Bump go 1.22.2->1.22.5 and add E2E tests

Makefile

@@ -24,7 +24,7 @@ ALL_ARCH ?= amd64 arm arm64 ppc64le s390x
 # The output type could either be docker (local), or registry.
 OUTPUT_TYPE ?= docker
 GO_TOOLCHAIN ?= golang
-GO_VERSION ?= 1.22.2
+GO_VERSION ?= 1.22.3
 BASEIMAGE ?= gcr.io/distroless/static-debian11:nonroot
 
 ifeq ($(GOPATH),)
@@ -80,6 +80,10 @@ test:
 test-integration: build
 	go test -mod=vendor -race ./tests -agent-path $(PWD)/bin/proxy-agent
 
+.PHONY: test-e2e
+test-e2e: docker-build
+	go test -mod=vendor ./e2e -agent-image ${AGENT_FULL_IMAGE}-$(TARGETARCH):${TAG} -server-image ${SERVER_FULL_IMAGE}-$(TARGETARCH):${TAG}
+
 ## --------------------------------------
 ## Binaries
 ## --------------------------------------

e2e/main_test.go

@@ -0,0 +1,128 @@
+package e2e
+
+import (
+	"context"
+	"flag"
+	"fmt"
+	"log"
+	"net/http"
+	"os"
+	"testing"
+
+	io_prometheus_client "github.com/prometheus/client_model/go"
+	"github.com/prometheus/common/expfmt"
+	"k8s.io/client-go/kubernetes/scheme"
+	"sigs.k8s.io/e2e-framework/pkg/env"
+	"sigs.k8s.io/e2e-framework/pkg/envconf"
+	"sigs.k8s.io/e2e-framework/pkg/envfuncs"
+	"sigs.k8s.io/e2e-framework/support/kind"
+)
+
+var (
+	testenv     env.Environment
+	agentImage  = flag.String("agent-image", "", "The proxy agent's docker image.")
+	serverImage = flag.String("server-image", "", "The proxy server's docker image.")
+)
+
+func TestMain(m *testing.M) {
+	flag.Parse()
+	if *agentImage == "" {
+		log.Fatalf("must provide agent image with -agent-image")
+	}
+	if *serverImage == "" {
+		log.Fatalf("must provide server image with -server-image")
+	}
+
+	scheme.AddToScheme(scheme.Scheme)
+
+	testenv = env.New()
+	kindClusterName := "kind-test"
+	kindCluster := kind.NewCluster(kindClusterName)
+
+	testenv.Setup(
+		envfuncs.CreateCluster(kindCluster, kindClusterName),
+		envfuncs.LoadImageToCluster(kindClusterName, *agentImage),
+		envfuncs.LoadImageToCluster(kindClusterName, *serverImage),
+		func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+			client := cfg.Client()
+
+			// Render agent RBAC and Service templates.
+			agentServiceAccount, _, err := renderAgentTemplate("serviceaccount.yaml", struct{}{})
+			if err != nil {
+				return nil, err
+			}
+			agentClusterRole, _, err := renderAgentTemplate("clusterrole.yaml", struct{}{})
+			if err != nil {
+				return nil, err
+			}
+			agentClusterRoleBinding, _, err := renderAgentTemplate("clusterrolebinding.yaml", struct{}{})
+			if err != nil {
+				return ctx, err
+			}
+			agentService, _, err := renderAgentTemplate("service.yaml", struct{}{})
+			if err != nil {
+				return ctx, err
+			}
+
+			// Submit agent RBAC templates to k8s.
+			err = client.Resources().Create(ctx, agentServiceAccount)
+			if err != nil {
+				return ctx, err
+			}
+			err = client.Resources().Create(ctx, agentClusterRole)
+			if err != nil {
+				return ctx, err
+			}
+			err = client.Resources().Create(ctx, agentClusterRoleBinding)
+			if err != nil {
+				return ctx, err
+			}
+			err = client.Resources().Create(ctx, agentService)
+			if err != nil {
+				return ctx, err
+			}
+
+			// Render server RBAC and Service templates.
+			serverClusterRoleBinding, _, err := renderServerTemplate("clusterrolebinding.yaml", struct{}{})
+			if err != nil {
+				return ctx, err
+			}
+			serverService, _, err := renderServerTemplate("service.yaml", struct{}{})
+			if err != nil {
+				return ctx, err
+			}
+
+			// Submit server templates to k8s.
+			err = client.Resources().Create(ctx, serverClusterRoleBinding)
+			if err != nil {
+				return ctx, err
+			}
+			err = client.Resources().Create(ctx, serverService)
+			if err != nil {
+				return ctx, err
+			}
+
+			return ctx, nil
+		},
+	)
+
+	testenv.Finish(envfuncs.DestroyCluster(kindClusterName))
+
+	os.Exit(testenv.Run(m))
+}
+
+func getMetrics(url string) (map[string]*io_prometheus_client.MetricFamily, error) {
+	resp, err := http.Get(url)
+	if err != nil {
+		return nil, fmt.Errorf("could not get metrics: %w", err)
+	}
+
+	metricsParser := &expfmt.TextParser{}
+	metricsFamilies, err := metricsParser.TextToMetricFamilies(resp.Body)
+	defer resp.Body.Close()
+	if err != nil {
+		return nil, fmt.Errorf("could not parse metrics: %w", err)
+	}
+
+	return metricsFamilies, nil
+}

