From bc725d3eb664350cbb896a0856eed9a0678af05c Mon Sep 17 00:00:00 2001 From: Trekkie Coder Date: Thu, 26 Dec 2024 22:30:09 +0900 Subject: [PATCH 1/3] gh-877 Initial support for egress : updated cicd --- .github/workflows/egress-lb-sanity.yml | 45 ++++++++++++++ cicd/egresslb/config.sh | 83 ++++++++++++++++++++++++++ cicd/egresslb/rmconfig.sh | 21 +++++++ cicd/egresslb/validation.sh | 52 ++++++++++++++++ 4 files changed, 201 insertions(+) create mode 100644 .github/workflows/egress-lb-sanity.yml create mode 100755 cicd/egresslb/config.sh create mode 100755 cicd/egresslb/rmconfig.sh create mode 100755 cicd/egresslb/validation.sh diff --git a/.github/workflows/egress-lb-sanity.yml b/.github/workflows/egress-lb-sanity.yml new file mode 100644 index 000000000..a8d4ff881 --- /dev/null +++ b/.github/workflows/egress-lb-sanity.yml @@ -0,0 +1,45 @@ +name: Egr-LB-Sanity-CI + +on: + push: + branches: + - main + pull_request: + branches: [ "main" ] + workflow_dispatch: + inputs: + logLevel: + description: 'Log level' + required: true + default: 'warning' + tags: + description: 'Egress LB Sanity' + +jobs: + build: + name: advanced-lb-sanity + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + with: + submodules: recursive + - uses: actions/setup-python@v2 + - uses: actions/setup-go@v3 + with: + go-version: '>=1.18.0' + - run: sudo apt-get update + - run: sudo apt-get -y install clang-10 llvm libelf-dev gcc-multilib libpcap-dev linux-tools-$(uname -r) elfutils dwarves git libbsd-dev bridge-utils unzip build-essential bison flex iperf iproute2 nodejs socat ethtool + - run: loxilb-ebpf/utils/mkllb_bpffs.sh + - run: sudo -E env "PATH=$PATH" make + - run: docker pull ghcr.io/loxilb-io/loxilb:latest + - run: docker run -u root --cap-add SYS_ADMIN --restart unless-stopped --privileged -dit -v /dev/log:/dev/log --name loxilb ghcr.io/loxilb-io/loxilb:latest + - run: pwd && ls && sudo -E env "PATH=$PATH" make docker-cp + - run: docker exec -dit loxilb mkllb_bpffs + - run: id=`docker ps -f name=loxilb | cut -d " " -f 1 | grep -iv "CONTAINER"` && docker commit $id ghcr.io/loxilb-io/loxilb:latest + - run: docker stop loxilb && docker rm loxilb + - run: | + cd cicd/egresslb/ + ./config.sh + ./validation.sh + ./rmconfig.sh + cd - diff --git a/cicd/egresslb/config.sh b/cicd/egresslb/config.sh new file mode 100755 index 000000000..c0c04c55c --- /dev/null +++ b/cicd/egresslb/config.sh @@ -0,0 +1,83 @@ +#!/bin/bash +source ../common.sh + +echo "#########################################" +echo "Spawning all hosts" +echo "#########################################" + +spawn_docker_host --dock-type loxilb --dock-name llb1 --extra-args "--clusterinterface=eth0" +spawn_docker_host --dock-type loxilb --dock-name llb2 --extra-args "--clusterinterface=eth0" +spawn_docker_host --dock-type host --dock-name h1 +spawn_docker_host --dock-type host --dock-name h2 +spawn_docker_host --dock-type host --dock-name l3e1 +spawn_docker_host --dock-type host --dock-name l3e2 +spawn_docker_host --dock-type host --dock-name l3e3 + +echo "#########################################" +echo "Connecting and configuring hosts" +echo "#########################################" + + +connect_docker_hosts h1 llb1 +connect_docker_hosts h2 llb1 +connect_docker_hosts llb1 llb2 + +config_docker_host --host1 h1 --host2 llb1 --ptype phy --addr 32.32.32.1/24 --gw 32.32.32.254 +config_docker_host --host1 llb1 --host2 h1 --ptype phy --addr 32.32.32.254/24 +config_docker_host --host1 h2 --host2 llb1 --ptype phy --addr 31.31.31.1/24 --gw 31.31.31.254 +config_docker_host --host1 llb1 --host2 h2 --ptype phy --addr 31.31.31.254/24 +config_docker_host --host1 llb1 --host2 llb2 --ptype phy --addr 10.10.10.59/24 +config_docker_host --host1 llb2 --host2 llb1 --ptype phy --addr 10.10.10.56/24 + +#Endpoint Config +connect_docker_hosts l3e1 llb2 +connect_docker_hosts l3e2 llb2 +connect_docker_hosts l3e3 llb2 + +config_docker_host --host1 l3e1 --host2 llb2 --ptype phy --addr 25.25.25.1/24 --gw 25.25.25.254 +config_docker_host --host1 llb2 --host2 l3e1 --ptype phy --addr 25.25.25.254/24 +config_docker_host --host1 l3e2 --host2 llb2 --ptype phy --addr 26.26.26.1/24 --gw 26.26.26.254 +config_docker_host --host1 llb2 --host2 l3e2 --ptype phy --addr 26.26.26.254/24 +config_docker_host --host1 l3e3 --host2 llb2 --ptype phy --addr 27.27.27.1/24 --gw 27.27.27.254 +config_docker_host --host1 llb2 --host2 l3e3 --ptype phy --addr 27.27.27.254/24 + +$dexec llb1 ip route add 25.25.25.0/24 via 10.10.10.56 dev ellb1llb2 +$dexec llb1 ip route add 26.26.26.0/24 via 10.10.10.56 dev ellb1llb2 +$dexec llb1 ip route add 27.27.27.0/24 via 10.10.10.56 dev ellb1llb2 + +#$dexec llb2 ip route add 31.31.31.0/24 via 10.10.10.59 dev ellb2llb1 +$dexec llb2 ip route add 32.32.32.0/24 via 10.10.10.59 dev ellb2llb1 + +##Create LB rule +#$dexec llb2 loxicmd create lb 88.88.88.88 --tcp=2020:8080 --endpoints=25.25.25.1:1,26.26.26.1:1,27.27.27.1:1 + +sleep 5 + +$dexec llb1 bash -c "apt-get update && apt-get install -y curl iputils-ping" +$dexec llb2 bash -c "apt-get update && apt-get install -y curl iputils-ping" + +$hexec llb1 curl -X 'POST' \ + 'http:/127.0.0.1:11111/netlox/v1/config/cistate' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -d '{ + "instance": "default", + "state": "BACKUP", + "vip": "0.0.0.0" +}' + +$hexec llb2 curl -X 'POST' \ + 'http://127.0.0.1:11111/netlox/v1/config/cistate' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -d '{ + "instance": "default", + "state": "MASTER", + "vip": "0.0.0.0" +}' + +$dexec llb1 loxicmd create lb 0.0.0.0 --tcp=9999:9999 --endpoints=172.17.0.3:1,172.17.0.4:1 --egress +$dexec llb1 loxicmd create firewall --firewallRule="sourceIP:32.32.32.1/32" --snat=172.17.0.41 --egress + +$dexec llb2 loxicmd create lb 0.0.0.0 --tcp=9999:9999 --endpoints=172.17.0.3:1,172.17.0.4:1 --egress +$dexec llb2 loxicmd create firewall --firewallRule="sourceIP:32.32.32.1/32" --snat=172.17.0.41 --egress diff --git a/cicd/egresslb/rmconfig.sh b/cicd/egresslb/rmconfig.sh new file mode 100755 index 000000000..e06136daf --- /dev/null +++ b/cicd/egresslb/rmconfig.