1package crd 2 3import ( 4 "context" 5 "os" 6 "path/filepath" 7 "strings" 8 "testing" 9 "time" 10 11 auth "github.com/abbot/go-http-auth" 12 "github.com/stretchr/testify/assert" 13 "github.com/stretchr/testify/require" 14 ptypes "github.com/traefik/paerser/types" 15 "github.com/traefik/traefik/v2/pkg/config/dynamic" 16 "github.com/traefik/traefik/v2/pkg/provider" 17 crdfake "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake" 18 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1" 19 "github.com/traefik/traefik/v2/pkg/provider/kubernetes/k8s" 20 "github.com/traefik/traefik/v2/pkg/tls" 21 "github.com/traefik/traefik/v2/pkg/types" 22 corev1 "k8s.io/api/core/v1" 23 "k8s.io/apimachinery/pkg/runtime" 24 "k8s.io/apimachinery/pkg/util/intstr" 25 kubefake "k8s.io/client-go/kubernetes/fake" 26) 27 28var _ provider.Provider = (*Provider)(nil) 29 30func Int(v int) *int { return &v } 31func Bool(v bool) *bool { return &v } 32 33func TestLoadIngressRouteTCPs(t *testing.T) { 34 testCases := []struct { 35 desc string 36 ingressClass string 37 paths []string 38 expected *dynamic.Configuration 39 }{ 40 { 41 desc: "Empty", 42 expected: &dynamic.Configuration{ 43 UDP: &dynamic.UDPConfiguration{ 44 Routers: map[string]*dynamic.UDPRouter{}, 45 Services: map[string]*dynamic.UDPService{}, 46 }, 47 TCP: &dynamic.TCPConfiguration{ 48 Routers: map[string]*dynamic.TCPRouter{}, 49 Middlewares: map[string]*dynamic.TCPMiddleware{}, 50 Services: map[string]*dynamic.TCPService{}, 51 }, 52 HTTP: &dynamic.HTTPConfiguration{ 53 Routers: map[string]*dynamic.Router{}, 54 Middlewares: map[string]*dynamic.Middleware{}, 55 Services: map[string]*dynamic.Service{}, 56 ServersTransports: map[string]*dynamic.ServersTransport{}, 57 }, 58 TLS: &dynamic.TLSConfiguration{}, 59 }, 60 }, 61 { 62 desc: "Simple Ingress Route, with foo entrypoint", 63 paths: []string{"tcp/services.yml", "tcp/simple.yml"}, 64 expected: &dynamic.Configuration{ 65 UDP: &dynamic.UDPConfiguration{ 66 Routers: map[string]*dynamic.UDPRouter{}, 67 Services: map[string]*dynamic.UDPService{}, 68 }, 69 HTTP: &dynamic.HTTPConfiguration{ 70 Routers: map[string]*dynamic.Router{}, 71 Middlewares: map[string]*dynamic.Middleware{}, 72 Services: map[string]*dynamic.Service{}, 73 ServersTransports: map[string]*dynamic.ServersTransport{}, 74 }, 75 TCP: &dynamic.TCPConfiguration{ 76 Routers: map[string]*dynamic.TCPRouter{ 77 "default-test.route-fdd3e9338e47a45efefc": { 78 EntryPoints: []string{"foo"}, 79 Service: "default-test.route-fdd3e9338e47a45efefc", 80 Rule: "HostSNI(`foo.com`)", 81 }, 82 }, 83 Middlewares: map[string]*dynamic.TCPMiddleware{}, 84 Services: map[string]*dynamic.TCPService{ 85 "default-test.route-fdd3e9338e47a45efefc": { 86 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 87 Servers: []dynamic.TCPServer{ 88 { 89 Address: "10.10.0.1:8000", 90 }, 91 { 92 Address: "10.10.0.2:8000", 93 }, 94 }, 95 }, 96 }, 97 }, 98 }, 99 TLS: &dynamic.TLSConfiguration{}, 100 }, 101 }, 102 { 103 desc: "Simple Ingress Route, with foo entrypoint and middleware", 104 paths: []string{"tcp/services.yml", "tcp/with_middleware.yml"}, 105 expected: &dynamic.Configuration{ 106 UDP: &dynamic.UDPConfiguration{ 107 Routers: map[string]*dynamic.UDPRouter{}, 108 Services: map[string]*dynamic.UDPService{}, 109 }, 110 HTTP: &dynamic.HTTPConfiguration{ 111 Routers: map[string]*dynamic.Router{}, 112 Middlewares: map[string]*dynamic.Middleware{}, 113 Services: map[string]*dynamic.Service{}, 114 ServersTransports: map[string]*dynamic.ServersTransport{}, 115 }, 116 TCP: &dynamic.TCPConfiguration{ 117 Routers: map[string]*dynamic.TCPRouter{ 118 "default-test.route-fdd3e9338e47a45efefc": { 119 EntryPoints: []string{"foo"}, 120 Service: "default-test.route-fdd3e9338e47a45efefc", 121 Middlewares: []string{"default-ipwhitelist", "foo-ipwhitelist"}, 122 Rule: "HostSNI(`foo.com`)", 123 }, 124 }, 125 Middlewares: map[string]*dynamic.TCPMiddleware{ 126 "default-ipwhitelist": { 127 IPWhiteList: &dynamic.TCPIPWhiteList{ 128 SourceRange: []string{"127.0.0.1/32"}, 129 }, 130 }, 131 "foo-ipwhitelist": { 132 IPWhiteList: &dynamic.TCPIPWhiteList{ 133 SourceRange: []string{"127.0.0.1/32"}, 134 }, 135 }, 136 }, 137 Services: map[string]*dynamic.TCPService{ 138 "default-test.route-fdd3e9338e47a45efefc": { 139 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 140 Servers: []dynamic.TCPServer{ 141 { 142 Address: "10.10.0.1:8000", 143 }, 144 { 145 Address: "10.10.0.2:8000", 146 }, 147 }, 148 }, 149 }, 150 }, 151 }, 152 TLS: &dynamic.TLSConfiguration{}, 153 }, 154 }, 155 { 156 desc: "Middlewares in ingress route config are normalized", 157 paths: []string{"tcp/services.yml", "tcp/with_middleware_multiple_hyphens.yml"}, 158 expected: &dynamic.Configuration{ 159 UDP: &dynamic.UDPConfiguration{ 160 Routers: map[string]*dynamic.UDPRouter{}, 161 Services: map[string]*dynamic.UDPService{}, 162 }, 163 HTTP: &dynamic.HTTPConfiguration{ 164 Routers: map[string]*dynamic.Router{}, 165 Middlewares: map[string]*dynamic.Middleware{}, 166 Services: map[string]*dynamic.Service{}, 167 ServersTransports: map[string]*dynamic.ServersTransport{}, 168 }, 169 TCP: &dynamic.TCPConfiguration{ 170 Routers: map[string]*dynamic.TCPRouter{ 171 "default-test.route-fdd3e9338e47a45efefc": { 172 EntryPoints: []string{"foo"}, 173 Service: "default-test.route-fdd3e9338e47a45efefc", 174 Middlewares: []string{"default-multiple-hyphens"}, 175 Rule: "HostSNI(`foo.com`)", 176 }, 177 }, 178 Middlewares: map[string]*dynamic.TCPMiddleware{ 179 "default-multiple-hyphens": { 180 IPWhiteList: &dynamic.TCPIPWhiteList{ 181 SourceRange: []string{"127.0.0.1/32"}, 182 }, 183 }, 184 }, 185 Services: map[string]*dynamic.TCPService{ 186 "default-test.route-fdd3e9338e47a45efefc": { 187 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 188 Servers: []dynamic.TCPServer{ 189 { 190 Address: "10.10.0.1:8000", 191 }, 192 { 193 Address: "10.10.0.2:8000", 194 }, 195 }, 196 }, 197 }, 198 }, 199 }, 200 TLS: &dynamic.TLSConfiguration{}, 201 }, 202 }, 203 { 204 desc: "Simple Ingress Route, with foo entrypoint and crossprovider middleware", 205 paths: []string{"tcp/services.yml", "tcp/with_middleware_crossprovider.yml"}, 206 expected: &dynamic.Configuration{ 207 UDP: &dynamic.UDPConfiguration{ 208 Routers: map[string]*dynamic.UDPRouter{}, 209 Services: map[string]*dynamic.UDPService{}, 210 }, 211 HTTP: &dynamic.HTTPConfiguration{ 212 Routers: map[string]*dynamic.Router{}, 213 Middlewares: map[string]*dynamic.Middleware{}, 214 Services: map[string]*dynamic.Service{}, 215 ServersTransports: map[string]*dynamic.ServersTransport{}, 216 }, 217 TCP: &dynamic.TCPConfiguration{ 218 Routers: map[string]*dynamic.TCPRouter{ 219 "default-test.route-fdd3e9338e47a45efefc": { 220 EntryPoints: []string{"foo"}, 221 Service: "default-test.route-fdd3e9338e47a45efefc", 222 Middlewares: []string{"default-ipwhitelist", "foo-ipwhitelist", "ipwhitelist@file", "ipwhitelist-foo@file"}, 223 Rule: "HostSNI(`foo.com`)", 224 }, 225 }, 226 Middlewares: map[string]*dynamic.TCPMiddleware{ 227 "default-ipwhitelist": { 228 IPWhiteList: &dynamic.TCPIPWhiteList{ 229 SourceRange: []string{"127.0.0.1/32"}, 230 }, 231 }, 232 "foo-ipwhitelist": { 233 IPWhiteList: &dynamic.TCPIPWhiteList{ 234 SourceRange: []string{"127.0.0.1/32"}, 235 }, 236 }, 237 }, 238 Services: map[string]*dynamic.TCPService{ 239 "default-test.route-fdd3e9338e47a45efefc": { 240 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 241 Servers: []dynamic.TCPServer{ 242 { 243 Address: "10.10.0.1:8000", 244 }, 245 { 246 Address: "10.10.0.2:8000", 247 }, 248 }, 249 }, 250 }, 251 }, 252 }, 253 TLS: &dynamic.TLSConfiguration{}, 254 }, 255 }, 256 { 257 desc: "One ingress Route with two different rules", 258 paths: []string{"tcp/services.yml", "tcp/with_two_rules.yml"}, 259 expected: &dynamic.Configuration{ 260 UDP: &dynamic.UDPConfiguration{ 261 Routers: map[string]*dynamic.UDPRouter{}, 262 Services: map[string]*dynamic.UDPService{}, 263 }, 264 TCP: &dynamic.TCPConfiguration{ 265 Routers: map[string]*dynamic.TCPRouter{ 266 "default-test.route-fdd3e9338e47a45efefc": { 267 EntryPoints: []string{"foo"}, 268 Service: "default-test.route-fdd3e9338e47a45efefc", 269 Rule: "HostSNI(`foo.com`)", 270 }, 271 "default-test.route-f44ce589164e656d231c": { 272 EntryPoints: []string{"foo"}, 273 Service: "default-test.route-f44ce589164e656d231c", 274 Rule: "HostSNI(`bar.com`)", 275 }, 276 }, 277 Middlewares: map[string]*dynamic.TCPMiddleware{}, 278 Services: map[string]*dynamic.TCPService{ 279 "default-test.route-fdd3e9338e47a45efefc": { 280 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 281 Servers: []dynamic.TCPServer{ 282 { 283 Address: "10.10.0.1:8000", 284 }, 285 { 286 Address: "10.10.0.2:8000", 287 }, 288 }, 289 }, 290 }, 291 "default-test.route-f44ce589164e656d231c": { 292 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 293 Servers: []dynamic.TCPServer{ 294 { 295 Address: "10.10.0.1:8000", 296 }, 297 { 298 Address: "10.10.0.2:8000", 299 }, 300 }, 301 }, 302 }, 303 }, 304 }, 305 HTTP: &dynamic.HTTPConfiguration{ 306 Routers: map[string]*dynamic.Router{}, 307 Middlewares: map[string]*dynamic.Middleware{}, 308 Services: map[string]*dynamic.Service{}, 309 ServersTransports: map[string]*dynamic.ServersTransport{}, 310 }, 311 TLS: &dynamic.TLSConfiguration{}, 312 }, 313 }, 314 { 315 desc: "One ingress Route with two identical rules", 316 paths: []string{"tcp/services.yml", "tcp/with_two_identical_rules.yml"}, 317 expected: &dynamic.Configuration{ 318 UDP: &dynamic.UDPConfiguration{ 319 Routers: map[string]*dynamic.UDPRouter{}, 320 Services: map[string]*dynamic.UDPService{}, 321 }, 322 TCP: &dynamic.TCPConfiguration{ 323 Routers: map[string]*dynamic.TCPRouter{ 324 "default-test.route-fdd3e9338e47a45efefc": { 325 EntryPoints: []string{"foo"}, 326 Service: "default-test.route-fdd3e9338e47a45efefc", 327 Rule: "HostSNI(`foo.com`)", 328 }, 329 }, 330 Middlewares: map[string]*dynamic.TCPMiddleware{}, 331 Services: map[string]*dynamic.TCPService{ 332 "default-test.route-fdd3e9338e47a45efefc": { 333 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 334 Servers: []dynamic.TCPServer{ 335 { 336 Address: "10.10.0.1:8000", 337 }, 338 { 339 Address: "10.10.0.2:8000", 340 }, 341 }, 342 }, 343 }, 344 }, 345 }, 346 HTTP: &dynamic.HTTPConfiguration{ 347 Routers: map[string]*dynamic.Router{}, 348 Middlewares: map[string]*dynamic.Middleware{}, 349 Services: map[string]*dynamic.Service{}, 350 ServersTransports: map[string]*dynamic.ServersTransport{}, 351 }, 352 TLS: &dynamic.TLSConfiguration{}, 353 }, 354 }, 355 { 356 desc: "One ingress Route with two different services", 357 paths: []string{"tcp/services.yml", "tcp/with_two_services.yml"}, 358 expected: &dynamic.Configuration{ 359 UDP: &dynamic.UDPConfiguration{ 360 Routers: map[string]*dynamic.UDPRouter{}, 361 Services: map[string]*dynamic.UDPService{}, 362 }, 363 TCP: &dynamic.TCPConfiguration{ 364 Routers: map[string]*dynamic.TCPRouter{ 365 "default-test.route-fdd3e9338e47a45efefc": { 366 EntryPoints: []string{"foo"}, 367 Service: "default-test.route-fdd3e9338e47a45efefc", 368 Rule: "HostSNI(`foo.com`)", 369 }, 370 }, 371 Middlewares: map[string]*dynamic.TCPMiddleware{}, 372 Services: map[string]*dynamic.TCPService{ 373 "default-test.route-fdd3e9338e47a45efefc": { 374 Weighted: &dynamic.TCPWeightedRoundRobin{ 375 Services: []dynamic.TCPWRRService{ 376 { 377 Name: "default-test.route-fdd3e9338e47a45efefc-whoamitcp-8000", 378 Weight: func(i int) *int { return &i }(2), 379 }, 380 { 381 Name: "default-test.route-fdd3e9338e47a45efefc-whoamitcp2-8080", 382 Weight: func(i int) *int { return &i }(3), 383 }, 384 }, 385 }, 386 }, 387 "default-test.route-fdd3e9338e47a45efefc-whoamitcp-8000": { 388 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 389 Servers: []dynamic.TCPServer{ 390 { 391 Address: "10.10.0.1:8000", 392 }, 393 { 394 Address: "10.10.0.2:8000", 395 }, 396 }, 397 }, 398 }, 399 "default-test.route-fdd3e9338e47a45efefc-whoamitcp2-8080": { 400 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 401 Servers: []dynamic.TCPServer{ 402 { 403 Address: "10.10.0.3:8080", 404 }, 405 { 406 Address: "10.10.0.4:8080", 407 }, 408 }, 409 }, 410 }, 411 }, 412 }, 413 HTTP: &dynamic.HTTPConfiguration{ 414 Routers: map[string]*dynamic.Router{}, 415 Middlewares: map[string]*dynamic.Middleware{}, 416 Services: map[string]*dynamic.Service{}, 417 ServersTransports: map[string]*dynamic.ServersTransport{}, 418 }, 419 TLS: &dynamic.TLSConfiguration{}, 420 }, 421 }, 422 { 423 desc: "One ingress Route with different services namespaces", 424 paths: []string{"tcp/services.yml", "tcp/with_different_services_ns.yml"}, 425 expected: &dynamic.Configuration{ 426 UDP: &dynamic.UDPConfiguration{ 427 Routers: map[string]*dynamic.UDPRouter{}, 428 Services: map[string]*dynamic.UDPService{}, 429 }, 430 TCP: &dynamic.TCPConfiguration{ 431 Routers: map[string]*dynamic.TCPRouter{ 432 "default-test.route-fdd3e9338e47a45efefc": { 433 EntryPoints: []string{"foo"}, 434 Service: "default-test.route-fdd3e9338e47a45efefc", 435 Rule: "HostSNI(`foo.com`)", 436 }, 437 }, 438 Middlewares: map[string]*dynamic.TCPMiddleware{}, 439 Services: map[string]*dynamic.TCPService{ 440 "default-test.route-fdd3e9338e47a45efefc": { 441 Weighted: &dynamic.TCPWeightedRoundRobin{ 442 Services: []dynamic.TCPWRRService{ 443 { 444 Name: "default-test.route-fdd3e9338e47a45efefc-whoamitcp-8000", 445 Weight: func(i int) *int { return &i }(2), 446 }, 447 { 448 Name: "default-test.route-fdd3e9338e47a45efefc-whoamitcp2-8080", 449 Weight: func(i int) *int { return &i }(3), 450 }, 451 { 452 Name: "default-test.route-fdd3e9338e47a45efefc-whoamitcp3-8083", 453 Weight: func(i int) *int { return &i }(4), 454 }, 455 }, 456 }, 457 }, 458 "default-test.route-fdd3e9338e47a45efefc-whoamitcp-8000": { 459 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 460 Servers: []dynamic.TCPServer{ 461 { 462 Address: "10.10.0.1:8000", 463 }, 464 { 465 Address: "10.10.0.2:8000", 466 }, 467 }, 468 }, 469 }, 470 "default-test.route-fdd3e9338e47a45efefc-whoamitcp2-8080": { 471 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 472 Servers: []dynamic.TCPServer{ 473 { 474 Address: "10.10.0.3:8080", 475 }, 476 { 477 Address: "10.10.0.4:8080", 478 }, 479 }, 480 }, 481 }, 482 "default-test.route-fdd3e9338e47a45efefc-whoamitcp3-8083": { 483 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 484 Servers: []dynamic.TCPServer{ 485 { 486 Address: "10.10.0.7:8083", 487 }, 488 { 489 Address: "10.10.0.8:8083", 490 }, 491 }, 492 }, 493 }, 494 }, 495 }, 496 HTTP: &dynamic.HTTPConfiguration{ 497 Routers: map[string]*dynamic.Router{}, 498 Middlewares: map[string]*dynamic.Middleware{}, 499 Services: map[string]*dynamic.Service{}, 500 ServersTransports: map[string]*dynamic.ServersTransport{}, 501 }, 502 TLS: &dynamic.TLSConfiguration{}, 503 }, 504 }, 505 { 506 desc: "Ingress class does not match", 507 paths: []string{"tcp/services.yml", "tcp/simple.yml"}, 508 ingressClass: "tchouk", 509 expected: &dynamic.Configuration{ 510 UDP: &dynamic.UDPConfiguration{ 511 Routers: map[string]*dynamic.UDPRouter{}, 512 Services: map[string]*dynamic.UDPService{}, 513 }, 514 TCP: &dynamic.TCPConfiguration{ 515 Routers: map[string]*dynamic.TCPRouter{}, 516 Middlewares: map[string]*dynamic.TCPMiddleware{}, 517 Services: map[string]*dynamic.TCPService{}, 518 }, 519 HTTP: &dynamic.HTTPConfiguration{ 520 Routers: map[string]*dynamic.Router{}, 521 Middlewares: map[string]*dynamic.Middleware{}, 522 Services: map[string]*dynamic.Service{}, 523 ServersTransports: map[string]*dynamic.ServersTransport{}, 524 }, 525 TLS: &dynamic.TLSConfiguration{}, 526 }, 527 }, 528 { 529 desc: "Route with empty rule value is ignored", 530 paths: []string{"tcp/services.yml", "tcp/with_no_rule_value.yml"}, 531 expected: &dynamic.Configuration{ 532 UDP: &dynamic.UDPConfiguration{ 533 Routers: map[string]*dynamic.UDPRouter{}, 534 Services: map[string]*dynamic.UDPService{}, 535 }, 536 TCP: &dynamic.TCPConfiguration{ 537 Routers: map[string]*dynamic.TCPRouter{}, 538 Middlewares: map[string]*dynamic.TCPMiddleware{}, 539 Services: map[string]*dynamic.TCPService{}, 540 }, 541 HTTP: &dynamic.HTTPConfiguration{ 542 Routers: map[string]*dynamic.Router{}, 543 Middlewares: map[string]*dynamic.Middleware{}, 544 Services: map[string]*dynamic.Service{}, 545 ServersTransports: map[string]*dynamic.ServersTransport{}, 546 }, 547 TLS: &dynamic.TLSConfiguration{}, 548 }, 549 }, 550 { 551 desc: "TLS", 552 paths: []string{"tcp/services.yml", "tcp/with_tls.yml"}, 553 expected: &dynamic.Configuration{ 554 UDP: &dynamic.UDPConfiguration{ 555 Routers: map[string]*dynamic.UDPRouter{}, 556 Services: map[string]*dynamic.UDPService{}, 557 }, 558 TLS: &dynamic.TLSConfiguration{ 559 Certificates: []*tls.CertAndStores{ 560 { 561 Certificate: tls.Certificate{ 562 CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 563 KeyFile: tls.FileOrContent("-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----"), 564 }, 565 }, 566 }, 567 }, 568 TCP: &dynamic.TCPConfiguration{ 569 Routers: map[string]*dynamic.TCPRouter{ 570 "default-test.route-fdd3e9338e47a45efefc": { 571 EntryPoints: []string{"foo"}, 572 Service: "default-test.route-fdd3e9338e47a45efefc", 573 Rule: "HostSNI(`foo.com`)", 574 TLS: &dynamic.RouterTCPTLSConfig{}, 575 }, 576 }, 577 Middlewares: map[string]*dynamic.TCPMiddleware{}, 578 Services: map[string]*dynamic.TCPService{ 579 "default-test.route-fdd3e9338e47a45efefc": { 580 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 581 Servers: []dynamic.TCPServer{ 582 { 583 Address: "10.10.0.1:8000", 584 }, 585 { 586 Address: "10.10.0.2:8000", 587 }, 588 }, 589 }, 590 }, 591 }, 592 }, 593 HTTP: &dynamic.HTTPConfiguration{ 594 Routers: map[string]*dynamic.Router{}, 595 Middlewares: map[string]*dynamic.Middleware{}, 596 Services: map[string]*dynamic.Service{}, 597 ServersTransports: map[string]*dynamic.ServersTransport{}, 598 }, 599 }, 600 }, 601 { 602 desc: "TLS with passthrough", 603 paths: []string{"tcp/services.yml", "tcp/with_tls_passthrough.yml"}, 604 expected: &dynamic.Configuration{ 605 UDP: &dynamic.UDPConfiguration{ 606 Routers: map[string]*dynamic.UDPRouter{}, 607 Services: map[string]*dynamic.UDPService{}, 608 }, 609 TCP: &dynamic.TCPConfiguration{ 610 Routers: map[string]*dynamic.TCPRouter{ 611 "default-test.route-fdd3e9338e47a45efefc": { 612 EntryPoints: []string{"foo"}, 613 