136 +27,41 @@ import ( var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream retry", func() { s := scaffold.NewDefaultScaffold() - ginkgo.It("sanity", func() { - ing := ` -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/ingress.class: apisix - k8s.apisix.apache.org/retry: 2 - name: ingress-v1 -spec: - rules: - - host: e2e.apisix.local - http: - paths: - - path: /helloworld.Greeter/SayHello - pathType: ImplementationSpecific - backend: - service: - name: test-backend-service-e2e-test - port: - number: 50053 -` - assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) - err := s.EnsureNumApisixUpstreamsCreated(1) - assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") - time.Sleep(2 * time.Second) - ups, err := s.ListApisixUpstreams() - assert.Nil(ginkgo.GinkgoT(), err) - assert.Len(ginkgo.GinkgoT(), ups, 1) - assert.Equal(ginkgo.GinkgoT(), ups[0].Scheme, "grpcs") - }) -}) - -var _ = ginkgo.Describe("suite-annotations-error: annotations.networking/v1 upstream scheme error", func() { - s := scaffold.NewDefaultScaffold() - ginkgo.It("sanity", func() { - ing := ` -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/ingress.class: apisix - k8s.apisix.apache.org/upstream-scheme: nothing - name: ingress-v1 -spec: - rules: - - host: e2e.apisix.local - http: - paths: - - path: /helloworld.Greeter/SayHello - pathType: ImplementationSpecific - backend: - service: - name: test-backend-service-e2e-test - port: - number: 50053 -` - assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) - err := s.EnsureNumApisixUpstreamsCreated(1) - assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") - time.Sleep(2 * time.Second) - ups, err := s.ListApisixUpstreams() - assert.Nil(ginkgo.GinkgoT(), err) - assert.Len(ginkgo.GinkgoT(), ups, 1) - assert.Equal(ginkgo.GinkgoT(), ups[0].Scheme, "http") - }) -}) - -var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1beta1 upstream scheme", func() { - s := scaffold.NewDefaultScaffold() - ginkgo.It("sanity", func() { - ing := ` -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: ingress-v1beta1 - annotations: - kubernetes.io/ingress.class: apisix - k8s.apisix.apache.org/upstream-scheme: grpcs -spec: - rules: - - host: e2e.apisix.local - http: - paths: - - path: /helloworld.Greeter/SayHello - pathType: ImplementationSpecific - backend: - serviceName: test-backend-service-e2e-test - servicePort: 50053 -` - assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) - err := s.EnsureNumApisixUpstreamsCreated(1) - assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") - time.Sleep(2 * time.Second) - ups, err := s.ListApisixUpstreams() - assert.Nil(ginkgo.GinkgoT(), err) - assert.Len(ginkgo.GinkgoT(), ups, 1) - assert.Equal(ginkgo.GinkgoT(), ups[0].Scheme, "grpcs") - }) -}) - -var _ = ginkgo.Describe("suite-annotations: annotations.extensions/v1beta1 upstream scheme", func() { - s := scaffold.NewDefaultScaffold() - ginkgo.It("sanity", func() { + ginkgo.It("enable upstream retry to 3", func() { ing := ` apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: kubernetes.io/ingress.class: apisix - k8s.apisix.apache.org/upstream-scheme: grpcs + k8s.apisix.apache.org/retry: "3" name: ingress-ext-v1beta1 spec: rules: - host: e2e.apisix.local http: paths: - - path: /helloworld.Greeter/SayHello - pathType: ImplementationSpecific + - path: /testupstream/retry + pathType: Exact backend: serviceName: test-backend-service-e2e-test - servicePort: 50053 + servicePort: 8080 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") time.Sleep(2 * time.Second) - ups, err := s.ListApisixUpstreams() - assert.Nil(ginkgo.GinkgoT(), err) - assert.Len(ginkgo.GinkgoT(), ups, 1) - assert.Equal(ginkgo.GinkgoT(), ups[0].Scheme, "grpcs") + //first try + respGet := s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet.Status(http.StatusInternalServerError) + + //second try + respGet = s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet.Status(http.StatusInternalServerError) + + //Should pass on 3rd try + respGet = s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet.Status(http.StatusOK) + respGet.Body().Contains("successful response after 2 attempts") }) }) diff --git a/test/e2e/testbackend/main.go b/test/e2e/testbackend/main.go index 5e2bccb7ddc..30f46cf4831 100644 --- a/test/e2e/testbackend/main.go +++ b/test/e2e/testbackend/main.go @@ -24,6 +24,8 @@ import ( "net/http" "os" "os/signal" + "strconv" + "sync/atomic" "syscall" "google.golang.org/grpc" @@ -104,6 +106,31 @@ func main() { log.Fatalln(http.ListenAndServeTLS(":443", "tls/server.pem", "tls/server.key", nil)) }() + go func() { + // curl http://e2e.apisix.local:8080/testupstream/* --resolve e2e.apisix.local:8080:127.0.0.1 + log.Printf("starting http server in 8080") + // Here the assumption is that this endpoint will be used by a single client during testing + var requestsReceived uint32 + log.Fatalln(http.ListenAndServe(":8080", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.RequestURI { + case "/testupstream/retry": + requestsReceived++ + header := r.Header.Get("success-after-retry") + if header == "" { //set default value to succeed after 2 tries + header = "2" + } + succAfter, _ := strconv.Atoi(header) + if requestsReceived == uint32(succAfter) { + w.Write([]byte("successful response after " + header + " attempts")) + w.WriteHeader(200) + } else { + atomic.AddUint32(&requestsReceived, 1) + w.WriteHeader(500) + } + case "/testupstream/timeout": + } + }))) + }() go func() { // curl https://e2e.apisix.local:8443/hello --resolve e2e.apisix.local:8443:127.0.0.1 --cacert ca.pem --cert client.pem --key client.key log.Printf("starting mtls http server in 8443") diff --git a/test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml b/test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml deleted file mode 100644 index 941fc206099..00000000000 --- a/test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml +++ /dev/null @@ -1,58 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# PLEASE DO NOT UPDATE THIS FILE! -# If you want to set the specified configuration value, you can set the new -# value in the conf/config.yaml file. -# - -deployment: - admin: - allow_admin: - - 127.0.0.0/24 - - 0.0.0.0/0 - admin_listen: - ip: 0.0.0.0 - port: 9180 - etcd: - host: - - "http://{{ .EtcdServiceFQDN }}:2379" - prefix: "/apisix" - timeout: 30 - -apisix: - enable_control: true - enable_reuseport: true - - stream_proxy: - only: false - tcp: - - 9100 - - addr: 9110 - tls: true - udp: - - 9200 - -plugin_attr: - prometheus: - enable_export_server: false - -discovery: - dns: - servers: - - "10.96.0.10:53" # use the real address of your dns server. - # currently we use KIND as the standard test environment, so here we can hard-code the default DNS address first. - # TODO: can be modified to fill dynamically diff --git a/test/e2e/testdata/apisix-gw-config-v3.yaml b/test/e2e/testdata/apisix-gw-config-v3.yaml deleted file mode 100644 index 2b1894e7749..00000000000 --- a/test/e2e/testdata/apisix-gw-config-v3.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# PLEASE DO NOT UPDATE THIS FILE! -# If you want to set the specified configuration value, you can set the new -# value in the conf/config.yaml file. -# - -deployment: - admin: - allow_admin: - - 127.0.0.0/24 - - 0.0.0.0/0 - admin_listen: - ip: 0.0.0.0 - port: 9180 - etcd: - host: - - "http://{{ .EtcdServiceFQDN }}:2379" - prefix: "/apisix" - timeout: 30 - -apisix: - enable_control: true - enable_reuseport: true - - stream_proxy: - only: false - tcp: - - 9100 - - addr: 9110 - tls: true - udp: - - 9200 - -plugin_attr: - prometheus: - enable_export_server: false diff --git a/test/e2e/testdata/apisix-gw-config-with-sd.yaml b/test/e2e/testdata/apisix-gw-config-with-sd.yaml deleted file mode 100644 index 8d1ef5d023a..00000000000 --- a/test/e2e/testdata/apisix-gw-config-with-sd.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# PLEASE DO NOT UPDATE THIS FILE! -# If you want to set the specified configuration value, you can set the new -# value in the conf/config.yaml file. -# - -apisix: - enable_control: true - enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true. - allow_admin: - - 127.0.0.0/24 - - 0.0.0.0/0 - port_admin: 9180 - stream_proxy: # TCP/UDP proxy - only: false - tcp: # TCP proxy port list - - 9100 - - addr: 9110 - tls: true - udp: - - 9200 -etcd: - host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. - - "http://{{ .EtcdServiceFQDN }}:2379" # multiple etcd address - prefix: "/apisix" # apisix configurations prefix - timeout: 30 # 30 seconds -plugin_attr: - prometheus: - enable_export_server: false - -discovery: - dns: - servers: - - "10.96.0.10:53" # use the real address of your dns server. - # currently we use KIND as the standard test environment, so here we can hard-code the default DNS address first. - # TODO: can be modified to fill dynamically diff --git a/test/e2e/testdata/apisix-gw-config.yaml b/test/e2e/testdata/apisix-gw-config.yaml deleted file mode 100644 index 899217992ca..00000000000 --- a/test/e2e/testdata/apisix-gw-config.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# PLEASE DO NOT UPDATE THIS FILE! -# If you want to set the specified configuration value, you can set the new -# value in the conf/config.yaml file. -# - -apisix: - enable_control: true - enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true. - allow_admin: - - 127.0.0.0/24 - - 0.0.0.0/0 - port_admin: 9180 - stream_proxy: # TCP/UDP proxy - only: false - tcp: # TCP proxy port list - - 9100 - - addr: 9110 - tls: true - udp: - - 9200 -etcd: - host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. - - "http://{{ .EtcdServiceFQDN }}:2379" # multiple etcd address - prefix: "/apisix" # apisix configurations prefix - timeout: 30 # 30 seconds -plugin_attr: - prometheus: - enable_export_server: false diff --git a/test/e2e/testdata/apisix-stream-disabled.yaml b/test/e2e/testdata/apisix-stream-disabled.yaml deleted file mode 100644 index 458b707a259..00000000000 --- a/test/e2e/testdata/apisix-stream-disabled.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# PLEASE DO NOT UPDATE THIS FILE! -# If you want to set the specified configuration value, you can set the new -# value in the conf/config.yaml file. -# - -apisix: - enable_control: true - enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true. - allow_admin: - - 127.0.0.0/24 - - 0.0.0.0/0 - port_admin: 9180 -# stream_proxy: # TCP/UDP proxy -# only: false -# tcp: # TCP proxy port list -# - 9100 -# udp: -# - 9200 -etcd: - host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. - - "http://{{ .EtcdServiceFQDN }}:2379" # multiple etcd address - prefix: "/apisix" # apisix configurations prefix - timeout: 30 # 30 seconds -plugin_attr: - prometheus: - enable_export_server: false diff --git a/test/e2e/testdata/ldap/cmd.sh b/test/e2e/testdata/ldap/cmd.sh deleted file mode 100755 index 871dcbab697..00000000000 --- a/test/e2e/testdata/ldap/cmd.