mirror of
https://github.com/prometheus/prometheus.git
synced 2024-12-25 13:44:05 -08:00
Merge pull request #4329 from nailgun/4327-ingress-discovery-issue
discovery/kubernetes/ingress: fix TLS discovery
This commit is contained in:
commit
2f37bab705
|
@ -176,13 +176,22 @@ func (s *Ingress) buildIngress(ingress *v1beta1.Ingress) *targetgroup.Group {
|
|||
}
|
||||
tg.Labels = ingressLabels(ingress)
|
||||
|
||||
schema := "http"
|
||||
if ingress.Spec.TLS != nil {
|
||||
schema = "https"
|
||||
tlsHosts := make(map[string]struct{})
|
||||
for _, tls := range ingress.Spec.TLS {
|
||||
for _, host := range tls.Hosts {
|
||||
tlsHosts[host] = struct{}{}
|
||||
}
|
||||
}
|
||||
|
||||
for _, rule := range ingress.Spec.Rules {
|
||||
paths := pathsFromIngressRule(&rule.IngressRuleValue)
|
||||
|
||||
schema := "http"
|
||||
_, isTLS := tlsHosts[rule.Host]
|
||||
if isTLS {
|
||||
schema = "https"
|
||||
}
|
||||
|
||||
for _, path := range paths {
|
||||
tg.Targets = append(tg.Targets, model.LabelSet{
|
||||
model.AddressLabel: lv(rule.Host),
|
||||
|
|
|
@ -23,8 +23,16 @@ import (
|
|||
"k8s.io/client-go/pkg/apis/extensions/v1beta1"
|
||||
)
|
||||
|
||||
func makeIngress(tls []v1beta1.IngressTLS) *v1beta1.Ingress {
|
||||
return &v1beta1.Ingress{
|
||||
type TLSMode int
|
||||
|
||||
const (
|
||||
TLSNo TLSMode = iota
|
||||
TLSYes
|
||||
TLSMixed
|
||||
)
|
||||
|
||||
func makeIngress(tls TLSMode) *v1beta1.Ingress {
|
||||
ret := &v1beta1.Ingress{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: "testingress",
|
||||
Namespace: "default",
|
||||
|
@ -32,7 +40,7 @@ func makeIngress(tls []v1beta1.IngressTLS) *v1beta1.Ingress {
|
|||
Annotations: map[string]string{"testannotation": "testannotationvalue"},
|
||||
},
|
||||
Spec: v1beta1.IngressSpec{
|
||||
TLS: tls,
|
||||
TLS: nil,
|
||||
Rules: []v1beta1.IngressRule{
|
||||
{
|
||||
Host: "example.com",
|
||||
|
@ -63,31 +71,47 @@ func makeIngress(tls []v1beta1.IngressTLS) *v1beta1.Ingress {
|
|||
},
|
||||
},
|
||||
}
|
||||
|
||||
switch tls {
|
||||
case TLSYes:
|
||||
ret.Spec.TLS = []v1beta1.IngressTLS{{Hosts: []string{"example.com", "test.example.com"}}}
|
||||
case TLSMixed:
|
||||
ret.Spec.TLS = []v1beta1.IngressTLS{{Hosts: []string{"example.com"}}}
|
||||
}
|
||||
|
||||
return ret
|
||||
}
|
||||
|
||||
func expectedTargetGroups(ns string, tls bool) map[string]*targetgroup.Group {
|
||||
scheme := "http"
|
||||
if tls {
|
||||
scheme = "https"
|
||||
func expectedTargetGroups(ns string, tls TLSMode) map[string]*targetgroup.Group {
|
||||
scheme1 := "http"
|
||||
scheme2 := "http"
|
||||
|
||||
switch tls {
|
||||
case TLSYes:
|
||||
scheme1 = "https"
|
||||
scheme2 = "https"
|
||||
case TLSMixed:
|
||||
scheme1 = "https"
|
||||
}
|
||||
|
||||
key := fmt.Sprintf("ingress/%s/testingress", ns)
|
||||
return map[string]*targetgroup.Group{
|
||||
key: {
|
||||
Targets: []model.LabelSet{
|
||||
{
|
||||
"__meta_kubernetes_ingress_scheme": lv(scheme),
|
||||
"__meta_kubernetes_ingress_scheme": lv(scheme1),
