sa_8001/dsk-devops-toolchains
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

디렉토리 구조 및 각 서비스 추가

Browse Source
This commit is contained in:
dsk-minchulahn
2024-01-03 17:29:11 +09:00
parent 98de2a7627
commit d601d0f259
1632 changed files with 207616 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

381
helm/teleport-cluster/tests/proxy_service_test.yaml Normal file
View File

@@ -0,0 +1,381 @@
suite: Proxy Service
templates:
- proxy/service.yaml
tests:
- it: uses a LoadBalancer by default
set:
clusterName: teleport.example.com
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: LoadBalancer
- it: uses a ClusterIP when service.type=ClusterIP
set:
clusterName: teleport.example.com
service:
type: ClusterIP
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: ClusterIP
- it: uses a ClusterIP when proxy.service.type=ClusterIP
set:
clusterName: teleport.example.com
service:
type: NodePort
proxy:
service:
type: ClusterIP
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: ClusterIP
- it: fails to deploy when ingress.enabled=true and proxy.service.type is set to LoadBalancer (default)
set:
clusterName: teleport.example.com
ingress:
enabled: true
asserts:
- failedTemplate:
errorMessage: "proxy.service.type must not be LoadBalancer when using an ingress - any load balancer should be provisioned by your ingress controller. Set proxy.service.type=ClusterIP instead"
- it: uses a ClusterIP when ingress.enabled=true and service.type=ClusterIP
set:
clusterName: teleport.example.com
ingress:
enabled: true
service:
type: ClusterIP
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: ClusterIP
- it: uses a ClusterIP when ingress.enabled=true and proxy.service.type=ClusterIP
set:
clusterName: teleport.example.com
ingress:
enabled: true
proxy:
service:
type: ClusterIP
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: ClusterIP
- it: uses a NodePort when ingress.enabled=true and proxy.service.type=NodePort
set:
clusterName: teleport.example.com
ingress:
enabled: true
proxy:
service:
type: NodePort
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: NodePort
- it: uses a NodePort when ingress.enabled=true and service.type=NodePort
set:
clusterName: teleport.example.com
ingress:
enabled: true
service:
type: NodePort
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: NodePort
- it: uses a NodePort when ingress.enabled=true and proxy.service.type is overridden
set:
clusterName: teleport.example.com
ingress:
enabled: true
proxy:
service:
type: NodePort
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: NodePort
- it: sets AWS annotations when chartMode=aws
set:
clusterName: teleport.example.com
chartMode: aws
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: spec.type
value: LoadBalancer
- equal:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-type
value: nlb
- equal:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol
value: tcp
- equal:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-cross-zone-load-balancing-enabled
value: "true"
- it: sets service annotations when specified
values:
- ../.lint/annotations.yaml
asserts:
- equal:
path: metadata.annotations.kubernetes\.io/service
value: test-annotation
- equal:
path: metadata.annotations.kubernetes\.io/service-different
value: 5
- it: adds a separate Postgres listener port when separatePostgresListener is true
values:
- ../.lint/separate-postgres-listener.yaml
asserts:
- contains:
path: spec.ports
content:
name: postgres
port: 5432
targetPort: 5432
protocol: TCP
- it: does not add a separate Postgres listener port when separatePostgresListener is true and ingress.enabled=true
values:
- ../.lint/separate-postgres-listener.yaml
set:
ingress:
enabled: true
proxyListenerMode: multiplex
service:
type: ClusterIP
asserts:
- notContains:
path: spec.ports
content:
name: postgres
port: 5432
targetPort: 5432
protocol: TCP
- it: adds a separate Mongo listener port when separateMongoListener is true
values:
- ../.lint/separate-mongo-listener.yaml
asserts:
- contains:
path: spec.ports
content:
name: mongo
port: 27017
targetPort: 27017
protocol: TCP
- it: does not add a separate Mongo listener port when separateMongoListener is true and ingress.enabled=true
values:
- ../.lint/separate-mongo-listener.yaml
set:
ingress:
enabled: true
proxyListenerMode: multiplex
service:
type: ClusterIP
asserts:
- notContains:
path: spec.ports
content:
name: mongo
port: 27017
targetPort: 27017
protocol: TCP
- it: sets AWS backend protocol annotation to ssl when in AWS mode and ACM annotation is set
values:
- ../.lint/aws-ha.yaml
set:
annotations:
service:
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:1234567890:certificate/a857a76c-51d0-4d3d-8000-465bb3e9829b
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: 443
asserts:
- equal:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol
value: ssl
- it: does not add AWS backend protocol annotation when in AWS mode, ACM annotation is set and ingress is enabled
values:
- ../.lint/aws-ha.yaml
set:
ingress:
enabled: true
service:
type: ClusterIP
annotations:
service:
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:1234567890:certificate/a857a76c-51d0-4d3d-8000-465bb3e9829b
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: 443
asserts:
- isNull:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol
- it: sets AWS backend protocol annotation to tcp when in AWS mode and ACM annotation is not set
values:
- ../.lint/aws-ha.yaml
asserts:
- equal:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol
value: tcp
- it: does not set AWS backend protocol annotation when in AWS mode, ACM annotation is not set and ingress is enabled
values:
- ../.lint/aws-ha.yaml
set:
ingress:
enabled: true
service:
type: ClusterIP
annotations:
service:
# required so at least one service annotation exists, to avoid non map type error
service.beta.kubernetes.io/random-annotation: helm-lint
asserts:
- isNull:
path: metadata.annotations.service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol
- it: exposes separate listener ports by default
values:
- ../.lint/example-minimal-standalone.yaml
asserts:
- matchSnapshot:
path: spec.ports
- it: does not expose separate listener ports by default when ingress.enabled=true
values:
- ../.lint/example-minimal-standalone.yaml
set:
ingress:
enabled: true
proxyListenerMode: multiplex
service:
type: ClusterIP
asserts:
- notContains:
path: spec.ports
content:
- name: sshproxy
port: 3023
targetPort: 3023
protocol: TCP
- name: k8s
port: 3026
targetPort: 3026
protocol: TCP
- name: sshtun
port: 3024
targetPort: 3024
protocol: TCP
- name: mysql
port: 3036
targetPort: 3036
protocol: TCP
- matchSnapshot:
path: spec.ports
- it: exposes separate listener ports when running in separate mode
values:
- ../.lint/proxy-listener-mode-separate.yaml
asserts:
- matchSnapshot:
path: spec.ports
- it: does not expose separate listener ports when running in separate mode and ingress.enabled=true
values:
- ../.lint/proxy-listener-mode-separate.yaml
set:
ingress:
enabled: true
proxyListenerMode: multiplex
service:
type: ClusterIP
asserts:
- notContains:
path: spec.ports
content:
- name: sshproxy
port: 3023
targetPort: 3023
protocol: TCP
- name: k8s
port: 3026
targetPort: 3026
protocol: TCP
- name: sshtun
port: 3024
targetPort: 3024
protocol: TCP
- name: mysql
port: 3036
targetPort: 3036
protocol: TCP
- matchSnapshot:
path: spec.ports
- it: exposes a single port when running in multiplex mode
values:
- ../.lint/proxy-listener-mode-multiplex.yaml
asserts:
- matchSnapshot:
path: spec.ports
- it: exposes a single port when running in multiplex mode and ingress.enabled=true
values:
- ../.lint/proxy-listener-mode-multiplex.yaml
set:
ingress:
enabled: true
service:
type: ClusterIP
asserts:
- matchSnapshot:
path: spec.ports