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/sh - -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -cd test/e2e/testdata/ldap/ - -OPTION=$1 -COMPOSE_CMD="" - -if command -v "docker-compose" > /dev/null 2>&1; then - COMPOSE_CMD="docker-compose" -elif command -v "docker" > /dev/null 2>&1; then - COMPOSE_CMD="docker compose" -else - echo "docker-compose or docker compose not found" - exit 1 -fi - -if [ $OPTION = "ip" ]; then - echo -n `docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' openldap` -elif [ $OPTION = "start" ]; then - $COMPOSE_CMD -f 'docker-compose.yaml' -p 'openldap' down - - # start openldap - $COMPOSE_CMD -f 'docker-compose.yaml' -p 'openldap' up -d - -elif [ $OPTION = "stop" ]; then - $COMPOSE_CMD -f 'docker-compose.yaml' -p 'openldap' down -else - echo "argument is one of [ip, start, stop]" -fi diff --git a/test/e2e/testdata/ldap/docker-compose.yaml b/test/e2e/testdata/ldap/docker-compose.yaml deleted file mode 100644 index 364aef39a47..00000000000 --- a/test/e2e/testdata/ldap/docker-compose.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -version: '3' - -services: - openldap: - container_name: openldap - image: docker.io/bitnami/openldap:2.6 - ports: - - '1389:1389' - environment: - - LDAP_PORT_NUMBER=1389 - - LDAP_ENABLE_TLS=no - - LDAP_ADMIN_USERNAME=admin - - LDAP_ADMIN_PASSWORD=admin - - LDAP_ROOT=dc=ldap,dc=example,dc=org - - LDAP_USERS=jack - - LDAP_PASSWORDS=jackPassword diff --git a/test/e2e/testdata/webhook-create-cert.sh b/test/e2e/testdata/webhook-create-cert.sh deleted file mode 100644 index 3ad7905ba58..00000000000 --- a/test/e2e/testdata/webhook-create-cert.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -while [[ $# -gt 0 ]]; do - case ${1} in - --service) - service="$2" - shift - ;; - --secret) - secret="$2" - shift - ;; - --namespace) - namespace="$2" - shift - ;; - *) - usage - ;; - esac - shift -done - -tmpdir=$(mktemp -d) -cd ${tmpdir} - -go install github.com/cloudflare/cfssl/cmd/cfssl@latest -go install github.com/cloudflare/cfssl/cmd/cfssljson@latest -GOBIN=$(go env GOPATH)/bin -#wget https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 -O jq 2>/dev/null && chmod +x jq - -PATH=$PATH:$GOBIN:$tmpdir - -service=${service:-webhook} -namespace=${namespace:-ingress-apisix} -secret=${secret:-webhook-certs} - -svc_dns=${service}.${namespace}.svc - -cat </dev/null | true - -cat < server-signing-config.json - - -kubectl get csr ${csrName} -o jsonpath='{.spec.request}' | \ - base64 --decode | \ - cfssl sign -ca ca.pem -ca-key ca-key.pem -config server-signing-config.json - | \ - cfssljson -bare ca-signed-server - - - - -kubectl get csr ${csrName} -o json | \ - jq '.status.certificate = "'$(base64 ca-signed-server.pem | tr -d '\n')'"' | \ - kubectl replace --raw /apis/certificates.k8s.io/v1/certificatesigningrequests/${csrName}/status -f - - -sleep 2 - -kubectl get csr ${csrName} -o jsonpath='{.status.certificate}' \ - | base64 --decode > server.crt - - -kubectl -n ${namespace} delete secret ${secret} -n ${namespace} 2>/dev/null | true -kubectl -n ${namespace} create secret generic ${secret} --from-file=key.pem=server-key.pem --from-file=cert.pem=server.crt -n ${namespace} - -cd - -rm -rf ${tmpdir} \ No newline at end of file diff --git a/test/e2e/testdata/wolf-rbac/cmd.sh b/test/e2e/testdata/wolf-rbac/cmd.sh deleted file mode 100755 index 13aff67139d..00000000000 --- a/test/e2e/testdata/wolf-rbac/cmd.sh +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/sh - -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -cd test/e2e/testdata/wolf-rbac/ - -OPTION=$1 -COMPOSE_CMD="" - -if command -v "docker-compose" > /dev/null 2>&1; then - COMPOSE_CMD="docker-compose" -elif command -v "docker" > /dev/null 2>&1; then - COMPOSE_CMD="docker compose" -else - echo "docker-compose or docker compose not found" - exit 1 -fi - -if [ $OPTION = "ip" ]; then - echo -n `docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' wolf-server` -elif [ $OPTION = "start" ]; then - $COMPOSE_CMD -f 'docker-compose.yaml' -p 'wolf-rbac' down - rm -rf db-psql.sql - - wget https://raw.githubusercontent.com/iGeeky/wolf/f6ddeb75a37bff90406f0f0a2b7ae5d16f6f3bd4/server/script/db-psql.sql - - # start database - $COMPOSE_CMD up -d database - - # start wolf-server - $COMPOSE_CMD up -d server restful-demo agent-or agent-demo - - sleep 6 - - WOLF_TOKEN=`curl http://127.0.0.1:12180/wolf/user/login -H "Content-Type: application/json" -d '{ "username": "root", "password": "wolf-123456"}' -s | grep token| tr -d ':",' | awk '{print $2}'` - - curl http://127.0.0.1:12180/wolf/application \ - -H "Content-Type: application/json" \ - -H "x-rbac-token: $WOLF_TOKEN" \ - -d '{ - "id": "test-app", - "name": "application for test" - }' - - curl http://127.0.0.1:12180/wolf/resource \ - -H "Content-Type: application/json" \ - -H "x-rbac-token: $WOLF_TOKEN" \ - -d '{ - "appID": "test-app", - "matchType": "prefix", - "name": "/", - "action": "GET", - "permID": "ALLOW_ALL" - }' - - curl http://127.0.0.1:12180/wolf/user \ - -H "Content-Type: application/json" \ - -H "x-rbac-token: $WOLF_TOKEN" \ - -d '{ - "username": "test", - "nickname": "test", - "password": "test-123456", - "appIDs": ["test-app"] - }' -elif [ $OPTION = "stop" ]; then - $COMPOSE_CMD -f 'docker-compose.yaml' -p 'wolf-rbac' down - rm -rf db-psql.sql -else - echo "argument is one of [ip, start, stop]" -fi diff --git a/test/e2e/testdata/wolf-rbac/docker-compose.yaml b/test/e2e/testdata/wolf-rbac/docker-compose.yaml deleted file mode 100644 index 3835589a22e..00000000000 --- a/test/e2e/testdata/wolf-rbac/docker-compose.yaml +++ /dev/null @@ -1,77 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -version: '3' -services: - database: - container_name: wolf-database - image: postgres:10.7 - restart: always - environment: - POSTGRES_USER: wolfroot - POSTGRES_PASSWORD: 123456 - POSTGRES_DB: wolf - volumes: - - ./db-psql.sql:/docker-entrypoint-initdb.d/db.sql:ro - server: - container_name: wolf-server - image: igeeky/wolf-server:0.5.2 - restart: always - ports: - - "12180:12180" - depends_on: - - database - environment: - RBAC_ROOT_PASSWORD: wolf-123456 - RBAC_TOKEN_KEY: f40215a5f25cbb6d36df07629aaf1172240fe48d - WOLF_CRYPT_KEY: fbd4962351924792cb5e5b131435cd30b24e3570 - RBAC_SQL_URL: postgres://wolfroot:123456@database:5432/wolf - CLIENT_CHANGE_PWD: "no" - command: npm run start - agent-or: - container_name: wolf-agent-or - image: igeeky/wolf-agent:0.5.2 - restart: always - ports: - - "12182:12182" - depends_on: - - server - environment: - BACKEND_URL: http://openresty.org - RBAC_SERVER_URL: http://server:12180 - RBAC_APP_ID: openresty - restful-demo: - container_name: restful-demo - image: igeeky/restful-demo:0.1.0 - restart: always - ports: - - "10090:10090" - agent-demo: - container_name: wolf-agent-demo - image: igeeky/wolf-agent:0.5.2 - restart: always - ports: - - "12184:12184" - depends_on: - - server - - restful-demo - environment: - BACKEND_URL: http://restful-demo:10090 - RBAC_SERVER_URL: http://server:12180 - RBAC_APP_ID: restful-demo - AGENT_PORT: 12184 - EXTENSION_CONFIG: include /opt/wolf/agent/conf/no-permission-demo.conf; From 433192ba4d67ba0d26469afab53664d1db6dc5c7 Mon Sep 17 00:00:00 2001 From: revolyssup Date: Thu, 3 Aug 2023 17:21:37 +0530 Subject: [PATCH 04/32] readd testdata Signed-off-by: revolyssup --- .../testdata/apisix-gw-config-v3-with-sd.yaml | 58 +++++++ test/e2e/testdata/apisix-gw-config-v3.yaml | 51 ++++++ .../testdata/apisix-gw-config-with-sd.yaml | 51 ++++++ test/e2e/testdata/apisix-gw-config.yaml | 44 ++++++ test/e2e/testdata/apisix-stream-disabled.yaml | 42 +++++ test/e2e/testdata/ldap/cmd.sh | 46 ++++++ test/e2e/testdata/ldap/docker-compose.yaml | 33 ++++ test/e2e/testdata/webhook-create-cert.sh | 145 ++++++++++++++++++ test/e2e/testdata/wolf-rbac/cmd.sh | 85 ++++++++++ .../testdata/wolf-rbac/docker-compose.yaml | 77 ++++++++++ 10 files changed, 632 insertions(+) create mode 100644 test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml create mode 100644 test/e2e/testdata/apisix-gw-config-v3.yaml create mode 100644 test/e2e/testdata/apisix-gw-config-with-sd.yaml create mode 100644 test/e2e/testdata/apisix-gw-config.yaml create mode 100644 test/e2e/testdata/apisix-stream-disabled.yaml create mode 100644 test/e2e/testdata/ldap/cmd.sh create mode 100644 test/e2e/testdata/ldap/docker-compose.yaml create mode 100644 test/e2e/testdata/webhook-create-cert.sh create mode 100644 test/e2e/testdata/wolf-rbac/cmd.sh create mode 100644 test/e2e/testdata/wolf-rbac/docker-compose.yaml diff --git a/test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml b/test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml new file mode 100644 index 00000000000..941fc206099 --- /dev/null +++ b/test/e2e/testdata/apisix-gw-config-v3-with-sd.yaml @@ -0,0 +1,58 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# PLEASE DO NOT UPDATE THIS FILE! +# If you want to set the specified configuration value, you can set the new +# value in the conf/config.yaml file. +# + +deployment: + admin: + allow_admin: + - 127.0.0.0/24 + - 0.0.0.0/0 + admin_listen: + ip: 0.0.0.0 + port: 9180 + etcd: + host: + - "http://{{ .EtcdServiceFQDN }}:2379" + prefix: "/apisix" + timeout: 30 + +apisix: + enable_control: true + enable_reuseport: true + + stream_proxy: + only: false + tcp: + - 9100 + - addr: 9110 + tls: true + udp: + - 9200 + +plugin_attr: + prometheus: + enable_export_server: false + +discovery: + dns: + servers: + - "10.96.0.10:53" # use the real address of your dns server. + # currently we use KIND as the standard test environment, so here we can hard-code the default DNS address first. + # TODO: can be modified to fill dynamically diff --git a/test/e2e/testdata/apisix-gw-config-v3.yaml b/test/e2e/testdata/apisix-gw-config-v3.yaml new file mode 100644 index 00000000000..2b1894e7749 --- /dev/null +++ b/test/e2e/testdata/apisix-gw-config-v3.yaml @@ -0,0 +1,51 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# PLEASE DO NOT UPDATE THIS FILE! +# If you want to set the specified configuration value, you can set the new +# value in the conf/config.yaml file. +# + +deployment: + admin: + allow_admin: + - 127.0.0.0/24 + - 0.0.0.0/0 + admin_listen: + ip: 0.0.0.0 + port: 9180 + etcd: + host: + - "http://{{ .EtcdServiceFQDN }}:2379" + prefix: "/apisix" + timeout: 30 + +apisix: + enable_control: true + enable_reuseport: true + + stream_proxy: + only: false + tcp: + - 9100 + - addr: 9110 + tls: true + udp: + - 9200 + +plugin_attr: + prometheus: + enable_export_server: false diff --git a/test/e2e/testdata/apisix-gw-config-with-sd.yaml b/test/e2e/testdata/apisix-gw-config-with-sd.yaml new file mode 100644 index 00000000000..bd95f34aa8c --- /dev/null +++ b/test/e2e/testdata/apisix-gw-config-with-sd.yaml @@ -0,0 +1,51 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# PLEASE DO NOT UPDATE THIS FILE! +# If you want to set the specified configuration value, you can set the new +# value in the conf/config.yaml file. +# + +apisix: + enable_control: true + enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true. + allow_admin: + - 127.0.0.0/24 + - 0.0.0.0/0 + port_admin: 9180 + stream_proxy: # TCP/UDP proxy + only: false + tcp: # TCP proxy port list + - 9100 + - addr: 