diff --git a/.github/workflows/advanced-lb-sanity.yml b/.github/workflows/advanced-lb-sanity.yml index 36315266d..9c43134f3 100644 --- a/.github/workflows/advanced-lb-sanity.yml +++ b/.github/workflows/advanced-lb-sanity.yml @@ -119,3 +119,9 @@ jobs: ./validation.sh ./rmconfig.sh cd - + - run: | + cd cicd/e2ehttpsproxy/ + ./config.sh + ./validation.sh + ./rmconfig.sh + cd - diff --git a/cicd/common/tcp_https_server.js b/cicd/common/tcp_https_server.js new file mode 100644 index 000000000..678063cf1 --- /dev/null +++ b/cicd/common/tcp_https_server.js @@ -0,0 +1,17 @@ +// tcp_https_server.js + +var certdir = "./" +if (process.argv[3]) { + certdir = process.argv[3] +} +const https = require('https'); +const fs = require('fs'); + +https.createServer({ + cert: fs.readFileSync(certdir + '/server.crt'), + key: fs.readFileSync(certdir + '/server.key') +}, (req, res) => { + res.writeHead(200); + res.end(process.argv[2]); +}).listen(8080); +console.log("Server listening on https://localhost:8080/"); diff --git a/cicd/e2ehttpsproxy/config.sh b/cicd/e2ehttpsproxy/config.sh new file mode 100755 index 000000000..50ad10c8b --- /dev/null +++ b/cicd/e2ehttpsproxy/config.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +source ../common.sh + +echo "#########################################" +echo "Spawning all hosts" +echo "#########################################" + +spawn_docker_host --dock-type loxilb --dock-name llb1 --extra-args "--proxyonlymode" +spawn_docker_host --dock-type host --dock-name l3h1 +spawn_docker_host --dock-type host --dock-name l3ep1 +spawn_docker_host --dock-type host --dock-name l3ep2 +spawn_docker_host --dock-type host --dock-name l3ep3 + +echo "#########################################" +echo "Connecting and configuring hosts" +echo "#########################################" + + +connect_docker_hosts l3h1 llb1 +connect_docker_hosts l3ep1 llb1 +connect_docker_hosts l3ep2 llb1 +connect_docker_hosts l3ep3 llb1 + +sleep 5 + +#L3 config +config_docker_host --host1 l3h1 --host2 llb1 --ptype phy --addr 10.10.10.1/24 --gw 10.10.10.254 +config_docker_host --host1 l3ep1 --host2 llb1 --ptype phy --addr 31.31.31.1/24 --gw 31.31.31.254 +config_docker_host --host1 l3ep2 --host2 llb1 --ptype phy --addr 32.32.32.1/24 --gw 32.32.32.254 +config_docker_host --host1 l3ep3 --host2 llb1 --ptype phy --addr 33.33.33.1/24 --gw 33.33.33.254 +config_docker_host --host1 llb1 --host2 l3h1 --ptype phy --addr 10.10.10.254/24 +config_docker_host --host1 llb1 --host2 l3ep1 --ptype phy --addr 31.31.31.254/24 +config_docker_host --host1 llb1 --host2 l3ep2 --ptype phy --addr 32.32.32.254/24 +config_docker_host --host1 llb1 --host2 l3ep3 --ptype phy --addr 33.33.33.254/24 + +$dexec llb1 ip addr add 10.10.10.3/32 dev lo + +#Prepare certificates +rm -fr 10.10.10.254 +rm -fr loxilb.io +rm -fr minica*.pem +./minica -ip-addresses 10.10.10.254 +./minica -domains loxilb.io +mv loxilb.io/cert.pem loxilb.io/server.crt +mv loxilb.io/key.pem loxilb.io/server.key + +docker cp minica.pem llb1:/opt/loxilb/cert/rootCA.crt +docker cp 10.10.10.254/cert.pem llb1:/opt/loxilb/cert/server.crt +docker cp 10.10.10.254/key.pem llb1:/opt/loxilb/cert/server.key + +sleep 5 +create_lb_rule llb1 10.10.10.254 --tcp=2020:8080 --endpoints=31.31.31.1:1,32.32.32.1:1,33.33.33.1:1 --mode=fullproxy --security=e2ehttps --host=loxilb.io diff --git a/cicd/e2ehttpsproxy/minica b/cicd/e2ehttpsproxy/minica new file mode 100755 index 000000000..a152b1664 Binary files /dev/null and b/cicd/e2ehttpsproxy/minica differ diff --git a/cicd/e2ehttpsproxy/rmconfig.sh b/cicd/e2ehttpsproxy/rmconfig.sh new file mode 100755 index 000000000..9ea80577f --- /dev/null +++ b/cicd/e2ehttpsproxy/rmconfig.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +source ../common.sh + +disconnect_docker_hosts l3h1 llb1 +disconnect_docker_hosts l3ep1 llb1 +disconnect_docker_hosts l3ep2 llb1 +disconnect_docker_hosts l3ep3 llb1 + +delete_docker_host llb1 +delete_docker_host l3h1 +delete_docker_host l3ep1 +delete_docker_host l3ep2 +delete_docker_host l3ep3 + +echo "#########################################" +echo "Deleted testbed" +echo "#########################################" diff --git a/cicd/e2ehttpsproxy/validation.sh b/cicd/e2ehttpsproxy/validation.sh new file mode 100755 index 000000000..c9a3d00e5 --- /dev/null +++ b/cicd/e2ehttpsproxy/validation.sh @@ -0,0 +1,43 @@ +#!/bin/bash +source ../common.sh +echo SCENARIO-e2ehttps-tcplb +$hexec l3ep1 node ../common/tcp_https_server.js server1 loxilb.io & +$hexec l3ep2 node ../common/tcp_https_server.js server2 loxilb.io & +$hexec l3ep3 node ../common/tcp_https_server.js server3 loxilb.io & + +sleep 5 +code=0 +servIP=( "10.10.10.254" ) +servArr=( "server1" "server2" "server3" ) +ep=( "31.31.31.1" "32.32.32.1" "33.33.33.1" ) +j=0 +waitCount=0 + +for k in {0..0} +do +echo "Testing Service IP: ${servIP[k]}" +lcode=0 +for i in {1..4} +do +for j in {0..2} +do + res=$($hexec l3h1 curl --max-time 10 -H "Application/json" -H "Content-type: application/json" -H "HOST: loxilb.io" --insecure -s https://${servIP[k]}:2020) + echo $res + if [[ $res != "${servArr[j]}" ]] + then + lcode=1 + fi + sleep 1 +done +done +if [[ $lcode == 0 ]] +then + echo SCENARIO-e2ehttps-tcplb with ${servIP[k]} [OK] +else + echo SCENARIO-e2ehttps-tcplb with ${servIP[k]} [FAILED] + code=1 +fi +done + +sudo killall -9 node 2>&1 > /dev/null +exit $code