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +source ../common.sh + +disconnect_docker_hosts h1 llb1 +disconnect_docker_hosts h2 llb1 +delete_docker_host llb1 +delete_docker_host h1 +delete_docker_host h2 + +disconnect_docker_hosts l3e1 llb2 +disconnect_docker_hosts l3e2 llb2 +disconnect_docker_hosts l3e3 llb2 +delete_docker_host llb2 +delete_docker_host l3e1 +delete_docker_host l3e2 +delete_docker_host l3e3 + +echo "#########################################" +echo "Deleted testbed" +echo "#########################################" diff --git a/cicd/egresslb/validation.sh b/cicd/egresslb/validation.sh new file mode 100755 index 000000000..87d29c6f6 --- /dev/null +++ b/cicd/egresslb/validation.sh @@ -0,0 +1,52 @@ +#!/bin/bash +source ../common.sh +echo SCENARIO-egrlb + +sleep 10 +code=0 + +check_ping() { + IP="$1" + if $hexec h1 ping -c 5 -W 10 "$IP" &> /dev/null; then + echo "Ping to $IP is OK." + else + echo "Ping to $IP failed." + code=1 + fi +} + +echo "Checking egress before HA" + +IP_ADDRESS="8.8.8.8" +check_ping $IP_ADDRESS + +$hexec llb2 curl -X 'POST' \ + 'http:/127.0.0.1:11111/netlox/v1/config/cistate' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -d '{ + "instance": "default", + "state": "BACKUP", + "vip": "0.0.0.0" +}' + +$hexec llb1 curl -X 'POST' \ + 'http://127.0.0.1:11111/netlox/v1/config/cistate' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -d '{ + "instance": "default", + "state": "MASTER", + "vip": "0.0.0.0" +}' + +sleep 10 +echo "Checking egress after HA" + +check_ping $IP_ADDRESS + +if [[ $code != 0 ]];then + echo "SCENARIO-egrlb FAILED" +else + echo "SCENARIO-egrlb OK" +fi From 4c6a60ceb403ad550dfabe959b230188782a2f15 Mon Sep 17 00:00:00 2001 From: Trekkie Coder Date: Thu, 26 Dec 2024 23:18:55 +0900 Subject: [PATCH 2/3] gh-877 Initial support for egress : updated cicd --- cicd/egresslb/validation.sh | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/cicd/egresslb/validation.sh b/cicd/egresslb/validation.sh index 87d29c6f6..a2ff76a30 100755 --- a/cicd/egresslb/validation.sh +++ b/cicd/egresslb/validation.sh @@ -5,6 +5,16 @@ echo SCENARIO-egrlb sleep 10 code=0 +check_egr_conn() { + IP="$1" + if $hexec h1 curl -s --head --connect-timeout 5 http://$IP | grep -i "nginx" > /dev/null; then + echo "Connectivity to http://$IP is OK." + else + echo "Failed to connect to https://$IP" + code=1 + fi +} + check_ping() { IP="$1" if $hexec h1 ping -c 5 -W 10 "$IP" &> /dev/null; then @@ -17,8 +27,10 @@ check_ping() { echo "Checking egress before HA" -IP_ADDRESS="8.8.8.8" -check_ping $IP_ADDRESS +PING_IP_ADDRESS="8.8.8.8" +CURL_IP_ADDRESS="208.67.222.222" +#check_ping $PING_IP_ADDRESS +check_egr_conn $CURL_IP_ADDRESS $hexec llb2 curl -X 'POST' \ 'http:/127.0.0.1:11111/netlox/v1/config/cistate' \ @@ -43,7 +55,8 @@ $hexec llb1 curl -X 'POST' \ sleep 10 echo "Checking egress after HA" -check_ping $IP_ADDRESS +#check_ping $IP_ADDRESS +check_egr_conn $CURL_IP_ADDRESS if [[ $code != 0 ]];then echo "SCENARIO-egrlb FAILED" From 3fcacb2f192cdaacf7d2b55057843991b0e7c5b6 Mon Sep 17 00:00:00 2001 From: Trekkie Coder Date: Thu, 26 Dec 2024 23:33:28 +0900 Subject: [PATCH 3/3] gh-877 Initial support for egress : updated cicd --- cicd/egresslb/validation.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cicd/egresslb/validation.sh b/cicd/egresslb/validation.sh index a2ff76a30..eb44a38ad 100755 --- a/cicd/egresslb/validation.sh +++ b/cicd/egresslb/validation.sh @@ -2,7 +2,7 @@ source ../common.sh echo SCENARIO-egrlb -sleep 10 +sleep 30 code=0 check_egr_conn() {