9110 + tls: true + udp: + - 9200 +etcd: + host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. + - "http://{{ .EtcdServiceFQDN }}:2379" # multiple etcd address + prefix: "/apisix" # apisix configurations prefix + timeout: 30 # 30 seconds +plugin_attr: + prometheus: + enable_export_server: false + +discovery: + dns: + servers: + - "10.96.0.10:53" # use the real address of your dns server. + # currently we use KIND as the standard test environment, so here we can hard-code the default DNS address first. + # TODO: can be modified to fill dynamically \ No newline at end of file diff --git a/test/e2e/testdata/apisix-gw-config.yaml b/test/e2e/testdata/apisix-gw-config.yaml new file mode 100644 index 00000000000..899217992ca --- /dev/null +++ b/test/e2e/testdata/apisix-gw-config.yaml @@ -0,0 +1,44 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# PLEASE DO NOT UPDATE THIS FILE! +# If you want to set the specified configuration value, you can set the new +# value in the conf/config.yaml file. +# + +apisix: + enable_control: true + enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true. + allow_admin: + - 127.0.0.0/24 + - 0.0.0.0/0 + port_admin: 9180 + stream_proxy: # TCP/UDP proxy + only: false + tcp: # TCP proxy port list + - 9100 + - addr: 9110 + tls: true + udp: + - 9200 +etcd: + host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. + - "http://{{ .EtcdServiceFQDN }}:2379" # multiple etcd address + prefix: "/apisix" # apisix configurations prefix + timeout: 30 # 30 seconds +plugin_attr: + prometheus: + enable_export_server: false diff --git a/test/e2e/testdata/apisix-stream-disabled.yaml b/test/e2e/testdata/apisix-stream-disabled.yaml new file mode 100644 index 00000000000..00ce34aeed2 --- /dev/null +++ b/test/e2e/testdata/apisix-stream-disabled.yaml @@ -0,0 +1,42 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# PLEASE DO NOT UPDATE THIS FILE! +# If you want to set the specified configuration value, you can set the new +# value in the conf/config.yaml file. +# + +apisix: + enable_control: true + enable_reuseport: true # Enable nginx SO_REUSEPORT switch if set to true. + allow_admin: + - 127.0.0.0/24 + - 0.0.0.0/0 + port_admin: 9180 +# stream_proxy: # TCP/UDP proxy +# only: false +# tcp: # TCP proxy port list +# - 9100 +# udp: +# - 9200 +etcd: + host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster. + - "http://{{ .EtcdServiceFQDN }}:2379" # multiple etcd address + prefix: "/apisix" # apisix configurations prefix + timeout: 30 # 30 seconds +plugin_attr: + prometheus: + enable_export_server: false \ No newline at end of file diff --git a/test/e2e/testdata/ldap/cmd.sh b/test/e2e/testdata/ldap/cmd.sh new file mode 100644 index 00000000000..871dcbab697 --- /dev/null +++ b/test/e2e/testdata/ldap/cmd.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +cd test/e2e/testdata/ldap/ + +OPTION=$1 +COMPOSE_CMD="" + +if command -v "docker-compose" > /dev/null 2>&1; then + COMPOSE_CMD="docker-compose" +elif command -v "docker" > /dev/null 2>&1; then + COMPOSE_CMD="docker compose" +else + echo "docker-compose or docker compose not found" + exit 1 +fi + +if [ $OPTION = "ip" ]; then + echo -n `docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' openldap` +elif [ $OPTION = "start" ]; then + $COMPOSE_CMD -f 'docker-compose.yaml' -p 'openldap' down + + # start openldap + $COMPOSE_CMD -f 'docker-compose.yaml' -p 'openldap' up -d + +elif [ $OPTION = "stop" ]; then + $COMPOSE_CMD -f 'docker-compose.yaml' -p 'openldap' down +else + echo "argument is one of [ip, start, stop]" +fi diff --git a/test/e2e/testdata/ldap/docker-compose.yaml b/test/e2e/testdata/ldap/docker-compose.yaml new file mode 100644 index 00000000000..20e019c2d56 --- /dev/null +++ b/test/e2e/testdata/ldap/docker-compose.yaml @@ -0,0 +1,33 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +version: '3' + +services: + openldap: + container_name: openldap + image: docker.io/bitnami/openldap:2.6 + ports: + - '1389:1389' + environment: + - LDAP_PORT_NUMBER=1389 + - LDAP_ENABLE_TLS=no + - LDAP_ADMIN_USERNAME=admin + - LDAP_ADMIN_PASSWORD=admin + - LDAP_ROOT=dc=ldap,dc=example,dc=org + - LDAP_USERS=jack + - LDAP_PASSWORDS=jackPassword \ No newline at end of file diff --git a/test/e2e/testdata/webhook-create-cert.sh b/test/e2e/testdata/webhook-create-cert.sh new file mode 100644 index 00000000000..3ad7905ba58 --- /dev/null +++ b/test/e2e/testdata/webhook-create-cert.sh @@ -0,0 +1,145 @@ +#!/bin/sh +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +while [[ $# -gt 0 ]]; do + case ${1} in + --service) + service="$2" + shift + ;; + --secret) + secret="$2" + shift + ;; + --namespace) + namespace="$2" + shift + ;; + *) + usage + ;; + esac + shift +done + +tmpdir=$(mktemp -d) +cd ${tmpdir} + +go install github.com/cloudflare/cfssl/cmd/cfssl@latest +go install github.com/cloudflare/cfssl/cmd/cfssljson@latest +GOBIN=$(go env GOPATH)/bin +#wget https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 -O jq 2>/dev/null && chmod +x jq + +PATH=$PATH:$GOBIN:$tmpdir + +service=${service:-webhook} +namespace=${namespace:-ingress-apisix} +secret=${secret:-webhook-certs} + +svc_dns=${service}.${namespace}.svc + +cat </dev/null | true + +cat < server-signing-config.json + + +kubectl get csr ${csrName} -o jsonpath='{.spec.request}' | \ + base64 --decode | \ + cfssl sign -ca ca.pem -ca-key ca-key.pem -config server-signing-config.json - | \ + cfssljson -bare ca-signed-server + + + + +kubectl get csr ${csrName} -o json | \ + jq '.status.certificate = "'$(base64 ca-signed-server.pem | tr -d '\n')'"' | \ + kubectl replace --raw /apis/certificates.k8s.io/v1/certificatesigningrequests/${csrName}/status -f - + +sleep 2 + +kubectl get csr ${csrName} -o jsonpath='{.status.certificate}' \ + | base64 --decode > server.crt + + +kubectl -n ${namespace} delete secret ${secret} -n ${namespace} 2>/dev/null | true +kubectl -n ${namespace} create secret generic ${secret} --from-file=key.pem=server-key.pem --from-file=cert.pem=server.crt -n ${namespace} + +cd - +rm -rf ${tmpdir} \ No newline at end of file diff --git a/test/e2e/testdata/wolf-rbac/cmd.sh b/test/e2e/testdata/wolf-rbac/cmd.sh new file mode 100644 index 00000000000..c5e3328d6a8 --- /dev/null +++ b/test/e2e/testdata/wolf-rbac/cmd.sh @@ -0,0 +1,85 @@ +#!/bin/sh + +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +cd test/e2e/testdata/wolf-rbac/ + +OPTION=$1 +COMPOSE_CMD="" + +if command -v "docker-compose" > /dev/null 2>&1; then + COMPOSE_CMD="docker-compose" +elif command -v "docker" > /dev/null 2>&1; then + COMPOSE_CMD="docker compose" +else + echo "docker-compose or docker compose not found" + exit 1 +fi + +if [ $OPTION = "ip" ]; then + echo -n `docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' wolf-server` +elif [ $OPTION = "start" ]; then + $COMPOSE_CMD -f 'docker-compose.yaml' -p 'wolf-rbac' down + rm -rf db-psql.sql + + wget https://raw.githubusercontent.com/iGeeky/wolf/f6ddeb75a37bff90406f0f0a2b7ae5d16f6f3bd4/server/script/db-psql.sql + + # start database + $COMPOSE_CMD up -d database + + # start wolf-server + $COMPOSE_CMD up -d server restful-demo agent-or agent-demo + + sleep 6 + + WOLF_TOKEN=`curl http://127.0.0.1:12180/wolf/user/login -H "Content-Type: application/json" -d '{ "username": "root", "password": "wolf-123456"}' -s | grep token| tr -d ':",' | awk '{print $2}'` + + curl http://127.0.0.1:12180/wolf/application \ + -H "Content-Type: application/json" \ + -H "x-rbac-token: $WOLF_TOKEN" \ + -d '{ + "id": "test-app", + "name": "application for test" + }' + + curl http://127.0.0.1:12180/wolf/resource \ + -H "Content-Type: application/json" \ + -H "x-rbac-token: $WOLF_TOKEN" \ + -d '{ + "appID": "test-app", + "matchType": "prefix", + "name": "/", + "action": "GET", + "permID": "ALLOW_ALL" + }' + + curl http://127.0.0.1:12180/wolf/user \ + -H "Content-Type: application/json" \ + -H "x-rbac-token: $WOLF_TOKEN" \ + -d '{ + "username": "test", + "nickname": "test", + "password": "test-123456", + "appIDs": ["test-app"] + }' +elif [ $OPTION = "stop" ]; then + $COMPOSE_CMD -f 'docker-compose.yaml' -p 'wolf-rbac' down + rm -rf db-psql.sql +else + echo "argument is one of [ip, start, stop]" +fi \ No newline at end of file diff --git a/test/e2e/testdata/wolf-rbac/docker-compose.yaml b/test/e2e/testdata/wolf-rbac/docker-compose.yaml new file mode 100644 index 00000000000..0be212ce705 --- /dev/null +++ b/test/e2e/testdata/wolf-rbac/docker-compose.yaml @@ -0,0 +1,77 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +version: '3' +services: + database: + container_name: wolf-database + image: postgres:10.7 + restart: always + environment: + POSTGRES_USER: wolfroot + POSTGRES_PASSWORD: 123456 + POSTGRES_DB: wolf + volumes: + - ./db-psql.sql:/docker-entrypoint-initdb.d/db.sql:ro + server: + container_name: wolf-server + image: igeeky/wolf-server:0.5.2 + restart: always + ports: + - "12180:12180" + depends_on: + - database + environment: + RBAC_ROOT_PASSWORD: wolf-123456 + RBAC_TOKEN_KEY: f40215a5f25cbb6d36df07629aaf1172240fe48d + WOLF_CRYPT_KEY: fbd4962351924792cb5e5b131435cd30b24e3570 + RBAC_SQL_URL: postgres://wolfroot:123456@database:5432/wolf + CLIENT_CHANGE_PWD: "no" + command: npm run start + agent-or: + container_name: wolf-agent-or + image: igeeky/wolf-agent:0.5.2 + restart: always + ports: + - "12182:12182" + depends_on: + - server + environment: + BACKEND_URL: http://openresty.org + RBAC_SERVER_URL: http://server:12180 + RBAC_APP_ID: openresty + restful-demo: + container_name: restful-demo + image: igeeky/restful-demo:0.1.0 + restart: always + ports: + - "10090:10090" + agent-demo: + container_name: wolf-agent-demo + image: igeeky/wolf-agent:0.5.2 + restart: always + ports: + - "12184:12184" + depends_on: + - server + - restful-demo + environment: + BACKEND_URL: http://restful-demo:10090 + RBAC_SERVER_URL: http://server:12180 + RBAC_APP_ID: restful-demo + AGENT_PORT: 12184 + EXTENSION_CONFIG: include /opt/wolf/agent/conf/no-permission-demo.conf; \ No newline at end of file From c8df645f7e0a71eb3bac10eaf4b5f21df3452744 Mon Sep 17 00:00:00 2001 From: revolyssup Date: Fri, 4 Aug 2023 11:55:01 +0530 Subject: [PATCH 05/32] send request once in e2e test Signed-off-by: revolyssup --- test/e2e/suite-annotations/upstreamretry.go | 11 +---------- test/e2e/testbackend/main.go | 5 ++--- test/e2e/testdata/ldap/cmd.sh | 0 test/e2e/testdata/wolf-rbac/cmd.sh | 0 4 files changed, 3 insertions(+), 13 deletions(-) mode change 100644 => 100755 test/e2e/testdata/ldap/cmd.sh mode change 100644 => 100755 test/e2e/testdata/wolf-rbac/cmd.sh diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 8df17989939..be88b21678e 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -51,17 +51,8 @@ spec: err := s.EnsureNumApisixUpstreamsCreated(1) assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") time.Sleep(2 * time.Second) - //first try - respGet := s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() - respGet.Status(http.StatusInternalServerError) - - //second try - respGet = s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() - respGet.Status(http.StatusInternalServerError) - //Should