Add an example/test for -sfile cache storage using a StatefulSet.

8870690e · Geoff Simmons · 6114fddd · 8870690e · 8870690e · 8870690e
Commit 8870690e authored Aug 29, 2020 by Geoff Simmons
8 changed files
--- a/examples/file-cache/Makefile
+++ b/examples/file-cache/Makefile
+# Copyright (c) 2020 UPLEX Nils Goroll Systemoptimierung
+# All rights reserved
+#
+# Author: Geoffrey Simmons <geoffrey.simmons@uplex.de>
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+# GNU make is required.
+
+mkpath := $(abspath $(lastword $(MAKEFILE_LIST)))
+mkdir := $(dir $(mkpath))
+
+CHARTDIR=$(mkdir)/../../charts
+TESTDIR=$(mkdir)/../../test
+
+# For the klarlack image: make VARNISH=klarlack ...
+ifndef VARNISH
+	VARNISH=varnish
+endif
+
+CI_REPO_PFX=registry.gitlab.com/uplex/varnish/k8s-ingress/varnish-ingress
+
+# For tests using the local docker registry: make TEST=local ...
+# For tests using images from the CI pipeline: make TEST=ci ...
+ifeq ($(TEST),local)
+	VARNISH_IMAGE=varnish-ingress/$(VARNISH)
+	VARNISH_TAG=latest
+	HAPROXY_IMAGE=varnish-ingress/haproxy
+	HAPROXY_TAG=latest
+else ifeq ($(TEST),ci)
+	VARNISH_IMAGE=$(CI_REPO_PFX)/$(VARNISH)
+	VARNISH_TAG=master
+	HAPROXY_IMAGE=$(CI_REPO_PFX)/haproxy
+	HAPROXY_TAG=master
+endif
+
+# If not specified, pull the latest "official" images from dockerhub.
+LATEST=0.0.2
+ifndef VARNISH_IMAGE
+	VARNISH_IMAGE=uplex/viking-$(VARNISH)
+endif
+ifndef VARNISH_TAG
+	VARNISH_TAG=$(LATEST)
+endif
+ifndef HAPROXY_IMAGE
+	HAPROXY_IMAGE=uplex/viking-haproxy
+endif
+ifndef HAPROXY_TAG
+	HAPROXY_TAG=$(LATEST)
+endif
+
+all: deploy
+
+deploy-helm:
+	@kubectl apply -f pvc.yaml
+	@helm install viking-service-file-cache $(CHARTDIR)/viking-service \
+		--values values-varnish.yaml \
+		--set vikingService.varnish.image.repository=$(VARNISH_IMAGE) \
+		--set vikingService.varnish.image.tag=$(VARNISH_TAG) \
+		--set vikingService.haproxy.image.repository=$(HAPROXY_IMAGE) \
+		--set vikingService.haproxy.image.tag=$(HAPROXY_TAG)
+	@helm install viking-ingress-file-cache $(CHARTDIR)/viking-test-app \
+		--values values.yaml
+
+deploy-kubectl:
+	@kubectl apply -f ../hello/cafe.yaml
+	@kubectl apply -f cafe-ingress.yaml
+	@kubectl apply -f pvc.yaml
+	@kubectl apply -f varnish.yaml
+
+# TESTOPTS are passed to varnishtest, e.g.: make TESTOPTS=-v verify
+verify:
+	$(mkdir)/verify.sh
+
+wait:
+	$(TESTDIR)/wait_delete.sh app=varnish-ingress,example=file-cache
+
+uninstall-kubectl:
+	@kubectl delete -f varnish.yaml
+	@kubectl delete -f pvc.yaml
+	@kubectl delete -f cafe-ingress.yaml
+	@kubectl delete -f ../hello/cafe.yaml
+
+undeploy-kubectl: uninstall-kubectl wait
+
+uninstall-helm:
+	@helm uninstall viking-ingress-file-cache
+	@helm uninstall viking-service-file-cache
+	@kubectl delete -f pvc.yaml
+
+undeploy-helm: uninstall-helm wait
+
+ifeq ($(DEPLOY),kubectl)
+deploy: deploy-kubectl
+undeploy: undeploy-kubectl
+else
+deploy: deploy-helm
+undeploy: undeploy-helm
+endif
+
+.PHONY: all $(MAKECMDGOALS)
--- a/examples/file-cache/cafe-ingress.yaml
+++ b/examples/file-cache/cafe-ingress.yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: cafe-ingress
+  annotations:
+    kubernetes.io/ingress.class: "varnish"
+    ingress.varnish-cache.org/varnish-svc: "viking-service-file-cache-admin"
+spec:
+  rules:
+  - host: cafe.example.com
+    http:
+      paths:
+      - path: /tea
+        backend:
+          serviceName: tea-svc
+          servicePort: 80
+      - path: /coffee
+        backend:
+          serviceName: coffee-svc
+          servicePort: 80
--- a/examples/file-cache/cafe.vtc
+++ b/examples/file-cache/cafe.vtc
+../hello/cafe.vtc
\ No newline at end of file
--- a/examples/file-cache/pvc.yaml
+++ b/examples/file-cache/pvc.yaml
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: persistent-storage
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: "standard"
+  resources:
+    requests:
+      storage: 2m
--- a/examples/file-cache/values-varnish.yaml
+++ b/examples/file-cache/values-varnish.yaml
+vikingService:
+  ## Name of the ingress class to route through this controller
+  ##
+  ingressClass: varnish
+
+  kind: StatefulSet
+  persistentVolume:
+    enabled: true
+    storageClass: standard
+    size: 2m
+
+  # labels to add to the pod container metadata
+  podLabels:
+    app: varnish-ingress
+    example: file-cache
--- a/examples/file-cache/values.yaml
+++ b/examples/file-cache/values.yaml
+apps:
+  coffee:
+    image: nginxdemos/hello:plain-text
+    replicas: 2
+  tea:
+    image: nginxdemos/hello:plain-text
+    replicas: 3
+
+ingress:
+  name: cafe-ingress
+  rules:
+  - host: cafe.example.com
+    paths:
+    - path: /tea
+      app: tea
+    - path: /coffee
+      app: coffee
+
+vikingAdmSvc: viking-service-file-cache-admin
