// testService is a helper for testServiceUpBeforeAndAfter and testServiceRemainsUp with a flag for testDuringDisruption // // TODO(ihmccreery) remove this abstraction once testServiceUpBeforeAndAfter is no longer needed, because node upgrades // maintain a responsive service. func testService(f *framework.Framework, sem *chaosmonkey.Semaphore, testDuringDisruption bool) { // Setup serviceName := "service-test" jig := framework.NewServiceTestJig(f.ClientSet, serviceName) // nodeIP := framework.PickNodeIP(jig.Client) // for later By("creating a TCP service " + serviceName + " with type=LoadBalancer in namespace " + f.Namespace.Name) // TODO it's weird that we have to do this and then wait WaitForLoadBalancer which changes // tcpService. tcpService := jig.CreateTCPServiceOrFail(f.Namespace.Name, func(s *v1.Service) { s.Spec.Type = v1.ServiceTypeLoadBalancer }) tcpService = jig.WaitForLoadBalancerOrFail(f.Namespace.Name, tcpService.Name, framework.LoadBalancerCreateTimeoutDefault) jig.SanityCheckService(tcpService, v1.ServiceTypeLoadBalancer) // Get info to hit it with tcpIngressIP := framework.GetIngressPoint(&tcpService.Status.LoadBalancer.Ingress[0]) svcPort := int(tcpService.Spec.Ports[0].Port) By("creating pod to be part of service " + serviceName) // TODO newRCTemplate only allows for the creation of one replica... that probably won't // work so well. jig.RunOrFail(f.Namespace.Name, nil) // Hit it once before considering ourselves ready By("hitting the pod through the service's LoadBalancer") jig.TestReachableHTTP(tcpIngressIP, svcPort, framework.LoadBalancerLagTimeoutDefault) sem.Ready() if testDuringDisruption { // Continuous validation wait.Until(func() { By("hitting the pod through the service's LoadBalancer") jig.TestReachableHTTP(tcpIngressIP, svcPort, framework.Poll) }, framework.Poll, sem.StopCh) } else { // Block until chaosmonkey is done By("waiting for upgrade to finish without checking if service remains up") <-sem.StopCh } // Sanity check and hit it once more By("hitting the pod through the service's LoadBalancer") jig.TestReachableHTTP(tcpIngressIP, svcPort, framework.LoadBalancerLagTimeoutDefault) jig.SanityCheckService(tcpService, v1.ServiceTypeLoadBalancer) }
BeforeEach(func() { framework.SkipUnlessProviderIs("gce") cs = f.ClientSet cloudConfig = framework.TestContext.CloudConfig gceCloud = cloudConfig.Provider.(*gcecloud.GCECloud) }) // This test takes around 4 minutes to run It("[Slow] [Serial] should create valid firewall rules for LoadBalancer type service", func() { ns := f.Namespace.Name // This source ranges is just used to examine we have exact same things on LB firewall rules firewallTestSourceRanges := []string{"0.0.0.0/1", "128.0.0.0/1"} serviceName := "firewall-test-loadbalancer" jig := framework.NewServiceTestJig(cs, serviceName) nodesNames := jig.GetNodesNames(framework.MaxNodesForEndpointsTests) if len(nodesNames) <= 0 { framework.Failf("Expect at least 1 node, got: %v", nodesNames) } nodesSet := sets.NewString(nodesNames...) // OnlyLocal service is needed to examine which exact nodes the requests are being forwarded to by the Load Balancer on GCE By("Creating a LoadBalancer type service with onlyLocal annotation") svc := jig.CreateOnlyLocalLoadBalancerService(ns, serviceName, framework.LoadBalancerCreateTimeoutDefault, false, func(svc *v1.Service) { svc.Spec.Ports = []v1.ServicePort{{Protocol: "TCP", Port: framework.FirewallTestHttpPort}} svc.Spec.LoadBalancerSourceRanges = firewallTestSourceRanges }) defer func() { jig.UpdateServiceOrFail(svc.Namespace, svc.Name, func(svc *v1.Service) {