pass on 3rd try - respGet = s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet := s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() respGet.Status(http.StatusOK) - respGet.Body().Contains("successful response after 2 attempts") }) }) diff --git a/test/e2e/testbackend/main.go b/test/e2e/testbackend/main.go index 30f46cf4831..7befcf98582 100644 --- a/test/e2e/testbackend/main.go +++ b/test/e2e/testbackend/main.go @@ -25,7 +25,6 @@ import ( "os" "os/signal" "strconv" - "sync/atomic" "syscall" "google.golang.org/grpc" @@ -124,8 +123,8 @@ func main() { w.Write([]byte("successful response after " + header + " attempts")) w.WriteHeader(200) } else { - atomic.AddUint32(&requestsReceived, 1) - w.WriteHeader(500) + w.Write([]byte(fmt.Sprintf("failing %d try", requestsReceived))) + w.WriteHeader(400) } case "/testupstream/timeout": } diff --git a/test/e2e/testdata/ldap/cmd.sh b/test/e2e/testdata/ldap/cmd.sh old mode 100644 new mode 100755 diff --git a/test/e2e/testdata/wolf-rbac/cmd.sh b/test/e2e/testdata/wolf-rbac/cmd.sh old mode 100644 new mode 100755 From a3d18da122553310f35e9d5f1ebc62757245f7e7 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 19:43:34 +0530 Subject: [PATCH 06/32] add e2e test --- .../annotations/upstream/upstream.go | 6 ++ .../ingress/translation/translator.go | 20 +++++ test/e2e/scaffold/scaffold.go | 16 ++++ test/e2e/scaffold/test_backend.go | 86 +++++++++++++++++++ test/e2e/suite-annotations/upstreamretry.go | 11 +-- 5 files changed, 134 insertions(+), 5 deletions(-) diff --git a/pkg/providers/ingress/translation/annotations/upstream/upstream.go b/pkg/providers/ingress/translation/annotations/upstream/upstream.go index 02692d9fc96..65ca66c5fc3 100644 --- a/pkg/providers/ingress/translation/annotations/upstream/upstream.go +++ b/pkg/providers/ingress/translation/annotations/upstream/upstream.go @@ -51,29 +51,35 @@ func (u *Upstream) Parse(e annotations.Extractor) (interface{}, error) { retry := e.GetStringAnnotation(annotations.AnnotationsUpstreamRetry) if retry != "" { + fmt.Println("GOT THE RETRY ", retry) t, err := strconv.Atoi(retry) if err != nil { return nil, fmt.Errorf("could not parse retry as an integer: %s", err.Error()) } u.Retry = t + fmt.Println("u.retry ", t) } timeoutConnect := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutConnect), "s") if timeoutConnect != "" { + fmt.Println("GOT THE TIMEOUTCONN ", timeoutConnect) t, err := strconv.Atoi(timeoutConnect) if err != nil { return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) } u.TimeoutConnect = t + fmt.Println("u.timcon ", t) } timeoutRead := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutRead), "s") if timeoutRead != "" { + fmt.Println("GOT THE TIMEOUTREAD ", timeoutRead) t, err := strconv.Atoi(timeoutRead) if err != nil { return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) } u.TimeoutRead = t + fmt.Println("u.read ", t) } timeoutSend := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutSend), "s") diff --git a/pkg/providers/ingress/translation/translator.go b/pkg/providers/ingress/translation/translator.go index 10f07404af1..9ca18e1224f 100644 --- a/pkg/providers/ingress/translation/translator.go +++ b/pkg/providers/ingress/translation/translator.go @@ -207,6 +207,26 @@ func (t *translator) translateIngressV1(ing *networkingv1.Ingress, skipVerify bo if ingress.Upstream.Retry > 0 { retry := ingress.Upstream.Retry ups.Retries = &retry + fmt.Println("set retries", *ups.Retries) + } + if ingress.Upstream.TimeoutConnect > 0 { + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{} + } + ups.Timeout.Connect = ingress.Upstream.TimeoutConnect + } + if ingress.Upstream.TimeoutRead > 0 { + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{} + } + ups.Timeout.Read = ingress.Upstream.TimeoutRead + fmt.Println("set read rimeiut", ups.Timeout.Read) + } + if ingress.Upstream.TimeoutSend > 0 { + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{} + } + ups.Timeout.Send = ingress.Upstream.TimeoutSend } ctx.AddUpstream(ups) } diff --git a/test/e2e/scaffold/scaffold.go b/test/e2e/scaffold/scaffold.go index 491a334bae9..80d8e304b98 100644 --- a/test/e2e/scaffold/scaffold.go +++ b/test/e2e/scaffold/scaffold.go @@ -474,6 +474,7 @@ func (s *Scaffold) beforeEach() { s.DeployAdminaAPIMode() } s.DeployTestService() + s.DeployRetryTimeout() } func (s *Scaffold) DeployAdminaAPIMode() { @@ -520,6 +521,21 @@ func (s *Scaffold) DeployCompositeMode() { assert.Nil(s.t, err, "creating apisix tunnels") } +func (s *Scaffold) DeployRetryTimeout() { + //Two endpoints are blocking(10 second) and one is non blocking + //Testing timeout + //With 1 retry and a timeout of 5 sec, it should return 504(timeout) + //With 1 retry and a timeout of 15 sec, it should success + + //Testing retry + //With 1 retry and a timeout of 5 sec, it should return 504(timeout) + //With 2 retry and a timeout of 5 sec, it should success + err := s.NewDeploymentForRetryTimeoutTest(2, 1) + assert.Nil(s.t, err, "error creating deployments for retry and timeout") + err = s.NewServiceForRetryTimeoutTest() + assert.Nil(s.t, err, "error creating services for retry and timeout") +} + func (s *Scaffold) DeployTestService() { var err error diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index 73cbcac4830..ef588a480ff 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -92,6 +92,68 @@ spec: name: "grpc-mtls" protocol: "TCP" ` + + _testTimeoutAndRetryDeploymentWithTimeout = ` +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gobackend-deployment2 +spec: + replicas: 1 # You can adjust the number of replicas as needed + selector: + matchLabels: + app: gobackend + template: + metadata: + labels: + app: gobackend + spec: + containers: + - name: gobackend + imagePullPolicy: Always + image: revoly/gobackend + command: ["/app/gobackend", "fail"] + ports: + - containerPort: 9280 +` + + _testTimeoutAndRetryDeploymentWithNoTimeout = ` +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gobackend-deployment1 +spec: + replicas: %d # You can adjust the number of replicas as needed + selector: + matchLabels: + app: gobackend + template: + metadata: + labels: + app: gobackend + spec: + containers: + - name: gobackend + imagePullPolicy: Always + image: revoly/gobackend + ports: + - containerPort: 9280 +` + + _testTimeoutAndRetryService = ` +apiVersion: v1 +kind: Service +metadata: + name: gobackend-service +spec: + selector: + app: gobackend + ports: + - protocol: TCP + port: 9280 + targetPort: 9280 +` + _testBackendService = ` apiVersion: v1 kind: Service @@ -179,6 +241,30 @@ spec: ` ) +func (s *Scaffold) NewServiceForRetryTimeoutTest() error { + if err := s.CreateResourceFromString(_testTimeoutAndRetryService); err != nil { + return err + } + return nil +} + +func (s *Scaffold) NewDeploymentForRetryTimeoutTest(replicasWithTimeout int, replicasWithoutTimeout int) error { + if replicasWithTimeout == 0 { + replicasWithTimeout = 1 + } + if replicasWithoutTimeout == 0 { + replicasWithoutTimeout = 1 + } + + if err := s.CreateResourceFromString(fmt.Sprintf(_testTimeoutAndRetryDeploymentWithTimeout, replicasWithTimeout)); err != nil { + return err + } + if err := s.CreateResourceFromString(fmt.Sprintf(_testTimeoutAndRetryDeploymentWithNoTimeout, replicasWithoutTimeout)); err != nil { + return err + } + return nil +} + func (s *Scaffold) newTestBackend() (*corev1.Service, error) { backendDeployment := fmt.Sprintf(s.FormatRegistry(_testBackendDeploymentTemplate), 1) if err := s.CreateResourceFromString(backendDeployment); err != nil { diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index be88b21678e..fdfb7837981 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -25,7 +25,7 @@ import ( "github.com/apache/apisix-ingress-controller/test/e2e/scaffold" ) -var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream retry", func() { +var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream with 1 retry and short timeout", func() { s := scaffold.NewDefaultScaffold() ginkgo.It("enable upstream retry to 3", func() { ing := ` @@ -34,7 +34,8 @@ kind: Ingress metadata: annotations: kubernetes.io/ingress.class: apisix - k8s.apisix.apache.org/retry: "3" + k8s.apisix.apache.org/retry: "1" + k8s.apisix.apache.org/timeout.read: "2s" name: ingress-ext-v1beta1 spec: rules: @@ -44,8 +45,8 @@ spec: - path: /testupstream/retry pathType: Exact backend: - serviceName: test-backend-service-e2e-test - servicePort: 8080 + serviceName: gobackend-service + servicePort: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) @@ -53,6 +54,6 @@ spec: time.Sleep(2 * time.Second) respGet := s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() - respGet.Status(http.StatusOK) + respGet.Status(http.StatusGatewayTimeout) }) }) From 7c808a8c48a1feb4094935141a519eab7dba9175 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 20:12:49 +0530 Subject: [PATCH 07/32] fix test --- test/e2e/scaffold/scaffold.go | 2 +- test/e2e/scaffold/test_backend.go | 17 +++++------------ 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/test/e2e/scaffold/scaffold.go b/test/e2e/scaffold/scaffold.go index 80d8e304b98..97dce6fa3b8 100644 --- a/test/e2e/scaffold/scaffold.go +++ b/test/e2e/scaffold/scaffold.go @@ -530,7 +530,7 @@ func (s *Scaffold) DeployRetryTimeout() { //Testing retry //With 1 retry and a timeout of 5 sec, it should return 504(timeout) //With 2 retry and a timeout of 5 sec, it should success - err := s.NewDeploymentForRetryTimeoutTest(2, 1) + err := s.NewDeploymentForRetryTimeoutTest() assert.Nil(s.t, err, "error creating deployments for retry and timeout") err = s.NewServiceForRetryTimeoutTest() assert.Nil(s.t, err, "error creating services for retry and timeout") diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index ef588a480ff..832c4060bc8 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -99,7 +99,7 @@ kind: Deployment metadata: name: gobackend-deployment2 spec: - replicas: 1 # You can adjust the number of replicas as needed + replicas: 2 # You can adjust the number of replicas as needed selector: matchLabels: app: gobackend @@ -123,7 +123,7 @@ kind: Deployment metadata: name: gobackend-deployment1 spec: - replicas: %d # You can adjust the number of replicas as needed + replicas: 1 # You can adjust the number of replicas as needed selector: matchLabels: app: gobackend @@ -248,18 +248,11 @@ func (s *Scaffold) NewServiceForRetryTimeoutTest() error { return nil } -func (s *Scaffold) NewDeploymentForRetryTimeoutTest(replicasWithTimeout int, replicasWithoutTimeout int) error { - if replicasWithTimeout == 0 { - replicasWithTimeout = 1 - } - if replicasWithoutTimeout == 0 { - replicasWithoutTimeout = 1 - } - - if err := s.CreateResourceFromString(fmt.Sprintf(_testTimeoutAndRetryDeploymentWithTimeout, replicasWithTimeout)); err != nil { +func (s *Scaffold) NewDeploymentForRetryTimeoutTest() error { + if err := s.CreateResourceFromString(_testTimeoutAndRetryDeploymentWithTimeout); err != nil { return err } - if err := s.CreateResourceFromString(fmt.Sprintf(_testTimeoutAndRetryDeploymentWithNoTimeout, replicasWithoutTimeout)); err != nil { + if err := s.CreateResourceFromString(_testTimeoutAndRetryDeploymentWithTimeout); err != nil { return err } return nil From 3e7ef020123782c9fe34c544c94cdc9a1b61a69c Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 20:32:27 +0530 Subject: [PATCH 08/32] fix e2e --- test/e2e/suite-annotations/upstreamretry.