e2e/multiserver_multiagent_test.go

@@ -0,0 +1,163 @@
+package e2e
+
+import (
+	"context"
+	"fmt"
+	"strconv"
+	"testing"
+	"time"
+
+	corev1 "k8s.io/api/core/v1"
+	"sigs.k8s.io/e2e-framework/klient/k8s/resources"
+	"sigs.k8s.io/e2e-framework/klient/wait"
+	"sigs.k8s.io/e2e-framework/klient/wait/conditions"
+	"sigs.k8s.io/e2e-framework/pkg/envconf"
+	"sigs.k8s.io/e2e-framework/pkg/features"
+)
+
+func TestMultiServer_MultiAgent_StaticCount(t *testing.T) {
+	serverServiceHost := "konnectivity-server.kube-system.svc.cluster.local"
+	agentServiceHost := "konnectivity-agent.kube-system.svc.cluster.local"
+	adminPort := 8093
+	replicas := 3
+
+	serverStatefulSetCfg := StatefulSetConfig{
+		Replicas: 3,
+		Image:    *serverImage,
+		Args: []KeyValue{
+			{Key: "log-file", Value: "/var/log/konnectivity-server.log"},
+			{Key: "logtostderr", Value: "true"},
+			{Key: "log-file-max-size", Value: "0"},
+			{Key: "uds-name", Value: "/etc/kubernetes/konnectivity-server/konnectivity-server.socket"},
+			{Key: "delete-existing-uds-file"},
+			{Key: "cluster-cert", Value: "/etc/kubernetes/pki/apiserver.crt"},
+			{Key: "cluster-key", Value: "/etc/kubernetes/pki/apiserver.key"},
+			{Key: "server-port", Value: "8090"},
+			{Key: "agent-port", Value: "8091"},
+			{Key: "health-port", Value: "8092"},
+			{Key: "admin-port", Value: strconv.Itoa(adminPort)},
+			{Key: "keepalive-time", Value: "1h"},
+			{Key: "mode", Value: "grpc"},
+			{Key: "agent-namespace", Value: "kube-system"},
+			{Key: "agent-service-account", Value: "konnectivity-agent"},
+			{Key: "kubeconfig", Value: "/etc/kubernetes/admin.conf"},
+			{Key: "authentication-audience", Value: "system:konnectivity-server"},
+			{Key: "server-count", Value: "1"},
+		},
+	}
+	serverStatefulSet, _, err := renderServerTemplate("statefulset.yaml", serverStatefulSetCfg)
+	if err != nil {
+		t.Fatalf("could not render server deployment: %v", err)
+	}
+
+	agentStatefulSetConfig := StatefulSetConfig{
+		Replicas: 3,
+		Image:    *agentImage,
+		Args: []KeyValue{
+			{Key: "logtostderr", Value: "true"},
+			{Key: "ca-cert", Value: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"},
+			{Key: "proxy-server-host", Value: serverServiceHost},
+			{Key: "proxy-server-port", Value: "8091"},
+			{Key: "sync-interval", Value: "1s"},
+			{Key: "sync-interval-cap", Value: "10s"},
+			{Key: "sync-forever"},
+			{Key: "probe-interval", Value: "1s"},
+			{Key: "service-account-token-path", Value: "/var/run/secrets/tokens/konnectivity-agent-token"},
+			{Key: "server-count", Value: "3"},
+		},
+	}
+	agentStatefulSet, _, err := renderAgentTemplate("statefulset.yaml", agentStatefulSetConfig)
+	if err != nil {
+		t.Fatalf("could not render agent deployment: %v", err)
+	}
+
+	feature := features.New("konnectivity server and agent stateful set with single replica for each")
+	feature.Setup(func(ctx context.Context, t *testing.T, cfg *envconf.Config) context.Context {
+		client := cfg.Client()
+		err := client.Resources().Create(ctx, serverStatefulSet)
+		if err != nil {