Service: "default-test.route-fdd3e9338e47a45efefc", 614 Rule: "HostSNI(`foo.com`)", 615 TLS: &dynamic.RouterTCPTLSConfig{ 616 Passthrough: true, 617 }, 618 }, 619 }, 620 Middlewares: map[string]*dynamic.TCPMiddleware{}, 621 Services: map[string]*dynamic.TCPService{ 622 "default-test.route-fdd3e9338e47a45efefc": { 623 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 624 Servers: []dynamic.TCPServer{ 625 { 626 Address: "10.10.0.1:8000", 627 }, 628 { 629 Address: "10.10.0.2:8000", 630 }, 631 }, 632 }, 633 }, 634 }, 635 }, 636 HTTP: &dynamic.HTTPConfiguration{ 637 Routers: map[string]*dynamic.Router{}, 638 Middlewares: map[string]*dynamic.Middleware{}, 639 Services: map[string]*dynamic.Service{}, 640 ServersTransports: map[string]*dynamic.ServersTransport{}, 641 }, 642 TLS: &dynamic.TLSConfiguration{}, 643 }, 644 }, 645 { 646 desc: "TLS with tls options", 647 paths: []string{"tcp/services.yml", "tcp/with_tls_options.yml"}, 648 expected: &dynamic.Configuration{ 649 UDP: &dynamic.UDPConfiguration{ 650 Routers: map[string]*dynamic.UDPRouter{}, 651 Services: map[string]*dynamic.UDPService{}, 652 }, 653 TLS: &dynamic.TLSConfiguration{ 654 Options: map[string]tls.Options{ 655 "default-foo": { 656 MinVersion: "VersionTLS12", 657 CipherSuites: []string{ 658 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 659 "TLS_RSA_WITH_AES_256_GCM_SHA384", 660 }, 661 ClientAuth: tls.ClientAuth{ 662 CAFiles: []tls.FileOrContent{ 663 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 664 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 665 }, 666 ClientAuthType: "VerifyClientCertIfGiven", 667 }, 668 SniStrict: true, 669 PreferServerCipherSuites: true, 670 ALPNProtocols: []string{ 671 "h2", 672 "http/1.1", 673 "acme-tls/1", 674 }, 675 }, 676 }, 677 }, 678 TCP: &dynamic.TCPConfiguration{ 679 Routers: map[string]*dynamic.TCPRouter{ 680 "default-test.route-fdd3e9338e47a45efefc": { 681 EntryPoints: []string{"foo"}, 682 Service: "default-test.route-fdd3e9338e47a45efefc", 683 Rule: "HostSNI(`foo.com`)", 684 TLS: &dynamic.RouterTCPTLSConfig{ 685 Options: "default-foo", 686 }, 687 }, 688 }, 689 Middlewares: map[string]*dynamic.TCPMiddleware{}, 690 Services: map[string]*dynamic.TCPService{ 691 "default-test.route-fdd3e9338e47a45efefc": { 692 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 693 Servers: []dynamic.TCPServer{ 694 { 695 Address: "10.10.0.1:8000", 696 }, 697 { 698 Address: "10.10.0.2:8000", 699 }, 700 }, 701 }, 702 }, 703 }, 704 }, 705 HTTP: &dynamic.HTTPConfiguration{ 706 Routers: map[string]*dynamic.Router{}, 707 Middlewares: map[string]*dynamic.Middleware{}, 708 Services: map[string]*dynamic.Service{}, 709 ServersTransports: map[string]*dynamic.ServersTransport{}, 710 }, 711 }, 712 }, 713 { 714 desc: "TLS with tls options and specific namespace", 715 paths: []string{"tcp/services.yml", "tcp/with_tls_options_and_specific_namespace.yml"}, 716 expected: &dynamic.Configuration{ 717 UDP: &dynamic.UDPConfiguration{ 718 Routers: map[string]*dynamic.UDPRouter{}, 719 Services: map[string]*dynamic.UDPService{}, 720 }, 721 TLS: &dynamic.TLSConfiguration{ 722 Options: map[string]tls.Options{ 723 "myns-foo": { 724 MinVersion: "VersionTLS12", 725 CipherSuites: []string{ 726 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 727 "TLS_RSA_WITH_AES_256_GCM_SHA384", 728 }, 729 ClientAuth: tls.ClientAuth{ 730 CAFiles: []tls.FileOrContent{ 731 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 732 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 733 }, 734 ClientAuthType: "VerifyClientCertIfGiven", 735 }, 736 SniStrict: true, 737 ALPNProtocols: []string{ 738 "h2", 739 "http/1.1", 740 "acme-tls/1", 741 }, 742 }, 743 }, 744 }, 745 TCP: &dynamic.TCPConfiguration{ 746 Routers: map[string]*dynamic.TCPRouter{ 747 "default-test.route-fdd3e9338e47a45efefc": { 748 EntryPoints: []string{"foo"}, 749 Service: "default-test.route-fdd3e9338e47a45efefc", 750 Rule: "HostSNI(`foo.com`)", 751 TLS: &dynamic.RouterTCPTLSConfig{ 752 Options: "myns-foo", 753 }, 754 }, 755 }, 756 Middlewares: map[string]*dynamic.TCPMiddleware{}, 757 Services: map[string]*dynamic.TCPService{ 758 "default-test.route-fdd3e9338e47a45efefc": { 759 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 760 Servers: []dynamic.TCPServer{ 761 { 762 Address: "10.10.0.1:8000", 763 }, 764 { 765 Address: "10.10.0.2:8000", 766 }, 767 }, 768 }, 769 }, 770 }, 771 }, 772 HTTP: &dynamic.HTTPConfiguration{ 773 Routers: map[string]*dynamic.Router{}, 774 Middlewares: map[string]*dynamic.Middleware{}, 775 Services: map[string]*dynamic.Service{}, 776 ServersTransports: map[string]*dynamic.ServersTransport{}, 777 }, 778 }, 779 }, 780 { 781 desc: "TLS with bad tls options", 782 paths: []string{"tcp/services.yml", "tcp/with_bad_tls_options.yml"}, 783 expected: &dynamic.Configuration{ 784 UDP: &dynamic.UDPConfiguration{ 785 Routers: map[string]*dynamic.UDPRouter{}, 786 Services: map[string]*dynamic.UDPService{}, 787 }, 788 TLS: &dynamic.TLSConfiguration{ 789 Options: map[string]tls.Options{ 790 "default-foo": { 791 MinVersion: "VersionTLS12", 792 CipherSuites: []string{ 793 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 794 "TLS_RSA_WITH_AES_256_GCM_SHA384", 795 }, 796 ClientAuth: tls.ClientAuth{ 797 CAFiles: []tls.FileOrContent{ 798 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 799 }, 800 ClientAuthType: "VerifyClientCertIfGiven", 801 }, 802 SniStrict: true, 803 ALPNProtocols: []string{ 804 "h2", 805 "http/1.1", 806 "acme-tls/1", 807 }, 808 }, 809 }, 810 }, 811 TCP: &dynamic.TCPConfiguration{ 812 Routers: map[string]*dynamic.TCPRouter{ 813 "default-test.route-fdd3e9338e47a45efefc": { 814 EntryPoints: []string{"foo"}, 815 Service: "default-test.route-fdd3e9338e47a45efefc", 816 Rule: "HostSNI(`foo.com`)", 817 TLS: &dynamic.RouterTCPTLSConfig{ 818 Options: "default-foo", 819 }, 820 }, 821 }, 822 Middlewares: map[string]*dynamic.TCPMiddleware{}, 823 Services: map[string]*dynamic.TCPService{ 824 "default-test.route-fdd3e9338e47a45efefc": { 825 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 826 Servers: []dynamic.TCPServer{ 827 { 828 Address: "10.10.0.1:8000", 829 }, 830 { 831 Address: "10.10.0.2:8000", 832 }, 833 }, 834 }, 835 }, 836 }, 837 }, 838 HTTP: &dynamic.HTTPConfiguration{ 839 Routers: map[string]*dynamic.Router{}, 840 Middlewares: map[string]*dynamic.Middleware{}, 841 Services: map[string]*dynamic.Service{}, 842 ServersTransports: map[string]*dynamic.ServersTransport{}, 843 }, 844 }, 845 }, 846 { 847 desc: "TLS with unknown tls options", 848 paths: []string{"tcp/services.yml", "tcp/with_unknown_tls_options.yml"}, 849 expected: &dynamic.Configuration{ 850 UDP: &dynamic.UDPConfiguration{ 851 Routers: map[string]*dynamic.UDPRouter{}, 852 Services: map[string]*dynamic.UDPService{}, 853 }, 854 TLS: &dynamic.TLSConfiguration{ 855 Options: map[string]tls.Options{ 856 "default-foo": { 857 MinVersion: "VersionTLS12", 858 ALPNProtocols: []string{ 859 "h2", 860 "http/1.1", 861 "acme-tls/1", 862 }, 863 }, 864 }, 865 }, 866 TCP: &dynamic.TCPConfiguration{ 867 Routers: map[string]*dynamic.TCPRouter{ 868 "default-test.route-fdd3e9338e47a45efefc": { 869 EntryPoints: []string{"foo"}, 870 Service: "default-test.route-fdd3e9338e47a45efefc", 871 Rule: "HostSNI(`foo.com`)", 872 TLS: &dynamic.RouterTCPTLSConfig{ 873 Options: "default-unknown", 874 }, 875 }, 876 }, 877 Middlewares: map[string]*dynamic.TCPMiddleware{}, 878 Services: map[string]*dynamic.TCPService{ 879 "default-test.route-fdd3e9338e47a45efefc": { 880 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 881 Servers: []dynamic.TCPServer{ 882 { 883 Address: "10.10.0.1:8000", 884 }, 885 { 886 Address: "10.10.0.2:8000", 887 }, 888 }, 889 }, 890 }, 891 }, 892 }, 893 HTTP: &dynamic.HTTPConfiguration{ 894 Routers: map[string]*dynamic.Router{}, 895 Middlewares: map[string]*dynamic.Middleware{}, 896 Services: map[string]*dynamic.Service{}, 897 ServersTransports: map[string]*dynamic.ServersTransport{}, 898 }, 899 }, 900 }, 901 { 902 desc: "TLS with unknown tls options namespace", 903 paths: []string{"tcp/services.yml", "tcp/with_unknown_tls_options_namespace.yml"}, 904 expected: &dynamic.Configuration{ 905 UDP: &dynamic.UDPConfiguration{ 906 Routers: map[string]*dynamic.UDPRouter{}, 907 Services: map[string]*dynamic.UDPService{}, 908 }, 909 TLS: &dynamic.TLSConfiguration{ 910 Options: map[string]tls.Options{ 911 "default-foo": { 912 MinVersion: "VersionTLS12", 913 ALPNProtocols: []string{ 914 "h2", 915 "http/1.1", 916 "acme-tls/1", 917 }, 918 }, 919 }, 920 }, 921 TCP: &dynamic.TCPConfiguration{ 922 Routers: map[string]*dynamic.TCPRouter{ 923 "default-test.route-fdd3e9338e47a45efefc": { 924 EntryPoints: []string{"foo"}, 925 Service: "default-test.route-fdd3e9338e47a45efefc", 926 Rule: "HostSNI(`foo.com`)", 927 TLS: &dynamic.RouterTCPTLSConfig{ 928 Options: "unknown-foo", 929 }, 930 }, 931 }, 932 Middlewares: map[string]*dynamic.TCPMiddleware{}, 933 Services: map[string]*dynamic.TCPService{ 934 "default-test.route-fdd3e9338e47a45efefc": { 935 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 936 Servers: []dynamic.TCPServer{ 937 { 938 Address: "10.10.0.1:8000", 939 }, 940 { 941 Address: "10.10.0.2:8000", 942 }, 943 }, 944 }, 945 }, 946 }, 947 }, 948 HTTP: &dynamic.HTTPConfiguration{ 949 Routers: map[string]*dynamic.Router{}, 950 Middlewares: map[string]*dynamic.Middleware{}, 951 Services: map[string]*dynamic.Service{}, 952 ServersTransports: map[string]*dynamic.ServersTransport{}, 953 }, 954 }, 955 }, 956 { 957 desc: "TLS with ACME", 958 paths: []string{"tcp/services.yml", "tcp/with_tls_acme.yml"}, 959 expected: &dynamic.Configuration{ 960 UDP: &dynamic.UDPConfiguration{ 961 Routers: map[string]*dynamic.UDPRouter{}, 962 Services: map[string]*dynamic.UDPService{}, 963 }, 964 TCP: &dynamic.TCPConfiguration{ 965 Routers: map[string]*dynamic.TCPRouter{ 966 "default-test.route-fdd3e9338e47a45efefc": { 967 EntryPoints: []string{"foo"}, 968 Service: "default-test.route-fdd3e9338e47a45efefc", 969 Rule: "HostSNI(`foo.com`)", 970 TLS: &dynamic.RouterTCPTLSConfig{}, 971 }, 972 }, 973 Middlewares: map[string]*dynamic.TCPMiddleware{}, 974 Services: map[string]*dynamic.TCPService{ 975 "default-test.route-fdd3e9338e47a45efefc": { 976 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 977 Servers: []dynamic.TCPServer{ 978 { 979 Address: "10.10.0.1:8000", 980 }, 981 { 982 Address: "10.10.0.2:8000", 983 }, 984 }, 985 }, 986 }, 987 }, 988 }, 989 HTTP: &dynamic.HTTPConfiguration{ 990 Routers: map[string]*dynamic.Router{}, 991 Middlewares: map[string]*dynamic.Middleware{}, 992 Services: map[string]*dynamic.Service{}, 993 ServersTransports: map[string]*dynamic.ServersTransport{}, 994 }, 995 TLS: &dynamic.TLSConfiguration{}, 996 }, 997 }, 998 { 999 desc: "TCP with terminationDelay", 1000 paths: []string{"tcp/services.yml", "tcp/with_termination_delay.yml"}, 1001 expected: &dynamic.Configuration{ 1002 TLS: &dynamic.TLSConfiguration{}, 1003 UDP: &dynamic.UDPConfiguration{ 1004 Routers: map[string]*dynamic.UDPRouter{}, 1005 Services: map[string]*dynamic.UDPService{}, 1006 }, 1007 TCP: &dynamic.TCPConfiguration{ 1008 Routers: map[string]*dynamic.TCPRouter{ 1009 "default-test.route-fdd3e9338e47a45efefc": { 1010 EntryPoints: []string{"foo"}, 1011 Service: "default-test.route-fdd3e9338e47a45efefc", 1012 Rule: "HostSNI(`foo.com`)", 1013 }, 1014 }, 1015 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1016 Services: map[string]*dynamic.TCPService{ 1017 "default-test.route-fdd3e9338e47a45efefc": { 1018 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1019 Servers: []dynamic.TCPServer{ 1020 { 1021 Address: "10.10.0.1:8000", 1022 }, 1023 { 1024 Address: "10.10.0.2:8000", 1025 }, 1026 }, 1027 TerminationDelay: Int(500), 1028 }, 1029 }, 1030 }, 1031 }, 1032 HTTP: &dynamic.HTTPConfiguration{ 1033 Routers: map[string]*dynamic.Router{}, 1034 Middlewares: map[string]*dynamic.Middleware{}, 1035 Services: map[string]*dynamic.Service{}, 1036 ServersTransports: map[string]*dynamic.ServersTransport{}, 1037 }, 1038 }, 1039 }, 1040 { 1041 desc: "TLS with tls Store", 1042 paths: []string{"tcp/services.yml", "tcp/with_tls_store.yml"}, 1043 expected: &dynamic.Configuration{ 1044 TLS: &dynamic.TLSConfiguration{ 1045 Stores: map[string]tls.Store{ 1046 "default": { 1047 DefaultCertificate: &tls.Certificate{ 1048 CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 1049 KeyFile: tls.FileOrContent("-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----"), 1050 }, 1051 }, 1052 }, 1053 }, 1054 TCP: &dynamic.TCPConfiguration{ 1055 Routers: map[string]*dynamic.TCPRouter{ 1056 "default-test.route-fdd3e9338e47a45efefc": { 1057 EntryPoints: []string{"foo"}, 1058 Service: "default-test.route-fdd3e9338e47a45efefc", 1059 Rule: "HostSNI(`foo.com`)", 1060 TLS: &dynamic.RouterTCPTLSConfig{}, 1061 }, 1062 }, 1063 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1064 Services: map[string]*dynamic.TCPService{ 1065 "default-test.route-fdd3e9338e47a45efefc": { 1066 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1067 Servers: []dynamic.TCPServer{ 1068 { 1069 Address: "10.10.0.1:8000", 1070 }, 1071 { 1072 Address: "10.10.0.2:8000", 1073 }, 1074 }, 1075 }, 1076 }, 1077 }, 1078 }, 1079 UDP: &dynamic.UDPConfiguration{ 1080 Routers: map[string]*dynamic.UDPRouter{}, 1081 Services: map[string]*dynamic.UDPService{}, 1082 }, 1083 HTTP: &dynamic.HTTPConfiguration{ 1084 Routers: map[string]*dynamic.Router{}, 1085 Middlewares: map[string]*dynamic.Middleware{}, 1086 Services: map[string]*dynamic.Service{}, 1087 ServersTransports: map[string]*dynamic.ServersTransport{}, 1088 }, 1089 }, 1090 }, 1091 { 1092 desc: "Simple Ingress Route, with externalName service", 1093 paths: []string{"tcp/services.yml", "tcp/with_externalname.yml"}, 1094 expected: &dynamic.Configuration{ 1095 UDP: &dynamic.UDPConfiguration{ 1096 Routers: map[string]*dynamic.UDPRouter{}, 1097 Services: map[string]*dynamic.UDPService{}, 1098 }, 1099 TCP: &dynamic.TCPConfiguration{ 1100 Routers: map[string]*dynamic.TCPRouter{ 1101 "default-test.route-fdd3e9338e47a45efefc": { 1102 EntryPoints: []string{"foo"}, 1103 Service: "default-test.route-fdd3e9338e47a45efefc", 1104 Rule: "HostSNI(`foo.com`)", 1105 }, 1106 }, 1107 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1108 Services: map[string]*dynamic.TCPService{ 1109 "default-test.route-fdd3e9338e47a45efefc": { 1110 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1111 Servers: []dynamic.TCPServer{ 1112 { 1113 Address: "external.domain:8000", 1114 }, 1115 }, 1116 }, 1117 }, 1118 }, 1119 }, 1120 HTTP: &dynamic.HTTPConfiguration{ 1121 Routers: map[string]*dynamic.Router{}, 1122 Middlewares: map[string]*dynamic.Middleware{}, 1123 Services: map[string]*dynamic.Service{}, 1124 ServersTransports: map[string]*dynamic.ServersTransport{}, 1125 }, 1126 TLS: &dynamic.TLSConfiguration{}, 1127 }, 1128 }, 1129 { 1130 desc: "Ingress Route, externalName service with port", 1131 paths: []string{"tcp/services.yml", "tcp/with_externalname_with_port.yml"}, 1132 expected: &dynamic.Configuration{ 1133 UDP: &dynamic.UDPConfiguration{ 1134 Routers: map[string]*dynamic.UDPRouter{}, 1135 Services: map[string]*dynamic.UDPService{}, 1136 }, 1137 TCP: &dynamic.TCPConfiguration{ 1138 Routers: map[string]*dynamic.TCPRouter{ 1139 "default-test.route-fdd3e9338e47a45efefc": { 1140 EntryPoints: []string{"foo"}, 1141 Service: "default-test.route-fdd3e9338e47a45efefc", 1142 Rule: "HostSNI(`foo.com`)", 1143 }, 1144 }, 1145 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1146 Services: map[string]*dynamic.TCPService{ 1147 "default-test.route-fdd3e9338e47a45efefc": { 1148 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1149 Servers: []dynamic.TCPServer{ 1150 { 1151 Address: "external.domain:80", 1152 }, 1153 }, 1154 }, 1155 }, 1156 }, 1157 }, 1158 HTTP: &dynamic.HTTPConfiguration{ 1159 Routers: map[string]*dynamic.Router{}, 1160 Middlewares: map[string]*dynamic.Middleware{}, 1161 Services: map[string]*dynamic.Service{}, 1162 ServersTransports: map[string]*dynamic.ServersTransport{}, 1163 }, 1164 TLS: &dynamic.TLSConfiguration{}, 1165 }, 1166 }, 1167 { 1168 desc: "Ingress Route, externalName service without port", 1169 paths: []string{"tcp/services.yml", "tcp/with_externalname_without_ports.yml"}, 1170 expected: &dynamic.Configuration{ 1171 UDP: &dynamic.UDPConfiguration{ 1172 Routers: map[string]*dynamic.UDPRouter{}, 1173 Services: map[string]*dynamic.UDPService{}, 1174 }, 1175 TCP: &dynamic.TCPConfiguration{ 1176 Routers: map[string]*dynamic.TCPRouter{ 1177 "default-test.route-fdd3e9338e47a45efefc": { 1178 EntryPoints: []string{"foo"}, 1179 Service: "default-test.route-fdd3e9338e47a45efefc", 1180 Rule: "HostSNI(`foo.com`)", 1181 }, 1182 }, 1183 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1184 Services: map[string]*dynamic.TCPService{}, 1185 }, 1186 HTTP: &dynamic.HTTPConfiguration{ 1187 Routers: map[string]*dynamic.Router{}, 1188 Middlewares: map[string]*dynamic.Middleware{}, 1189 Services: map[string]*dynamic.Service{}, 1190 ServersTransports: map[string]*dynamic.ServersTransport{}, 1191 }, 1192 TLS: &dynamic.TLSConfiguration{}, 1193 }, 1194 }, 1195 { 1196 desc: "Ingress Route with IPv6 backends", 1197 paths: []string{ 1198 "services.yml", "with_ipv6.yml", 1199 "tcp/services.yml", "tcp/with_ipv6.yml", 1200 "udp/services.yml", "udp/with_ipv6.yml", 1201 }, 1202 expected: &dynamic.Configuration{ 1203 UDP: &dynamic.UDPConfiguration{ 1204 Routers: map[string]*dynamic.UDPRouter{ 1205 "default-test.route-0": { 1206 EntryPoints: []string{"foo"}, 1207 Service: "default-test.route-0", 1208 }, 1209 }, 1210 Services: map[string]*dynamic.UDPService{ 1211 "default-test.route-0": { 1212 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 1213 Servers: []dynamic.UDPServer{ 1214 { 1215 Address: "[fd00:10:244:0:1::3]:8080", 1216 }, 1217 }, 1218 }, 1219 }, 1220 }, 1221 }, 1222 TCP: &dynamic.TCPConfiguration{ 1223 Routers: map[string]*dynamic.TCPRouter{ 1224 "default-test.route-673acf455cb2dab0b43a": { 1225 EntryPoints: []string{"foo"}, 1226 Service: "default-test.route-673acf455cb2dab0b43a", 1227 Rule: "HostSNI(`*`)", 1228 }, 1229 }, 1230 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1231 Services: map[string]*dynamic.TCPService{ 1232 "default-test.route-673acf455cb2dab0b43a": { 1233 Weighted: &dynamic.TCPWeightedRoundRobin{ 1234 Services: []dynamic.TCPWRRService{ 1235 { 1236 