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index fdfb7837981..2bec42c7cb2 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -42,7 +42,7 @@ spec: - host: e2e.apisix.local http: paths: - - path: /testupstream/retry + - path: /retry pathType: Exact backend: serviceName: gobackend-service @@ -53,7 +53,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") time.Sleep(2 * time.Second) - respGet := s.NewAPISIXClient().GET("/testupstream/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() respGet.Status(http.StatusGatewayTimeout) }) }) From 3c6487b27439c8f96689f90a89c0bc4df4c92986 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 20:57:39 +0530 Subject: [PATCH 09/32] fix e2e --- test/e2e/suite-annotations/upstreamretry.go | 75 ++++++++++++++++++++- 1 file changed, 72 insertions(+), 3 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 2bec42c7cb2..03fcacef874 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -16,6 +16,7 @@ package annotations import ( + "fmt" "net/http" "time" @@ -25,9 +26,9 @@ import ( "github.com/apache/apisix-ingress-controller/test/e2e/scaffold" ) -var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream with 1 retry and short timeout", func() { +var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream", func() { s := scaffold.NewDefaultScaffold() - ginkgo.It("enable upstream retry to 3", func() { + ginkgo.It("1 retry and short timeout", func() { ing := ` apiVersion: extensions/v1beta1 kind: Ingress @@ -50,10 +51,78 @@ spec: ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) - assert.Nil(ginkgo.GinkgoT(), err, "Checking number of upstreams") + if err != nil { + fmt.Println("should not err", err.Error()) + } time.Sleep(2 * time.Second) respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() respGet.Status(http.StatusGatewayTimeout) }) + + ginkgo.It("1 retry and long timeout", func() { + ing := ` +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: apisix + k8s.apisix.apache.org/retry: "1" + k8s.apisix.apache.org/timeout.read: "20s" + name: ingress-ext-v1beta1 +spec: + rules: + - host: e2e.apisix.local + http: + paths: + - path: /retry + pathType: Exact + backend: + serviceName: gobackend-service + servicePort: 9280 +` + assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) + err := s.EnsureNumApisixUpstreamsCreated(1) + if err != nil { + fmt.Println("should not err", err.Error()) + } + time.Sleep(2 * time.Second) + time.Sleep(2 * time.Second) + + respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet.Status(http.StatusOK) + }) + + ginkgo.It("2 retry and short timeout", func() { + ing := ` +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: apisix + k8s.apisix.apache.org/retry: "1" + k8s.apisix.apache.org/timeout.read: "20s" + name: ingress-ext-v1beta1 +spec: + rules: + - host: e2e.apisix.local + http: + paths: + - path: /retry + pathType: Exact + backend: + serviceName: gobackend-service + servicePort: 9280 +` + assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) + err := s.EnsureNumApisixUpstreamsCreated(1) + if err != nil { + fmt.Println("should not err", err.Error()) + } + time.Sleep(2 * time.Second) + time.Sleep(2 * time.Second) + + respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() + respGet.Status(http.StatusOK) + }) }) From cc08a75679ffe6c73d99869b86f83be34ca47465 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 21:19:37 +0530 Subject: [PATCH 10/32] fix e2e ingressclassname --- test/e2e/suite-annotations/upstreamretry.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 03fcacef874..2586a123277 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -39,6 +39,7 @@ metadata: k8s.apisix.apache.org/timeout.read: "2s" name: ingress-ext-v1beta1 spec: + ingressClassName: apisix rules: - host: e2e.apisix.local http: @@ -71,6 +72,7 @@ metadata: k8s.apisix.apache.org/timeout.read: "20s" name: ingress-ext-v1beta1 spec: + ingressClassName: apisix rules: - host: e2e.apisix.local http: @@ -100,10 +102,11 @@ kind: Ingress metadata: annotations: kubernetes.io/ingress.class: apisix - k8s.apisix.apache.org/retry: "1" - k8s.apisix.apache.org/timeout.read: "20s" + k8s.apisix.apache.org/retry: "2" + k8s.apisix.apache.org/timeout.read: "2s" name: ingress-ext-v1beta1 spec: + ingressClassName: apisix rules: - host: e2e.apisix.local http: From 6487e6d963c8aaa82b19248fefa72781e199ca11 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 21:38:52 +0530 Subject: [PATCH 11/32] fix e2e v1 --- test/e2e/suite-annotations/upstreamretry.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 2586a123277..9193ff141a5 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -30,7 +30,7 @@ var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream", s := scaffold.NewDefaultScaffold() ginkgo.It("1 retry and short timeout", func() { ing := ` -apiVersion: extensions/v1beta1 +apiVersion: extensions/v1 kind: Ingress metadata: annotations: @@ -63,7 +63,7 @@ spec: ginkgo.It("1 retry and long timeout", func() { ing := ` -apiVersion: extensions/v1beta1 +apiVersion: extensions/v1 kind: Ingress metadata: annotations: @@ -97,7 +97,7 @@ spec: ginkgo.It("2 retry and short timeout", func() { ing := ` -apiVersion: extensions/v1beta1 +apiVersion: extensions/v1 kind: Ingress metadata: annotations: From 8a5b32b639611dc8b53f937db34346f71c12d79f Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 21:53:59 +0530 Subject: [PATCH 12/32] fix e2e v1 --- test/e2e/suite-annotations/upstreamretry.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 9193ff141a5..c4f17a5a62f 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -30,7 +30,7 @@ var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream", s := scaffold.NewDefaultScaffold() ginkgo.It("1 retry and short timeout", func() { ing := ` -apiVersion: extensions/v1 +apiVersion: v1 kind: Ingress metadata: annotations: @@ -63,7 +63,7 @@ spec: ginkgo.It("1 retry and long timeout", func() { ing := ` -apiVersion: extensions/v1 +apiVersion: v1 kind: Ingress metadata: annotations: @@ -97,7 +97,7 @@ spec: ginkgo.It("2 retry and short timeout", func() { ing := ` -apiVersion: extensions/v1 +apiVersion: v1 kind: Ingress metadata: annotations: From 6a0b9bb9b53aca5b2f23abf309c82255e747f3db Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 22:08:17 +0530 Subject: [PATCH 13/32] v1 --- test/e2e/suite-annotations/upstreamretry.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index c4f17a5a62f..eff1c1b8fc1 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -30,7 +30,7 @@ var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream", s := scaffold.NewDefaultScaffold() ginkgo.It("1 retry and short timeout", func() { ing := ` -apiVersion: v1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: @@ -63,7 +63,7 @@ spec: ginkgo.It("1 retry and long timeout", func() { ing := ` -apiVersion: v1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: @@ -97,7 +97,7 @@ spec: ginkgo.It("2 retry and short timeout", func() { ing := ` -apiVersion: v1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: From 29511d6302c815584073e671bcc346701adc620e Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 22:35:43 +0530 Subject: [PATCH 14/32] change acc to v1 --- test/e2e/suite-annotations/upstreamretry.go | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index eff1c1b8fc1..6c6267195b5 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -47,8 +47,10 @@ spec: - path: /retry pathType: Exact backend: - serviceName: gobackend-service - servicePort: 9280 + service: + name: gobackend-service + port: + number: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) @@ -80,8 +82,10 @@ spec: - path: /retry pathType: Exact backend: - serviceName: gobackend-service - servicePort: 9280 + service: + name: gobackend-service + port: + number: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) @@ -114,8 +118,10 @@ spec: - path: /retry pathType: Exact backend: - serviceName: gobackend-service - servicePort: 9280 + service: + name: gobackend-service + port: + number: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) From 7ab9be3fd3b7ac90c2f00c8d5f886e4a23cdd660 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 23:20:43 +0530 Subject: [PATCH 15/32] fix indentation --- test/e2e/suite-annotations/upstreamretry.go | 60 ++++++++++----------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 6c6267195b5..2bd7cb46d8a 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -41,16 +41,16 @@ metadata: spec: ingressClassName: apisix rules: - - host: e2e.apisix.local - http: - paths: - - path: /retry - pathType: Exact - backend: - service: - name: gobackend-service - port: - number: 9280 + - host: e2e.apisix.local + http: + paths: + - path: /retry + pathType: Exact + backend: + service: + name: gobackend-service + port: + number: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) @@ -76,16 +76,16 @@ metadata: spec: ingressClassName: apisix rules: - - host: e2e.apisix.local - http: - paths: - - path: /retry - pathType: Exact - backend: - service: - name: gobackend-service - port: - number: 9280 + - host: e2e.apisix.local + http: + paths: + - path: /retry + pathType: Exact + backend: + service: + name: gobackend-service + port: + number: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) @@ -112,16 +112,16 @@ metadata: spec: ingressClassName: apisix rules: - - host: e2e.apisix.local - http: - paths: - - path: /retry - pathType: Exact - backend: - service: - name: gobackend-service - port: - number: 9280 + - host: e2e.apisix.local + http: + paths: + - path: /retry + pathType: Exact + backend: + service: + name: gobackend-service + port: + number: 9280 ` assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) err := s.EnsureNumApisixUpstreamsCreated(1) From 9fef342bab8536971b9312866997b155174707a8 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 6 Dec 2023 23:38:21 +0530 Subject: [PATCH 16/32] e2e test --- test/e2e/suite-annotations/upstreamretry.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 2bd7cb46d8a..d4bbb1e09ac 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -34,7 +34,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: apisix k8s.apisix.apache.org/retry: "1" k8s.apisix.apache.org/timeout.read: "2s" name: ingress-ext-v1beta1 @@ -69,7 +68,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: apisix k8s.apisix.apache.org/retry: "1" k8s.apisix.apache.org/timeout.read: "20s" name: ingress-ext-v1beta1 @@ -105,7 +103,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: apisix k8s.apisix.apache.org/retry: "2" k8s.apisix.apache.org/timeout.read: "2s" name: ingress-ext-v1beta1 From db1c9cec5bde5b378081e3b2e91e7e2871acecf6 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 00:49:01 +0530 Subject: [PATCH 17/32] fix e2e --- test/e2e/scaffold/test_backend.