/
add-on-secrets.go
106 lines (94 loc) · 3.74 KB
/
add-on-secrets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package eksconfig
import (
"errors"
"fmt"
"path/filepath"
"time"
)
// AddOnSecrets defines parameters for EKS cluster
// add-on "Secrets".
type AddOnSecrets struct {
// Enable is 'true' to create this add-on.
Enable bool `json:"enable"`
// Created is true when the resource has been created.
// Used for delete operations.
Created bool `json:"created" read-only:"true"`
// CreateTook is the duration that took to create the resource.
CreateTook time.Duration `json:"create-took,omitempty" read-only:"true"`
// CreateTookString is the duration that took to create the resource.
CreateTookString string `json:"create-took-string,omitempty" read-only:"true"`
// DeleteTook is the duration that took to create the resource.
DeleteTook time.Duration `json:"delete-took,omitempty" read-only:"true"`
// DeleteTookString is the duration that took to create the resource.
DeleteTookString string `json:"delete-took-string,omitempty" read-only:"true"`
// Namespace is the namespace to create objects in.
Namespace string `json:"namespace"`
// Objects is the number of "Secret" objects to write/read.
Objects int `json:"objects"`
// Size is the "Secret" value size in bytes.
Size int `json:"size"`
// FailThreshold is the number of write failures to allow.
FailThreshold int `json:"fail-threshold"`
// CreatedSecretsNames is the list of created "Secret" object names.
CreatedSecretsNames []string `json:"created-secrets-names" read-only:"true"`
// CreatedPodNames is the list of created "Pod" object names.
CreatedPodNames []string `json:"created-pod-names" read-only:"true"`
// WritesResultPath is the CSV file path to output Secret writes test results.
WritesResultPath string `json:"writes-result-path"`
// ReadsResultPath is the CSV file path to output Secret reads test results.
ReadsResultPath string `json:"reads-result-path"`
}
// EnvironmentVariablePrefixAddOnSecrets is the environment variable prefix used for "eksconfig".
const EnvironmentVariablePrefixAddOnSecrets = AWS_K8S_TESTER_EKS_PREFIX + "ADD_ON_SECRETS_"
// IsEnabledAddOnSecrets returns true if "AddOnSecrets" is enabled.
// Otherwise, nil the field for "omitempty".
func (cfg *Config) IsEnabledAddOnSecrets() bool {
if cfg.AddOnSecrets == nil {
return false
}
if cfg.AddOnSecrets.Enable {
return true
}
cfg.AddOnSecrets = nil
return false
}
func getDefaultAddOnSecrets() *AddOnSecrets {
return &AddOnSecrets{
Enable: false,
Objects: 10,
Size: 10 * 1024, // 10 KB
FailThreshold: 10,
// writes total 100 MB for "Secret" objects,
// plus "Pod" objects, writes total 330 MB to etcd
//
// with 3 nodes, takes about 1.5 hour for all
// these "Pod"s to complete
//
// Objects: 10000,
// Size: 10 * 1024, // 10 KB
}
}
func (cfg *Config) validateAddOnSecrets() error {
if !cfg.IsEnabledAddOnSecrets() {
return nil
}
if !cfg.IsEnabledAddOnNodeGroups() && !cfg.IsEnabledAddOnManagedNodeGroups() {
return errors.New("AddOnSecrets.Enable true but no node group is enabled")
}
if cfg.AddOnSecrets.Namespace == "" {
cfg.AddOnSecrets.Namespace = cfg.Name + "-secrets"
}
if cfg.AddOnSecrets.WritesResultPath == "" {
cfg.AddOnSecrets.WritesResultPath = filepath.Join(filepath.Dir(cfg.ConfigPath), cfg.Name+"-secret-writes.csv")
}
if filepath.Ext(cfg.AddOnSecrets.WritesResultPath) != ".csv" {
return fmt.Errorf("expected .csv extension for WritesResultPath, got %q", cfg.AddOnSecrets.WritesResultPath)
}
if cfg.AddOnSecrets.ReadsResultPath == "" {
cfg.AddOnSecrets.ReadsResultPath = filepath.Join(filepath.Dir(cfg.ConfigPath), cfg.Name+"-secret-reads.csv")
}
if filepath.Ext(cfg.AddOnSecrets.ReadsResultPath) != ".csv" {
return fmt.Errorf("expected .csv extension for ReadsResultPath, got %q", cfg.AddOnSecrets.ReadsResultPath)
}
return nil
}