Name: "default-test.route-673acf455cb2dab0b43a-whoamitcp-ipv6-8080", 1237 Weight: func(i int) *int { return &i }(1), 1238 }, 1239 { 1240 Name: "default-test.route-673acf455cb2dab0b43a-external.service.with.ipv6-8080", 1241 Weight: func(i int) *int { return &i }(1), 1242 }, 1243 }, 1244 }, 1245 }, 1246 "default-test.route-673acf455cb2dab0b43a-whoamitcp-ipv6-8080": { 1247 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1248 Servers: []dynamic.TCPServer{ 1249 { 1250 Address: "[fd00:10:244:0:1::3]:8080", 1251 }, 1252 { 1253 Address: "[2001:db8:85a3:8d3:1319:8a2e:370:7348]:8080", 1254 }, 1255 }, 1256 }, 1257 }, 1258 "default-test.route-673acf455cb2dab0b43a-external.service.with.ipv6-8080": { 1259 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1260 Servers: []dynamic.TCPServer{ 1261 { 1262 Address: "[fe80::200:5aee:feaa:20a2]:8080", 1263 }, 1264 }, 1265 }, 1266 }, 1267 }, 1268 }, 1269 HTTP: &dynamic.HTTPConfiguration{ 1270 Routers: map[string]*dynamic.Router{ 1271 "default-test-route-6b204d94623b3df4370c": { 1272 EntryPoints: []string{"foo"}, 1273 Service: "default-test-route-6b204d94623b3df4370c", 1274 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 1275 }, 1276 }, 1277 Middlewares: map[string]*dynamic.Middleware{}, 1278 Services: map[string]*dynamic.Service{ 1279 "default-whoami-ipv6-8080": { 1280 LoadBalancer: &dynamic.ServersLoadBalancer{ 1281 Servers: []dynamic.Server{ 1282 { 1283 URL: "http://[2001:db8:85a3:8d3:1319:8a2e:370:7348]:8080", 1284 }, 1285 }, 1286 PassHostHeader: func(i bool) *bool { return &i }(true), 1287 }, 1288 }, 1289 "default-external-svc-with-ipv6-8080": { 1290 LoadBalancer: &dynamic.ServersLoadBalancer{ 1291 Servers: []dynamic.Server{ 1292 { 1293 URL: "http://[2001:db8:85a3:8d3:1319:8a2e:370:7347]:8080", 1294 }, 1295 }, 1296 PassHostHeader: func(i bool) *bool { return &i }(true), 1297 }, 1298 }, 1299 "default-test-route-6b204d94623b3df4370c": { 1300 Weighted: &dynamic.WeightedRoundRobin{ 1301 Services: []dynamic.WRRService{ 1302 { 1303 Name: "default-whoami-ipv6-8080", 1304 Weight: func(i int) *int { return &i }(1), 1305 }, 1306 { 1307 Name: "default-external-svc-with-ipv6-8080", 1308 Weight: func(i int) *int { return &i }(1), 1309 }, 1310 }, 1311 }, 1312 }, 1313 }, 1314 ServersTransports: map[string]*dynamic.ServersTransport{}, 1315 }, 1316 TLS: &dynamic.TLSConfiguration{}, 1317 }, 1318 }, 1319 { 1320 desc: "TCP with proxyProtocol Version", 1321 paths: []string{"tcp/services.yml", "tcp/with_proxyprotocol.yml"}, 1322 expected: &dynamic.Configuration{ 1323 TLS: &dynamic.TLSConfiguration{}, 1324 UDP: &dynamic.UDPConfiguration{ 1325 Routers: map[string]*dynamic.UDPRouter{}, 1326 Services: map[string]*dynamic.UDPService{}, 1327 }, 1328 TCP: &dynamic.TCPConfiguration{ 1329 Routers: map[string]*dynamic.TCPRouter{ 1330 "default-test.route-fdd3e9338e47a45efefc": { 1331 EntryPoints: []string{"foo"}, 1332 Service: "default-test.route-fdd3e9338e47a45efefc", 1333 Rule: "HostSNI(`foo.com`)", 1334 }, 1335 }, 1336 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1337 Services: map[string]*dynamic.TCPService{ 1338 "default-test.route-fdd3e9338e47a45efefc": { 1339 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 1340 Servers: []dynamic.TCPServer{ 1341 { 1342 Address: "10.10.0.1:8000", 1343 }, 1344 { 1345 Address: "10.10.0.2:8000", 1346 }, 1347 }, 1348 ProxyProtocol: &dynamic.ProxyProtocol{Version: 2}, 1349 }, 1350 }, 1351 }, 1352 }, 1353 HTTP: &dynamic.HTTPConfiguration{ 1354 Routers: map[string]*dynamic.Router{}, 1355 Middlewares: map[string]*dynamic.Middleware{}, 1356 Services: map[string]*dynamic.Service{}, 1357 ServersTransports: map[string]*dynamic.ServersTransport{}, 1358 }, 1359 }, 1360 }, 1361 } 1362 1363 for _, test := range testCases { 1364 test := test 1365 1366 t.Run(test.desc, func(t *testing.T) { 1367 t.Parallel() 1368 1369 if test.expected == nil { 1370 return 1371 } 1372 1373 p := Provider{IngressClass: test.ingressClass, AllowCrossNamespace: true, AllowExternalNameServices: true} 1374 1375 clientMock := newClientMock(test.paths...) 1376 conf := p.loadConfigurationFromCRD(context.Background(), clientMock) 1377 assert.Equal(t, test.expected, conf) 1378 }) 1379 } 1380} 1381 1382func TestLoadIngressRoutes(t *testing.T) { 1383 testCases := []struct { 1384 desc string 1385 ingressClass string 1386 paths []string 1387 expected *dynamic.Configuration 1388 AllowCrossNamespace bool 1389 }{ 1390 { 1391 desc: "Empty", 1392 expected: &dynamic.Configuration{ 1393 UDP: &dynamic.UDPConfiguration{ 1394 Routers: map[string]*dynamic.UDPRouter{}, 1395 Services: map[string]*dynamic.UDPService{}, 1396 }, 1397 TCP: &dynamic.TCPConfiguration{ 1398 Routers: map[string]*dynamic.TCPRouter{}, 1399 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1400 Services: map[string]*dynamic.TCPService{}, 1401 }, 1402 HTTP: &dynamic.HTTPConfiguration{ 1403 Routers: map[string]*dynamic.Router{}, 1404 Middlewares: map[string]*dynamic.Middleware{}, 1405 Services: map[string]*dynamic.Service{}, 1406 ServersTransports: map[string]*dynamic.ServersTransport{}, 1407 }, 1408 TLS: &dynamic.TLSConfiguration{}, 1409 }, 1410 }, 1411 { 1412 desc: "Simple Ingress Route, with foo entrypoint", 1413 paths: []string{"services.yml", "simple.yml"}, 1414 expected: &dynamic.Configuration{ 1415 UDP: &dynamic.UDPConfiguration{ 1416 Routers: map[string]*dynamic.UDPRouter{}, 1417 Services: map[string]*dynamic.UDPService{}, 1418 }, 1419 TCP: &dynamic.TCPConfiguration{ 1420 Routers: map[string]*dynamic.TCPRouter{}, 1421 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1422 Services: map[string]*dynamic.TCPService{}, 1423 }, 1424 HTTP: &dynamic.HTTPConfiguration{ 1425 Routers: map[string]*dynamic.Router{ 1426 "default-test-route-6b204d94623b3df4370c": { 1427 EntryPoints: []string{"foo"}, 1428 Service: "default-test-route-6b204d94623b3df4370c", 1429 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 1430 Priority: 12, 1431 }, 1432 }, 1433 Middlewares: map[string]*dynamic.Middleware{}, 1434 Services: map[string]*dynamic.Service{ 1435 "default-test-route-6b204d94623b3df4370c": { 1436 LoadBalancer: &dynamic.ServersLoadBalancer{ 1437 Servers: []dynamic.Server{ 1438 { 1439 URL: "http://10.10.0.1:80", 1440 }, 1441 { 1442 URL: "http://10.10.0.2:80", 1443 }, 1444 }, 1445 PassHostHeader: Bool(true), 1446 }, 1447 }, 1448 }, 1449 ServersTransports: map[string]*dynamic.ServersTransport{}, 1450 }, 1451 TLS: &dynamic.TLSConfiguration{}, 1452 }, 1453 }, 1454 { 1455 desc: "Simple Ingress Route with middleware", 1456 AllowCrossNamespace: true, 1457 paths: []string{"services.yml", "with_middleware.yml"}, 1458 expected: &dynamic.Configuration{ 1459 UDP: &dynamic.UDPConfiguration{ 1460 Routers: map[string]*dynamic.UDPRouter{}, 1461 Services: map[string]*dynamic.UDPService{}, 1462 }, 1463 TCP: &dynamic.TCPConfiguration{ 1464 Routers: map[string]*dynamic.TCPRouter{}, 1465 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1466 Services: map[string]*dynamic.TCPService{}, 1467 }, 1468 HTTP: &dynamic.HTTPConfiguration{ 1469 Routers: map[string]*dynamic.Router{ 1470 "default-test2-route-23c7f4c450289ee29016": { 1471 EntryPoints: []string{"web"}, 1472 Service: "default-test2-route-23c7f4c450289ee29016", 1473 Rule: "Host(`foo.com`) && PathPrefix(`/tobestripped`)", 1474 Priority: 12, 1475 Middlewares: []string{"default-stripprefix", "default-ratelimit", "foo-addprefix"}, 1476 }, 1477 }, 1478 Middlewares: map[string]*dynamic.Middleware{ 1479 "default-ratelimit": { 1480 RateLimit: &dynamic.RateLimit{ 1481 Average: 6, 1482 Burst: 12, 1483 Period: ptypes.Duration(60 * time.Second), 1484 SourceCriterion: &dynamic.SourceCriterion{ 1485 IPStrategy: &dynamic.IPStrategy{ 1486 ExcludedIPs: []string{"127.0.0.1/32", "192.168.1.7"}, 1487 }, 1488 }, 1489 }, 1490 }, 1491 "default-stripprefix": { 1492 StripPrefix: &dynamic.StripPrefix{ 1493 Prefixes: []string{"/tobestripped"}, 1494 }, 1495 }, 1496 "foo-addprefix": { 1497 AddPrefix: &dynamic.AddPrefix{ 1498 Prefix: "/tobeadded", 1499 }, 1500 }, 1501 }, 1502 Services: map[string]*dynamic.Service{ 1503 "default-test2-route-23c7f4c450289ee29016": { 1504 LoadBalancer: &dynamic.ServersLoadBalancer{ 1505 Servers: []dynamic.Server{ 1506 { 1507 URL: "http://10.10.0.1:80", 1508 }, 1509 { 1510 URL: "http://10.10.0.2:80", 1511 }, 1512 }, 1513 PassHostHeader: Bool(true), 1514 }, 1515 }, 1516 }, 1517 ServersTransports: map[string]*dynamic.ServersTransport{}, 1518 }, 1519 TLS: &dynamic.TLSConfiguration{}, 1520 }, 1521 }, 1522 { 1523 desc: "Middlewares in ingress route config are normalized", 1524 AllowCrossNamespace: true, 1525 paths: []string{"services.yml", "with_middleware_multiple_hyphens.yml"}, 1526 expected: &dynamic.Configuration{ 1527 UDP: &dynamic.UDPConfiguration{ 1528 Routers: map[string]*dynamic.UDPRouter{}, 1529 Services: map[string]*dynamic.UDPService{}, 1530 }, 1531 TCP: &dynamic.TCPConfiguration{ 1532 Routers: map[string]*dynamic.TCPRouter{}, 1533 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1534 Services: map[string]*dynamic.TCPService{}, 1535 }, 1536 HTTP: &dynamic.HTTPConfiguration{ 1537 Routers: map[string]*dynamic.Router{ 1538 "default-test2-route-23c7f4c450289ee29016": { 1539 EntryPoints: []string{"web"}, 1540 Service: "default-test2-route-23c7f4c450289ee29016", 1541 Rule: "Host(`foo.com`) && PathPrefix(`/tobestripped`)", 1542 Priority: 12, 1543 Middlewares: []string{"default-multiple-hyphens"}, 1544 }, 1545 }, 1546 Middlewares: map[string]*dynamic.Middleware{ 1547 "default-multiple-hyphens": { 1548 StripPrefix: &dynamic.StripPrefix{ 1549 Prefixes: []string{"/tobestripped"}, 1550 }, 1551 }, 1552 }, 1553 Services: map[string]*dynamic.Service{ 1554 "default-test2-route-23c7f4c450289ee29016": { 1555 LoadBalancer: &dynamic.ServersLoadBalancer{ 1556 Servers: []dynamic.Server{ 1557 { 1558 URL: "http://10.10.0.1:80", 1559 }, 1560 { 1561 URL: "http://10.10.0.2:80", 1562 }, 1563 }, 1564 PassHostHeader: Bool(true), 1565 }, 1566 }, 1567 }, 1568 ServersTransports: map[string]*dynamic.ServersTransport{}, 1569 }, 1570 TLS: &dynamic.TLSConfiguration{}, 1571 }, 1572 }, 1573 { 1574 desc: "Simple Ingress Route with middleware crossprovider", 1575 AllowCrossNamespace: true, 1576 paths: []string{"services.yml", "with_middleware_crossprovider.yml"}, 1577 expected: &dynamic.Configuration{ 1578 UDP: &dynamic.UDPConfiguration{ 1579 Routers: map[string]*dynamic.UDPRouter{}, 1580 Services: map[string]*dynamic.UDPService{}, 1581 }, 1582 TLS: &dynamic.TLSConfiguration{}, 1583 TCP: &dynamic.TCPConfiguration{ 1584 Routers: map[string]*dynamic.TCPRouter{}, 1585 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1586 Services: map[string]*dynamic.TCPService{}, 1587 }, 1588 HTTP: &dynamic.HTTPConfiguration{ 1589 Routers: map[string]*dynamic.Router{ 1590 "default-test2-route-23c7f4c450289ee29016": { 1591 EntryPoints: []string{"web"}, 1592 Service: "default-test2-route-23c7f4c450289ee29016", 1593 Rule: "Host(`foo.com`) && PathPrefix(`/tobestripped`)", 1594 Priority: 12, 1595 Middlewares: []string{"default-stripprefix", "foo-addprefix", "basicauth@file", "redirect@file"}, 1596 }, 1597 }, 1598 Middlewares: map[string]*dynamic.Middleware{ 1599 "default-stripprefix": { 1600 StripPrefix: &dynamic.StripPrefix{ 1601 Prefixes: []string{"/tobestripped"}, 1602 }, 1603 }, 1604 "foo-addprefix": { 1605 AddPrefix: &dynamic.AddPrefix{ 1606 Prefix: "/tobeadded", 1607 }, 1608 }, 1609 }, 1610 Services: map[string]*dynamic.Service{ 1611 "default-test2-route-23c7f4c450289ee29016": { 1612 LoadBalancer: &dynamic.ServersLoadBalancer{ 1613 Servers: []dynamic.Server{ 1614 { 1615 URL: "http://10.10.0.1:80", 1616 }, 1617 { 1618 URL: "http://10.10.0.2:80", 1619 }, 1620 }, 1621 PassHostHeader: Bool(true), 1622 }, 1623 }, 1624 }, 1625 ServersTransports: map[string]*dynamic.ServersTransport{}, 1626 }, 1627 }, 1628 }, 1629 { 1630 desc: "One ingress Route with two different rules", 1631 paths: []string{"services.yml", "with_two_rules.yml"}, 1632 expected: &dynamic.Configuration{ 1633 UDP: &dynamic.UDPConfiguration{ 1634 Routers: map[string]*dynamic.UDPRouter{}, 1635 Services: map[string]*dynamic.UDPService{}, 1636 }, 1637 TCP: &dynamic.TCPConfiguration{ 1638 Routers: map[string]*dynamic.TCPRouter{}, 1639 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1640 Services: map[string]*dynamic.TCPService{}, 1641 }, 1642 HTTP: &dynamic.HTTPConfiguration{ 1643 Routers: map[string]*dynamic.Router{ 1644 "default-test-route-6b204d94623b3df4370c": { 1645 EntryPoints: []string{"web"}, 1646 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 1647 Service: "default-test-route-6b204d94623b3df4370c", 1648 Priority: 14, 1649 }, 1650 "default-test-route-77c62dfe9517144aeeaa": { 1651 EntryPoints: []string{"web"}, 1652 Service: "default-test-route-77c62dfe9517144aeeaa", 1653 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 1654 Priority: 12, 1655 }, 1656 }, 1657 Middlewares: map[string]*dynamic.Middleware{}, 1658 Services: map[string]*dynamic.Service{ 1659 "default-test-route-6b204d94623b3df4370c": { 1660 LoadBalancer: &dynamic.ServersLoadBalancer{ 1661 Servers: []dynamic.Server{ 1662 { 1663 URL: "http://10.10.0.1:80", 1664 }, 1665 { 1666 URL: "http://10.10.0.2:80", 1667 }, 1668 }, 1669 PassHostHeader: Bool(true), 1670 }, 1671 }, 1672 "default-test-route-77c62dfe9517144aeeaa": { 1673 LoadBalancer: &dynamic.ServersLoadBalancer{ 1674 Servers: []dynamic.Server{ 1675 { 1676 URL: "http://10.10.0.1:80", 1677 }, 1678 { 1679 URL: "http://10.10.0.2:80", 1680 }, 1681 }, 1682 PassHostHeader: Bool(true), 1683 }, 1684 }, 1685 }, 1686 ServersTransports: map[string]*dynamic.ServersTransport{}, 1687 }, 1688 TLS: &dynamic.TLSConfiguration{}, 1689 }, 1690 }, 1691 { 1692 desc: "One ingress Route with two different services", 1693 paths: []string{"services.yml", "with_two_services.yml"}, 1694 expected: &dynamic.Configuration{ 1695 UDP: &dynamic.UDPConfiguration{ 1696 Routers: map[string]*dynamic.UDPRouter{}, 1697 Services: map[string]*dynamic.UDPService{}, 1698 }, 1699 TLS: &dynamic.TLSConfiguration{}, 1700 TCP: &dynamic.TCPConfiguration{ 1701 Routers: map[string]*dynamic.TCPRouter{}, 1702 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1703 Services: map[string]*dynamic.TCPService{}, 1704 }, 1705 HTTP: &dynamic.HTTPConfiguration{ 1706 Routers: map[string]*dynamic.Router{ 1707 "default-test-route-77c62dfe9517144aeeaa": { 1708 EntryPoints: []string{"web"}, 1709 Service: "default-test-route-77c62dfe9517144aeeaa", 1710 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 1711 Priority: 12, 1712 }, 1713 }, 1714 Middlewares: map[string]*dynamic.Middleware{}, 1715 Services: map[string]*dynamic.Service{ 1716 "default-test-route-77c62dfe9517144aeeaa": { 1717 Weighted: &dynamic.WeightedRoundRobin{ 1718 Services: []dynamic.WRRService{ 1719 { 1720 Name: "default-whoami-80", 1721 Weight: func(i int) *int { return &i }(1), 1722 }, 1723 { 1724 Name: "default-whoami2-8080", 1725 Weight: func(i int) *int { return &i }(1), 1726 }, 1727 }, 1728 }, 1729 }, 1730 "default-whoami-80": { 1731 LoadBalancer: &dynamic.ServersLoadBalancer{ 1732 Servers: []dynamic.Server{ 1733 { 1734 URL: "http://10.10.0.1:80", 1735 }, 1736 { 1737 URL: "http://10.10.0.2:80", 1738 }, 1739 }, 1740 PassHostHeader: Bool(true), 1741 }, 1742 }, 1743 "default-whoami2-8080": { 1744 LoadBalancer: &dynamic.ServersLoadBalancer{ 1745 Servers: []dynamic.Server{ 1746 { 1747 URL: "http://10.10.0.3:8080", 1748 }, 1749 { 1750 URL: "http://10.10.0.4:8080", 1751 }, 1752 }, 1753 PassHostHeader: Bool(true), 1754 }, 1755 }, 1756 }, 1757 ServersTransports: map[string]*dynamic.ServersTransport{}, 1758 }, 1759 }, 1760 }, 1761 { 1762 desc: "one kube service (== servers lb) in a services wrr", 1763 paths: []string{"with_services_lb0.yml"}, 1764 expected: &dynamic.Configuration{ 1765 UDP: &dynamic.UDPConfiguration{ 1766 Routers: map[string]*dynamic.UDPRouter{}, 1767 Services: map[string]*dynamic.UDPService{}, 1768 }, 1769 TLS: &dynamic.TLSConfiguration{}, 1770 TCP: &dynamic.TCPConfiguration{ 1771 Routers: map[string]*dynamic.TCPRouter{}, 1772 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1773 Services: map[string]*dynamic.TCPService{}, 1774 }, 1775 HTTP: &dynamic.HTTPConfiguration{ 1776 Routers: map[string]*dynamic.Router{ 1777 "default-test-route-77c62dfe9517144aeeaa": { 1778 EntryPoints: []string{"web"}, 1779 Service: "default-wrr1", 1780 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 1781 Priority: 12, 1782 }, 1783 }, 1784 Middlewares: map[string]*dynamic.Middleware{}, 1785 Services: map[string]*dynamic.Service{ 1786 "default-wrr1": { 1787 Weighted: &dynamic.WeightedRoundRobin{ 1788 Services: []dynamic.WRRService{ 1789 { 1790 Name: "default-whoami5-8080", 1791 Weight: func(i int) *int { return &i }(1), 1792 }, 1793 }, 1794 }, 1795 }, 1796 "default-whoami5-8080": { 1797 LoadBalancer: &dynamic.ServersLoadBalancer{ 1798 Servers: []dynamic.Server{ 1799 { 1800 URL: "http://10.10.0.3:8080", 1801 }, 1802 { 1803 URL: "http://10.10.0.4:8080", 1804 }, 1805 }, 1806 PassHostHeader: Bool(true), 1807 }, 1808 }, 1809 }, 1810 ServersTransports: map[string]*dynamic.ServersTransport{}, 1811 }, 1812 }, 1813 }, 1814 { 1815 desc: "traefik service without ingress route", 1816 paths: []string{"with_services_only.yml"}, 1817 expected: &dynamic.Configuration{ 1818 UDP: &dynamic.UDPConfiguration{ 1819 Routers: map[string]*dynamic.UDPRouter{}, 1820 Services: map[string]*dynamic.UDPService{}, 1821 }, 1822 TLS: &dynamic.TLSConfiguration{}, 1823 TCP: &dynamic.TCPConfiguration{ 1824 Routers: map[string]*dynamic.TCPRouter{}, 1825 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1826 Services: map[string]*dynamic.TCPService{}, 1827 }, 1828 HTTP: &dynamic.HTTPConfiguration{ 1829 Routers: map[string]*dynamic.Router{}, 1830 Middlewares: map[string]*dynamic.Middleware{}, 1831 Services: map[string]*dynamic.Service{ 1832 "default-wrr1": { 1833 Weighted: &dynamic.WeightedRoundRobin{ 1834 Services: []dynamic.WRRService{ 1835 { 1836 Name: "default-whoami5-8080", 1837 Weight: func(i int) *int { return &i }(1), 1838 }, 1839 }, 1840 }, 1841 }, 1842 "default-whoami5-8080": { 1843 LoadBalancer: &dynamic.ServersLoadBalancer{ 1844 Servers: []dynamic.Server{ 1845 { 1846 URL: "http://10.10.0.3:8080", 1847 }, 1848 { 1849 URL: "http://10.10.0.4:8080", 1850 }, 1851 }, 1852 PassHostHeader: Bool(true), 1853 }, 1854 }, 1855 }, 1856 ServersTransports: map[string]*dynamic.ServersTransport{}, 