--- a/examples/file-cache/varnish.yaml
+++ b/examples/file-cache/varnish.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: viking-service-file-cache
+  labels:
+    app: varnish-ingress
+spec:
+  type: NodePort
+  ports:
+  - port: 80
+    targetPort: 80
+    protocol: TCP
+    name: http
+  - port: 443
+    targetPort: 443
+    protocol: TCP
+    name: tls
+  selector:
+    app: varnish-ingress
+    example: file-cache
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: viking-service-file-cache-admin
+  labels:
+    app: varnish-ingress
+spec:
+  clusterIP: None
+  ports:
+  - port: 6081
+    targetPort: 6081
+    protocol: TCP
+    name: varnishadm
+  - port: 8000
+    targetPort: 8000
+    protocol: TCP
+    name: configured
+  - port: 5555
+    targetPort: 5555
+    protocol: TCP
+    name: dataplane
+  - port: 5556
+    targetPort: 5556
+    protocol: TCP
+    name: crt-dnldr
+  - port: 9443
+    targetPort: 9443
+    protocol: TCP
+    name: stats
+  selector:
+    app: varnish-ingress
+    example: file-cache
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: viking-service-file-cache
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: varnish-ingress
+  volumeClaimTemplates:
+    - metadata:
+        name: persistent-storage
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        storageClassName: "standard"
+        resources:
+          requests:
+            storage: 2m
+  serviceName: viking-service-file-cache
+  template:
+    metadata:
+      labels:
+        app: varnish-ingress
+        example: file-cache
+    spec:
+      serviceAccountName: varnish-ingress
+      securityContext:
+        fsGroup: 998
+      containers:
+      - image: varnish-ingress/varnish
+        imagePullPolicy: IfNotPresent
+        name: varnish-ingress
+        ports:
+        - name: http
+          containerPort: 80
+        - name: k8s
+          containerPort: 8080
+        volumeMounts:
+        - name: adm-secret
+          mountPath: "/var/run/varnish"
+          readOnly: true
+        - name: varnish-home
+          mountPath: "/var/run/varnish-home"
+        - name: offload
+          mountPath: "/var/run/offload"
+        - name: persistent-storage
+          mountPath: "/run/varnish-home/persistent-storage"
+        livenessProbe:
+          exec:
+            command:
+            - /usr/bin/pgrep
+            - -P
+            - "0"
+            - varnishd
+        readinessProbe:
+          httpGet:
+            path: /ready
+            port: k8s
+        args:
+          - -n
+          - /var/run/varnish-home
+          - -s
+          - file,/run/varnish-home/persistent-storage,1m
+      - image: varnish-ingress/haproxy
+        imagePullPolicy: IfNotPresent
+        name: varnish-ingress-offloader
+        ports:
+        - name: tls
+          containerPort: 443
+        - name: k8s
+          containerPort: 8443
+        volumeMounts:
+        - name: tls-cert
+          mountPath: "/etc/ssl/private"
+        - name: offload
+          mountPath: "/var/run/offload"
+        env:
+          - name: SECRET_DATAPLANEAPI
+            valueFrom:
+              secretKeyRef:
+                name: adm-secret
+                key: dataplaneapi
+          - name: POD_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+        livenessProbe:
+          exec:
+            command:
+            - /usr/bin/pgrep
+            - -P
+            - "0"
+            - haproxy
+        readinessProbe:
+          httpGet:
+            path: /healthz
+            port: k8s
+      volumes:
+      - name: adm-secret
+        secret:
+          secretName: adm-secret
+          items:
+          - key: admin
+            path: _.secret
+      - name: tls-cert
+        emptyDir: {}
+      - name: varnish-home
+        emptyDir:
+          medium: "Memory"
+      - name: offload
+        emptyDir: {}
--- a/examples/file-cache/verify.sh
+++ b/examples/file-cache/verify.sh
+#! /bin/bash -x
+
+MYDIR=$(dirname ${BASH_SOURCE[0]})
+source ${MYDIR}/../../test/utils.sh
+
+LOCALPORT=${LOCALPORT:-8888}
+
+set -e
+# Since Pods in StatefulSet come up sequentially, we need to
+# explicitly wait for each of them to become ready. Otherwise the
+# labels in subsequent waits might match only the first Pod, and
+# port-forward may start too soon (before the second Pod is ready).
+sleep 1
+kubectl wait pod/viking-service-file-cache-0 --for=condition=Ready --timeout=2m
+sleep 1
+kubectl wait pod/viking-service-file-cache-1 --for=condition=Ready --timeout=2m
+
+wait_until_configured example=file-cache
+
+kubectl port-forward svc/viking-service-file-cache ${LOCALPORT}:80 >/dev/null &
+trap 'kill $(jobs -p)' EXIT
+wait_for_port ${LOCALPORT}
+
+varnishtest ${TESTOPTS} -Dlocalport=${LOCALPORT} cafe.vtc