From e604acd6b77fda1c4850333df04ce7881afeecb5 Mon Sep 17 00:00:00 2001 From: Lucjan Bryndza Date: Thu, 6 Feb 2020 15:20:24 +0100 Subject: DNS test server for ingress controller Testing ingress controller based on virtual hosts requires a lot of entries in the /etc/hosts. The better way is to create DNS server for testing purposes. Signed-off-by: Lucjan Bryndza Issue-ID: OOM-2289 Change-Id: I2ab104c7391e9634972931ac7e79bec5711d2b39 Signed-off-by: Lucjan Bryndza --- .../dns-server-for-vhost-ingress-testing/README.md | 23 +++++++ .../bind9dns/.helmignore | 37 +++++++++++ .../bind9dns/Chart.yaml | 20 ++++++ .../bind9dns/templates/NOTES.txt | 21 ++++++ .../bind9dns/templates/_helpers.tpl | 49 ++++++++++++++ .../bind9dns/templates/deployment.yaml | 76 ++++++++++++++++++++++ .../bind9dns/templates/service.yaml | 39 +++++++++++ .../bind9dns/templates/tests/test-connection.yaml | 34 ++++++++++ .../bind9dns/values.yaml | 46 +++++++++++++ .../deploy_dns.sh | 62 ++++++++++++++++++ 10 files changed, 407 insertions(+) create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml create mode 100644 kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml create mode 100755 kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh (limited to 'kubernetes/contrib') diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md new file mode 100644 index 0000000000..dced68d7c6 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md @@ -0,0 +1,23 @@ +# Motivations +Ingress controller implementation in the ONAP cluster is based on the virtual host routing. +Testing ONAP cluster requires a lot of entries on the target machines in the /etc/hosts. +Adding many entries into the configuration files on testing machines is quite problematic and error prone. +The better wait is to create central DNS server with entries for all virtual host pointed to simpledemo.onap.org and add custom DNS server as a target DNS server for testing machines and/or as external DNS for kubernetes cluster. + +# How to deploy test DNS server: +Run script ./deploy\_dns.sh + +# How to add DNS address on testing machines: +See post deploy info + +# Test DNS inside cluster (optional) +1. You can add the following entry after DNS deploy on running cluster at the end of cluster.yaml file (rke) +~~~yaml +dns: + provider: coredns + upstreamnameservers: + - :31555 +~~~ +2. You can edit coredns configuration with command: + kubectl -n kube-system edit configmap coredns + diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore new file mode 100644 index 0000000000..dacad44a66 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore @@ -0,0 +1,37 @@ +# +# Copyright 2020 Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml new file mode 100644 index 0000000000..a618fd792c --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml @@ -0,0 +1,20 @@ +# +# Copyright 2020 Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +apiVersion: v1 +appVersion: "1.0" +description: bind9 DNS server for kubernetes cluster +name: bind9dns +version: 0.1.0 diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt new file mode 100644 index 0000000000..7211966b89 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt @@ -0,0 +1,21 @@ +1. Get the installed DNS host and port by running this commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range $.Values.ingress.paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "bind9dns.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo DNS host: $NODE_IP dns port: $NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "bind9dns.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "bind9dns.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "bind9dns.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl new file mode 100644 index 0000000000..3efbbbf831 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl @@ -0,0 +1,49 @@ +{{/* + + Copyright 2020 Samsung Electronics Co., Ltd. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/}} +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "bind9dns.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "bind9dns.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "bind9dns.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml new file mode 100644 index 0000000000..1a76ba0a96 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml @@ -0,0 +1,76 @@ +{{/* + Copyright 2020 Samsung Electronics Co., Ltd. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "bind9dns.