1857 }, 1858 }, 1859 }, 1860 { 1861 desc: "One ingress Route with two different services, each with two services, balancing servers nested", 1862 paths: []string{"with_services_lb1.yml"}, 1863 expected: &dynamic.Configuration{ 1864 UDP: &dynamic.UDPConfiguration{ 1865 Routers: map[string]*dynamic.UDPRouter{}, 1866 Services: map[string]*dynamic.UDPService{}, 1867 }, 1868 TLS: &dynamic.TLSConfiguration{}, 1869 TCP: &dynamic.TCPConfiguration{ 1870 Routers: map[string]*dynamic.TCPRouter{}, 1871 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1872 Services: map[string]*dynamic.TCPService{}, 1873 }, 1874 HTTP: &dynamic.HTTPConfiguration{ 1875 Routers: map[string]*dynamic.Router{ 1876 "default-test-route-77c62dfe9517144aeeaa": { 1877 EntryPoints: []string{"web"}, 1878 Service: "default-test-route-77c62dfe9517144aeeaa", 1879 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 1880 Priority: 12, 1881 }, 1882 }, 1883 Middlewares: map[string]*dynamic.Middleware{}, 1884 Services: map[string]*dynamic.Service{ 1885 "default-test-route-77c62dfe9517144aeeaa": { 1886 Weighted: &dynamic.WeightedRoundRobin{ 1887 Services: []dynamic.WRRService{ 1888 { 1889 Name: "default-wrr1", 1890 Weight: func(i int) *int { return &i }(1), 1891 }, 1892 { 1893 Name: "default-wrr2", 1894 Weight: func(i int) *int { return &i }(1), 1895 }, 1896 }, 1897 }, 1898 }, 1899 "default-wrr1": { 1900 Weighted: &dynamic.WeightedRoundRobin{ 1901 Services: []dynamic.WRRService{ 1902 { 1903 Name: "default-whoami4-80", 1904 Weight: func(i int) *int { return &i }(1), 1905 }, 1906 { 1907 Name: "default-whoami5-8080", 1908 Weight: func(i int) *int { return &i }(1), 1909 }, 1910 }, 1911 }, 1912 }, 1913 "default-whoami4-80": { 1914 LoadBalancer: &dynamic.ServersLoadBalancer{ 1915 Servers: []dynamic.Server{ 1916 { 1917 URL: "http://10.10.0.1:80", 1918 }, 1919 { 1920 URL: "http://10.10.0.2:80", 1921 }, 1922 }, 1923 PassHostHeader: Bool(true), 1924 }, 1925 }, 1926 "default-whoami5-8080": { 1927 LoadBalancer: &dynamic.ServersLoadBalancer{ 1928 Servers: []dynamic.Server{ 1929 { 1930 URL: "http://10.10.0.3:8080", 1931 }, 1932 { 1933 URL: "http://10.10.0.4:8080", 1934 }, 1935 }, 1936 PassHostHeader: Bool(true), 1937 }, 1938 }, 1939 "default-wrr2": { 1940 Weighted: &dynamic.WeightedRoundRobin{ 1941 Services: []dynamic.WRRService{ 1942 { 1943 Name: "default-whoami6-80", 1944 Weight: func(i int) *int { return &i }(1), 1945 }, 1946 { 1947 Name: "default-whoami7-8080", 1948 Weight: func(i int) *int { return &i }(1), 1949 }, 1950 }, 1951 }, 1952 }, 1953 "default-whoami6-80": { 1954 LoadBalancer: &dynamic.ServersLoadBalancer{ 1955 Servers: []dynamic.Server{ 1956 { 1957 URL: "http://10.10.0.5:80", 1958 }, 1959 { 1960 URL: "http://10.10.0.6:80", 1961 }, 1962 }, 1963 PassHostHeader: Bool(true), 1964 }, 1965 }, 1966 "default-whoami7-8080": { 1967 LoadBalancer: &dynamic.ServersLoadBalancer{ 1968 Servers: []dynamic.Server{ 1969 { 1970 URL: "http://10.10.0.7:8080", 1971 }, 1972 { 1973 URL: "http://10.10.0.8:8080", 1974 }, 1975 }, 1976 PassHostHeader: Bool(true), 1977 }, 1978 }, 1979 }, 1980 ServersTransports: map[string]*dynamic.ServersTransport{}, 1981 }, 1982 }, 1983 }, 1984 { 1985 desc: "one wrr and one kube service (== servers lb) in a wrr", 1986 paths: []string{"with_services_lb2.yml"}, 1987 expected: &dynamic.Configuration{ 1988 UDP: &dynamic.UDPConfiguration{ 1989 Routers: map[string]*dynamic.UDPRouter{}, 1990 Services: map[string]*dynamic.UDPService{}, 1991 }, 1992 TLS: &dynamic.TLSConfiguration{}, 1993 TCP: &dynamic.TCPConfiguration{ 1994 Routers: map[string]*dynamic.TCPRouter{}, 1995 Middlewares: map[string]*dynamic.TCPMiddleware{}, 1996 Services: map[string]*dynamic.TCPService{}, 1997 }, 1998 HTTP: &dynamic.HTTPConfiguration{ 1999 Routers: map[string]*dynamic.Router{ 2000 "default-test-route-77c62dfe9517144aeeaa": { 2001 EntryPoints: []string{"web"}, 2002 Service: "default-wrr1", 2003 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 2004 Priority: 12, 2005 }, 2006 }, 2007 Middlewares: map[string]*dynamic.Middleware{}, 2008 Services: map[string]*dynamic.Service{ 2009 "default-wrr1": { 2010 Weighted: &dynamic.WeightedRoundRobin{ 2011 Services: []dynamic.WRRService{ 2012 { 2013 Name: "default-wrr2", 2014 Weight: func(i int) *int { return &i }(1), 2015 }, 2016 { 2017 Name: "default-whoami5-8080", 2018 Weight: func(i int) *int { return &i }(1), 2019 }, 2020 }, 2021 }, 2022 }, 2023 "default-wrr2": { 2024 Weighted: &dynamic.WeightedRoundRobin{ 2025 Services: []dynamic.WRRService{ 2026 { 2027 Name: "default-whoami5-8080", 2028 Weight: func(i int) *int { return &i }(1), 2029 }, 2030 }, 2031 }, 2032 }, 2033 "default-whoami5-8080": { 2034 LoadBalancer: &dynamic.ServersLoadBalancer{ 2035 Servers: []dynamic.Server{ 2036 { 2037 URL: "http://10.10.0.3:8080", 2038 }, 2039 { 2040 URL: "http://10.10.0.4:8080", 2041 }, 2042 }, 2043 PassHostHeader: Bool(true), 2044 }, 2045 }, 2046 }, 2047 ServersTransports: map[string]*dynamic.ServersTransport{}, 2048 }, 2049 }, 2050 }, 2051 { 2052 desc: "services lb, servers lb, and mirror service, all in a wrr", 2053 paths: []string{"with_services_lb3.yml"}, 2054 expected: &dynamic.Configuration{ 2055 UDP: &dynamic.UDPConfiguration{ 2056 Routers: map[string]*dynamic.UDPRouter{}, 2057 Services: map[string]*dynamic.UDPService{}, 2058 }, 2059 TLS: &dynamic.TLSConfiguration{}, 2060 TCP: &dynamic.TCPConfiguration{ 2061 Routers: map[string]*dynamic.TCPRouter{}, 2062 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2063 Services: map[string]*dynamic.TCPService{}, 2064 }, 2065 HTTP: &dynamic.HTTPConfiguration{ 2066 Routers: map[string]*dynamic.Router{ 2067 "default-test-route-77c62dfe9517144aeeaa": { 2068 EntryPoints: []string{"web"}, 2069 Service: "default-wrr1", 2070 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 2071 Priority: 12, 2072 }, 2073 }, 2074 Middlewares: map[string]*dynamic.Middleware{}, 2075 Services: map[string]*dynamic.Service{ 2076 "default-wrr1": { 2077 Weighted: &dynamic.WeightedRoundRobin{ 2078 Services: []dynamic.WRRService{ 2079 { 2080 Name: "default-wrr2", 2081 Weight: func(i int) *int { return &i }(1), 2082 }, 2083 { 2084 Name: "default-whoami5-8080", 2085 Weight: func(i int) *int { return &i }(1), 2086 }, 2087 { 2088 Name: "default-mirror1", 2089 Weight: func(i int) *int { return &i }(1), 2090 }, 2091 }, 2092 }, 2093 }, 2094 "default-wrr2": { 2095 Weighted: &dynamic.WeightedRoundRobin{ 2096 Services: []dynamic.WRRService{ 2097 { 2098 Name: "default-whoami5-8080", 2099 Weight: func(i int) *int { return &i }(1), 2100 }, 2101 }, 2102 }, 2103 }, 2104 "default-mirror1": { 2105 Mirroring: &dynamic.Mirroring{ 2106 Service: "default-whoami5-8080", 2107 Mirrors: []dynamic.MirrorService{ 2108 {Name: "default-whoami4-8080", Percent: 50}, 2109 }, 2110 }, 2111 }, 2112 "default-whoami4-8080": { 2113 LoadBalancer: &dynamic.ServersLoadBalancer{ 2114 Servers: []dynamic.Server{ 2115 { 2116 URL: "http://10.10.0.1:8080", 2117 }, 2118 { 2119 URL: "http://10.10.0.2:8080", 2120 }, 2121 }, 2122 PassHostHeader: Bool(true), 2123 }, 2124 }, 2125 "default-whoami5-8080": { 2126 LoadBalancer: &dynamic.ServersLoadBalancer{ 2127 Servers: []dynamic.Server{ 2128 { 2129 URL: "http://10.10.0.3:8080", 2130 }, 2131 { 2132 URL: "http://10.10.0.4:8080", 2133 }, 2134 }, 2135 PassHostHeader: Bool(true), 2136 }, 2137 }, 2138 }, 2139 ServersTransports: map[string]*dynamic.ServersTransport{}, 2140 }, 2141 }, 2142 }, 2143 { 2144 desc: "services lb, servers lb, and mirror service, all in a wrr with different namespaces", 2145 AllowCrossNamespace: true, 2146 paths: []string{"with_namespaces.yml"}, 2147 expected: &dynamic.Configuration{ 2148 UDP: &dynamic.UDPConfiguration{ 2149 Routers: map[string]*dynamic.UDPRouter{}, 2150 Services: map[string]*dynamic.UDPService{}, 2151 }, 2152 TLS: &dynamic.TLSConfiguration{}, 2153 TCP: &dynamic.TCPConfiguration{ 2154 Routers: map[string]*dynamic.TCPRouter{}, 2155 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2156 Services: map[string]*dynamic.TCPService{}, 2157 }, 2158 HTTP: &dynamic.HTTPConfiguration{ 2159 Routers: map[string]*dynamic.Router{ 2160 "default-test-route-77c62dfe9517144aeeaa": { 2161 EntryPoints: []string{"web"}, 2162 Service: "default-test-route-77c62dfe9517144aeeaa", 2163 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 2164 Priority: 12, 2165 }, 2166 }, 2167 Middlewares: map[string]*dynamic.Middleware{}, 2168 Services: map[string]*dynamic.Service{ 2169 "default-test-route-77c62dfe9517144aeeaa": { 2170 Weighted: &dynamic.WeightedRoundRobin{ 2171 Services: []dynamic.WRRService{ 2172 { 2173 Name: "baz-whoami6-8080", 2174 Weight: func(i int) *int { return &i }(1), 2175 }, 2176 { 2177 Name: "foo-wrr1", 2178 Weight: func(i int) *int { return &i }(1), 2179 }, 2180 { 2181 Name: "foo-mirror2", 2182 Weight: func(i int) *int { return &i }(1), 2183 }, 2184 { 2185 Name: "foo-mirror3", 2186 Weight: func(i int) *int { return &i }(1), 2187 }, 2188 { 2189 Name: "foo-mirror4", 2190 Weight: func(i int) *int { return &i }(1), 2191 }, 2192 }, 2193 }, 2194 }, 2195 "baz-whoami6-8080": { 2196 LoadBalancer: &dynamic.ServersLoadBalancer{ 2197 Servers: []dynamic.Server{ 2198 { 2199 URL: "http://10.10.0.5:8080", 2200 }, 2201 { 2202 URL: "http://10.10.0.6:8080", 2203 }, 2204 }, 2205 PassHostHeader: Bool(true), 2206 }, 2207 }, 2208 "foo-wrr1": { 2209 Weighted: &dynamic.WeightedRoundRobin{ 2210 Services: []dynamic.WRRService{ 2211 { 2212 Name: "foo-whoami4-8080", 2213 Weight: func(i int) *int { return &i }(1), 2214 }, 2215 { 2216 Name: "baz-whoami6-8080", 2217 Weight: func(i int) *int { return &i }(1), 2218 }, 2219 { 2220 Name: "foo-mirror1", 2221 Weight: func(i int) *int { return &i }(1), 2222 }, 2223 { 2224 Name: "bar-wrr2", 2225 Weight: func(i int) *int { return &i }(1), 2226 }, 2227 }, 2228 }, 2229 }, 2230 "foo-whoami4-8080": { 2231 LoadBalancer: &dynamic.ServersLoadBalancer{ 2232 Servers: []dynamic.Server{ 2233 { 2234 URL: "http://10.10.0.1:8080", 2235 }, 2236 { 2237 URL: "http://10.10.0.2:8080", 2238 }, 2239 }, 2240 PassHostHeader: Bool(true), 2241 }, 2242 }, 2243 "foo-mirror1": { 2244 Mirroring: &dynamic.Mirroring{ 2245 Service: "foo-whoami5-8080", 2246 Mirrors: []dynamic.MirrorService{ 2247 {Name: "foo-whoami4-8080"}, 2248 {Name: "baz-whoami6-8080"}, 2249 {Name: "bar-mirrored"}, 2250 }, 2251 }, 2252 }, 2253 "foo-whoami5-8080": { 2254 LoadBalancer: &dynamic.ServersLoadBalancer{ 2255 Servers: []dynamic.Server{ 2256 { 2257 URL: "http://10.10.0.3:8080", 2258 }, 2259 { 2260 URL: "http://10.10.0.4:8080", 2261 }, 2262 }, 2263 PassHostHeader: Bool(true), 2264 }, 2265 }, 2266 "bar-mirrored": { 2267 Mirroring: &dynamic.Mirroring{ 2268 Service: "baz-whoami6-8080", 2269 Mirrors: []dynamic.MirrorService{ 2270 {Name: "foo-whoami4-8080", Percent: 50}, 2271 }, 2272 }, 2273 }, 2274 "foo-mirror2": { 2275 Mirroring: &dynamic.Mirroring{ 2276 Service: "foo-whoami5-8080", 2277 Mirrors: []dynamic.MirrorService{ 2278 {Name: "foo-whoami4-8080"}, 2279 {Name: "baz-whoami6-8080"}, 2280 {Name: "bar-mirrored"}, 2281 {Name: "foo-wrr1"}, 2282 }, 2283 }, 2284 }, 2285 "foo-mirror3": { 2286 Mirroring: &dynamic.Mirroring{ 2287 Service: "foo-wrr1", 2288 Mirrors: []dynamic.MirrorService{ 2289 {Name: "foo-whoami4-8080"}, 2290 {Name: "baz-whoami6-8080"}, 2291 {Name: "bar-mirrored"}, 2292 {Name: "foo-wrr1"}, 2293 }, 2294 }, 2295 }, 2296 "bar-wrr2": { 2297 Weighted: &dynamic.WeightedRoundRobin{ 2298 Services: []dynamic.WRRService{ 2299 { 2300 Name: "foo-whoami5-8080", 2301 Weight: func(i int) *int { return &i }(1), 2302 }, 2303 }, 2304 }, 2305 }, 2306 "foo-mirror4": { 2307 Mirroring: &dynamic.Mirroring{ 2308 Service: "foo-wrr1", 2309 Mirrors: []dynamic.MirrorService{ 2310 {Name: "foo-whoami4-8080"}, 2311 {Name: "baz-whoami6-8080"}, 2312 {Name: "bar-mirrored"}, 2313 {Name: "foo-wrr1"}, 2314 }, 2315 }, 2316 }, 2317 }, 2318 ServersTransports: map[string]*dynamic.ServersTransport{}, 2319 }, 2320 }, 2321 }, 2322 { 2323 desc: "one kube service (== servers lb) in a mirroring", 2324 paths: []string{"with_mirroring.yml"}, 2325 expected: &dynamic.Configuration{ 2326 UDP: &dynamic.UDPConfiguration{ 2327 Routers: map[string]*dynamic.UDPRouter{}, 2328 Services: map[string]*dynamic.UDPService{}, 2329 }, 2330 TLS: &dynamic.TLSConfiguration{}, 2331 TCP: &dynamic.TCPConfiguration{ 2332 Routers: map[string]*dynamic.TCPRouter{}, 2333 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2334 Services: map[string]*dynamic.TCPService{}, 2335 }, 2336 HTTP: &dynamic.HTTPConfiguration{ 2337 Routers: map[string]*dynamic.Router{ 2338 "default-test-route-77c62dfe9517144aeeaa": { 2339 EntryPoints: []string{"web"}, 2340 Service: "default-mirror1", 2341 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 2342 Priority: 12, 2343 }, 2344 }, 2345 Middlewares: map[string]*dynamic.Middleware{}, 2346 Services: map[string]*dynamic.Service{ 2347 "default-mirror1": { 2348 Mirroring: &dynamic.Mirroring{ 2349 Service: "default-whoami5-8080", 2350 Mirrors: []dynamic.MirrorService{ 2351 {Name: "default-whoami4-8080", Percent: 50}, 2352 }, 2353 }, 2354 }, 2355 "default-whoami4-8080": { 2356 LoadBalancer: &dynamic.ServersLoadBalancer{ 2357 Servers: []dynamic.Server{ 2358 { 2359 URL: "http://10.10.0.1:8080", 2360 }, 2361 { 2362 URL: "http://10.10.0.2:8080", 2363 }, 2364 }, 2365 PassHostHeader: Bool(true), 2366 }, 2367 }, 2368 "default-whoami5-8080": { 2369 LoadBalancer: &dynamic.ServersLoadBalancer{ 2370 Servers: []dynamic.Server{ 2371 { 2372 URL: "http://10.10.0.3:8080", 2373 }, 2374 { 2375 URL: "http://10.10.0.4:8080", 2376 }, 2377 }, 2378 PassHostHeader: Bool(true), 2379 }, 2380 }, 2381 }, 2382 ServersTransports: map[string]*dynamic.ServersTransport{}, 2383 }, 2384 }, 2385 }, 2386 { 2387 desc: "weighted services in a mirroring", 2388 paths: []string{"with_mirroring2.yml"}, 2389 expected: &dynamic.Configuration{ 2390 UDP: &dynamic.UDPConfiguration{ 2391 Routers: map[string]*dynamic.UDPRouter{}, 2392 Services: map[string]*dynamic.UDPService{}, 2393 }, 2394 TLS: &dynamic.TLSConfiguration{}, 2395 TCP: &dynamic.TCPConfiguration{ 2396 Routers: map[string]*dynamic.TCPRouter{}, 2397 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2398 Services: map[string]*dynamic.TCPService{}, 2399 }, 2400 HTTP: &dynamic.HTTPConfiguration{ 2401 Routers: map[string]*dynamic.Router{ 2402 "default-test-route-77c62dfe9517144aeeaa": { 2403 EntryPoints: []string{"web"}, 2404 Service: "default-mirror1", 2405 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 2406 Priority: 12, 2407 }, 2408 }, 2409 Middlewares: map[string]*dynamic.Middleware{}, 2410 Services: map[string]*dynamic.Service{ 2411 "default-mirror1": { 2412 Mirroring: &dynamic.Mirroring{ 2413 Service: "default-wrr1", 2414 Mirrors: []dynamic.MirrorService{ 2415 {Name: "default-wrr2", Percent: 30}, 2416 }, 2417 }, 2418 }, 2419 "default-wrr1": { 2420 Weighted: &dynamic.WeightedRoundRobin{ 2421 Services: []dynamic.WRRService{ 2422 { 2423 Name: "default-whoami4-8080", 2424 Weight: func(i int) *int { return &i }(1), 2425 }, 2426 }, 2427 }, 2428 }, 2429 "default-wrr2": { 2430 Weighted: &dynamic.WeightedRoundRobin{ 2431 Services: []dynamic.WRRService{ 2432 { 2433 Name: "default-whoami5-8080", 2434 Weight: func(i int) *int { return &i }(1), 2435 }, 2436 }, 2437 }, 2438 }, 2439 "default-whoami4-8080": { 2440 LoadBalancer: &dynamic.ServersLoadBalancer{ 2441 Servers: []dynamic.Server{ 2442 { 2443 URL: "http://10.10.0.1:8080", 2444 }, 2445 { 2446 URL: "http://10.10.0.2:8080", 2447 }, 2448 }, 2449 PassHostHeader: Bool(true), 2450 }, 2451 }, 2452 "default-whoami5-8080": { 2453 LoadBalancer: &dynamic.ServersLoadBalancer{ 2454 Servers: []dynamic.Server{ 2455 { 2456 URL: "http://10.10.0.3:8080", 2457 }, 2458 { 2459 URL: "http://10.10.0.4:8080", 2460 }, 2461 }, 2462 PassHostHeader: Bool(true), 2463 }, 2464 }, 2465 }, 2466 ServersTransports: map[string]*dynamic.ServersTransport{}, 2467 }, 2468 }, 2469 }, 2470 { 2471 desc: "One ingress Route with two different services, with weights", 2472 paths: []string{"services.yml", "with_two_services_weight.yml"}, 2473 expected: &dynamic.Configuration{ 2474 UDP: &dynamic.UDPConfiguration{ 2475 Routers: map[string]*dynamic.UDPRouter{}, 2476 Services: map[string]*dynamic.UDPService{}, 2477 }, 2478 TLS: &dynamic.TLSConfiguration{}, 2479 TCP: &dynamic.TCPConfiguration{ 2480 Routers: map[string]*dynamic.TCPRouter{}, 2481 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2482 Services: map[string]*dynamic.TCPService{}, 2483 }, 2484 HTTP: &dynamic.HTTPConfiguration{ 2485 Routers: map[string]*dynamic.Router{ 2486 "default-test-route-77c62dfe9517144aeeaa": { 2487 EntryPoints: []string{"web"}, 2488 Service: "default-test-route-77c62dfe9517144aeeaa", 2489 Rule: "Host(`foo.com`) && PathPrefix(`/foo`)", 2490 Priority: 12, 2491 }, 2492 }, 2493 Middlewares: map[string]*dynamic.Middleware{}, 2494 Services: map[string]*dynamic.Service{ 2495 "default-test-route-77c62dfe9517144aeeaa": { 2496 Weighted: &dynamic.WeightedRoundRobin{ 2497 Services: []dynamic.WRRService{ 2498 { 2499 Name: "default-whoami-80", 2500 Weight: Int(10), 2501 }, 2502 { 2503 Name: "default-whoami2-8080", 2504 Weight: Int(0), 2505 }, 2506 }, 2507 }, 2508 }, 2509 "default-whoami-80": { 2510 LoadBalancer: &dynamic.ServersLoadBalancer{ 2511 Servers: []dynamic.Server{ 2512 { 2513 URL: "http://10.10.0.1:80", 2514 }, 2515 { 2516 URL: "http://10.10.0.2:80", 2517 }, 2518 }, 2519 PassHostHeader: Bool(true), 2520 }, 2521 }, 2522 "default-whoami2-8080": { 2523 LoadBalancer: &dynamic.ServersLoadBalancer{ 2524 Servers: []dynamic.Server{ 2525 { 2526 URL: "http://10.10.0.3:8080", 2527 }, 2528 { 2529 URL: "http://10.10.0.4:8080", 2530 }, 2531 }, 2532 PassHostHeader: Bool(true), 2533 }, 2534 }, 2535 }, 2536 ServersTransports: map[string]*dynamic.ServersTransport{}, 2537 }, 2538 }, 2539 }, 2540 { 2541 desc: "Ingress class", 2542 paths: []string{"services.yml", "simple.yml"}, 2543 ingressClass: "tchouk", 2544 expected: &dynamic.Configuration{ 2545 UDP: &dynamic.UDPConfiguration{ 2546 Routers: map[string]*dynamic.UDPRouter{}, 2547 Services: map[string]*dynamic.UDPService{}, 2548 }, 2549 TLS: &dynamic.TLSConfiguration{}, 2550 TCP: &dynamic.TCPConfiguration{ 2551 Routers: map[string]*dynamic.TCPRouter{}, 2552 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2553 Services: map[string]*dynamic.TCPService{}, 2554 }, 2555 HTTP: &dynamic.HTTPConfiguration{ 2556 Routers: map[string]*dynamic.Router{}, 