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index 832c4060bc8..a1958f018b3 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -252,7 +252,7 @@ func (s *Scaffold) NewDeploymentForRetryTimeoutTest() error { if err := s.CreateResourceFromString(_testTimeoutAndRetryDeploymentWithTimeout); err != nil { return err } - if err := s.CreateResourceFromString(_testTimeoutAndRetryDeploymentWithTimeout); err != nil { + if err := s.CreateResourceFromString(_testTimeoutAndRetryDeploymentWithNoTimeout); err != nil { return err } return nil From 7a0ad00590f887c9ba670625ec447b3517d1b860 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 10:37:00 +0530 Subject: [PATCH 18/32] add ingress publish service --- test/e2e/scaffold/ingress.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/e2e/scaffold/ingress.go b/test/e2e/scaffold/ingress.go index 1fe8fda6750..e029768680c 100644 --- a/test/e2e/scaffold/ingress.go +++ b/test/e2e/scaffold/ingress.go @@ -470,6 +470,8 @@ spec: - --etcd-server-enabled=%t - --etcd-server-listen-address - ":2379" + - "--ingress-publish-service" + - "apisix-service-e2e-test" volumeMounts: - name: admission-webhook mountPath: /etc/webhook/certs From 8ef9dc3733bd7ee8f0864508e60962f9c9ff3b3a Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 11:03:32 +0530 Subject: [PATCH 19/32] add default in ns --- test/e2e/scaffold/ingress.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/scaffold/ingress.go b/test/e2e/scaffold/ingress.go index e029768680c..9c4ed1cff88 100644 --- a/test/e2e/scaffold/ingress.go +++ b/test/e2e/scaffold/ingress.go @@ -471,7 +471,7 @@ spec: - --etcd-server-listen-address - ":2379" - "--ingress-publish-service" - - "apisix-service-e2e-test" + - "default/apisix-service-e2e-test" volumeMounts: - name: admission-webhook mountPath: /etc/webhook/certs From 6fd0730a2151bbf85080ce83e0eef8aaed6b2553 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 11:34:38 +0530 Subject: [PATCH 20/32] fix for v1 and v1beta1 Signed-off-by: Ashish Tiwari --- .../ingress/translation/translator.go | 39 ++++++++++++++----- test/e2e/scaffold/ingress.go | 2 - test/e2e/suite-annotations/upstreamretry.go | 9 ++--- 3 files changed, 32 insertions(+), 18 deletions(-) diff --git a/pkg/providers/ingress/translation/translator.go b/pkg/providers/ingress/translation/translator.go index 9ca18e1224f..02d0bb5aafb 100644 --- a/pkg/providers/ingress/translation/translator.go +++ b/pkg/providers/ingress/translation/translator.go @@ -209,23 +209,21 @@ func (t *translator) translateIngressV1(ing *networkingv1.Ingress, skipVerify bo ups.Retries = &retry fmt.Println("set retries", *ups.Retries) } - if ingress.Upstream.TimeoutConnect > 0 { - if ups.Timeout == nil { - ups.Timeout = &apisixv1.UpstreamTimeout{} + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{ + Read: 60, + Send: 60, + Connect: 60, } + } + if ingress.Upstream.TimeoutConnect > 0 { ups.Timeout.Connect = ingress.Upstream.TimeoutConnect } if ingress.Upstream.TimeoutRead > 0 { - if ups.Timeout == nil { - ups.Timeout = &apisixv1.UpstreamTimeout{} - } ups.Timeout.Read = ingress.Upstream.TimeoutRead fmt.Println("set read rimeiut", ups.Timeout.Read) } if ingress.Upstream.TimeoutSend > 0 { - if ups.Timeout == nil { - ups.Timeout = &apisixv1.UpstreamTimeout{} - } ups.Timeout.Send = ingress.Upstream.TimeoutSend } ctx.AddUpstream(ups) @@ -383,7 +381,28 @@ func (t *translator) translateIngressV1beta1(ing *networkingv1beta1.Ingress, ski if len(ingress.Plugins) > 0 { route.Plugins = *(ingress.Plugins.DeepCopy()) } - + if ingress.Upstream.Retry > 0 { + retry := ingress.Upstream.Retry + ups.Retries = &retry + fmt.Println("set retries", *ups.Retries) + } + if ups.Timeout == nil { + ups.Timeout = &apisixv1.UpstreamTimeout{ + Read: 60, + Send: 60, + Connect: 60, + } + } + if ingress.Upstream.TimeoutConnect > 0 { + ups.Timeout.Connect = ingress.Upstream.TimeoutConnect + } + if ingress.Upstream.TimeoutRead > 0 { + ups.Timeout.Read = ingress.Upstream.TimeoutRead + fmt.Println("set read rimeiut", ups.Timeout.Read) + } + if ingress.Upstream.TimeoutSend > 0 { + ups.Timeout.Send = ingress.Upstream.TimeoutSend + } if ingress.PluginConfigName != "" { route.PluginConfigId = id.GenID(apisixv1.ComposePluginConfigName(ing.Namespace, ingress.PluginConfigName)) } diff --git a/test/e2e/scaffold/ingress.go b/test/e2e/scaffold/ingress.go index 9c4ed1cff88..1fe8fda6750 100644 --- a/test/e2e/scaffold/ingress.go +++ b/test/e2e/scaffold/ingress.go @@ -470,8 +470,6 @@ spec: - --etcd-server-enabled=%t - --etcd-server-listen-address - ":2379" - - "--ingress-publish-service" - - "default/apisix-service-e2e-test" volumeMounts: - name: admission-webhook mountPath: /etc/webhook/certs diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index d4bbb1e09ac..010196b2368 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -51,12 +51,9 @@ spec: port: number: 9280 ` - assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) - err := s.EnsureNumApisixUpstreamsCreated(1) - if err != nil { - fmt.Println("should not err", err.Error()) - } - time.Sleep(2 * time.Second) + err := s.CreateResourceFromString(ing) + assert.Nil(ginkgo.GinkgoT(), err, "creating ingress") + time.Sleep(5 * time.Second) respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() respGet.Status(http.StatusGatewayTimeout) From 8f97515e8419a1993a367a73d7ee307c717adf25 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 12:01:08 +0530 Subject: [PATCH 21/32] remove redundant test --- test/e2e/suite-annotations/upstreamretry.go | 35 ++------------------- 1 file changed, 2 insertions(+), 33 deletions(-) diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 010196b2368..3b352db91e5 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -28,38 +28,7 @@ import ( var _ = ginkgo.Describe("suite-annotations: annotations.networking/v1 upstream", func() { s := scaffold.NewDefaultScaffold() - ginkgo.It("1 retry and short timeout", func() { - ing := ` -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - k8s.apisix.apache.org/retry: "1" - k8s.apisix.apache.org/timeout.read: "2s" - name: ingress-ext-v1beta1 -spec: - ingressClassName: apisix - rules: - - host: e2e.apisix.local - http: - paths: - - path: /retry - pathType: Exact - backend: - service: - name: gobackend-service - port: - number: 9280 -` - err := s.CreateResourceFromString(ing) - assert.Nil(ginkgo.GinkgoT(), err, "creating ingress") - time.Sleep(5 * time.Second) - - respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() - respGet.Status(http.StatusGatewayTimeout) - }) - - ginkgo.It("1 retry and long timeout", func() { + ginkgo.It("Test timeout: 1 retry and long timeout", func() { ing := ` apiVersion: networking.k8s.io/v1 kind: Ingress @@ -94,7 +63,7 @@ spec: respGet.Status(http.StatusOK) }) - ginkgo.It("2 retry and short timeout", func() { + ginkgo.It("Test retry: 2 retry and short timeout", func() { ing := ` apiVersion: networking.k8s.io/v1 kind: Ingress From 75f695aa9c64efd111174c7198dcdb5e4bf9ddb2 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 12:23:11 +0530 Subject: [PATCH 22/32] replace revoly image --- Makefile | 1 + test/e2e/scaffold/test_backend.go | 4 +-- test/e2e/suite-annotations/upstreamretry.go | 23 ++++++-------- test/e2e/testtimeout/Dockerfile | 11 +++++++ test/e2e/testtimeout/go.mod | 3 ++ test/e2e/testtimeout/main.go | 35 +++++++++++++++++++++ 6 files changed, 62 insertions(+), 15 deletions(-) create mode 100644 test/e2e/testtimeout/Dockerfile create mode 100644 test/e2e/testtimeout/go.mod create mode 100644 test/e2e/testtimeout/main.go diff --git a/Makefile b/Makefile index 2c60bd17276..5dcabd686c7 100644 --- a/Makefile +++ b/Makefile @@ -103,6 +103,7 @@ ifeq ($(E2E_SKIP_BUILD), 0) docker tag kennethreitz/httpbin $(REGISTRY)/httpbin:$(IMAGE_TAG) docker build -t test-backend:$(IMAGE_TAG) --build-arg ENABLE_PROXY=$(ENABLE_PROXY) ./test/e2e/testbackend + docker build -t test-timeout:$(IMAGE_TAG) --build-arg ENABLE_PROXY=$(ENABLE_PROXY) ./test/e2e/testtimeout docker tag test-backend:$(IMAGE_TAG) $(REGISTRY)/test-backend:$(IMAGE_TAG) docker tag apache/apisix-ingress-controller:$(IMAGE_TAG) $(REGISTRY)/apisix-ingress-controller:$(IMAGE_TAG) diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index a1958f018b3..dff77930cf0 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -111,7 +111,7 @@ spec: containers: - name: gobackend imagePullPolicy: Always - image: revoly/gobackend + image: localhost:5000/test-timeout:dev command: ["/app/gobackend", "fail"] ports: - containerPort: 9280 @@ -135,7 +135,7 @@ spec: containers: - name: gobackend imagePullPolicy: Always - image: revoly/gobackend + image: localhost:5000/test-timeout:dev ports: - containerPort: 9280 ` diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 3b352db91e5..542b6705343 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -16,7 +16,6 @@ package annotations import ( - "fmt" "net/http" "time" @@ -51,12 +50,11 @@ spec: port: number: 9280 ` - assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) - err := s.EnsureNumApisixUpstreamsCreated(1) - if err != nil { - fmt.Println("should not err", err.Error()) - } - time.Sleep(2 * time.Second) + err := s.CreateResourceFromString(ing) + assert.Nil(ginkgo.GinkgoT(), err, "creating ingress") + time.Sleep(5 * time.Second) + err = s.EnsureNumApisixUpstreamsCreated(1) + assert.Nil(ginkgo.GinkgoT(), err, "checking upstreams") time.Sleep(2 * time.Second) respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() @@ -86,12 +84,11 @@ spec: port: number: 9280 ` - assert.NoError(ginkgo.GinkgoT(), s.CreateResourceFromString(ing)) - err := s.EnsureNumApisixUpstreamsCreated(1) - if err != nil { - fmt.Println("should not err", err.Error()) - } - time.Sleep(2 * time.Second) + err := s.CreateResourceFromString(ing) + assert.Nil(ginkgo.GinkgoT(), err, "creating ingress") + time.Sleep(5 * time.Second) + err = s.EnsureNumApisixUpstreamsCreated(1) + assert.Nil(ginkgo.GinkgoT(), err, "checking upstreams") time.Sleep(2 * time.Second) respGet := s.NewAPISIXClient().GET("/retry").WithHeader("Host", "e2e.apisix.local").Expect() diff --git a/test/e2e/testtimeout/Dockerfile b/test/e2e/testtimeout/Dockerfile new file mode 100644 index 00000000000..c904793bca6 --- /dev/null +++ b/test/e2e/testtimeout/Dockerfile @@ -0,0 +1,11 @@ +FROM golang:latest + +WORKDIR /app + +COPY . . + +RUN make build + +EXPOSE 9280 + +ENTRYPOINT [ "/app/gobackend" ] \ No newline at end of file diff --git a/test/e2e/testtimeout/go.mod b/test/e2e/testtimeout/go.mod new file mode 100644 index 00000000000..6840ad39950 --- /dev/null +++ b/test/e2e/testtimeout/go.mod @@ -0,0 +1,3 @@ +module github.com/apache/apisix-ingress-controller/test/e2e/testtimeout + +go 1.17 diff --git a/test/e2e/testtimeout/main.go b/test/e2e/testtimeout/main.go new file mode 100644 index 00000000000..5d6dd9cbb0f --- /dev/null +++ b/test/e2e/testtimeout/main.go @@ -0,0 +1,35 @@ +package main + +import ( + "fmt" + "net/http" + "os" + "time" +) + +type Server struct { + timeout int +} + +func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request) { + if s.timeout == 0 { + w.WriteHeader(200) + fmt.Println("PASSING") + return + } + time.Sleep(time.Duration(s.timeout * int(time.Second))) + fmt.Println("served after waiting") + return +} + +func main() { + fmt.Println("starting server...") + var s Server + if len(os.Args) > 1 && os.Args[1] == "fail" { + s.timeout = 10 + } else { + s.timeout = 0 + } + http.Handle("/retry", &s) + http.ListenAndServe(":9280", nil) +} From 31c6f9f22260b858e1aedc835cffdc4e48882e0e Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 12:28:01 +0530 Subject: [PATCH 23/32] fix ci --- test/e2e/testtimeout/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/testtimeout/Dockerfile b/test/e2e/testtimeout/Dockerfile index c904793bca6..48c72924500 100644 --- a/test/e2e/testtimeout/Dockerfile +++ b/test/e2e/testtimeout/Dockerfile @@ -4,7 +4,7 @@ WORKDIR /app COPY . . -RUN make build +RUN go build -o gobackend . EXPOSE 9280 From 9493ea7db9898b5ddef4cca2c6da5f0da8f29030 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 13:02:11 +0530 Subject: [PATCH 24/32] push test-timeout --- .github/workflows/e2e-test-ci-v2-cron-dev.yml | 1 + .github/workflows/e2e-test-ci-v2-cron.yml | 1 + .github/workflows/e2e-test-ci.yml | 1 + .github/workflows/k8s-timer-ci.yml | 1 + test/e2e/testtimeout/Dockerfile | 16 ++++++++++++++++ test/e2e/testtimeout/main.go | 14 ++++++++++++++ 6 files changed, 34 insertions(+) diff --git a/.github/workflows/e2e-test-ci-v2-cron-dev.yml b/.github/workflows/e2e-test-ci-v2-cron-dev.yml index b0f5f2149b7..1def17ac0b6 100644 --- a/.github/workflows/e2e-test-ci-v2-cron-dev.yml +++ b/.github/workflows/e2e-test-ci-v2-cron-dev.yml @@ -113,6 +113,7 @@ jobs: ${REGISTRY}/apisix-ingress-controller:dev \ ${REGISTRY}/httpbin:dev \ ${REGISTRY}/test-backend:dev \ + ${REGISTRY}/test-timeout:dev \ ${REGISTRY}/echo-server:dev \ ${REGISTRY}/busybox:dev \ | pigz > docker-dev.tar.gz diff --git a/.github/workflows/e2e-test-ci-v2-cron.yml b/.github/workflows/e2e-test-ci-v2-cron.yml index f37305036f3..230bdd6617b 100644 --- a/.github/workflows/e2e-test-ci-v2-cron.yml +++ b/.github/workflows/e2e-test-ci-v2-cron.yml @@ -113,6 +113,7 @@ jobs: ${REGISTRY}/apisix-ingress-controller:dev \ ${REGISTRY}/httpbin:dev \ ${REGISTRY}/test-backend:dev \ + ${REGISTRY}/test-timeout:dev \ ${REGISTRY}/echo-server:dev \ ${REGISTRY}/busybox:dev \ | pigz > docker-v2.tar.gz diff --git a/.github/workflows/e2e-test-ci.yml b/.github/workflows/e2e-test-ci.yml index 1c3166ff4ca..56e430c6d24 100644 --- a/.github/workflows/e2e-test-ci.yml +++ b/.github/workflows/e2e-test-ci.yml @@ -114,6 +114,7 @@ jobs: ${REGISTRY}/apisix-ingress-controller:dev \ ${REGISTRY}/httpbin:dev \ ${REGISTRY}/test-backend:dev \ + ${REGISTRY}/test-timeout:dev \ ${REGISTRY}/echo-server:dev \ ${REGISTRY}/busybox:dev \ | pigz > docker.tar.gz diff --git a/.github/workflows/k8s-timer-ci.yml b/.github/workflows/k8s-timer-ci.yml index 5a8eefe3ab6..9632de0be14 100644 --- a/.github/workflows/k8s-timer-ci.yml +++ b/.github/workflows/k8s-timer-ci.yml @@ -103,6 +103,7 @@ jobs: ${REGISTRY}/apisix-ingress-controller:dev \ ${REGISTRY}/httpbin:dev \ ${REGISTRY}/test-backend:dev \ + ${REGISTRY}/test-timeout:dev \ ${REGISTRY}/echo-server:dev \ ${REGISTRY}/busybox:dev \ | pigz > docker.tar.gz diff --git a/test/e2e/testtimeout/Dockerfile b/test/e2e/testtimeout/Dockerfile index 48c72924500..1e4aec78e13 100644 --- a/test/e2e/testtimeout/Dockerfile +++ b/test/e2e/testtimeout/Dockerfile @@ -1,3 +1,19 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# FROM golang:latest WORKDIR /app diff --git a/test/e2e/testtimeout/main.go b/test/e2e/testtimeout/main.go index 5d6dd9cbb0f..2b95c28a053 100644 --- a/test/e2e/testtimeout/main.go +++ b/test/e2e/testtimeout/main.go @@ -1,3 +1,17 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. package main import ( From 81d22134129d24a086752e186ca28aa714dfcae9 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 13:02:25 +0530 Subject: [PATCH 25/32] push test-timeout --- Makefile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 5dcabd686c7..9778c4ff16a 100644 --- a/Makefile +++ b/Makefile @@ -105,7 +105,7 @@ ifeq ($(E2E_SKIP_BUILD), 0) docker build -t test-backend:$(IMAGE_TAG) --build-arg ENABLE_PROXY=$(ENABLE_PROXY) ./test/e2e/testbackend docker build -t test-timeout:$(IMAGE_TAG) --build-arg ENABLE_PROXY=$(ENABLE_PROXY) ./test/e2e/testtimeout docker tag test-backend:$(IMAGE_TAG) $(REGISTRY)/test-backend:$(IMAGE_TAG) - + docker tag test-timeout:$(IMAGE_TAG) $(REGISTRY)/test-timeout:$(IMAGE_TAG) docker tag apache/apisix-ingress-controller:$(IMAGE_TAG) $(REGISTRY)/apisix-ingress-controller:$(IMAGE_TAG) docker pull jmalloc/echo-server:latest @@ -123,6 +123,7 @@ ifeq ($(E2E_SKIP_BUILD), 0) docker push $(REGISTRY)/etcd:$(IMAGE_TAG) docker push $(REGISTRY)/httpbin:$(IMAGE_TAG) docker push $(REGISTRY)/test-backend:$(IMAGE_TAG) + docker push $(REGISTRY)/test-timeout:$(IMAGE_TAG) docker push $(REGISTRY)/apisix-ingress-controller:$(IMAGE_TAG) docker push $(REGISTRY)/echo-server:$(IMAGE_TAG) docker push $(REGISTRY)/busybox:$(IMAGE_TAG) @@ -306,6 +307,7 @@ kind-load-images: $(REGISTRY)/apisix-ingress-controller:dev \ $(REGISTRY)/httpbin:dev \ $(REGISTRY)/test-backend:dev \ + $(REGISTRY)/test-timeout:dev \ $(REGISTRY)/echo-server:dev \ $(REGISTRY)/busybox:dev From 3e685ece95f3cc4f5acf11d4eeb10d248afe7a87 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 13:26:23 +0530 Subject: [PATCH 26/32] remove println final commit --- .../ingress/translation/annotations/upstream/upstream.go | 6 ------ pkg/providers/ingress/translation/translator.go | 4 ---- 2 files changed, 10 deletions(-) diff --git a/pkg/providers/ingress/translation/annotations/upstream/upstream.go b/pkg/providers/ingress/translation/annotations/upstream/upstream.go index 65ca66c5fc3..02692d9fc96 100644 --- a/pkg/providers/ingress/translation/annotations/upstream/upstream.go +++ b/pkg/providers/ingress/translation/annotations/upstream/upstream.go @@ -51,35 +51,29 @@ func (u *Upstream) Parse(e annotations.Extractor) (interface{}, error) { retry := e.GetStringAnnotation(annotations.AnnotationsUpstreamRetry) if retry != "" { - fmt.Println("GOT THE RETRY ", retry) t, err := strconv.Atoi(retry) if err != nil { return nil, fmt.Errorf("could not parse retry as an integer: %s", err.Error()) } u.Retry = t - fmt.Println("u.retry ", t) } timeoutConnect := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutConnect), "s") if timeoutConnect != "" { - fmt.Println("GOT THE TIMEOUTCONN ", timeoutConnect) t, err := strconv.Atoi(timeoutConnect) if err != nil { return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) } u.TimeoutConnect = t - fmt.Println("u.timcon ", t) } timeoutRead := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutRead), "s") if timeoutRead != "" { - fmt.Println("GOT THE TIMEOUTREAD ", timeoutRead) t, err := strconv.Atoi(timeoutRead) if err != nil { return nil, fmt.Errorf("could not parse timeout as an integer: %s", err.Error()) } u.TimeoutRead = t - fmt.Println("u.read ", t) } timeoutSend := strings.TrimSuffix(e.GetStringAnnotation(annotations.AnnotationsUpstreamTimeoutSend), "s") diff --git a/pkg/providers/ingress/translation/translator.go b/pkg/providers/ingress/translation/translator.go index 02d0bb5aafb..30f30c3d384 100644 --- a/pkg/providers/ingress/translation/translator.go +++ b/pkg/providers/ingress/translation/translator.go @@ -207,7 +207,6 @@ func (t *translator) translateIngressV1(ing *networkingv1.Ingress, skipVerify bo if ingress.Upstream.Retry > 0 { retry := ingress.Upstream.Retry ups.Retries = &retry - fmt.Println("set retries", *ups.Retries) } if ups.Timeout == nil { ups.Timeout = &apisixv1.UpstreamTimeout{ @@ -221,7 +220,6 @@ func (t *translator) translateIngressV1(ing *networkingv1.Ingress, skipVerify bo } if ingress.Upstream.TimeoutRead > 0 { ups.Timeout.Read = ingress.Upstream.TimeoutRead - fmt.Println("set read rimeiut", ups.Timeout.Read) } if ingress.Upstream.TimeoutSend > 0 { ups.Timeout.Send = ingress.Upstream.TimeoutSend @@ -384,7 +382,6 @@ func (t *translator) translateIngressV1beta1(ing *networkingv1beta1.Ingress, ski if ingress.Upstream.Retry > 0 { retry := ingress.Upstream.Retry ups.Retries = &retry - fmt.Println("set retries", *ups.Retries) } if ups.Timeout == nil { ups.Timeout = &apisixv1.UpstreamTimeout{ @@ -398,7 +395,6 @@ func (t *translator) translateIngressV1beta1(ing *networkingv1beta1.Ingress, ski } if ingress.Upstream.TimeoutRead > 0 { ups.Timeout.Read = ingress.Upstream.TimeoutRead - fmt.Println("set read rimeiut", ups.Timeout.Read) } if ingress.Upstream.TimeoutSend > 0 { ups.Timeout.Send = ingress.Upstream.TimeoutSend From 85fab2a344e5c42da773ffdd873252b480830d25 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 13:34:27 +0530 Subject: [PATCH 27/32] ifnotpresent --- test/e2e/scaffold/test_backend.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index dff77930cf0..1a7cf0ebae9 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -110,8 +110,8 @@ spec: spec: containers: - name: gobackend - imagePullPolicy: Always - image: localhost:5000/test-timeout:dev + imagePullPolicy: IfNotPresent + image: "localhost:5000/test-timeout:dev" command: ["/app/gobackend", "fail"] ports: - containerPort: 9280 @@ -134,8 +134,8 @@ spec: spec: containers: - name: gobackend - imagePullPolicy: Always - image: localhost:5000/test-timeout:dev + imagePullPolicy: IfNotPresent + image: "localhost:5000/test-timeout:dev" ports: - containerPort: 9280 ` From 8eb1eb21dbb8604a71ae7be70e18cd5f1e416d35 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 14:40:02 +0530 Subject: [PATCH 28/32] replace fqdn with ip --- test/e2e/scaffold/test_backend.