destination: Test opaque ports resolution for external resources (#8275)

While looking into #8273, I wanted to confirm that the destination controller uses the default opaque ports configuration for arbitrary (unmeshed) IPs. This change adds a test that exercises resolution behavior for external IPs. Signed-off-by: Oliver Gould <[email protected]>
linkerd · Apr 18, 2022 · 458cd0f · 458cd0f
1 parent 363b8ff
commit 458cd0f
Showing 1 changed file with 63 additions and 0 deletions.
diff --git a/controller/api/destination/server_test.go b/controller/api/destination/server_test.go
@@ -27,6 +27,7 @@ const podIPOpaque = "172.17.0.14"
 const podIPSkipped = "172.17.0.15"
 const podIPPolicy = "172.17.0.16"
 const podIPStatefulSet = "172.17.13.15"
+const externalIP = "192.168.1.20"
 const port uint32 = 8989
 const opaquePort uint32 = 4242
 const skippedPort uint32 = 24224
@@ -1069,6 +1070,68 @@ func TestGetProfiles(t *testing.T) {
 			t.Fatalf("Expected pod to support opaque traffic on port 4143")
 		}
 	})
+
+	t.Run("Return profile with opaque protocol when using an opaque port with an external IP", func(t *testing.T) {
+		server := makeServer(t)
+		stream := &bufferingGetProfileStream{
+			updates:          []*pb.DestinationProfile{},
+			MockServerStream: util.NewMockServerStream(),
+		}
+		stream.Cancel()
+
+		_, err := toAddress(externalIP, 3306)
+		if err != nil {
+			t.Fatalf("Got error: %s", err)
+		}
+		err = server.GetProfile(&pb.GetDestination{
+			Scheme: "k8s",
+			Path:   fmt.Sprintf("%s:%d", externalIP, 3306),
+		}, stream)
+		if err != nil {
+			t.Fatalf("Got error: %s", err)
+		}
+
+		// Test that the first update has a destination profile with an
+		// opaque protocol and opaque transport.
+		if len(stream.updates) == 0 {
+			t.Fatalf("Expected at least 1 update but got 0")
+		}
+		update := stream.updates[0]
+		if !update.OpaqueProtocol {
+			t.Fatalf("Expected port %d to be an opaque protocol, but it was not", 3306)
+		}
+	})
+
+	t.Run("Return profile with non-opaque protocol when using an arbitrary port with an external IP", func(t *testing.T) {
+		server := makeServer(t)
+		stream := &bufferingGetProfileStream{
+			updates:          []*pb.DestinationProfile{},
+			MockServerStream: util.NewMockServerStream(),
+		}
+		stream.Cancel()
+
+		_, err := toAddress(externalIP, 80)
+		if err != nil {
+			t.Fatalf("Got error: %s", err)
+		}
+		err = server.GetProfile(&pb.GetDestination{
+			Scheme: "k8s",
+			Path:   fmt.Sprintf("%s:%d", externalIP, 80),
+		}, stream)
+		if err != nil {
+			t.Fatalf("Got error: %s", err)
+		}
+
+		// Test that the first update has a destination profile with an
+		// opaque protocol and opaque transport.
+		if len(stream.updates) == 0 {
+			t.Fatalf("Expected at least 1 update but got 0")
+		}
+		update := stream.updates[0]
+		if update.OpaqueProtocol {
+			t.Fatalf("Expected port %d to be a non-opaque protocol, but it was opaque", 80)
+		}
+	})
 }
 
 func TestTokenStructure(t *testing.T) {