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "bind9dns.name" . }} + helm.sh/chart: {{ include "bind9dns.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "bind9dns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "bind9dns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: DNS_FORWARDER + value: {{ .Values.dnsconf.forwarder }} + - name: WILDCARD_DNS + value: {{ .Values.dnsconf.wildcard }} + - name: ALLOW_RECURSION + value: any + - name: ALLOW_QUERY + value: any + ports: + - name: dnsport + containerPort: {{ .Values.service.port }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.port }} + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + tcpSocket: + port: {{ .Values.service.port }} + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml new file mode 100644 index 0000000000..715f2ff78e --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml @@ -0,0 +1,39 @@ +{{/* + Copyright 2020 Samsung Electronics Co., Ltd. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "bind9dns.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "bind9dns.name" . }} + helm.sh/chart: {{ include "bind9dns.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + nodePort: {{ .Values.service.nodePort }} + protocol: TCP + name: dnstcp + - port: {{ .Values.service.port }} + nodePort: {{ .Values.service.nodePort }} + protocol: UDP + name: dnsudp + selector: + app.kubernetes.io/name: {{ include "bind9dns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..4fe5d05b02 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml @@ -0,0 +1,34 @@ +{{/* + Copyright 2020 Samsung Electronics Co., Ltd. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/}} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "bind9dns.fullname" . }}-test-connection" + labels: + app.kubernetes.io/name: {{ include "bind9dns.name" . }} + helm.sh/chart: {{ include "bind9dns.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "bind9dns.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml new file mode 100644 index 0000000000..c9e19f41d0 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml @@ -0,0 +1,46 @@ +# +# Copyright 2020 Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +replicaCount: 1 + +image: + repository: luccksam/docker-bind + tag: 0.1.0 + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" + +service: + type: NodePort + port: 53 + nodePort: 31555 + +ingress: + enabled: false + annotations: {} + paths: [] + hosts: + - dnsserver.local + tls: [] + +resources: {} +nodeSelector: {} +tolerations: [] +affinity: {} + +dnsconf: + forwarder: "8.8.8.8,8.8.4.4" + wildcard: "simpledemo.onap.org=0.0.0.0" diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh new file mode 100755 index 0000000000..a78bc077d8 --- /dev/null +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh @@ -0,0 +1,62 @@ +#!/bin/bash -e +# +# Copyright 2020 Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +DNS_PORT=31555 +CLUSTER_CONTROL=$( kubectl get no -l node-role.kubernetes.io/controlplane=true -o jsonpath='{.items..metadata.name}') +CLUSTER_IP=$(kubectl get no $CLUSTER_CONTROL -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') +SPATH="$( dirname "$( which "$0" )" )" + + + +usage() { +cat << ==usage +$0 [cluster_domain] [helm_chart_args ...] + [cluster_domain] Default value simpledemo.onap.org + [helm_chart_args...] Optional arguments passed to helm install command +==usage +} + + +target_machine_notice_info() { +cat << ==infodeploy +Extra DNS server already deployed: +1. You can add the DNS server to the target machine using following commands: + sudo iptables -t nat -A OUTPUT -p tcp -d 192.168.211.211 --dport 53 -j DNAT --to-destination $CLUSTER_IP:$DNS_PORT + sudo iptables -t nat -A OUTPUT -p udp -d 192.168.211.211 --dport 53 -j DNAT --to-destination $CLUSTER_IP:$DNS_PORT + sudo sysctl -w net.ipv4.conf.all.route_localnet=1 + sudo sysctl -w net.ipv4.ip_forward=1 +2. Update /etc/resolv.conf file with nameserver 192.168.211.211 entry on your target machine +==infodeploy +} + +deploy() { + pushd "$SPATH/bind9dns" > /dev/null + if [ $# -eq 0 ]; then + local cl_domain="simpledemo.onap.org" + else + local cl_domain=$1 + shift + fi + helm install . --set dnsconf.wildcard="$cl_domain=$CLUSTER_IP" $@ + popd > /dev/null + target_machine_notice_info +} + +if [[ $# -eq 1 ]] && [[ $1 == "-h" || $1 == "--help" ]]; then + usage +else + deploy $@ +fi -- cgit 1.2.3-korg