2557 Middlewares: map[string]*dynamic.Middleware{}, 2558 Services: map[string]*dynamic.Service{}, 2559 ServersTransports: map[string]*dynamic.ServersTransport{}, 2560 }, 2561 }, 2562 }, 2563 { 2564 desc: "Route with empty rule value is ignored", 2565 paths: []string{"services.yml", "with_no_rule_value.yml"}, 2566 expected: &dynamic.Configuration{ 2567 UDP: &dynamic.UDPConfiguration{ 2568 Routers: map[string]*dynamic.UDPRouter{}, 2569 Services: map[string]*dynamic.UDPService{}, 2570 }, 2571 TLS: &dynamic.TLSConfiguration{}, 2572 TCP: &dynamic.TCPConfiguration{ 2573 Routers: map[string]*dynamic.TCPRouter{}, 2574 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2575 Services: map[string]*dynamic.TCPService{}, 2576 }, 2577 HTTP: &dynamic.HTTPConfiguration{ 2578 Routers: map[string]*dynamic.Router{}, 2579 Middlewares: map[string]*dynamic.Middleware{}, 2580 Services: map[string]*dynamic.Service{}, 2581 ServersTransports: map[string]*dynamic.ServersTransport{}, 2582 }, 2583 }, 2584 }, 2585 { 2586 desc: "Route with kind not of a rule type (empty kind) is ignored", 2587 paths: []string{"services.yml", "with_wrong_rule_kind.yml"}, 2588 expected: &dynamic.Configuration{ 2589 UDP: &dynamic.UDPConfiguration{ 2590 Routers: map[string]*dynamic.UDPRouter{}, 2591 Services: map[string]*dynamic.UDPService{}, 2592 }, 2593 TLS: &dynamic.TLSConfiguration{}, 2594 TCP: &dynamic.TCPConfiguration{ 2595 Routers: map[string]*dynamic.TCPRouter{}, 2596 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2597 Services: map[string]*dynamic.TCPService{}, 2598 }, 2599 HTTP: &dynamic.HTTPConfiguration{ 2600 Routers: map[string]*dynamic.Router{}, 2601 Middlewares: map[string]*dynamic.Middleware{}, 2602 Services: map[string]*dynamic.Service{}, 2603 ServersTransports: map[string]*dynamic.ServersTransport{}, 2604 }, 2605 }, 2606 }, 2607 { 2608 desc: "TLS", 2609 paths: []string{"services.yml", "with_tls.yml"}, 2610 expected: &dynamic.Configuration{ 2611 UDP: &dynamic.UDPConfiguration{ 2612 Routers: map[string]*dynamic.UDPRouter{}, 2613 Services: map[string]*dynamic.UDPService{}, 2614 }, 2615 TLS: &dynamic.TLSConfiguration{ 2616 Certificates: []*tls.CertAndStores{ 2617 { 2618 Certificate: tls.Certificate{ 2619 CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2620 KeyFile: tls.FileOrContent("-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----"), 2621 }, 2622 }, 2623 }, 2624 }, 2625 TCP: &dynamic.TCPConfiguration{ 2626 Routers: map[string]*dynamic.TCPRouter{}, 2627 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2628 Services: map[string]*dynamic.TCPService{}, 2629 }, 2630 HTTP: &dynamic.HTTPConfiguration{ 2631 Routers: map[string]*dynamic.Router{ 2632 "default-test-route-6b204d94623b3df4370c": { 2633 EntryPoints: []string{"web"}, 2634 Service: "default-test-route-6b204d94623b3df4370c", 2635 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 2636 Priority: 12, 2637 TLS: &dynamic.RouterTLSConfig{}, 2638 }, 2639 }, 2640 Middlewares: map[string]*dynamic.Middleware{}, 2641 Services: map[string]*dynamic.Service{ 2642 "default-test-route-6b204d94623b3df4370c": { 2643 LoadBalancer: &dynamic.ServersLoadBalancer{ 2644 Servers: []dynamic.Server{ 2645 { 2646 URL: "http://10.10.0.1:80", 2647 }, 2648 { 2649 URL: "http://10.10.0.2:80", 2650 }, 2651 }, 2652 PassHostHeader: Bool(true), 2653 }, 2654 }, 2655 }, 2656 ServersTransports: map[string]*dynamic.ServersTransport{}, 2657 }, 2658 }, 2659 }, 2660 { 2661 desc: "TLS with tls options", 2662 paths: []string{"services.yml", "with_tls_options.yml"}, 2663 expected: &dynamic.Configuration{ 2664 UDP: &dynamic.UDPConfiguration{ 2665 Routers: map[string]*dynamic.UDPRouter{}, 2666 Services: map[string]*dynamic.UDPService{}, 2667 }, 2668 TLS: &dynamic.TLSConfiguration{ 2669 Options: map[string]tls.Options{ 2670 "default-foo": { 2671 MinVersion: "VersionTLS12", 2672 CipherSuites: []string{ 2673 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 2674 "TLS_RSA_WITH_AES_256_GCM_SHA384", 2675 }, 2676 ClientAuth: tls.ClientAuth{ 2677 CAFiles: []tls.FileOrContent{ 2678 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2679 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2680 }, 2681 ClientAuthType: "VerifyClientCertIfGiven", 2682 }, 2683 SniStrict: true, 2684 PreferServerCipherSuites: true, 2685 ALPNProtocols: []string{ 2686 "h2", 2687 "http/1.1", 2688 "acme-tls/1", 2689 }, 2690 }, 2691 }, 2692 }, 2693 TCP: &dynamic.TCPConfiguration{ 2694 Routers: map[string]*dynamic.TCPRouter{}, 2695 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2696 Services: map[string]*dynamic.TCPService{}, 2697 }, 2698 HTTP: &dynamic.HTTPConfiguration{ 2699 Routers: map[string]*dynamic.Router{ 2700 "default-test-route-6b204d94623b3df4370c": { 2701 EntryPoints: []string{"web"}, 2702 Service: "default-test-route-6b204d94623b3df4370c", 2703 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 2704 Priority: 12, 2705 TLS: &dynamic.RouterTLSConfig{ 2706 Options: "default-foo", 2707 }, 2708 }, 2709 }, 2710 Middlewares: map[string]*dynamic.Middleware{}, 2711 Services: map[string]*dynamic.Service{ 2712 "default-test-route-6b204d94623b3df4370c": { 2713 LoadBalancer: &dynamic.ServersLoadBalancer{ 2714 Servers: []dynamic.Server{ 2715 { 2716 URL: "http://10.10.0.1:80", 2717 }, 2718 { 2719 URL: "http://10.10.0.2:80", 2720 }, 2721 }, 2722 PassHostHeader: Bool(true), 2723 }, 2724 }, 2725 }, 2726 ServersTransports: map[string]*dynamic.ServersTransport{}, 2727 }, 2728 }, 2729 }, 2730 { 2731 desc: "TLS with two default tls options", 2732 paths: []string{"services.yml", "with_default_tls_options.yml", "with_default_tls_options_default_namespace.yml"}, 2733 expected: &dynamic.Configuration{ 2734 UDP: &dynamic.UDPConfiguration{ 2735 Routers: map[string]*dynamic.UDPRouter{}, 2736 Services: map[string]*dynamic.UDPService{}, 2737 }, 2738 TLS: &dynamic.TLSConfiguration{ 2739 Options: map[string]tls.Options{}, 2740 }, 2741 TCP: &dynamic.TCPConfiguration{ 2742 Routers: map[string]*dynamic.TCPRouter{}, 2743 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2744 Services: map[string]*dynamic.TCPService{}, 2745 }, 2746 HTTP: &dynamic.HTTPConfiguration{ 2747 Routers: map[string]*dynamic.Router{ 2748 "default-test-route-6b204d94623b3df4370c": { 2749 EntryPoints: []string{"web"}, 2750 Service: "default-test-route-6b204d94623b3df4370c", 2751 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 2752 Priority: 12, 2753 TLS: &dynamic.RouterTLSConfig{ 2754 Options: "default-foo", 2755 }, 2756 }, 2757 }, 2758 Middlewares: map[string]*dynamic.Middleware{}, 2759 Services: map[string]*dynamic.Service{ 2760 "default-test-route-6b204d94623b3df4370c": { 2761 LoadBalancer: &dynamic.ServersLoadBalancer{ 2762 Servers: []dynamic.Server{ 2763 { 2764 URL: "http://10.10.0.1:80", 2765 }, 2766 { 2767 URL: "http://10.10.0.2:80", 2768 }, 2769 }, 2770 PassHostHeader: Bool(true), 2771 }, 2772 }, 2773 }, 2774 ServersTransports: map[string]*dynamic.ServersTransport{}, 2775 }, 2776 }, 2777 }, 2778 { 2779 desc: "TLS with default tls options", 2780 paths: []string{"services.yml", "with_default_tls_options.yml"}, 2781 expected: &dynamic.Configuration{ 2782 TLS: &dynamic.TLSConfiguration{ 2783 Options: map[string]tls.Options{ 2784 "default": { 2785 MinVersion: "VersionTLS12", 2786 CipherSuites: []string{ 2787 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 2788 "TLS_RSA_WITH_AES_256_GCM_SHA384", 2789 }, 2790 ClientAuth: tls.ClientAuth{ 2791 CAFiles: []tls.FileOrContent{ 2792 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2793 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2794 }, 2795 ClientAuthType: "VerifyClientCertIfGiven", 2796 }, 2797 SniStrict: true, 2798 PreferServerCipherSuites: true, 2799 ALPNProtocols: []string{ 2800 "h2", 2801 "http/1.1", 2802 "acme-tls/1", 2803 }, 2804 }, 2805 }, 2806 }, 2807 UDP: &dynamic.UDPConfiguration{ 2808 Routers: map[string]*dynamic.UDPRouter{}, 2809 Services: map[string]*dynamic.UDPService{}, 2810 }, 2811 TCP: &dynamic.TCPConfiguration{ 2812 Routers: map[string]*dynamic.TCPRouter{}, 2813 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2814 Services: map[string]*dynamic.TCPService{}, 2815 }, 2816 HTTP: &dynamic.HTTPConfiguration{ 2817 Routers: map[string]*dynamic.Router{ 2818 "default-test-route-6b204d94623b3df4370c": { 2819 EntryPoints: []string{"web"}, 2820 Service: "default-test-route-6b204d94623b3df4370c", 2821 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 2822 Priority: 12, 2823 TLS: &dynamic.RouterTLSConfig{ 2824 Options: "default-foo", 2825 }, 2826 }, 2827 }, 2828 Middlewares: map[string]*dynamic.Middleware{}, 2829 Services: map[string]*dynamic.Service{ 2830 "default-test-route-6b204d94623b3df4370c": { 2831 LoadBalancer: &dynamic.ServersLoadBalancer{ 2832 Servers: []dynamic.Server{ 2833 { 2834 URL: "http://10.10.0.1:80", 2835 }, 2836 { 2837 URL: "http://10.10.0.2:80", 2838 }, 2839 }, 2840 PassHostHeader: Bool(true), 2841 }, 2842 }, 2843 }, 2844 ServersTransports: map[string]*dynamic.ServersTransport{}, 2845 }, 2846 }, 2847 }, 2848 { 2849 desc: "TLS with tls options and specific namespace", 2850 paths: []string{"services.yml", "with_tls_options_and_specific_namespace.yml"}, 2851 AllowCrossNamespace: true, 2852 expected: &dynamic.Configuration{ 2853 UDP: &dynamic.UDPConfiguration{ 2854 Routers: map[string]*dynamic.UDPRouter{}, 2855 Services: map[string]*dynamic.UDPService{}, 2856 }, 2857 TLS: &dynamic.TLSConfiguration{ 2858 Options: map[string]tls.Options{ 2859 "myns-foo": { 2860 MinVersion: "VersionTLS12", 2861 CipherSuites: []string{ 2862 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 2863 "TLS_RSA_WITH_AES_256_GCM_SHA384", 2864 }, 2865 ClientAuth: tls.ClientAuth{ 2866 CAFiles: []tls.FileOrContent{ 2867 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2868 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2869 }, 2870 ClientAuthType: "VerifyClientCertIfGiven", 2871 }, 2872 SniStrict: true, 2873 ALPNProtocols: []string{ 2874 "h2", 2875 "http/1.1", 2876 "acme-tls/1", 2877 }, 2878 }, 2879 }, 2880 }, 2881 TCP: &dynamic.TCPConfiguration{ 2882 Routers: map[string]*dynamic.TCPRouter{}, 2883 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2884 Services: map[string]*dynamic.TCPService{}, 2885 }, 2886 HTTP: &dynamic.HTTPConfiguration{ 2887 Routers: map[string]*dynamic.Router{ 2888 "default-test-route-6b204d94623b3df4370c": { 2889 EntryPoints: []string{"web"}, 2890 Service: "default-test-route-6b204d94623b3df4370c", 2891 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 2892 Priority: 12, 2893 TLS: &dynamic.RouterTLSConfig{ 2894 Options: "myns-foo", 2895 }, 2896 }, 2897 }, 2898 Middlewares: map[string]*dynamic.Middleware{}, 2899 Services: map[string]*dynamic.Service{ 2900 "default-test-route-6b204d94623b3df4370c": { 2901 LoadBalancer: &dynamic.ServersLoadBalancer{ 2902 Servers: []dynamic.Server{ 2903 { 2904 URL: "http://10.10.0.1:80", 2905 }, 2906 { 2907 URL: "http://10.10.0.2:80", 2908 }, 2909 }, 2910 PassHostHeader: Bool(true), 2911 }, 2912 }, 2913 }, 2914 ServersTransports: map[string]*dynamic.ServersTransport{}, 2915 }, 2916 }, 2917 }, 2918 { 2919 desc: "TLS with bad tls options", 2920 paths: []string{"services.yml", "with_bad_tls_options.yml"}, 2921 expected: &dynamic.Configuration{ 2922 UDP: &dynamic.UDPConfiguration{ 2923 Routers: map[string]*dynamic.UDPRouter{}, 2924 Services: map[string]*dynamic.UDPService{}, 2925 }, 2926 TLS: &dynamic.TLSConfiguration{ 2927 Options: map[string]tls.Options{ 2928 "default-foo": { 2929 MinVersion: "VersionTLS12", 2930 CipherSuites: []string{ 2931 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 2932 "TLS_RSA_WITH_AES_256_GCM_SHA384", 2933 }, 2934 ClientAuth: tls.ClientAuth{ 2935 CAFiles: []tls.FileOrContent{ 2936 tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 2937 }, 2938 ClientAuthType: "VerifyClientCertIfGiven", 2939 }, 2940 SniStrict: true, 2941 ALPNProtocols: []string{ 2942 "h2", 2943 "http/1.1", 2944 "acme-tls/1", 2945 }, 2946 }, 2947 }, 2948 }, 2949 TCP: &dynamic.TCPConfiguration{ 2950 Routers: map[string]*dynamic.TCPRouter{}, 2951 Middlewares: map[string]*dynamic.TCPMiddleware{}, 2952 Services: map[string]*dynamic.TCPService{}, 2953 }, 2954 HTTP: &dynamic.HTTPConfiguration{ 2955 Routers: map[string]*dynamic.Router{ 2956 "default-test-route-6b204d94623b3df4370c": { 2957 EntryPoints: []string{"web"}, 2958 Service: "default-test-route-6b204d94623b3df4370c", 2959 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 2960 Priority: 12, 2961 TLS: &dynamic.RouterTLSConfig{ 2962 Options: "default-foo", 2963 }, 2964 }, 2965 }, 2966 Middlewares: map[string]*dynamic.Middleware{}, 2967 Services: map[string]*dynamic.Service{ 2968 "default-test-route-6b204d94623b3df4370c": { 2969 LoadBalancer: &dynamic.ServersLoadBalancer{ 2970 Servers: []dynamic.Server{ 2971 { 2972 URL: "http://10.10.0.1:80", 2973 }, 2974 { 2975 URL: "http://10.10.0.2:80", 2976 }, 2977 }, 2978 PassHostHeader: Bool(true), 2979 }, 2980 }, 2981 }, 2982 ServersTransports: map[string]*dynamic.ServersTransport{}, 2983 }, 2984 }, 2985 }, 2986 { 2987 desc: "TLS with unknown tls options", 2988 paths: []string{"services.yml", "with_unknown_tls_options.yml"}, 2989 expected: &dynamic.Configuration{ 2990 UDP: &dynamic.UDPConfiguration{ 2991 Routers: map[string]*dynamic.UDPRouter{}, 2992 Services: map[string]*dynamic.UDPService{}, 2993 }, 2994 TLS: &dynamic.TLSConfiguration{ 2995 Options: map[string]tls.Options{ 2996 "default-foo": { 2997 MinVersion: "VersionTLS12", 2998 ALPNProtocols: []string{ 2999 "h2", 3000 "http/1.1", 3001 "acme-tls/1", 3002 }, 3003 }, 3004 }, 3005 }, 3006 TCP: &dynamic.TCPConfiguration{ 3007 Routers: map[string]*dynamic.TCPRouter{}, 3008 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3009 Services: map[string]*dynamic.TCPService{}, 3010 }, 3011 HTTP: &dynamic.HTTPConfiguration{ 3012 Routers: map[string]*dynamic.Router{ 3013 "default-test-route-6b204d94623b3df4370c": { 3014 EntryPoints: []string{"web"}, 3015 Service: "default-test-route-6b204d94623b3df4370c", 3016 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3017 Priority: 12, 3018 TLS: &dynamic.RouterTLSConfig{ 3019 Options: "default-unknown", 3020 }, 3021 }, 3022 }, 3023 Middlewares: map[string]*dynamic.Middleware{}, 3024 Services: map[string]*dynamic.Service{ 3025 "default-test-route-6b204d94623b3df4370c": { 3026 LoadBalancer: &dynamic.ServersLoadBalancer{ 3027 Servers: []dynamic.Server{ 3028 { 3029 URL: "http://10.10.0.1:80", 3030 }, 3031 { 3032 URL: "http://10.10.0.2:80", 3033 }, 3034 }, 3035 PassHostHeader: Bool(true), 3036 }, 3037 }, 3038 }, 3039 ServersTransports: map[string]*dynamic.ServersTransport{}, 3040 }, 3041 }, 3042 }, 3043 { 3044 desc: "TLS with unknown tls options namespace", 3045 paths: []string{"services.yml", "with_unknown_tls_options_namespace.yml"}, 3046 AllowCrossNamespace: true, 3047 expected: &dynamic.Configuration{ 3048 UDP: &dynamic.UDPConfiguration{ 3049 Routers: map[string]*dynamic.UDPRouter{}, 3050 Services: map[string]*dynamic.UDPService{}, 3051 }, 3052 TLS: &dynamic.TLSConfiguration{ 3053 Options: map[string]tls.Options{ 3054 "default-foo": { 3055 MinVersion: "VersionTLS12", 3056 ALPNProtocols: []string{ 3057 "h2", 3058 "http/1.1", 3059 "acme-tls/1", 3060 }, 3061 }, 3062 }, 3063 }, 3064 TCP: &dynamic.TCPConfiguration{ 3065 Routers: map[string]*dynamic.TCPRouter{}, 3066 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3067 Services: map[string]*dynamic.TCPService{}, 3068 }, 3069 HTTP: &dynamic.HTTPConfiguration{ 3070 Routers: map[string]*dynamic.Router{ 3071 "default-test-route-6b204d94623b3df4370c": { 3072 EntryPoints: []string{"web"}, 3073 Service: "default-test-route-6b204d94623b3df4370c", 3074 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3075 Priority: 12, 3076 TLS: &dynamic.RouterTLSConfig{ 3077 Options: "unknown-foo", 3078 }, 3079 }, 3080 }, 3081 Middlewares: map[string]*dynamic.Middleware{}, 3082 Services: map[string]*dynamic.Service{ 3083 "default-test-route-6b204d94623b3df4370c": { 3084 LoadBalancer: &dynamic.ServersLoadBalancer{ 3085 Servers: []dynamic.Server{ 3086 { 3087 URL: "http://10.10.0.1:80", 3088 }, 3089 { 3090 URL: "http://10.10.0.2:80", 3091 }, 3092 }, 3093 PassHostHeader: Bool(true), 3094 }, 3095 }, 3096 }, 3097 ServersTransports: map[string]*dynamic.ServersTransport{}, 3098 }, 3099 }, 3100 }, 3101 { 3102 desc: "TLS with ACME", 3103 paths: []string{"services.yml", "with_tls_acme.yml"}, 3104 expected: &dynamic.Configuration{ 3105 UDP: &dynamic.UDPConfiguration{ 3106 Routers: map[string]*dynamic.UDPRouter{}, 3107 Services: map[string]*dynamic.UDPService{}, 3108 }, 3109 TLS: &dynamic.TLSConfiguration{}, 3110 TCP: &dynamic.TCPConfiguration{ 3111 Routers: map[string]*dynamic.TCPRouter{}, 3112 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3113 Services: map[string]*dynamic.TCPService{}, 3114 }, 3115 HTTP: &dynamic.HTTPConfiguration{ 3116 Routers: map[string]*dynamic.Router{ 3117 "default-test-route-6b204d94623b3df4370c": { 3118 EntryPoints: []string{"web"}, 3119 Service: "default-test-route-6b204d94623b3df4370c", 3120 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3121 Priority: 12, 3122 TLS: &dynamic.RouterTLSConfig{}, 3123 }, 3124 }, 3125 Middlewares: map[string]*dynamic.Middleware{}, 3126 Services: map[string]*dynamic.Service{ 3127 "default-test-route-6b204d94623b3df4370c": { 3128 LoadBalancer: &dynamic.ServersLoadBalancer{ 3129 Servers: []dynamic.Server{ 3130 { 3131 URL: "http://10.10.0.1:80", 3132 }, 3133 { 3134 URL: "http://10.10.0.2:80", 3135 }, 3136 }, 3137 PassHostHeader: Bool(true), 3138 }, 3139 }, 3140 }, 3141 ServersTransports: map[string]*dynamic.ServersTransport{}, 3142 }, 3143 }, 3144 }, 3145 { 3146 desc: "Simple Ingress Route, defaulting to https for servers", 3147 paths: []string{"services.yml", "with_https_default.yml"}, 3148 expected: &dynamic.Configuration{ 3149 UDP: &dynamic.UDPConfiguration{ 3150 Routers: map[string]*dynamic.UDPRouter{}, 3151 Services: map[string]*dynamic.UDPService{}, 3152 }, 3153 TLS: &dynamic.TLSConfiguration{}, 3154 TCP: &dynamic.TCPConfiguration{ 3155 Routers: map[string]*dynamic.TCPRouter{}, 3156 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3157 Services: map[string]*dynamic.TCPService{}, 3158 }, 3159 HTTP: &dynamic.HTTPConfiguration{ 3160 Routers: map[string]*dynamic.Router{ 3161 "default-test-route-6b204d94623b3df4370c": { 3162 EntryPoints: []string{"foo"}, 3163 Service: "default-test-route-6b204d94623b3df4370c", 3164 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3165 Priority: 12, 3166 }, 3167 }, 3168 Middlewares: map[string]*dynamic.Middleware{}, 3169 Services: map[string]*dynamic.Service{ 3170 "default-test-route-6b204d94623b3df4370c": { 3171 LoadBalancer: &dynamic.ServersLoadBalancer{ 3172 Servers: []dynamic.Server{ 3173 { 3174 URL: "https://10.10.0.5:8443", 3175 }, 3176 { 3177 URL: "https://10.10.0.6:8443", 3178 }, 3179 }, 3180 PassHostHeader: Bool(true), 3181 }, 3182 }, 3183 }, 3184 ServersTransports: map[string]*dynamic.ServersTransport{}, 3185 }, 3186 }, 3187 }, 3188 { 3189 desc: "Simple Ingress Route, explicit https scheme", 3190 paths: []string{"services.yml", "with_https_scheme.yml"}, 3191 expected: &dynamic.Configuration{ 3192 UDP: &dynamic.UDPConfiguration{ 3193 Routers: map[string]*dynamic.UDPRouter{}, 3194 Services: map[string]*dynamic.UDPService{}, 3195 }, 3196 TLS: &dynamic.TLSConfiguration{}, 3197 TCP: &dynamic.TCPConfiguration{ 3198 Routers: map[string]*dynamic.TCPRouter{}, 3199 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3200 Services: map[string]*dynamic.TCPService{}, 3201 }, 3202 HTTP: &dynamic.HTTPConfiguration{ 3203 Routers: map[string]*dynamic.Router{ 3204 "default-test-route-6b204d94623b3df4370c": { 3205 EntryPoints: []string{"foo"}, 3206 Service: "default-test-route-6b204d94623b3df4370c", 3207 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3208 Priority: 12, 3209 }, 3210 }, 3211 Middlewares: map[string]*dynamic.Middleware{}, 3212 Services: map[string]*dynamic.Service{ 3213 "default-test-route-6b204d94623b3df4370c": { 3214 LoadBalancer: &dynamic.ServersLoadBalancer{ 3215 Servers: []dynamic.Server{ 3216 { 3217 URL: "https://10.10.0.7:8443", 3218 }, 3219 { 3220 URL: "https://10.10.0.8:8443", 3221 }, 3222 }, 3223 PassHostHeader: Bool(true), 3224 }, 3225 }, 3226 }, 3227 ServersTransports: map[string]*dynamic.ServersTransport{}, 3228 }, 3229 }, 3230 }, 3231 { 3232 desc: "Simple Ingress Route, with basic auth middleware", 3233 paths: []string{"services.yml", "with_auth.yml"}, 3234 expected: &dynamic.Configuration{ 3235 UDP: &dynamic.UDPConfiguration{ 3236 Routers: map[string]*dynamic.UDPRouter{}, 3237 Services: map[string]*dynamic.UDPService{}, 3238 }, 3239 TLS: &dynamic.TLSConfiguration{}, 3240 TCP: &dynamic.TCPConfiguration{ 3241 Routers: map[string]*dynamic.TCPRouter{}, 3242 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3243 Services: map[string]*dynamic.TCPService{}, 3244 }, 3245 HTTP: &dynamic.HTTPConfiguration{ 3246 Routers: map[string]*dynamic.Router{}, 3247 Middlewares: map[string]*dynamic.Middleware{ 3248 "default-basicauth": { 3249 BasicAuth: &dynamic.BasicAuth{ 3250 Users: dynamic.Users{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"}, 3251 }, 3252 }, 3253 "default-digestauth": { 3254 DigestAuth: &dynamic.DigestAuth{ 3255 Users: dynamic.Users{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"}, 3256 }, 3257 }, 3258 "default-forwardauth": { 3259 ForwardAuth: &dynamic.ForwardAuth{ 3260 Address: "test.com", 3261 TLS: &types.ClientTLS{ 3262 CA: "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----", 3263 Cert: "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----", 3264 Key: "-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----", 3265 }, 3266 }, 3267 }, 3268 }, 3269 Services: map[string]*dynamic.Service{}, 3270 ServersTransports: map[string]*dynamic.ServersTransport{}, 3271 }, 3272 }, 3273 }, 3274 { 3275 desc: "Simple Ingress Route, with error page middleware", 3276 paths: []string{"services.yml", "with_error_page.yml"}, 3277 expected: &dynamic.Configuration{ 3278 UDP: &dynamic.UDPConfiguration{ 3279 Routers: map[string]*dynamic.UDPRouter{}, 3280 Services: map[string]*dynamic.UDPService{}, 3281 }, 3282 TLS: &dynamic.TLSConfiguration{}, 3283 TCP: &dynamic.TCPConfiguration{ 3284 Routers: map[string]*dynamic.TCPRouter{}, 3285 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3286 Services: map[string]*dynamic.TCPService{}, 3287 }, 3288 HTTP: &dynamic.HTTPConfiguration{ 3289 Routers: map[string]*dynamic.Router{}, 3290 Middlewares: map[string]*dynamic.Middleware{ 3291 "default-errorpage": { 3292 Errors: &dynamic.ErrorPage{ 3293 Status: []string{"404", "500"}, 3294 Service: "default-errorpage-errorpage-service", 3295 Query: "query", 3296 }, 3297 }, 3298 }, 3299 Services: map[string]*dynamic.Service{ 3300 "default-errorpage-errorpage-service": { 3301 LoadBalancer: &dynamic.ServersLoadBalancer{ 3302 Servers: []dynamic.Server{ 3303 { 3304 URL: "http://10.10.0.1:80", 3305 }, 3306 { 3307 URL: "http://10.10.0.2:80", 3308 }, 3309 }, 3310 PassHostHeader: Bool(true), 3311 }, 3312 }, 3313 }, 3314 ServersTransports: map[string]*dynamic.ServersTransport{}, 3315 }, 3316 }, 3317 }, 3318 { 3319 desc: "Simple Ingress Route, with options", 3320 paths: []string{"services.yml", "with_options.yml"}, 3321 expected: &dynamic.Configuration{ 3322 UDP: &dynamic.UDPConfiguration{ 3323 Routers: map[string]*dynamic.UDPRouter{}, 3324 Services: map[string]*dynamic.UDPService{}, 3325 }, 3326 TCP: &dynamic.TCPConfiguration{ 3327 Routers: map[string]*dynamic.TCPRouter{}, 3328 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3329 Services: map[string]*dynamic.TCPService{}, 3330 }, 3331 HTTP: &dynamic.HTTPConfiguration{ 3332 Routers: map[string]*dynamic.Router{ 3333 "default-test-route-6b204d94623b3df4370c": { 3334 EntryPoints: []string{"foo"}, 3335 Service: "default-test-route-6b204d94623b3df4370c", 3336 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3337 Priority: 12, 3338 }, 3339 }, 3340 Middlewares: map[string]*dynamic.Middleware{}, 3341 Services: map[string]*dynamic.Service{ 3342 "default-test-route-6b204d94623b3df4370c": { 3343 LoadBalancer: &dynamic.ServersLoadBalancer{ 3344 Servers: []dynamic.Server{ 3345 { 3346 URL: "http://10.10.0.1:80", 3347 }, 3348 { 3349 URL: "http://10.10.0.2:80", 3350 }, 3351 }, 3352 PassHostHeader: Bool(false), 3353 ResponseForwarding: &dynamic.ResponseForwarding{FlushInterval: "10s"}, 3354 }, 3355 }, 3356 }, 3357 ServersTransports: map[string]*dynamic.ServersTransport{}, 3358 }, 3359 TLS: &dynamic.TLSConfiguration{}, 3360 }, 3361 }, 3362 { 3363 desc: "TLS with tls store", 3364 paths: []string{"services.yml", "with_tls_store.yml"}, 3365 expected: &dynamic.Configuration{ 3366 TLS: &dynamic.TLSConfiguration{ 3367 Stores: map[string]tls.Store{ 3368 "default": { 3369 DefaultCertificate: &tls.Certificate{ 3370 CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"), 3371 KeyFile: tls.FileOrContent("-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----"), 3372 }, 3373 }, 3374 }, 3375 }, 3376 UDP: &dynamic.UDPConfiguration{ 3377 Routers: map[string]*dynamic.UDPRouter{}, 3378 Services: map[string]*dynamic.UDPService{}, 3379 }, 3380 TCP: &dynamic.TCPConfiguration{ 3381 Routers: map[string]*dynamic.TCPRouter{}, 3382 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3383 Services: map[string]*dynamic.TCPService{}, 3384 }, 3385 HTTP: &dynamic.HTTPConfiguration{ 3386 Routers: map[string]*dynamic.Router{ 3387 "default-test-route-6b204d94623b3df4370c": { 3388 EntryPoints: []string{"web"}, 3389 Service: "default-test-route-6b204d94623b3df4370c", 3390 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3391 Priority: 12, 3392 TLS: &dynamic.RouterTLSConfig{}, 3393 }, 3394 }, 3395 Middlewares: map[string]*dynamic.Middleware{}, 3396 Services: map[string]*dynamic.Service{ 3397 "default-test-route-6b204d94623b3df4370c": { 3398 LoadBalancer: &dynamic.ServersLoadBalancer{ 3399 Servers: []dynamic.Server{ 3400 { 3401 URL: "http://10.10.0.1:80", 3402 }, 3403 { 3404 URL: "http://10.10.0.2:80", 3405 }, 3406 }, 3407 PassHostHeader: Bool(true), 3408 }, 3409 }, 3410 }, 3411 ServersTransports: map[string]*dynamic.ServersTransport{}, 3412 }, 3413 }, 3414 }, 3415 { 3416 desc: "TLS with tls store default two times", 3417 paths: []string{"services.yml", "with_tls_store.yml", "with_default_tls_store.yml"}, 3418 expected: &dynamic.Configuration{ 3419 TLS: &dynamic.TLSConfiguration{ 3420 Stores: map[string]tls.Store{}, 3421 }, 3422 UDP: &dynamic.UDPConfiguration{ 3423 Routers: map[string]*dynamic.UDPRouter{}, 3424 Services: map[string]*dynamic.UDPService{}, 3425 }, 3426 TCP: &dynamic.TCPConfiguration{ 3427 Routers: map[string]*dynamic.TCPRouter{}, 3428 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3429 Services: map[string]*dynamic.TCPService{}, 3430 }, 3431 HTTP: &dynamic.HTTPConfiguration{ 3432 Routers: map[string]*dynamic.Router{ 3433 "default-test-route-6b204d94623b3df4370c": { 3434 EntryPoints: []string{"web"}, 3435 Service: "default-test-route-6b204d94623b3df4370c", 3436 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 3437 Priority: 12, 3438 TLS: &dynamic.RouterTLSConfig{}, 3439 }, 3440 }, 3441 Middlewares: map[string]*dynamic.Middleware{}, 3442 Services: map[string]*dynamic.Service{ 3443 "default-test-route-6b204d94623b3df4370c": { 3444 LoadBalancer: &dynamic.ServersLoadBalancer{ 3445 Servers: []dynamic.Server{ 3446 { 3447 URL: "http://10.10.0.1:80", 3448 }, 3449 { 3450 URL: "http://10.10.0.2:80", 3451 }, 3452 }, 3453 PassHostHeader: Bool(true), 3454 }, 3455 }, 3456 }, 3457 ServersTransports: map[string]*dynamic.ServersTransport{}, 3458 }, 3459 }, 3460 }, 3461 { 3462 desc: "port selected by name (TODO)", 3463 }, 3464 { 3465 desc: "Simple Ingress Route, with externalName service", 3466 paths: []string{"services.yml", "with_externalname.yml"}, 3467 expected: &dynamic.Configuration{ 3468 UDP: &dynamic.UDPConfiguration{ 3469 Routers: map[string]*dynamic.UDPRouter{}, 3470 Services: map[string]*dynamic.UDPService{}, 3471 }, 3472 TCP: &dynamic.TCPConfiguration{ 3473 Routers: map[string]*dynamic.TCPRouter{}, 3474 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3475 Services: map[string]*dynamic.TCPService{}, 3476 }, 3477 HTTP: &dynamic.HTTPConfiguration{ 3478 Routers: map[string]*dynamic.Router{ 3479 "default-test-route-6f97418635c7e18853da": { 3480 EntryPoints: []string{"foo"}, 3481 Service: "default-test-route-6f97418635c7e18853da", 3482 Rule: "Host(`foo.com`)", 3483 }, 3484 }, 3485 Middlewares: map[string]*dynamic.Middleware{}, 3486 Services: map[string]*dynamic.Service{ 3487 "default-test-route-6f97418635c7e18853da": { 3488 LoadBalancer: &dynamic.ServersLoadBalancer{ 3489 Servers: []dynamic.Server{ 3490 { 3491 URL: "http://external.domain:80", 3492 }, 3493 }, 3494 PassHostHeader: Bool(true), 3495 }, 3496 }, 3497 }, 3498 ServersTransports: map[string]*dynamic.ServersTransport{}, 3499 }, 3500 TLS: &dynamic.TLSConfiguration{}, 3501 }, 3502 }, 3503 { 3504 desc: "Ingress Route, externalName service with http", 3505 paths: []string{"services.yml", "with_externalname_with_http.yml"}, 3506 expected: &dynamic.Configuration{ 3507 UDP: &dynamic.UDPConfiguration{ 3508 Routers: map[string]*dynamic.UDPRouter{}, 3509 Services: map[string]*dynamic.UDPService{}, 3510 }, 3511 TCP: &dynamic.TCPConfiguration{ 3512 Routers: map[string]*dynamic.TCPRouter{}, 3513 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3514 Services: map[string]*dynamic.TCPService{}, 3515 }, 3516 HTTP: &dynamic.HTTPConfiguration{ 3517 Routers: map[string]*dynamic.Router{ 3518 "default-test-route-6f97418635c7e18853da": { 3519 EntryPoints: []string{"foo"}, 3520 Service: "default-test-route-6f97418635c7e18853da", 3521 Rule: "Host(`foo.com`)", 3522 }, 3523 }, 3524 Middlewares: map[string]*dynamic.Middleware{}, 3525 Services: map[string]*dynamic.Service{ 3526 "default-test-route-6f97418635c7e18853da": { 3527 LoadBalancer: &dynamic.ServersLoadBalancer{ 3528 Servers: []dynamic.Server{ 3529 { 3530 URL: "http://external.domain:80", 3531 }, 3532 }, 3533 PassHostHeader: Bool(true), 3534 }, 3535 }, 3536 }, 3537 ServersTransports: map[string]*dynamic.ServersTransport{}, 3538 }, 3539 TLS: &dynamic.TLSConfiguration{}, 3540 }, 3541 }, 3542 { 3543 desc: "Ingress Route, externalName service with https", 3544 paths: []string{"services.yml", "with_externalname_with_https.yml"}, 3545 expected: &dynamic.Configuration{ 3546 UDP: &dynamic.UDPConfiguration{ 3547 Routers: map[string]*dynamic.UDPRouter{}, 3548 Services: map[string]*dynamic.UDPService{}, 3549 }, 3550 TCP: &dynamic.TCPConfiguration{ 3551 Routers: map[string]*dynamic.TCPRouter{}, 3552 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3553 Services: map[string]*dynamic.TCPService{}, 3554 }, 3555 HTTP: &dynamic.HTTPConfiguration{ 3556 Routers: map[string]*dynamic.Router{ 3557 "default-test-route-6f97418635c7e18853da": { 3558 EntryPoints: []string{"foo"}, 3559 Service: "default-test-route-6f97418635c7e18853da", 3560 Rule: "Host(`foo.com`)", 3561 }, 3562 }, 3563 Middlewares: map[string]*dynamic.Middleware{}, 3564 Services: map[string]*dynamic.Service{ 3565 "default-test-route-6f97418635c7e18853da": { 3566 LoadBalancer: &dynamic.ServersLoadBalancer{ 3567 Servers: []dynamic.Server{ 3568 { 3569 URL: "https://external.domain:443", 3570 }, 3571 }, 3572 PassHostHeader: Bool(true), 3573 }, 3574 }, 3575 }, 3576 ServersTransports: map[string]*dynamic.ServersTransport{}, 3577 }, 3578 TLS: &dynamic.TLSConfiguration{}, 3579 }, 3580 }, 3581 { 3582 desc: "Ingress Route, externalName service without ports", 3583 paths: []string{"services.yml", "with_externalname_without_ports.yml"}, 3584 expected: &dynamic.Configuration{ 3585 UDP: &dynamic.UDPConfiguration{ 3586 Routers: map[string]*dynamic.UDPRouter{}, 3587 Services: map[string]*dynamic.UDPService{}, 3588 }, 3589 TCP: &dynamic.TCPConfiguration{ 3590 Routers: map[string]*dynamic.TCPRouter{}, 3591 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3592 Services: map[string]*dynamic.TCPService{}, 3593 }, 3594 HTTP: &dynamic.HTTPConfiguration{ 3595 Routers: map[string]*dynamic.Router{}, 3596 Middlewares: map[string]*dynamic.Middleware{}, 3597 Services: map[string]*dynamic.Service{}, 3598 ServersTransports: map[string]*dynamic.ServersTransport{}, 3599 }, 3600 TLS: &dynamic.TLSConfiguration{}, 3601 }, 3602 }, 3603 { 3604 desc: "ServersTransport", 3605 paths: []string{"services.yml", "with_servers_transport.yml"}, 3606 expected: &dynamic.Configuration{ 3607 UDP: &dynamic.UDPConfiguration{ 3608 Routers: map[string]*dynamic.UDPRouter{}, 3609 Services: map[string]*dynamic.UDPService{}, 3610 }, 3611 TCP: &dynamic.TCPConfiguration{ 3612 Routers: map[string]*dynamic.TCPRouter{}, 3613 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3614 Services: map[string]*dynamic.TCPService{}, 3615 }, 3616 HTTP: &dynamic.HTTPConfiguration{ 3617 ServersTransports: map[string]*dynamic.ServersTransport{ 3618 "foo-test": { 3619 ServerName: "test", 3620 InsecureSkipVerify: true, 3621 RootCAs: []tls.FileOrContent{"TESTROOTCAS0", "TESTROOTCAS1", "TESTROOTCAS2", "TESTROOTCAS3", "TESTROOTCAS5", "TESTALLCERTS"}, 3622 Certificates: tls.Certificates{ 3623 {CertFile: "TESTCERT1", KeyFile: "TESTKEY1"}, 3624 {CertFile: "TESTCERT2", KeyFile: "TESTKEY2"}, 3625 {CertFile: "TESTCERT3", KeyFile: "TESTKEY3"}, 3626 }, 3627 MaxIdleConnsPerHost: 42, 3628 DisableHTTP2: true, 3629 ForwardingTimeouts: &dynamic.ForwardingTimeouts{ 3630 DialTimeout: ptypes.Duration(42 * time.Second), 3631 ResponseHeaderTimeout: ptypes.Duration(42 * time.Second), 3632 IdleConnTimeout: ptypes.Duration(42 * time.Millisecond), 3633 ReadIdleTimeout: ptypes.Duration(42 * time.Second), 3634 PingTimeout: ptypes.Duration(42 * time.Second), 3635 }, 3636 PeerCertURI: "foo://bar", 3637 }, 3638 "default-test": { 3639 ServerName: "test", 3640 ForwardingTimeouts: &dynamic.ForwardingTimeouts{ 3641 DialTimeout: ptypes.Duration(30 * time.Second), 3642 IdleConnTimeout: ptypes.Duration(90 * time.Second), 3643 PingTimeout: ptypes.Duration(15 * time.Second), 3644 }, 3645 }, 3646 }, 3647 Routers: map[string]*dynamic.Router{ 3648 "default-test-route-6f97418635c7e18853da": { 3649 EntryPoints: []string{"foo"}, 3650 Service: "default-test-route-6f97418635c7e18853da", 3651 Rule: "Host(`foo.com`)", 3652 }, 3653 }, 3654 Middlewares: map[string]*dynamic.Middleware{}, 3655 Services: map[string]*dynamic.Service{ 3656 "default-external-svc-with-https-443": { 3657 LoadBalancer: &dynamic.ServersLoadBalancer{ 3658 Servers: []dynamic.Server{ 3659 { 3660 URL: "https://external.domain:443", 3661 }, 3662 }, 3663 PassHostHeader: Bool(true), 3664 ServersTransport: "default-test", 3665 }, 3666 }, 3667 "default-whoamitls-443": { 3668 LoadBalancer: &dynamic.ServersLoadBalancer{ 3669 Servers: []dynamic.Server{ 3670 { 3671 URL: "https://10.10.0.5:8443", 3672 }, 3673 { 3674 URL: "https://10.10.0.6:8443", 3675 }, 3676 }, 3677 PassHostHeader: Bool(true), 3678 ServersTransport: "default-default-test", 3679 }, 3680 }, 3681 "default-test-route-6f97418635c7e18853da": { 3682 Weighted: &dynamic.WeightedRoundRobin{ 3683 Services: []dynamic.WRRService{ 3684 { 3685 Name: "default-external-svc-with-https-443", 3686 Weight: Int(1), 3687 }, 3688 { 3689 Name: "default-whoamitls-443", 3690 Weight: Int(1), 3691 }, 3692 }, 3693 }, 3694 }, 3695 }, 3696 }, 3697 TLS: &dynamic.TLSConfiguration{}, 3698 }, 3699 }, 3700 } 3701 3702 for _, test := range testCases { 3703 test := test 3704 t.Run(test.desc, func(t *testing.T) { 3705 t.Parallel() 3706 3707 if test.expected == nil { 3708 return 3709 } 3710 3711 p := Provider{IngressClass: test.ingressClass, AllowCrossNamespace: test.AllowCrossNamespace, AllowExternalNameServices: true} 3712 3713 clientMock := newClientMock(test.paths...) 