+			t.Fatalf("could not create server deployment: %v", err)
+		}
+
+		err = client.Resources().Create(ctx, agentStatefulSet)
+		if err != nil {
+			t.Fatalf("could not create agent deployment: %v", err)
+		}
+
+		err = wait.For(
+			conditions.New(client.Resources()).DeploymentAvailable(agentStatefulSet.GetName(), agentStatefulSet.GetNamespace()),
+			wait.WithTimeout(1*time.Minute),
+			wait.WithInterval(10*time.Second),
+		)
+		if err != nil {
+			t.Fatalf("waiting for agent deployment failed: %v", err)
+		}
+
+		err = wait.For(
+			conditions.New(client.Resources()).DeploymentAvailable(serverStatefulSet.GetName(), serverStatefulSet.GetNamespace()),
+			wait.WithTimeout(1*time.Minute),
+			wait.WithInterval(10*time.Second),
+		)
+		if err != nil {
+			t.Fatalf("waiting for server deployment failed: %v", err)
+		}
+
+		return ctx
+	})
+	feature.Assess("all servers connected to all clients", func(ctx context.Context, t *testing.T, cfg *envconf.Config) context.Context {
+		client := cfg.Client()
+
+		var serverPods *corev1.PodList
+		err := client.Resources().List(ctx, serverPods, resources.WithLabelSelector("k8s-app=konnectivity-server"))
+		if err != nil {
+			t.Fatalf("couldn't get server pods: %v", err)
+		}
+
+		for _, serverPod := range serverPods.Items {
+
+			metricsFamilies, err := getMetrics(fmt.Sprintf("%v-%v:%v/metrics", serverPod.Name, serverServiceHost, adminPort))
+			if err != nil {
+				t.Fatalf("couldn't get server metrics for pod %v", serverPod.Name)
+			}
+			connectionsMetric, exists := metricsFamilies["konnectivity_network_proxy_server_ready_backend_connections"]
+			if !exists {
+				t.Fatalf("couldn't find number of ready backend connections in metrics")
+			}
+
+			numConnections := int(connectionsMetric.GetMetric()[0].GetGauge().GetValue())
+			if numConnections != replicas {
+				t.Errorf("incorrect number of connected agents (want: %v, got: %v)", replicas, numConnections)
+			}
+		}
+
+		return ctx
+	})
+	feature.Assess("all agents connected to all servers", func(ctx context.Context, t *testing.T, cfg *envconf.Config) context.Context {
+		client := cfg.Client()
+
+		var agentPods *corev1.PodList
+		err := client.Resources().List(ctx, agentPods, resources.WithLabelSelector("k8s-app=konnectivity-agent"))
+		if err != nil {
+			t.Fatalf("couldn't get agent pods: %v", err)
+		}
+
+		for _, agentPod := range agentPods.Items {
+
+			metricsFamilies, err := getMetrics(fmt.Sprintf("%v-%v:%v/metrics", agentPod.Name, agentServiceHost, adminPort))
+			if err != nil {
+				t.Fatalf("couldn't get agent metrics for pod %v", agentPod.Name)
+			}
+			connectionsMetric, exists := metricsFamilies["konnectivity_network_proxy_agent_open_server_connections"]
+			if !exists {
+				t.Fatalf("couldn't find number of ready server connections in metrics")
+			}
+
+			numConnections := int(connectionsMetric.GetMetric()[0].GetGauge().GetValue())
+			if numConnections != replicas {
+				t.Errorf("incorrect number of connected servers (want: %v, got: %v)", replicas, numConnections)
+			}
+		}
+
+		return ctx
+	})
+}