kuma

exclude_outbound_port.go
68 строк · 2.4 Кб
Перенос по словам
1
package connectivity
2

3
import (
4
	. "github.com/onsi/ginkgo/v2"
5
	. "github.com/onsi/gomega"
6
	corev1 "k8s.io/api/core/v1"
7
	"k8s.io/apimachinery/pkg/api/resource"
8

9
	"github.com/kumahq/kuma/pkg/plugins/runtime/k8s/metadata"
10
	"github.com/kumahq/kuma/pkg/util/pointer"
11
	. "github.com/kumahq/kuma/test/framework"
12
	"github.com/kumahq/kuma/test/framework/deployments/testserver"
13
	"github.com/kumahq/kuma/test/framework/envs/kubernetes"
14
)
15

16
func ExcludeOutboundPort() {
17
	meshName := "exclude-outbound-port"
18
	namespace := "exclude-outbound-port"
19
	namespaceExternal := "exclude-outbound-port-external"
20

21
	BeforeAll(func() {
22
		err := NewClusterSetup().
23
			Install(MTLSMeshKubernetes(meshName)).
24
			Install(MeshTrafficPermissionAllowAllKubernetes(meshName)).
25
			Install(NamespaceWithSidecarInjection(namespace)).
26
			Install(Namespace(namespaceExternal)).
27
			Install(testserver.Install(
28
				testserver.WithName("test-server"),
29
				testserver.WithNamespace(namespaceExternal),
30
			)).
31
			Setup(kubernetes.Cluster)
32
		Expect(err).ToNot(HaveOccurred())
33
	})
34

35
	E2EAfterAll(func() {
36
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(namespace)).To(Succeed())
37
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(namespaceExternal)).To(Succeed())
38
		Expect(kubernetes.Cluster.DeleteMesh(meshName)).To(Succeed())
39
	})
40

41
	It("should be able to use network from init container if we ignore ports for uid", func() {
42
		Expect(kubernetes.Cluster.Install(testserver.Install(
43
			testserver.WithName("test-server"),
44
			testserver.WithNamespace(namespace),
45
			testserver.WithPodAnnotations(map[string]string{
46
				metadata.KumaInitFirst:                             "true",
47
				metadata.KumaTrafficExcludeOutboundTCPPortsForUIDs: "80:1234",
48
				metadata.KumaTrafficExcludeOutboundUDPPortsForUIDs: "53:1234",
49
			}),
50
			testserver.AddInitContainer(corev1.Container{
51
				Name:            "init-test-server",
52
				Image:           Config.GetUniversalImage(),
53
				ImagePullPolicy: "IfNotPresent",
54
				Command:         []string{"curl"},
55
				Args:            []string{"-v", "-m", "3", "--fail", "test-server.exclude-outbound-port-external.svc.cluster.local:80"},
56
				Resources: corev1.ResourceRequirements{
57
					Limits: corev1.ResourceList{
58
						"cpu":    resource.MustParse("50m"),
59
						"memory": resource.MustParse("64Mi"),
60
					},
61
				},
62
				SecurityContext: &corev1.SecurityContext{
63
					RunAsUser: pointer.To(int64(1234)),
64
				},
65
			},
66
			)))).To(Succeed())
67
	})
68
}
69
kuma

Использование cookies
