-
Notifications
You must be signed in to change notification settings - Fork 122
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gh-87 Added cicd for end-to-end https proxy LB scenario
- Loading branch information
1 parent
8adc910
commit 2517df7
Showing
6 changed files
with
137 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
// tcp_https_server.js | ||
|
||
var certdir = "./" | ||
if (process.argv[3]) { | ||
certdir = process.argv[3] | ||
} | ||
const https = require('https'); | ||
const fs = require('fs'); | ||
|
||
https.createServer({ | ||
cert: fs.readFileSync(certdir + '/server.crt'), | ||
key: fs.readFileSync(certdir + '/server.key') | ||
}, (req, res) => { | ||
res.writeHead(200); | ||
res.end(process.argv[2]); | ||
}).listen(8080); | ||
console.log("Server listening on https://localhost:8080/"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
#!/bin/bash | ||
|
||
source ../common.sh | ||
|
||
echo "#########################################" | ||
echo "Spawning all hosts" | ||
echo "#########################################" | ||
|
||
spawn_docker_host --dock-type loxilb --dock-name llb1 --extra-args "--proxyonlymode" | ||
spawn_docker_host --dock-type host --dock-name l3h1 | ||
spawn_docker_host --dock-type host --dock-name l3ep1 | ||
spawn_docker_host --dock-type host --dock-name l3ep2 | ||
spawn_docker_host --dock-type host --dock-name l3ep3 | ||
|
||
echo "#########################################" | ||
echo "Connecting and configuring hosts" | ||
echo "#########################################" | ||
|
||
|
||
connect_docker_hosts l3h1 llb1 | ||
connect_docker_hosts l3ep1 llb1 | ||
connect_docker_hosts l3ep2 llb1 | ||
connect_docker_hosts l3ep3 llb1 | ||
|
||
sleep 5 | ||
|
||
#L3 config | ||
config_docker_host --host1 l3h1 --host2 llb1 --ptype phy --addr 10.10.10.1/24 --gw 10.10.10.254 | ||
config_docker_host --host1 l3ep1 --host2 llb1 --ptype phy --addr 31.31.31.1/24 --gw 31.31.31.254 | ||
config_docker_host --host1 l3ep2 --host2 llb1 --ptype phy --addr 32.32.32.1/24 --gw 32.32.32.254 | ||
config_docker_host --host1 l3ep3 --host2 llb1 --ptype phy --addr 33.33.33.1/24 --gw 33.33.33.254 | ||
config_docker_host --host1 llb1 --host2 l3h1 --ptype phy --addr 10.10.10.254/24 | ||
config_docker_host --host1 llb1 --host2 l3ep1 --ptype phy --addr 31.31.31.254/24 | ||
config_docker_host --host1 llb1 --host2 l3ep2 --ptype phy --addr 32.32.32.254/24 | ||
config_docker_host --host1 llb1 --host2 l3ep3 --ptype phy --addr 33.33.33.254/24 | ||
|
||
$dexec llb1 ip addr add 10.10.10.3/32 dev lo | ||
|
||
#Prepare certificates | ||
rm -fr 10.10.10.254 | ||
rm -fr loxilb.io | ||
rm -fr minica*.pem | ||
./minica -ip-addresses 10.10.10.254 | ||
./minica -domains loxilb.io | ||
mv loxilb.io/cert.pem loxilb.io/server.crt | ||
mv loxilb.io/key.pem loxilb.io/server.key | ||
|
||
docker cp minica.pem llb1:/opt/loxilb/cert/rootCA.crt | ||
docker cp 10.10.10.254/cert.pem llb1:/opt/loxilb/cert/server.crt | ||
docker cp 10.10.10.254/key.pem llb1:/opt/loxilb/cert/server.key | ||
|
||
sleep 5 | ||
create_lb_rule llb1 10.10.10.254 --tcp=2020:8080 --endpoints=31.31.31.1:1,32.32.32.1:1,33.33.33.1:1 --mode=fullproxy --security=e2ehttps --host=loxilb.io |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
#!/bin/bash | ||
|
||
source ../common.sh | ||
|
||
disconnect_docker_hosts l3h1 llb1 | ||
disconnect_docker_hosts l3ep1 llb1 | ||
disconnect_docker_hosts l3ep2 llb1 | ||
disconnect_docker_hosts l3ep3 llb1 | ||
|
||
delete_docker_host llb1 | ||
delete_docker_host l3h1 | ||
delete_docker_host l3ep1 | ||
delete_docker_host l3ep2 | ||
delete_docker_host l3ep3 | ||
|
||
echo "#########################################" | ||
echo "Deleted testbed" | ||
echo "#########################################" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
#!/bin/bash | ||
source ../common.sh | ||
echo SCENARIO-e2ehttps-tcplb | ||
$hexec l3ep1 node ../common/tcp_https_server.js server1 loxilb.io & | ||
$hexec l3ep2 node ../common/tcp_https_server.js server2 loxilb.io & | ||
$hexec l3ep3 node ../common/tcp_https_server.js server3 loxilb.io & | ||
|
||
sleep 5 | ||
code=0 | ||
servIP=( "10.10.10.254" ) | ||
servArr=( "server1" "server2" "server3" ) | ||
ep=( "31.31.31.1" "32.32.32.1" "33.33.33.1" ) | ||
j=0 | ||
waitCount=0 | ||
|
||
for k in {0..0} | ||
do | ||
echo "Testing Service IP: ${servIP[k]}" | ||
lcode=0 | ||
for i in {1..4} | ||
do | ||
for j in {0..2} | ||
do | ||
res=$($hexec l3h1 curl --max-time 10 -H "Application/json" -H "Content-type: application/json" -H "HOST: loxilb.io" --insecure -s https://${servIP[k]}:2020) | ||
echo $res | ||
if [[ $res != "${servArr[j]}" ]] | ||
then | ||
lcode=1 | ||
fi | ||
sleep 1 | ||
done | ||
done | ||
if [[ $lcode == 0 ]] | ||
then | ||
echo SCENARIO-e2ehttps-tcplb with ${servIP[k]} [OK] | ||
else | ||
echo SCENARIO-e2ehttps-tcplb with ${servIP[k]} [FAILED] | ||
code=1 | ||
fi | ||
done | ||
|
||
sudo killall -9 node 2>&1 > /dev/null | ||
exit $code |