diff --git a/test/integration/connect/envoy/case-terminating-gateway-simple/config_entries.hcl b/test/integration/connect/envoy/case-terminating-gateway-simple/config_entries.hcl new file mode 100644 index 0000000000..4626dee571 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-simple/config_entries.hcl @@ -0,0 +1,14 @@ +enable_central_service_config = true + +config_entries { + bootstrap { + kind = "terminating-gateway" + name = "terminating-gateway" + + services = [ + { + name = "s2" + } + ] + } +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-simple/gateway.hcl b/test/integration/connect/envoy/case-terminating-gateway-simple/gateway.hcl new file mode 100644 index 0000000000..0958221ed9 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-simple/gateway.hcl @@ -0,0 +1,5 @@ +services { + name = "terminating-gateway" + kind = "terminating-gateway" + port = 8443 +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-simple/setup.sh b/test/integration/connect/envoy/case-terminating-gateway-simple/setup.sh new file mode 100644 index 0000000000..94c79d2fb5 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-simple/setup.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -euo pipefail + +# wait for bootstrap to apply config entries +wait_for_config_entry terminating-gateway terminating-gateway + +gen_envoy_bootstrap terminating-gateway 20000 primary true +gen_envoy_bootstrap s1 19000 diff --git a/test/integration/connect/envoy/case-terminating-gateway-simple/vars.sh b/test/integration/connect/envoy/case-terminating-gateway-simple/vars.sh new file mode 100644 index 0000000000..88adda8ac4 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-simple/vars.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +export REQUIRED_SERVICES="s1 s1-sidecar-proxy s2 terminating-gateway-primary" diff --git a/test/integration/connect/envoy/case-terminating-gateway-simple/verify.bats b/test/integration/connect/envoy/case-terminating-gateway-simple/verify.bats new file mode 100644 index 0000000000..5396d8b54e --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-simple/verify.bats @@ -0,0 +1,29 @@ +#!/usr/bin/env bats + +load helpers + +@test "terminating proxy admin is up on :20000" { + retry_default curl -f -s localhost:20000/stats -o /dev/null +} + +@test "s1 proxy admin is up on :19000" { + retry_default curl -f -s localhost:19000/stats -o /dev/null +} + +@test "terminating-gateway-primary listener is up on :8443" { + retry_default nc -z localhost:8443 +} + +@test "terminating-gateway should have healthy endpoints for s2" { + assert_upstream_has_endpoints_in_status 127.0.0.1:20000 s2 HEALTHY 1 +} + +@test "s1 upstream should have healthy endpoints for s2" { + assert_upstream_has_endpoints_in_status 127.0.0.1:19000 s2.default.primary HEALTHY 1 +} + +@test "s1 upstream should be able to connect to s2" { + run retry_default curl -s -f -d hello localhost:5000 + [ "$status" -eq 0 ] + [ "$output" = "hello" ] +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/capture.sh b/test/integration/connect/envoy/case-terminating-gateway-subsets/capture.sh new file mode 100644 index 0000000000..2ef0c41a21 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/capture.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +snapshot_envoy_admin localhost:20000 terminating-gateway primary || true +snapshot_envoy_admin localhost:19000 s1 primary || true diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/config_entries.hcl b/test/integration/connect/envoy/case-terminating-gateway-subsets/config_entries.hcl new file mode 100644 index 0000000000..0459ba4285 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/config_entries.hcl @@ -0,0 +1,37 @@ +config_entries { + bootstrap { + kind = "terminating-gateway" + name = "terminating-gateway" + + services = [ + { + name = "s2" + } + ] + } + + bootstrap { + kind = "proxy-defaults" + name = "global" + + config { + protocol = "http" + } + } + + bootstrap { + kind = "service-resolver" + name = "s2" + + default_subset = "v1" + + subsets = { + "v1" = { + filter = "Service.Meta.version == v1" + } + "v2" = { + filter = "Service.Meta.version == v2" + } + } + } +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/gateway.hcl b/test/integration/connect/envoy/case-terminating-gateway-subsets/gateway.hcl new file mode 100644 index 0000000000..fe597c235c --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/gateway.hcl @@ -0,0 +1,9 @@ +services { + name = "terminating-gateway" + kind = "terminating-gateway" + port = 8443 + + meta { + version = "v1" + } +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/s2-v1.hcl b/test/integration/connect/envoy/case-terminating-gateway-subsets/s2-v1.hcl new file mode 100644 index 0000000000..fb87dc41d5 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/s2-v1.hcl @@ -0,0 +1,9 @@ +services { + id = "s2-v1" + name = "s2" + port = 8182 + + meta { + version = "v1" + } +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/s2-v2.hcl b/test/integration/connect/envoy/case-terminating-gateway-subsets/s2-v2.hcl new file mode 100644 index 0000000000..52ab0abd68 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/s2-v2.hcl @@ -0,0 +1,9 @@ +services { + id = "s2-v2" + name = "s2" + port = 8183 + + meta { + version = "v2" + } +} diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/setup.sh b/test/integration/connect/envoy/case-terminating-gateway-subsets/setup.sh new file mode 100644 index 0000000000..4ccc96e198 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/setup.