|
||||
"__meta_kubernetes_ingress_host": "example.com",
|
||||
"__meta_kubernetes_ingress_path": "/",
|
||||
"__address__": "example.com",
|
||||
},
|
||||
{
|
||||
"__meta_kubernetes_ingress_scheme": lv(scheme),
|
||||
"__meta_kubernetes_ingress_scheme": lv(scheme1),
|
||||
"__meta_kubernetes_ingress_host": "example.com",
|
||||
"__meta_kubernetes_ingress_path": "/foo",
|
||||
"__address__": "example.com",
|
||||
},
|
||||
{
|
||||
"__meta_kubernetes_ingress_scheme": lv(scheme),
|
||||
"__meta_kubernetes_ingress_scheme": lv(scheme2),
|
||||
"__meta_kubernetes_ingress_host": "test.example.com",
|
||||
"__address__": "test.example.com",
|
||||
"__meta_kubernetes_ingress_path": "/",
|
||||
|
@ -110,12 +134,12 @@ func TestIngressDiscoveryAdd(t *testing.T) {
|
|||
k8sDiscoveryTest{
|
||||
discovery: n,
|
||||
afterStart: func() {
|
||||
obj := makeIngress(nil)
|
||||
obj := makeIngress(TLSNo)
|
||||
c.ExtensionsV1beta1().Ingresses("default").Create(obj)
|
||||
w.Ingresses().Add(obj)
|
||||
},
|
||||
expectedMaxItems: 1,
|
||||
expectedRes: expectedTargetGroups("default", false),
|
||||
expectedRes: expectedTargetGroups("default", TLSNo),
|
||||
}.Run(t)
|
||||
}
|
||||
|
||||
|
@ -125,27 +149,42 @@ func TestIngressDiscoveryAddTLS(t *testing.T) {
|
|||
k8sDiscoveryTest{
|
||||
discovery: n,
|
||||
afterStart: func() {
|
||||
obj := makeIngress([]v1beta1.IngressTLS{{}})
|
||||
obj := makeIngress(TLSYes)
|
||||
c.ExtensionsV1beta1().Ingresses("default").Create(obj)
|
||||
w.Ingresses().Add(obj)
|
||||
},
|
||||
expectedMaxItems: 1,
|
||||
expectedRes: expectedTargetGroups("default", true),
|
||||
expectedRes: expectedTargetGroups("default", TLSYes),
|
||||
}.Run(t)
|
||||
}
|
||||
|
||||
func TestIngressDiscoveryAddMixed(t *testing.T) {
|
||||
n, c, w := makeDiscovery(RoleIngress, NamespaceDiscovery{Names: []string{"default"}})
|
||||
|
||||
k8sDiscoveryTest{
|
||||
discovery: n,
|
||||
afterStart: func() {
|
||||
obj := makeIngress(TLSMixed)
|
||||
c.ExtensionsV1beta1().Ingresses("default").Create(obj)
|
||||
w.Ingresses().Add(obj)
|
||||
},
|
||||
expectedMaxItems: 1,
|
||||
expectedRes: expectedTargetGroups("default", TLSMixed),
|
||||
}.Run(t)
|
||||
}
|
||||
|
||||
func TestIngressDiscoveryNamespaces(t *testing.T) {
|
||||
n, c, w := makeDiscovery(RoleIngress, NamespaceDiscovery{Names: []string{"ns1", "ns2"}})
|
||||
|
||||
expected := expectedTargetGroups("ns1", false)
|
||||
for k, v := range expectedTargetGroups("ns2", false) {
|
||||
expected := expectedTargetGroups("ns1", TLSNo)
|
||||
for k, v := range expectedTargetGroups("ns2", TLSNo) {
|
||||
expected[k] = v
|
||||
}
|
||||
k8sDiscoveryTest{
|
||||
discovery: n,
|
||||
afterStart: func() {
|
||||
for _, ns := range []string{"ns1", "ns2"} {
|
||||
obj := makeIngress(nil)
|
||||
obj := makeIngress(TLSNo)
|
||||
obj.Namespace = ns
|
||||
c.ExtensionsV1beta1().Ingresses(obj.Namespace).Create(obj)
|
||||
w.Ingresses().Add(obj)
|
||||
|
|
Loading…
Reference in a new issue