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index 1a7cf0ebae9..ffeacd92793 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -111,7 +111,7 @@ spec: containers: - name: gobackend imagePullPolicy: IfNotPresent - image: "localhost:5000/test-timeout:dev" + image: "127.0.0.1:5000/test-timeout:dev" command: ["/app/gobackend", "fail"] ports: - containerPort: 9280 @@ -135,7 +135,7 @@ spec: containers: - name: gobackend imagePullPolicy: IfNotPresent - image: "localhost:5000/test-timeout:dev" + image: "127.0.0.1:5000/test-timeout:dev" ports: - containerPort: 9280 ` From 4d8b821fb228ef2f2bc1051b3ac456e34cba1840 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Thu, 7 Dec 2023 20:12:00 +0530 Subject: [PATCH 29/32] remove redundant code --- test/e2e/scaffold/test_backend.go | 7 ------- test/e2e/testbackend/main.go | 26 -------------------------- 2 files changed, 33 deletions(-) diff --git a/test/e2e/scaffold/test_backend.go b/test/e2e/scaffold/test_backend.go index ffeacd92793..afa4975af67 100644 --- a/test/e2e/scaffold/test_backend.go +++ b/test/e2e/scaffold/test_backend.go @@ -73,9 +73,6 @@ spec: - containerPort: 80 name: "http" protocol: "TCP" - - containerPort: 8080 - name: "http2" - protocol: "TCP" - containerPort: 443 name: "https" protocol: "TCP" @@ -167,10 +164,6 @@ spec: port: 80 protocol: TCP targetPort: 80 - - name: http2 - port: 8080 - protocol: TCP - targetPort: 8080 - name: https port: 443 protocol: TCP diff --git a/test/e2e/testbackend/main.go b/test/e2e/testbackend/main.go index 7befcf98582..5e2bccb7ddc 100644 --- a/test/e2e/testbackend/main.go +++ b/test/e2e/testbackend/main.go @@ -24,7 +24,6 @@ import ( "net/http" "os" "os/signal" - "strconv" "syscall" "google.golang.org/grpc" @@ -105,31 +104,6 @@ func main() { log.Fatalln(http.ListenAndServeTLS(":443", "tls/server.pem", "tls/server.key", nil)) }() - go func() { - // curl http://e2e.apisix.local:8080/testupstream/* --resolve e2e.apisix.local:8080:127.0.0.1 - log.Printf("starting http server in 8080") - // Here the assumption is that this endpoint will be used by a single client during testing - var requestsReceived uint32 - log.Fatalln(http.ListenAndServe(":8080", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - switch r.RequestURI { - case "/testupstream/retry": - requestsReceived++ - header := r.Header.Get("success-after-retry") - if header == "" { //set default value to succeed after 2 tries - header = "2" - } - succAfter, _ := strconv.Atoi(header) - if requestsReceived == uint32(succAfter) { - w.Write([]byte("successful response after " + header + " attempts")) - w.WriteHeader(200) - } else { - w.Write([]byte(fmt.Sprintf("failing %d try", requestsReceived))) - w.WriteHeader(400) - } - case "/testupstream/timeout": - } - }))) - }() go func() { // curl https://e2e.apisix.local:8443/hello --resolve e2e.apisix.local:8443:127.0.0.1 --cacert ca.pem --cert client.pem --key client.key log.Printf("starting mtls http server in 8443") From ed5f72873edf322dc932dec08f4e7efd23335858 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Fri, 8 Dec 2023 11:01:01 +0530 Subject: [PATCH 30/32] apply suggestions --- docs/en/latest/concepts/annotations.md | 60 +++++++++++++++++++ .../ingress/translation/annotations/types.go | 8 +-- test/e2e/suite-annotations/upstreamretry.go | 8 +-- 3 files changed, 68 insertions(+), 8 deletions(-) diff --git a/docs/en/latest/concepts/annotations.md b/docs/en/latest/concepts/annotations.md index 26af6a21b9b..8b1b83b5b63 100644 --- a/docs/en/latest/concepts/annotations.md +++ b/docs/en/latest/concepts/annotations.md @@ -413,3 +413,63 @@ spec: port: number: 80 ``` + +## Upstream retries + +This annotation can be used to configure retries among multiple nodes in an upstream. You may want the proxy to retry when requests occur faults like transient network errors or service unavailable, by default the retry count is 1. You can change it by specifying the retries field. + +The following configuration configures the retries to 3, which indicates there'll be at most 3 requests sent to Kubernetes service httpbin's endpoints. + +One should bear in mind that passing a request to the next endpoint is only possible if nothing has been sent to a client yet. That is, if an error or timeout occurs in the middle of the transferring of a response, fixing this is impossible. + +```yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + k8s.apisix.apache.org/upstream.retries: "2" + name: ingress-ext-v1beta1 +spec: + ingressClassName: apisix + rules: + - host: httpbin.org + http: + paths: + - path: /ip + pathType: Exact + backend: + service: + name: httpbin + port: + number: 80 +``` + +## Upstream timeout + +This annotation can be used to configure different types of timeout on an upstream. The default connect, read and send timeout are 60s, which might not be proper for some applications, just change them in the timeout field. + +The below example sets the connect, read and timeout to 5s, 10s, 10s respectively. + +```yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + k8s.apisix.apache.org/upstream.retries: "5s" + k8s.apisix.apache.org/upstream.timeout.read: "10s" + k8s.apisix.apache.org/upstreamtimeout.connect: "10s" + name: ingress-ext-v1beta1 +spec: + ingressClassName: apisix + rules: + - host: httpbin.org + http: + paths: + - path: /ip + pathType: Exact + backend: + service: + name: httpbin + port: + number: 80 +``` diff --git a/pkg/providers/ingress/translation/annotations/types.go b/pkg/providers/ingress/translation/annotations/types.go index 876526d5337..c77ca03a53f 100644 --- a/pkg/providers/ingress/translation/annotations/types.go +++ b/pkg/providers/ingress/translation/annotations/types.go @@ -29,10 +29,10 @@ const ( AnnotationsUpstreamScheme = AnnotationsPrefix + "upstream-scheme" //support retries and timeouts on upstream - AnnotationsUpstreamRetry = AnnotationsPrefix + "retry" - AnnotationsUpstreamTimeoutConnect = AnnotationsPrefix + "timeout.connect" - AnnotationsUpstreamTimeoutRead = AnnotationsPrefix + "timeout.read" - AnnotationsUpstreamTimeoutSend = AnnotationsPrefix + "timeout.send" + AnnotationsUpstreamRetry = AnnotationsPrefix + "upstream.retries" + AnnotationsUpstreamTimeoutConnect = AnnotationsPrefix + "upstream.timeout.connect" + AnnotationsUpstreamTimeoutRead = AnnotationsPrefix + "upstream.timeout.read" + AnnotationsUpstreamTimeoutSend = AnnotationsPrefix + "upstream.timeout.send" ) const ( diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 542b6705343..8b6fa8914d9 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -33,8 +33,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/retry: "1" - k8s.apisix.apache.org/timeout.read: "20s" + k8s.apisix.apache.org/upstream.retries: "1" + k8s.apisix.apache.org/upstream.timeout.read: "20s" name: ingress-ext-v1beta1 spec: ingressClassName: apisix @@ -67,8 +67,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/retry: "2" - k8s.apisix.apache.org/timeout.read: "2s" + k8s.apisix.apache.org/upstream.retries: "2" + k8s.apisix.apache.org/upstream.timeout.read: "2s" name: ingress-ext-v1beta1 spec: ingressClassName: apisix From ec1c6d941c346b58d84cdca7701edc7d6e272a73 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Fri, 8 Dec 2023 12:04:02 +0530 Subject: [PATCH 31/32] apply suggestions --- docs/en/latest/concepts/annotations.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/en/latest/concepts/annotations.md b/docs/en/latest/concepts/annotations.md index 8b1b83b5b63..dd644dcaecc 100644 --- a/docs/en/latest/concepts/annotations.md +++ b/docs/en/latest/concepts/annotations.md @@ -416,7 +416,7 @@ spec: ## Upstream retries -This annotation can be used to configure retries among multiple nodes in an upstream. You may want the proxy to retry when requests occur faults like transient network errors or service unavailable, by default the retry count is 1. You can change it by specifying the retries field. +This annotation can be used to configure retries among multiple nodes in an upstream. You may want the proxy to retry when requests occur faults like transient network errors or service unavailable, By default the retry count is 1. You can change it by specifying the retries field. The following configuration configures the retries to 3, which indicates there'll be at most 3 requests sent to Kubernetes service httpbin's endpoints. @@ -427,7 +427,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/upstream.retries: "2" + k8s.apisix.apache.org/upstream.retries: "3" name: ingress-ext-v1beta1 spec: ingressClassName: apisix @@ -446,18 +446,18 @@ spec: ## Upstream timeout -This annotation can be used to configure different types of timeout on an upstream. The default connect, read and send timeout are 60s, which might not be proper for some applications, just change them in the timeout field. +This annotation can be used to configure different types of timeout on an upstream. The default connect, read and send timeout are 60s, which might not be proper for some applications. -The below example sets the connect, read and timeout to 5s, 10s, 10s respectively. +The below example sets the read, connect and send timeout to 5s, 10s, 10s respectively. ```yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/upstream.retries: "5s" - k8s.apisix.apache.org/upstream.timeout.read: "10s" - k8s.apisix.apache.org/upstreamtimeout.connect: "10s" + k8s.apisix.apache.org/upstream.timeout.read.: "5s" + k8s.apisix.apache.org/upstream.timeout.connect: "10s" + k8s.apisix.apache.org/upstream.timeout.send: "10s" name: ingress-ext-v1beta1 spec: ingressClassName: apisix From af956c71a21b0ff98bf1be46311c28b5ea331847 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Mon, 11 Dec 2023 09:36:42 +0530 Subject: [PATCH 32/32] apply suggestions --- docs/en/latest/concepts/annotations.md | 8 ++++---- pkg/providers/ingress/translation/annotations/types.go | 8 ++++---- test/e2e/suite-annotations/upstreamretry.go | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/en/latest/concepts/annotations.md b/docs/en/latest/concepts/annotations.md index dd644dcaecc..a3292b1ec18 100644 --- a/docs/en/latest/concepts/annotations.md +++ b/docs/en/latest/concepts/annotations.md @@ -427,7 +427,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/upstream.retries: "3" + k8s.apisix.apache.org/upstream-retries: "3" name: ingress-ext-v1beta1 spec: ingressClassName: apisix @@ -455,9 +455,9 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/upstream.timeout.read.: "5s" - k8s.apisix.apache.org/upstream.timeout.connect: "10s" - k8s.apisix.apache.org/upstream.timeout.send: "10s" + k8s.apisix.apache.org/upstream-read-timeout.: "5s" + k8s.apisix.apache.org/upstream-connect-timeout: "10s" + k8s.apisix.apache.org/upstream-send-timeout: "10s" name: ingress-ext-v1beta1 spec: ingressClassName: apisix diff --git a/pkg/providers/ingress/translation/annotations/types.go b/pkg/providers/ingress/translation/annotations/types.go index c77ca03a53f..aac0a0baf48 100644 --- a/pkg/providers/ingress/translation/annotations/types.go +++ b/pkg/providers/ingress/translation/annotations/types.go @@ -29,10 +29,10 @@ const ( AnnotationsUpstreamScheme = AnnotationsPrefix + "upstream-scheme" //support retries and timeouts on upstream - AnnotationsUpstreamRetry = AnnotationsPrefix + "upstream.retries" - AnnotationsUpstreamTimeoutConnect = AnnotationsPrefix + "upstream.timeout.connect" - AnnotationsUpstreamTimeoutRead = AnnotationsPrefix + "upstream.timeout.read" - AnnotationsUpstreamTimeoutSend = AnnotationsPrefix + "upstream.timeout.send" + AnnotationsUpstreamRetry = AnnotationsPrefix + "upstream-retries" + AnnotationsUpstreamTimeoutConnect = AnnotationsPrefix + "upstream-connect-timeout" + AnnotationsUpstreamTimeoutRead = AnnotationsPrefix + "upstream-read-timeout" + AnnotationsUpstreamTimeoutSend = AnnotationsPrefix + "upstream-send-timeout" ) const ( diff --git a/test/e2e/suite-annotations/upstreamretry.go b/test/e2e/suite-annotations/upstreamretry.go index 8b6fa8914d9..768e2d75f7c 100644 --- a/test/e2e/suite-annotations/upstreamretry.go +++ b/test/e2e/suite-annotations/upstreamretry.go @@ -33,8 +33,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/upstream.retries: "1" - k8s.apisix.apache.org/upstream.timeout.read: "20s" + k8s.apisix.apache.org/upstream-retries: "1" + k8s.apisix.apache.org/upstream-read-timeout: "20s" name: ingress-ext-v1beta1 spec: ingressClassName: apisix @@ -67,8 +67,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - k8s.apisix.apache.org/upstream.retries: "2" - k8s.apisix.apache.org/upstream.timeout.read: "2s" + k8s.apisix.apache.org/upstream-retries: "2" + k8s.apisix.apache.org/upstream-read-timeout: "2s" name: ingress-ext-v1beta1 spec: ingressClassName: apisix