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +set -euo pipefail + +# wait for bootstrap to apply config entries +wait_for_config_entry terminating-gateway terminating-gateway +wait_for_config_entry proxy-defaults global +wait_for_config_entry service-resolver s2 + +# terminating gateway will act as s2's proxy +gen_envoy_bootstrap s1 19000 +gen_envoy_bootstrap terminating-gateway 20000 primary true diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/vars.sh b/test/integration/connect/envoy/case-terminating-gateway-subsets/vars.sh new file mode 100644 index 0000000000..514ef784e6 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/vars.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +export REQUIRED_SERVICES=" +s1 s1-sidecar-proxy +s2-v1 +terminating-gateway-primary +" diff --git a/test/integration/connect/envoy/case-terminating-gateway-subsets/verify.bats b/test/integration/connect/envoy/case-terminating-gateway-subsets/verify.bats new file mode 100644 index 0000000000..c69fce797c --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-subsets/verify.bats @@ -0,0 +1,36 @@ +#!/usr/bin/env bats + +load helpers + +@test "s1 proxy admin is up on :19000" { + retry_default curl -f -s localhost:19000/stats -o /dev/null +} + +@test "terminating proxy admin is up on :20000" { + retry_default curl -f -s localhost:20000/stats -o /dev/null +} + +@test "terminating-gateway-primary listener is up on :8443" { + retry_default nc -z localhost:8443 +} + +@test "s1 proxy listener should be up and have right cert" { + assert_proxy_presents_cert_uri localhost:21000 s1 +} + +@test "s1 upstream should have healthy endpoints for v1.s2" { + assert_upstream_has_endpoints_in_status 127.0.0.1:19000 v1.s2 HEALTHY 1 +} + +@test "terminating-gateway should have healthy endpoints for v1.s2" { + assert_upstream_has_endpoints_in_status 127.0.0.1:20000 v1.s2 HEALTHY 1 +} + +@test "terminating-gateway should have healthy endpoints for v2.s2" { + assert_upstream_has_endpoints_in_status 127.0.0.1:20000 v2.s2 HEALTHY 1 +} + +@test "s1 upstream should be able to connect to s2-v1 via terminating-gateway" { + assert_expected_fortio_name s2-v1 +} + diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/bind.hcl b/test/integration/connect/envoy/case-terminating-gateway-without-services/bind.hcl new file mode 100644 index 0000000000..f54393f03e --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/bind.hcl @@ -0,0 +1,2 @@ +bind_addr = "0.0.0.0" +advertise_addr = "{{ GetInterfaceIP \"eth0\" }}" \ No newline at end of file diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/gateway.hcl b/test/integration/connect/envoy/case-terminating-gateway-without-services/gateway.hcl new file mode 100644 index 0000000000..bf31029c03 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/gateway.hcl @@ -0,0 +1,5 @@ +services { + name = "terminating-gateway" + kind = "terminating-gateway" + port = 4431 +} \ No newline at end of file diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/s1.hcl b/test/integration/connect/envoy/case-terminating-gateway-without-services/s1.hcl new file mode 100644 index 0000000000..f9c223cfec --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/s1.hcl @@ -0,0 +1 @@ +# We don't want an s1 service diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/s2.hcl b/test/integration/connect/envoy/case-terminating-gateway-without-services/s2.hcl new file mode 100644 index 0000000000..89311191b3 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/s2.hcl @@ -0,0 +1 @@ +# We don't want an s2 service diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/setup.sh b/test/integration/connect/envoy/case-terminating-gateway-without-services/setup.sh new file mode 100644 index 0000000000..57cd5ab051 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/setup.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +set -eEuo pipefail + +gen_envoy_bootstrap terminating-gateway 19000 primary true diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/vars.sh b/test/integration/connect/envoy/case-terminating-gateway-without-services/vars.sh new file mode 100644 index 0000000000..9e6dd20604 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/vars.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +export REQUIRED_SERVICES="terminating-gateway-primary" diff --git a/test/integration/connect/envoy/case-terminating-gateway-without-services/verify.bats b/test/integration/connect/envoy/case-terminating-gateway-without-services/verify.bats new file mode 100644 index 0000000000..f58a576315 --- /dev/null +++ b/test/integration/connect/envoy/case-terminating-gateway-without-services/verify.bats @@ -0,0 +1,11 @@ +#!/usr/bin/env bats + +load helpers + +@test "terminating-gateway-primary proxy admin is up on :19000" { + retry_default curl -f -s localhost:19000/stats -o /dev/null +} + +@test "terminating-gateway-primary listener is up on :4431" { + retry_default nc -z localhost:4431 +} diff --git a/test/integration/connect/envoy/docker-compose.yml b/test/integration/connect/envoy/docker-compose.yml index 81317f7c8b..80dfccaff0 100644 --- a/test/integration/connect/envoy/docker-compose.yml +++ b/test/integration/connect/envoy/docker-compose.yml @@ -580,6 +580,23 @@ services: - *workdir-volume network_mode: service:consul-primary + terminating-gateway-primary: + depends_on: + - consul-primary + image: "envoyproxy/envoy:v${ENVOY_VERSION}" + command: + - "envoy" + - "-c" + - "/workdir/primary/envoy/terminating-gateway-bootstrap.json" + - "-l" + - "debug" + - "--disable-hot-restart" + - "--drain-time-s" + - "1" + volumes: + - *workdir-volume + network_mode: service:consul-primary + verify-primary: depends_on: - consul-primary