mudhorn/prometheus
1
0
Fork 0
mirror of https://github.com/prometheus/prometheus.git synced 2025-02-21 03:16:00 -08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Merge pull request #4329 from nailgun/4327-ingress-discovery-issue

Browse source 
discovery/kubernetes/ingress: fix TLS discovery
This commit is contained in:
Frederic Branczyk 2018-07-05 10:01:59 +02:00 committed by Brian Brazil
parent 0b93fd6d5e
commit f7e1a94b03
2 changed files with 68 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
discovery/kubernetes/ingress.go
View file

@ -176,13 +176,22 @@ func (s *Ingress) buildIngress(ingress *v1beta1.Ingress) *targetgroup.Group {
} }
tg.Labels = ingressLabels(ingress) tg.Labels = ingressLabels(ingress)
schema := "http" tlsHosts := make(map[string]struct{})
if ingress.Spec.TLS != nil { for _, tls := range ingress.Spec.TLS {
schema = "https" for _, host := range tls.Hosts {
tlsHosts[host] = struct{}{}
} }
}
for _, rule := range ingress.Spec.Rules { for _, rule := range ingress.Spec.Rules {
paths := pathsFromIngressRule(&rule.IngressRuleValue) paths := pathsFromIngressRule(&rule.IngressRuleValue)
schema := "http"
_, isTLS := tlsHosts[rule.Host]
if isTLS {
schema = "https"
}
for _, path := range paths { for _, path := range paths {
tg.Targets = append(tg.Targets, model.LabelSet{ tg.Targets = append(tg.Targets, model.LabelSet{
model.AddressLabel: lv(rule.Host), model.AddressLabel: lv(rule.Host),

73
discovery/kubernetes/ingress_test.go
View file

@ -23,8 +23,16 @@ import (
"k8s.io/client-go/pkg/apis/extensions/v1beta1" "k8s.io/client-go/pkg/apis/extensions/v1beta1"
) )
func makeIngress(tls []v1beta1.IngressTLS) *v1beta1.Ingress { type TLSMode int
return &v1beta1.Ingress{
const (
TLSNo TLSMode = iota
TLSYes
TLSMixed
)
func makeIngress(tls TLSMode) *v1beta1.Ingress {
ret := &v1beta1.Ingress{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "testingress", Name: "testingress",
Namespace: "default", Namespace: "default",
@ -32,7 +40,7 @@ func makeIngress(tls []v1beta1.IngressTLS) *v1beta1.Ingress {
Annotations: map[string]string{"testannotation": "testannotationvalue"}, Annotations: map[string]string{"testannotation": "testannotationvalue"},
}, },
Spec: v1beta1.IngressSpec{ Spec: v1beta1.IngressSpec{
TLS: tls, TLS: nil,
Rules: []v1beta1.IngressRule{ Rules: []v1beta1.IngressRule{
{ {
Host: "example.com", Host: "example.com",
@ -63,31 +71,47 @@ func makeIngress(tls []v1beta1.IngressTLS) *v1beta1.Ingress {
}, },
}, },
} }
switch tls {
case TLSYes:
ret.Spec.TLS = []v1beta1.IngressTLS{{Hosts: []string{"example.com", "test.example.com"}}}
case TLSMixed:
ret.Spec.TLS = []v1beta1.IngressTLS{{Hosts: []string{"example.com"}}}
}
return ret
} }
func expectedTargetGroups(ns string, tls bool) map[string]*targetgroup.Group { func expectedTargetGroups(ns string, tls TLSMode) map[string]*targetgroup.Group {
scheme := "http" scheme1 := "http"
if tls { scheme2 := "http"
scheme = "https"
switch tls {
case TLSYes:
scheme1 = "https"
scheme2 = "https"
case TLSMixed:
scheme1 = "https"
} }
key := fmt.Sprintf("ingress/%s/testingress", ns) key := fmt.Sprintf("ingress/%s/testingress", ns)
return map[string]*targetgroup.Group{ return map[string]*targetgroup.Group{
key: { key: {
Targets: []model.LabelSet{ Targets: []model.LabelSet{
{ {
"__meta_kubernetes_ingress_scheme": lv(scheme), "__meta_kubernetes_ingress_scheme": lv(scheme1),
"__meta_kubernetes_ingress_host": "example.com", "__meta_kubernetes_ingress_host": "example.com",
"__meta_kubernetes_ingress_path": "/", "__meta_kubernetes_ingress_path": "/",
"__address__": "example.com", "__address__": "example.com",
}, },
{ {
"__meta_kubernetes_ingress_scheme": lv(scheme), "__meta_kubernetes_ingress_scheme": lv(scheme1),
"__meta_kubernetes_ingress_host": "example.com", "__meta_kubernetes_ingress_host": "example.com",
"__meta_kubernetes_ingress_path": "/foo", "__meta_kubernetes_ingress_path": "/foo",
"__address__": "example.com", "__address__": "example.com",
}, },
{ {
"__meta_kubernetes_ingress_scheme": lv(scheme), "__meta_kubernetes_ingress_scheme": lv(scheme2),
"__meta_kubernetes_ingress_host": "test.example.com", "__meta_kubernetes_ingress_host": "test.example.com",
"__address__": "test.example.com", "__address__": "test.example.com",
"__meta_kubernetes_ingress_path": "/", "__meta_kubernetes_ingress_path": "/",
@ -110,12 +134,12 @@ func TestIngressDiscoveryAdd(t *testing.T) {
k8sDiscoveryTest{ k8sDiscoveryTest{
discovery: n, discovery: n,
afterStart: func() { afterStart: func() {
obj := makeIngress(nil) obj := makeIngress(TLSNo)
c.ExtensionsV1beta1().Ingresses("default").Create(obj) c.ExtensionsV1beta1().Ingresses("default").Create(obj)
w.Ingresses().Add(obj) w.Ingresses().Add(obj)
}, },
expectedMaxItems: 1, expectedMaxItems: 1,
expectedRes: expectedTargetGroups("default", false), expectedRes: expectedTargetGroups("default", TLSNo),
}.Run(t) }.Run(t)
} }
@ -125,27 +149,42 @@ func TestIngressDiscoveryAddTLS(t *testing.T) {
k8sDiscoveryTest{ k8sDiscoveryTest{
discovery: n, discovery: n,
afterStart: func() { afterStart: func() {
obj := makeIngress([]v1beta1.IngressTLS{{}}) obj := makeIngress(TLSYes)
c.ExtensionsV1beta1().Ingresses("default").Create(obj) c.ExtensionsV1beta1().Ingresses("default").Create(obj)
w.Ingresses().Add(obj) w.Ingresses().Add(obj)
}, },
expectedMaxItems: 1, expectedMaxItems: 1,
expectedRes: expectedTargetGroups("default", true), expectedRes: expectedTargetGroups("default", TLSYes),
}.Run(t)
}
func TestIngressDiscoveryAddMixed(t *testing.T) {
n, c, w := makeDiscovery(RoleIngress, NamespaceDiscovery{Names: []string{"default"}})
k8sDiscoveryTest{
discovery: n,
afterStart: func() {
obj := makeIngress(TLSMixed)
c.ExtensionsV1beta1().Ingresses("default").Create(obj)
w.Ingresses().Add(obj)
},
expectedMaxItems: 1,
expectedRes: expectedTargetGroups("default", TLSMixed),
}.Run(t) }.Run(t)
} }
func TestIngressDiscoveryNamespaces(t *testing.T) { func TestIngressDiscoveryNamespaces(t *testing.T) {
n, c, w := makeDiscovery(RoleIngress, NamespaceDiscovery{Names: []string{"ns1", "ns2"}}) n, c, w := makeDiscovery(RoleIngress, NamespaceDiscovery{Names: []string{"ns1", "ns2"}})
expected := expectedTargetGroups("ns1", false) expected := expectedTargetGroups("ns1", TLSNo)
for k, v := range expectedTargetGroups("ns2", false) { for k, v := range expectedTargetGroups("ns2", TLSNo) {
expected[k] = v expected[k] = v
} }
k8sDiscoveryTest{ k8sDiscoveryTest{
discovery: n, discovery: n,
afterStart: func() { afterStart: func() {
for _, ns := range []string{"ns1", "ns2"} { for _, ns := range []string{"ns1", "ns2"} {
obj := makeIngress(nil) obj := makeIngress(TLSNo)
obj.Namespace = ns obj.Namespace = ns
c.ExtensionsV1beta1().Ingresses(obj.Namespace).Create(obj) c.ExtensionsV1beta1().Ingresses(obj.Namespace).Create(obj)
w.Ingresses().Add(obj) w.Ingresses().Add(obj)