3714 conf := p.loadConfigurationFromCRD(context.Background(), clientMock) 3715 assert.Equal(t, test.expected, conf) 3716 }) 3717 } 3718} 3719 3720func TestLoadIngressRouteUDPs(t *testing.T) { 3721 testCases := []struct { 3722 desc string 3723 ingressClass string 3724 paths []string 3725 expected *dynamic.Configuration 3726 }{ 3727 { 3728 desc: "Empty", 3729 expected: &dynamic.Configuration{ 3730 UDP: &dynamic.UDPConfiguration{ 3731 Routers: map[string]*dynamic.UDPRouter{}, 3732 Services: map[string]*dynamic.UDPService{}, 3733 }, 3734 TCP: &dynamic.TCPConfiguration{ 3735 Routers: map[string]*dynamic.TCPRouter{}, 3736 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3737 Services: map[string]*dynamic.TCPService{}, 3738 }, 3739 HTTP: &dynamic.HTTPConfiguration{ 3740 Routers: map[string]*dynamic.Router{}, 3741 Middlewares: map[string]*dynamic.Middleware{}, 3742 Services: map[string]*dynamic.Service{}, 3743 ServersTransports: map[string]*dynamic.ServersTransport{}, 3744 }, 3745 TLS: &dynamic.TLSConfiguration{}, 3746 }, 3747 }, 3748 { 3749 desc: "Simple Ingress Route, with foo entrypoint", 3750 paths: []string{"udp/services.yml", "udp/simple.yml"}, 3751 expected: &dynamic.Configuration{ 3752 UDP: &dynamic.UDPConfiguration{ 3753 Routers: map[string]*dynamic.UDPRouter{ 3754 "default-test.route-0": { 3755 EntryPoints: []string{"foo"}, 3756 Service: "default-test.route-0", 3757 }, 3758 }, 3759 Services: map[string]*dynamic.UDPService{ 3760 "default-test.route-0": { 3761 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3762 Servers: []dynamic.UDPServer{ 3763 { 3764 Address: "10.10.0.1:8000", 3765 }, 3766 { 3767 Address: "10.10.0.2:8000", 3768 }, 3769 }, 3770 }, 3771 }, 3772 }, 3773 }, 3774 HTTP: &dynamic.HTTPConfiguration{ 3775 Routers: map[string]*dynamic.Router{}, 3776 Middlewares: map[string]*dynamic.Middleware{}, 3777 Services: map[string]*dynamic.Service{}, 3778 ServersTransports: map[string]*dynamic.ServersTransport{}, 3779 }, 3780 TCP: &dynamic.TCPConfiguration{ 3781 Routers: map[string]*dynamic.TCPRouter{}, 3782 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3783 Services: map[string]*dynamic.TCPService{}, 3784 }, 3785 TLS: &dynamic.TLSConfiguration{}, 3786 }, 3787 }, 3788 { 3789 desc: "One ingress Route with two different routes", 3790 paths: []string{"udp/services.yml", "udp/with_two_routes.yml"}, 3791 expected: &dynamic.Configuration{ 3792 UDP: &dynamic.UDPConfiguration{ 3793 Routers: map[string]*dynamic.UDPRouter{ 3794 "default-test.route-0": { 3795 EntryPoints: []string{"foo"}, 3796 Service: "default-test.route-0", 3797 }, 3798 "default-test.route-1": { 3799 EntryPoints: []string{"foo"}, 3800 Service: "default-test.route-1", 3801 }, 3802 }, 3803 Services: map[string]*dynamic.UDPService{ 3804 "default-test.route-0": { 3805 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3806 Servers: []dynamic.UDPServer{ 3807 { 3808 Address: "10.10.0.1:8000", 3809 }, 3810 { 3811 Address: "10.10.0.2:8000", 3812 }, 3813 }, 3814 }, 3815 }, 3816 "default-test.route-1": { 3817 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3818 Servers: []dynamic.UDPServer{ 3819 { 3820 Address: "10.10.0.3:8080", 3821 }, 3822 { 3823 Address: "10.10.0.4:8080", 3824 }, 3825 }, 3826 }, 3827 }, 3828 }, 3829 }, 3830 TCP: &dynamic.TCPConfiguration{ 3831 Routers: map[string]*dynamic.TCPRouter{}, 3832 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3833 Services: map[string]*dynamic.TCPService{}, 3834 }, 3835 HTTP: &dynamic.HTTPConfiguration{ 3836 Routers: map[string]*dynamic.Router{}, 3837 Middlewares: map[string]*dynamic.Middleware{}, 3838 Services: map[string]*dynamic.Service{}, 3839 ServersTransports: map[string]*dynamic.ServersTransport{}, 3840 }, 3841 TLS: &dynamic.TLSConfiguration{}, 3842 }, 3843 }, 3844 { 3845 desc: "One ingress Route with two different services", 3846 paths: []string{"udp/services.yml", "udp/with_two_services.yml"}, 3847 expected: &dynamic.Configuration{ 3848 UDP: &dynamic.UDPConfiguration{ 3849 Routers: map[string]*dynamic.UDPRouter{ 3850 "default-test.route-0": { 3851 EntryPoints: []string{"foo"}, 3852 Service: "default-test.route-0", 3853 }, 3854 }, 3855 Services: map[string]*dynamic.UDPService{ 3856 "default-test.route-0": { 3857 Weighted: &dynamic.UDPWeightedRoundRobin{ 3858 Services: []dynamic.UDPWRRService{ 3859 { 3860 Name: "default-test.route-0-whoamiudp-8000", 3861 Weight: func(i int) *int { return &i }(2), 3862 }, 3863 { 3864 Name: "default-test.route-0-whoamiudp2-8080", 3865 Weight: func(i int) *int { return &i }(3), 3866 }, 3867 }, 3868 }, 3869 }, 3870 "default-test.route-0-whoamiudp-8000": { 3871 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3872 Servers: []dynamic.UDPServer{ 3873 { 3874 Address: "10.10.0.1:8000", 3875 }, 3876 { 3877 Address: "10.10.0.2:8000", 3878 }, 3879 }, 3880 }, 3881 }, 3882 "default-test.route-0-whoamiudp2-8080": { 3883 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3884 Servers: []dynamic.UDPServer{ 3885 { 3886 Address: "10.10.0.3:8080", 3887 }, 3888 { 3889 Address: "10.10.0.4:8080", 3890 }, 3891 }, 3892 }, 3893 }, 3894 }, 3895 }, 3896 TCP: &dynamic.TCPConfiguration{ 3897 Routers: map[string]*dynamic.TCPRouter{}, 3898 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3899 Services: map[string]*dynamic.TCPService{}, 3900 }, 3901 HTTP: &dynamic.HTTPConfiguration{ 3902 Routers: map[string]*dynamic.Router{}, 3903 Middlewares: map[string]*dynamic.Middleware{}, 3904 Services: map[string]*dynamic.Service{}, 3905 ServersTransports: map[string]*dynamic.ServersTransport{}, 3906 }, 3907 TLS: &dynamic.TLSConfiguration{}, 3908 }, 3909 }, 3910 { 3911 desc: "One ingress Route with different services namespaces", 3912 paths: []string{"udp/services.yml", "udp/with_different_services_ns.yml"}, 3913 expected: &dynamic.Configuration{ 3914 UDP: &dynamic.UDPConfiguration{ 3915 Routers: map[string]*dynamic.UDPRouter{ 3916 "default-test.route-0": { 3917 EntryPoints: []string{"foo"}, 3918 Service: "default-test.route-0", 3919 }, 3920 }, 3921 Services: map[string]*dynamic.UDPService{ 3922 "default-test.route-0": { 3923 Weighted: &dynamic.UDPWeightedRoundRobin{ 3924 Services: []dynamic.UDPWRRService{ 3925 { 3926 Name: "default-test.route-0-whoamiudp-8000", 3927 Weight: func(i int) *int { return &i }(2), 3928 }, 3929 { 3930 Name: "default-test.route-0-whoamiudp2-8080", 3931 Weight: func(i int) *int { return &i }(3), 3932 }, 3933 { 3934 Name: "default-test.route-0-whoamiudp3-8083", 3935 Weight: func(i int) *int { return &i }(4), 3936 }, 3937 }, 3938 }, 3939 }, 3940 "default-test.route-0-whoamiudp-8000": { 3941 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3942 Servers: []dynamic.UDPServer{ 3943 { 3944 Address: "10.10.0.1:8000", 3945 }, 3946 { 3947 Address: "10.10.0.2:8000", 3948 }, 3949 }, 3950 }, 3951 }, 3952 "default-test.route-0-whoamiudp2-8080": { 3953 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3954 Servers: []dynamic.UDPServer{ 3955 { 3956 Address: "10.10.0.3:8080", 3957 }, 3958 { 3959 Address: "10.10.0.4:8080", 3960 }, 3961 }, 3962 }, 3963 }, 3964 "default-test.route-0-whoamiudp3-8083": { 3965 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 3966 Servers: []dynamic.UDPServer{ 3967 { 3968 Address: "10.10.0.7:8083", 3969 }, 3970 { 3971 Address: "10.10.0.8:8083", 3972 }, 3973 }, 3974 }, 3975 }, 3976 }, 3977 }, 3978 TCP: &dynamic.TCPConfiguration{ 3979 Routers: map[string]*dynamic.TCPRouter{}, 3980 Middlewares: map[string]*dynamic.TCPMiddleware{}, 3981 Services: map[string]*dynamic.TCPService{}, 3982 }, 3983 HTTP: &dynamic.HTTPConfiguration{ 3984 Routers: map[string]*dynamic.Router{}, 3985 Middlewares: map[string]*dynamic.Middleware{}, 3986 Services: map[string]*dynamic.Service{}, 3987 ServersTransports: map[string]*dynamic.ServersTransport{}, 3988 }, 3989 TLS: &dynamic.TLSConfiguration{}, 3990 }, 3991 }, 3992 { 3993 desc: "Simple Ingress Route, with externalName service", 3994 paths: []string{"udp/services.yml", "udp/with_externalname.yml"}, 3995 expected: &dynamic.Configuration{ 3996 UDP: &dynamic.UDPConfiguration{ 3997 Routers: map[string]*dynamic.UDPRouter{ 3998 "default-test.route-0": { 3999 EntryPoints: []string{"foo"}, 4000 Service: "default-test.route-0", 4001 }, 4002 }, 4003 Services: map[string]*dynamic.UDPService{ 4004 "default-test.route-0": { 4005 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 4006 Servers: []dynamic.UDPServer{ 4007 { 4008 Address: "external.domain:8000", 4009 }, 4010 }, 4011 }, 4012 }, 4013 }, 4014 }, 4015 TCP: &dynamic.TCPConfiguration{ 4016 Routers: map[string]*dynamic.TCPRouter{}, 4017 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4018 Services: map[string]*dynamic.TCPService{}, 4019 }, 4020 HTTP: &dynamic.HTTPConfiguration{ 4021 Routers: map[string]*dynamic.Router{}, 4022 Middlewares: map[string]*dynamic.Middleware{}, 4023 Services: map[string]*dynamic.Service{}, 4024 ServersTransports: map[string]*dynamic.ServersTransport{}, 4025 }, 4026 TLS: &dynamic.TLSConfiguration{}, 4027 }, 4028 }, 4029 { 4030 desc: "Ingress Route, externalName service with port", 4031 paths: []string{"udp/services.yml", "udp/with_externalname_with_port.yml"}, 4032 expected: &dynamic.Configuration{ 4033 UDP: &dynamic.UDPConfiguration{ 4034 Routers: map[string]*dynamic.UDPRouter{ 4035 "default-test.route-0": { 4036 EntryPoints: []string{"foo"}, 4037 Service: "default-test.route-0", 4038 }, 4039 }, 4040 Services: map[string]*dynamic.UDPService{ 4041 "default-test.route-0": { 4042 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 4043 Servers: []dynamic.UDPServer{ 4044 { 4045 Address: "external.domain:80", 4046 }, 4047 }, 4048 }, 4049 }, 4050 }, 4051 }, 4052 TCP: &dynamic.TCPConfiguration{ 4053 Routers: map[string]*dynamic.TCPRouter{}, 4054 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4055 Services: map[string]*dynamic.TCPService{}, 4056 }, 4057 HTTP: &dynamic.HTTPConfiguration{ 4058 Routers: map[string]*dynamic.Router{}, 4059 Middlewares: map[string]*dynamic.Middleware{}, 4060 Services: map[string]*dynamic.Service{}, 4061 ServersTransports: map[string]*dynamic.ServersTransport{}, 4062 }, 4063 TLS: &dynamic.TLSConfiguration{}, 4064 }, 4065 }, 4066 { 4067 desc: "Ingress Route, externalName service without port", 4068 paths: []string{"udp/services.yml", "udp/with_externalname_without_ports.yml"}, 4069 expected: &dynamic.Configuration{ 4070 UDP: &dynamic.UDPConfiguration{ 4071 Routers: map[string]*dynamic.UDPRouter{ 4072 "default-test.route-0": { 4073 EntryPoints: []string{"foo"}, 4074 Service: "default-test.route-0", 4075 }, 4076 }, 4077 Services: map[string]*dynamic.UDPService{}, 4078 }, 4079 TCP: &dynamic.TCPConfiguration{ 4080 Routers: map[string]*dynamic.TCPRouter{}, 4081 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4082 Services: map[string]*dynamic.TCPService{}, 4083 }, 4084 HTTP: &dynamic.HTTPConfiguration{ 4085 Routers: map[string]*dynamic.Router{}, 4086 Middlewares: map[string]*dynamic.Middleware{}, 4087 Services: map[string]*dynamic.Service{}, 4088 ServersTransports: map[string]*dynamic.ServersTransport{}, 4089 }, 4090 TLS: &dynamic.TLSConfiguration{}, 4091 }, 4092 }, 4093 { 4094 desc: "Ingress class does not match", 4095 paths: []string{"udp/services.yml", "udp/simple.yml"}, 4096 ingressClass: "tchouk", 4097 expected: &dynamic.Configuration{ 4098 UDP: &dynamic.UDPConfiguration{ 4099 Routers: map[string]*dynamic.UDPRouter{}, 4100 Services: map[string]*dynamic.UDPService{}, 4101 }, 4102 TCP: &dynamic.TCPConfiguration{ 4103 Routers: map[string]*dynamic.TCPRouter{}, 4104 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4105 Services: map[string]*dynamic.TCPService{}, 4106 }, 4107 HTTP: &dynamic.HTTPConfiguration{ 4108 Routers: map[string]*dynamic.Router{}, 4109 Middlewares: map[string]*dynamic.Middleware{}, 4110 Services: map[string]*dynamic.Service{}, 4111 ServersTransports: map[string]*dynamic.ServersTransport{}, 4112 }, 4113 TLS: &dynamic.TLSConfiguration{}, 4114 }, 4115 }, 4116 } 4117 4118 for _, test := range testCases { 4119 test := test 4120 4121 t.Run(test.desc, func(t *testing.T) { 4122 t.Parallel() 4123 4124 if test.expected == nil { 4125 return 4126 } 4127 4128 p := Provider{IngressClass: test.ingressClass, AllowCrossNamespace: true, AllowExternalNameServices: true} 4129 4130 clientMock := newClientMock(test.paths...) 4131 conf := p.loadConfigurationFromCRD(context.Background(), clientMock) 4132 assert.Equal(t, test.expected, conf) 4133 }) 4134 } 4135} 4136 4137func TestParseServiceProtocol(t *testing.T) { 4138 testCases := []struct { 4139 desc string 4140 scheme string 4141 portName string 4142 portNumber int32 4143 expected string 4144 expectedError bool 4145 }{ 4146 { 4147 desc: "Empty scheme and name", 4148 scheme: "", 4149 portName: "", 4150 portNumber: 1000, 4151 expected: "http", 4152 }, 4153 { 4154 desc: "h2c scheme and emptyname", 4155 scheme: "h2c", 4156 portName: "", 4157 portNumber: 1000, 4158 expected: "h2c", 4159 }, 4160 { 4161 desc: "invalid scheme", 4162 scheme: "foo", 4163 portName: "", 4164 portNumber: 1000, 4165 expectedError: true, 4166 }, 4167 { 4168 desc: "Empty scheme and https name", 4169 scheme: "", 4170 portName: "https-secure", 4171 portNumber: 1000, 4172 expected: "https", 4173 }, 4174 { 4175 desc: "Empty scheme and port number", 4176 scheme: "", 4177 portName: "", 4178 portNumber: 443, 4179 expected: "https", 4180 }, 4181 { 4182 desc: "https scheme", 4183 scheme: "https", 4184 portName: "", 4185 portNumber: 1000, 4186 expected: "https", 4187 }, 4188 } 4189 4190 for _, test := range testCases { 4191 test := test 4192 4193 t.Run(test.desc, func(t *testing.T) { 4194 t.Parallel() 4195 4196 protocol, err := parseServiceProtocol(test.scheme, test.portName, test.portNumber) 4197 if test.expectedError { 4198 assert.Error(t, err) 4199 } else { 4200 assert.Equal(t, test.expected, protocol) 4201 } 4202 }) 4203 } 4204} 4205 4206func TestGetServicePort(t *testing.T) { 4207 testCases := []struct { 4208 desc string 4209 svc *corev1.Service 4210 port intstr.IntOrString 4211 expected *corev1.ServicePort 4212 expectError bool 4213 }{ 4214 { 4215 desc: "Basic", 4216 expectError: true, 4217 }, 4218 { 4219 desc: "Matching ports, with no service type", 4220 svc: &corev1.Service{ 4221 Spec: corev1.ServiceSpec{ 4222 Ports: []corev1.ServicePort{ 4223 { 4224 Port: 80, 4225 }, 4226 }, 4227 }, 4228 }, 4229 port: intstr.FromInt(80), 4230 expected: &corev1.ServicePort{ 4231 Port: 80, 4232 }, 4233 }, 4234 { 4235 desc: "Matching ports 0", 4236 svc: &corev1.Service{ 4237 Spec: corev1.ServiceSpec{ 4238 Ports: []corev1.ServicePort{ 4239 {}, 4240 }, 4241 }, 4242 }, 4243 expectError: true, 4244 }, 4245 { 4246 desc: "Matching ports 0 (with external name)", 4247 svc: &corev1.Service{ 4248 Spec: corev1.ServiceSpec{ 4249 Type: corev1.ServiceTypeExternalName, 4250 Ports: []corev1.ServicePort{ 4251 {}, 4252 }, 4253 }, 4254 }, 4255 expectError: true, 4256 }, 4257 { 4258 desc: "Matching named port", 4259 svc: &corev1.Service{ 4260 Spec: corev1.ServiceSpec{ 4261 Ports: []corev1.ServicePort{ 4262 { 4263 Name: "http", 4264 Port: 80, 4265 }, 4266 }, 4267 }, 4268 }, 4269 port: intstr.FromString("http"), 4270 expected: &corev1.ServicePort{ 4271 Name: "http", 4272 Port: 80, 4273 }, 4274 }, 4275 { 4276 desc: "Matching named port (with external name)", 4277 svc: &corev1.Service{ 4278 Spec: corev1.ServiceSpec{ 4279 Type: corev1.ServiceTypeExternalName, 4280 Ports: []corev1.ServicePort{ 4281 { 4282 Name: "http", 4283 Port: 80, 4284 }, 4285 }, 4286 }, 4287 }, 4288 port: intstr.FromString("http"), 4289 expected: &corev1.ServicePort{ 4290 Name: "http", 4291 Port: 80, 4292 }, 4293 }, 4294 { 4295 desc: "Mismatching, only port(Ingress) defined", 4296 svc: &corev1.Service{ 4297 Spec: corev1.ServiceSpec{}, 4298 }, 4299 port: intstr.FromInt(80), 4300 expectError: true, 4301 }, 4302 { 4303 desc: "Mismatching, only named port(Ingress) defined", 4304 svc: &corev1.Service{ 4305 Spec: corev1.ServiceSpec{}, 4306 }, 4307 port: intstr.FromString("http"), 4308 expectError: true, 4309 }, 4310 { 4311 desc: "Mismatching, only port(Ingress) defined with external name", 4312 svc: &corev1.Service{ 4313 Spec: corev1.ServiceSpec{ 4314 Type: corev1.ServiceTypeExternalName, 4315 }, 4316 }, 4317 port: intstr.FromInt(80), 4318 expected: &corev1.ServicePort{ 4319 Port: 80, 4320 }, 4321 }, 4322 { 4323 desc: "Mismatching, only named port(Ingress) defined with external name", 4324 svc: &corev1.Service{ 4325 Spec: corev1.ServiceSpec{ 4326 Type: corev1.ServiceTypeExternalName, 4327 }, 4328 }, 4329 port: intstr.FromString("http"), 4330 expectError: true, 4331 }, 4332 { 4333 desc: "Mismatching, only Service port defined", 4334 svc: &corev1.Service{ 4335 Spec: corev1.ServiceSpec{ 4336 Ports: []corev1.ServicePort{ 4337 { 4338 Port: 80, 4339 }, 4340 }, 4341 }, 4342 }, 4343 expectError: true, 4344 }, 4345 { 4346 desc: "Mismatching, only Service port defined with external name", 4347 svc: &corev1.Service{ 4348 Spec: corev1.ServiceSpec{ 4349 Type: corev1.ServiceTypeExternalName, 4350 Ports: []corev1.ServicePort{ 4351 { 4352 Port: 80, 4353 }, 4354 }, 4355 }, 4356 }, 4357 expectError: true, 4358 }, 4359 { 4360 desc: "Two different ports defined", 4361 svc: &corev1.Service{ 4362 Spec: corev1.ServiceSpec{ 4363 Ports: []corev1.ServicePort{ 4364 { 4365 Port: 80, 4366 }, 4367 }, 4368 }, 4369 }, 4370 port: intstr.FromInt(443), 4371 expectError: true, 4372 }, 4373 { 4374 desc: "Two different named ports defined", 4375 svc: &corev1.Service{ 4376 Spec: corev1.ServiceSpec{ 4377 Ports: []corev1.ServicePort{ 4378 { 4379 Name: "foo", 4380 Port: 80, 4381 }, 4382 }, 4383 }, 4384 }, 4385 port: intstr.FromString("bar"), 4386 expectError: true, 4387 }, 4388 { 4389 desc: "Two different ports defined (with external name)", 4390 svc: &corev1.Service{ 4391 Spec: corev1.ServiceSpec{ 4392 Type: corev1.ServiceTypeExternalName, 4393 Ports: []corev1.ServicePort{ 4394 { 4395 Port: 80, 4396 }, 4397 }, 4398 }, 4399 }, 4400 port: intstr.FromInt(443), 4401 expected: &corev1.ServicePort{ 4402 Port: 443, 4403 }, 4404 }, 4405 { 4406 desc: "Two different named ports defined (with external name)", 4407 svc: &corev1.Service{ 4408 Spec: corev1.ServiceSpec{ 4409 Type: corev1.ServiceTypeExternalName, 4410 Ports: []corev1.ServicePort{ 4411 { 4412 Name: "foo", 4413 Port: 80, 4414 }, 4415 }, 4416 }, 4417 }, 4418 port: intstr.FromString("bar"), 4419 expectError: true, 4420 }, 4421 } 4422 for _, test := range testCases { 4423 test := test 4424 t.Run(test.desc, func(t *testing.T) { 4425 t.Parallel() 4426 4427 actual, err := getServicePort(test.svc, test.port) 4428 if test.expectError { 4429 assert.Error(t, err) 4430 } else { 4431 assert.Equal(t, test.expected, actual) 4432 } 4433 }) 4434 } 4435} 4436 4437func TestCrossNamespace(t *testing.T) { 4438 testCases := []struct { 4439 desc string 4440 allowCrossNamespace bool 4441 ingressClass string 4442 paths []string 4443 expected *dynamic.Configuration 4444 }{ 4445 { 4446 desc: "Empty", 4447 expected: &dynamic.Configuration{ 4448 UDP: &dynamic.UDPConfiguration{ 4449 Routers: map[string]*dynamic.UDPRouter{}, 4450 Services: map[string]*dynamic.UDPService{}, 4451 }, 4452 TCP: &dynamic.TCPConfiguration{ 4453 Routers: map[string]*dynamic.TCPRouter{}, 4454 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4455 Services: map[string]*dynamic.TCPService{}, 4456 }, 4457 HTTP: &dynamic.HTTPConfiguration{ 4458 ServersTransports: map[string]*dynamic.ServersTransport{}, 4459 Routers: map[string]*dynamic.Router{}, 4460 Middlewares: map[string]*dynamic.Middleware{}, 4461 Services: map[string]*dynamic.Service{}, 4462 }, 4463 TLS: &dynamic.TLSConfiguration{}, 4464 }, 4465 }, 4466 { 4467 desc: "HTTP middleware cross namespace disallowed", 4468 paths: []string{"services.yml", "with_middleware_cross_namespace.yml"}, 4469 expected: &dynamic.Configuration{ 4470 UDP: &dynamic.UDPConfiguration{ 4471 Routers: map[string]*dynamic.UDPRouter{}, 4472 Services: map[string]*dynamic.UDPService{}, 4473 }, 4474 TCP: &dynamic.TCPConfiguration{ 4475 Routers: map[string]*dynamic.TCPRouter{}, 4476 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4477 Services: map[string]*dynamic.TCPService{}, 4478 }, 4479 HTTP: &dynamic.HTTPConfiguration{ 4480 Routers: map[string]*dynamic.Router{ 4481 "default-test-crossnamespace-route-9313b71dbe6a649d5049": { 4482 EntryPoints: []string{"foo"}, 4483 Service: "default-test-crossnamespace-route-9313b71dbe6a649d5049", 4484 Rule: "Host(`foo.com`) && PathPrefix(`/bir`)", 4485 Priority: 12, 4486 Middlewares: []string{"default-test-errorpage"}, 4487 }, 4488 }, 4489 Middlewares: map[string]*dynamic.Middleware{ 4490 "cross-ns-stripprefix": { 4491 StripPrefix: &dynamic.StripPrefix{ 4492 Prefixes: []string{"/stripit"}, 4493 ForceSlash: false, 4494 }, 4495 }, 4496 }, 4497 Services: map[string]*dynamic.Service{ 4498 "default-test-crossnamespace-route-9313b71dbe6a649d5049": { 4499 LoadBalancer: &dynamic.ServersLoadBalancer{ 4500 Servers: []dynamic.Server{ 4501 { 4502 URL: "http://10.10.0.1:80", 4503 }, 4504 { 4505 URL: "http://10.10.0.2:80", 4506 }, 4507 }, 4508 PassHostHeader: Bool(true), 4509 }, 4510 }, 4511 }, 4512 ServersTransports: map[string]*dynamic.ServersTransport{}, 4513 }, 4514 TLS: &dynamic.TLSConfiguration{}, 4515 }, 4516 }, 4517 { 4518 desc: "HTTP middleware cross namespace allowed", 4519 paths: []string{"services.yml", "with_middleware_cross_namespace.yml"}, 4520 allowCrossNamespace: true, 4521 expected: &dynamic.Configuration{ 4522 UDP: &dynamic.UDPConfiguration{ 4523 Routers: map[string]*dynamic.UDPRouter{}, 4524 Services: map[string]*dynamic.UDPService{}, 4525 }, 4526 TCP: &dynamic.TCPConfiguration{ 4527 Routers: map[string]*dynamic.TCPRouter{}, 4528 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4529 Services: map[string]*dynamic.TCPService{}, 4530 }, 4531 HTTP: &dynamic.HTTPConfiguration{ 4532 Routers: map[string]*dynamic.Router{ 4533 "default-test-crossnamespace-route-6b204d94623b3df4370c": { 4534 EntryPoints: []string{"foo"}, 4535 Service: "default-test-crossnamespace-route-6b204d94623b3df4370c", 4536 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 4537 Priority: 12, 4538 Middlewares: []string{ 4539 "cross-ns-stripprefix", 4540 }, 4541 }, 4542 "default-test-crossnamespace-route-9313b71dbe6a649d5049": { 4543 EntryPoints: []string{"foo"}, 4544 Service: "default-test-crossnamespace-route-9313b71dbe6a649d5049", 4545 Rule: "Host(`foo.com`) && PathPrefix(`/bir`)", 4546 Priority: 12, 4547 Middlewares: []string{"default-test-errorpage"}, 4548 }, 4549 "default-test-crossnamespace-route-a1963878aac7331b7950": { 4550 EntryPoints: []string{"foo"}, 4551 Service: "default-test-crossnamespace-route-a1963878aac7331b7950", 4552 Rule: "Host(`foo.com`) && PathPrefix(`/bur`)", 4553 Priority: 12, 4554 Middlewares: []string{"cross-ns-stripprefix@kubernetescrd"}, 4555 }, 4556 }, 4557 Middlewares: map[string]*dynamic.Middleware{ 4558 "cross-ns-stripprefix": { 4559 StripPrefix: &dynamic.StripPrefix{ 4560 Prefixes: []string{"/stripit"}, 4561 ForceSlash: false, 4562 }, 4563 }, 4564 "default-test-errorpage": { 4565 Errors: &dynamic.ErrorPage{ 4566 Status: []string{"500-599"}, 4567 Service: "default-test-errorpage-errorpage-service", 4568 Query: "/{status}.html", 4569 }, 4570 }, 4571 }, 4572 Services: map[string]*dynamic.Service{ 4573 "default-test-crossnamespace-route-6b204d94623b3df4370c": { 4574 LoadBalancer: &dynamic.ServersLoadBalancer{ 4575 Servers: []dynamic.Server{ 4576 { 4577 URL: "http://10.10.0.1:80", 4578 }, 4579 { 4580 URL: "http://10.10.0.2:80", 4581 }, 4582 }, 4583 PassHostHeader: Bool(true), 4584 }, 4585 }, 4586 "default-test-crossnamespace-route-9313b71dbe6a649d5049": { 4587 LoadBalancer: &dynamic.ServersLoadBalancer{ 4588 Servers: []dynamic.Server{ 4589 { 4590 URL: "http://10.10.0.1:80", 4591 }, 4592 { 4593 URL: "http://10.10.0.2:80", 4594 }, 4595 }, 4596 PassHostHeader: Bool(true), 4597 }, 4598 }, 4599 "default-test-errorpage-errorpage-service": { 4600 LoadBalancer: &dynamic.ServersLoadBalancer{ 4601 Servers: []dynamic.Server{ 4602 { 4603 URL: "http://10.10.0.1:80", 4604 }, 4605 { 4606 URL: "http://10.10.0.2:80", 4607 }, 4608 }, 4609 PassHostHeader: Bool(true), 4610 }, 4611 }, 4612 "default-test-crossnamespace-route-a1963878aac7331b7950": { 4613 LoadBalancer: &dynamic.ServersLoadBalancer{ 4614 Servers: []dynamic.Server{ 4615 { 4616 URL: "http://10.10.0.1:80", 4617 }, 4618 { 4619 URL: "http://10.10.0.2:80", 4620 }, 4621 }, 4622 PassHostHeader: Bool(true), 4623 }, 4624 }, 4625 }, 4626 ServersTransports: map[string]*dynamic.ServersTransport{}, 4627 }, 4628 TLS: &dynamic.TLSConfiguration{}, 4629 }, 4630 }, 4631 { 4632 desc: "HTTP cross namespace allowed", 4633 paths: []string{"services.yml", "with_cross_namespace.yml"}, 4634 allowCrossNamespace: true, 4635 expected: &dynamic.Configuration{ 4636 UDP: &dynamic.UDPConfiguration{ 4637 Routers: map[string]*dynamic.UDPRouter{}, 4638 Services: map[string]*dynamic.UDPService{}, 4639 }, 4640 TCP: &dynamic.TCPConfiguration{ 4641 Routers: map[string]*dynamic.TCPRouter{}, 4642 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4643 Services: map[string]*dynamic.TCPService{}, 4644 }, 4645 HTTP: &dynamic.HTTPConfiguration{ 4646 Routers: map[string]*dynamic.Router{ 4647 "default-cross-ns-route-6b204d94623b3df4370c": { 4648 EntryPoints: []string{"foo"}, 4649 Service: "default-cross-ns-route-6b204d94623b3df4370c", 4650 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 4651 Priority: 12, 4652 }, 4653 "default-cross-ns-route-1bc3efa892379bb93c6e": { 4654 EntryPoints: []string{"foo"}, 4655 Service: "default-cross-ns-route-1bc3efa892379bb93c6e", 4656 Rule: "Host(`bar.com`) && PathPrefix(`/foo`)", 4657 }, 4658 }, 4659 Middlewares: map[string]*dynamic.Middleware{}, 4660 Services: map[string]*dynamic.Service{ 4661 "default-cross-ns-route-6b204d94623b3df4370c": { 4662 Weighted: &dynamic.WeightedRoundRobin{ 4663 Services: []dynamic.WRRService{ 4664 { 4665 Name: "cross-ns-whoami-svc-80", 4666 Weight: func(i int) *int { return &i }(1), 4667 }, 4668 { 4669 Name: "default-tr-svc-wrr1", 4670 Weight: func(i int) *int { return &i }(1), 4671 }, 4672 { 4673 Name: "cross-ns-tr-svc-wrr2", 4674 Weight: func(i int) *int { return &i }(1), 4675 }, 4676 { 4677 Name: "default-tr-svc-mirror1", 4678 Weight: func(i int) *int { return &i }(1), 4679 }, 4680 { 4681 Name: "cross-ns-tr-svc-mirror2", 4682 Weight: func(i int) *int { return &i }(1), 4683 }, 4684 }, 4685 }, 4686 }, 4687 "default-cross-ns-route-1bc3efa892379bb93c6e": { 4688 LoadBalancer: &dynamic.ServersLoadBalancer{ 4689 Servers: []dynamic.Server{ 4690 { 4691 URL: "http://10.10.0.1:80", 4692 }, 4693 { 4694 URL: "http://10.10.0.2:80", 4695 }, 4696 }, 4697 PassHostHeader: Bool(true), 4698 ServersTransport: "foo-test@kubernetescrd", 4699 }, 4700 }, 4701 "cross-ns-whoami-svc-80": { 4702 LoadBalancer: &dynamic.ServersLoadBalancer{ 4703 Servers: []dynamic.Server{ 4704 { 4705 URL: "http://10.10.0.1:80", 4706 }, 4707 { 4708 URL: "http://10.10.0.2:80", 4709 }, 4710 }, 4711 PassHostHeader: Bool(true), 4712 }, 4713 }, 4714 "default-tr-svc-wrr1": { 4715 Weighted: &dynamic.WeightedRoundRobin{ 4716 Services: []dynamic.WRRService{ 4717 { 4718 Name: "cross-ns-whoami-svc-80", 4719 Weight: func(i int) *int { return &i }(1), 4720 }, 4721 }, 4722 }, 4723 }, 4724 "cross-ns-tr-svc-wrr2": { 4725 Weighted: &dynamic.WeightedRoundRobin{ 4726 Services: []dynamic.WRRService{ 4727 { 4728 Name: "cross-ns-whoami-svc-80", 4729 Weight: func(i int) *int { return &i }(1), 4730 }, 4731 }, 4732 }, 4733 }, 4734 "default-tr-svc-mirror1": { 4735 Mirroring: &dynamic.Mirroring{ 4736 Service: "default-whoami-80", 4737 Mirrors: []dynamic.MirrorService{ 4738 { 4739 Name: "cross-ns-whoami-svc-80", 4740 Percent: 20, 4741 }, 4742 }, 4743 }, 4744 }, 4745 "cross-ns-tr-svc-mirror2": { 4746 Mirroring: &dynamic.Mirroring{ 4747 Service: "cross-ns-whoami-svc-80", 4748 Mirrors: []dynamic.MirrorService{ 4749 { 4750 Name: "cross-ns-whoami-svc-80", 4751 Percent: 20, 4752 }, 4753 }, 4754 }, 4755 }, 4756 "default-whoami-80": { 4757 LoadBalancer: &dynamic.ServersLoadBalancer{ 4758 Servers: []dynamic.Server{ 4759 { 4760 URL: "http://10.10.0.1:80", 4761 }, 4762 { 4763 URL: "http://10.10.0.2:80", 4764 }, 4765 }, 4766 PassHostHeader: Bool(true), 4767 }, 4768 }, 4769 }, 4770 ServersTransports: map[string]*dynamic.ServersTransport{}, 4771 }, 4772 TLS: &dynamic.TLSConfiguration{}, 4773 }, 4774 }, 4775 { 4776 desc: "HTTP cross namespace disallowed", 4777 paths: []string{"services.yml", "with_cross_namespace.yml"}, 4778 expected: &dynamic.Configuration{ 4779 UDP: &dynamic.UDPConfiguration{ 4780 Routers: map[string]*dynamic.UDPRouter{}, 4781 Services: map[string]*dynamic.UDPService{}, 4782 }, 4783 TCP: &dynamic.TCPConfiguration{ 4784 Routers: map[string]*dynamic.TCPRouter{}, 4785 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4786 Services: map[string]*dynamic.TCPService{}, 4787 }, 4788 HTTP: &dynamic.HTTPConfiguration{ 4789 Routers: map[string]*dynamic.Router{}, 4790 Middlewares: map[string]*dynamic.Middleware{}, 4791 Services: map[string]*dynamic.Service{ 4792 "cross-ns-tr-svc-wrr2": { 4793 Weighted: &dynamic.WeightedRoundRobin{ 4794 Services: []dynamic.WRRService{ 4795 { 4796 Name: "cross-ns-whoami-svc-80", 4797 Weight: func(i int) *int { return &i }(1), 4798 }, 4799 }, 4800 }, 4801 }, 4802 "cross-ns-whoami-svc-80": { 4803 LoadBalancer: &dynamic.ServersLoadBalancer{ 4804 Servers: []dynamic.Server{ 4805 { 4806 URL: "http://10.10.0.1:80", 4807 }, 4808 { 4809 URL: "http://10.10.0.2:80", 4810 }, 4811 }, 4812 PassHostHeader: Bool(true), 4813 }, 4814 }, 4815 "cross-ns-tr-svc-mirror2": { 4816 Mirroring: &dynamic.Mirroring{ 4817 Service: "cross-ns-whoami-svc-80", 4818 Mirrors: []dynamic.MirrorService{ 4819 { 4820 Name: "cross-ns-whoami-svc-80", 4821 Percent: 20, 4822 }, 4823 }, 4824 }, 4825 }, 4826 "default-whoami-80": { 4827 LoadBalancer: &dynamic.ServersLoadBalancer{ 4828 Servers: []dynamic.Server{ 4829 { 4830 URL: "http://10.10.0.1:80", 4831 }, 4832 { 4833 URL: "http://10.10.0.2:80", 4834 }, 4835 }, 4836 PassHostHeader: Bool(true), 4837 }, 4838 }, 4839 }, 4840 ServersTransports: map[string]*dynamic.ServersTransport{}, 4841 }, 4842 TLS: &dynamic.TLSConfiguration{}, 4843 }, 4844 }, 4845 { 4846 desc: "HTTP ServersTransport cross namespace allowed", 4847 paths: []string{"services.yml", "with_servers_transport_cross_namespace.yml"}, 4848 allowCrossNamespace: true, 4849 expected: &dynamic.Configuration{ 4850 UDP: &dynamic.UDPConfiguration{ 4851 Routers: map[string]*dynamic.UDPRouter{}, 4852 Services: map[string]*dynamic.UDPService{}, 4853 }, 4854 TCP: &dynamic.TCPConfiguration{ 4855 Routers: map[string]*dynamic.TCPRouter{}, 4856 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4857 Services: map[string]*dynamic.TCPService{}, 4858 }, 4859 HTTP: &dynamic.HTTPConfiguration{ 4860 Routers: map[string]*dynamic.Router{ 4861 "default-test-route-6b204d94623b3df4370c": { 4862 EntryPoints: []string{"foo"}, 4863 Service: "default-test-route-6b204d94623b3df4370c", 4864 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 4865 Priority: 12, 4866 }, 4867 }, 4868 Middlewares: map[string]*dynamic.Middleware{}, 4869 Services: map[string]*dynamic.Service{ 4870 "default-test-route-6b204d94623b3df4370c": { 4871 LoadBalancer: &dynamic.ServersLoadBalancer{ 4872 Servers: []dynamic.Server{ 4873 { 4874 URL: "http://10.10.0.1:80", 4875 }, 4876 { 4877 URL: "http://10.10.0.2:80", 4878 }, 4879 }, 4880 PassHostHeader: Bool(true), 4881 ServersTransport: "cross-ns-st-cross-ns@kubernetescrd", 4882 }, 4883 }, 4884 }, 4885 ServersTransports: map[string]*dynamic.ServersTransport{ 4886 "cross-ns-st-cross-ns": { 4887 ForwardingTimeouts: &dynamic.ForwardingTimeouts{ 4888 DialTimeout: 30000000000, 4889 ResponseHeaderTimeout: 0, 4890 IdleConnTimeout: 90000000000, 4891 ReadIdleTimeout: 0, 4892 PingTimeout: 15000000000, 4893 }, 4894 DisableHTTP2: true, 4895 }, 4896 }, 4897 }, 4898 TLS: &dynamic.TLSConfiguration{}, 4899 }, 4900 }, 4901 { 4902 desc: "HTTP ServersTransport cross namespace disallowed", 4903 paths: []string{"services.yml", "with_servers_transport_cross_namespace.yml"}, 4904 expected: &dynamic.Configuration{ 4905 UDP: &dynamic.UDPConfiguration{ 4906 Routers: map[string]*dynamic.UDPRouter{}, 4907 Services: map[string]*dynamic.UDPService{}, 4908 }, 4909 TCP: &dynamic.TCPConfiguration{ 4910 Routers: map[string]*dynamic.TCPRouter{}, 4911 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4912 Services: map[string]*dynamic.TCPService{}, 4913 }, 4914 HTTP: &dynamic.HTTPConfiguration{ 4915 Routers: map[string]*dynamic.Router{}, 4916 Middlewares: map[string]*dynamic.Middleware{}, 4917 Services: map[string]*dynamic.Service{}, 4918 ServersTransports: map[string]*dynamic.ServersTransport{ 4919 "cross-ns-st-cross-ns": { 4920 ForwardingTimeouts: &dynamic.ForwardingTimeouts{ 4921 DialTimeout: 30000000000, 4922 ResponseHeaderTimeout: 0, 4923 IdleConnTimeout: 90000000000, 4924 ReadIdleTimeout: 0, 4925 PingTimeout: 15000000000, 4926 }, 4927 DisableHTTP2: true, 4928 }, 4929 }, 4930 }, 4931 TLS: &dynamic.TLSConfiguration{}, 4932 }, 4933 }, 4934 { 4935 desc: "HTTP TLSOption cross namespace allowed", 4936 paths: []string{"services.yml", "with_tls_options_cross_namespace.yml"}, 4937 allowCrossNamespace: true, 4938 expected: &dynamic.Configuration{ 4939 UDP: &dynamic.UDPConfiguration{ 4940 Routers: map[string]*dynamic.UDPRouter{}, 4941 Services: map[string]*dynamic.UDPService{}, 4942 }, 4943 TCP: &dynamic.TCPConfiguration{ 4944 Routers: map[string]*dynamic.TCPRouter{}, 4945 Middlewares: map[string]*dynamic.TCPMiddleware{}, 4946 Services: map[string]*dynamic.TCPService{}, 4947 }, 4948 HTTP: &dynamic.HTTPConfiguration{ 4949 Routers: map[string]*dynamic.Router{ 4950 "default-test-route-6b204d94623b3df4370c": { 4951 EntryPoints: []string{"foo"}, 4952 Service: "default-test-route-6b204d94623b3df4370c", 4953 Rule: "Host(`foo.com`) && PathPrefix(`/bar`)", 4954 Priority: 12, 4955 TLS: &dynamic.RouterTLSConfig{ 4956 Options: "cross-ns-tls-options-cn", 4957 }, 4958 }, 4959 }, 4960 Middlewares: map[string]*dynamic.Middleware{}, 4961 Services: map[string]*dynamic.Service{ 4962 "default-test-route-6b204d94623b3df4370c": { 4963 LoadBalancer: &dynamic.ServersLoadBalancer{ 4964 Servers: []dynamic.Server{ 4965 { 4966 URL: "http://10.10.0.1:80", 4967 }, 4968 { 4969 URL: "http://10.10.0.2:80", 4970 }, 4971 }, 4972 PassHostHeader: Bool(true), 4973 }, 4974 }, 4975 }, 4976 ServersTransports: map[string]*dynamic.ServersTransport{}, 4977 }, 4978 TLS: &dynamic.TLSConfiguration{ 4979 Options: map[string]tls.Options{ 4980 "cross-ns-tls-options-cn": { 4981 MinVersion: "VersionTLS12", 4982 ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"}, 4983 }, 4984 }, 4985 }, 4986 }, 4987 }, 4988 { 4989 desc: "HTTP TLSOption cross namespace disallowed", 4990 paths: []string{"services.yml", "with_tls_options_cross_namespace.yml"}, 4991 allowCrossNamespace: false, 4992 expected: &dynamic.Configuration{ 4993 UDP: &dynamic.UDPConfiguration{ 4994 Routers: map[string]*dynamic.UDPRouter{}, 4995 Services: map[string]*dynamic.UDPService{}, 4996 }, 4997 TCP: &dynamic.TCPConfiguration{ 4998 Routers: map[string]*dynamic.TCPRouter{}, 4999 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5000 Services: map[string]*dynamic.TCPService{}, 5001 }, 5002 HTTP: &dynamic.HTTPConfiguration{ 5003 Routers: map[string]*dynamic.Router{}, 5004 Middlewares: map[string]*dynamic.Middleware{}, 5005 Services: map[string]*dynamic.Service{ 5006 "default-test-route-6b204d94623b3df4370c": { 5007 LoadBalancer: &dynamic.ServersLoadBalancer{ 5008 Servers: []dynamic.Server{ 5009 { 5010 URL: "http://10.10.0.1:80", 5011 }, 5012 { 5013 URL: "http://10.10.0.2:80", 5014 }, 5015 }, 5016 PassHostHeader: Bool(true), 5017 }, 5018 }, 5019 }, 5020 ServersTransports: map[string]*dynamic.ServersTransport{}, 5021 }, 5022 TLS: &dynamic.TLSConfiguration{ 5023 Options: map[string]tls.Options{ 5024 "cross-ns-tls-options-cn": { 5025 MinVersion: "VersionTLS12", 5026 ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"}, 5027 }, 5028 }, 5029 }, 5030 }, 5031 }, 5032 { 5033 desc: "TCP middleware cross namespace disallowed", 5034 paths: []string{"tcp/services.yml", "tcp/with_middleware_with_cross_namespace.yml"}, 5035 expected: &dynamic.Configuration{ 5036 UDP: &dynamic.UDPConfiguration{ 5037 Routers: map[string]*dynamic.UDPRouter{}, 5038 Services: map[string]*dynamic.UDPService{}, 5039 }, 5040 TCP: &dynamic.TCPConfiguration{ 5041 Routers: map[string]*dynamic.TCPRouter{ 5042 "default-test.route-fdd3e9338e47a45efefc": { 5043 EntryPoints: []string{"foo"}, 5044 Service: "default-test.route-fdd3e9338e47a45efefc", 5045 Middlewares: []string{"default-ipwhitelist"}, 5046 Rule: "HostSNI(`foo.com`)", 5047 }, 5048 }, 5049 Middlewares: map[string]*dynamic.TCPMiddleware{ 5050 "default-ipwhitelist": { 5051 IPWhiteList: &dynamic.TCPIPWhiteList{ 5052 SourceRange: []string{"127.0.0.1/32"}, 5053 }, 5054 }, 5055 "cross-ns-ipwhitelist": { 5056 IPWhiteList: &dynamic.TCPIPWhiteList{ 5057 SourceRange: []string{"127.0.0.1/32"}, 5058 }, 5059 }, 5060 }, 5061 Services: map[string]*dynamic.TCPService{ 5062 "default-test.route-fdd3e9338e47a45efefc": { 5063 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5064 Servers: []dynamic.TCPServer{ 5065 { 5066 Address: "10.10.0.1:8000", 5067 }, 5068 { 5069 Address: "10.10.0.2:8000", 5070 }, 5071 }, 5072 }, 5073 }, 5074 }, 5075 }, 5076 HTTP: &dynamic.HTTPConfiguration{ 5077 Routers: map[string]*dynamic.Router{}, 5078 Middlewares: map[string]*dynamic.Middleware{}, 5079 Services: map[string]*dynamic.Service{}, 5080 ServersTransports: map[string]*dynamic.ServersTransport{}, 5081 }, 5082 TLS: &dynamic.TLSConfiguration{}, 5083 }, 5084 }, 5085 { 5086 desc: "TCP middleware cross namespace allowed", 5087 paths: []string{"tcp/services.yml", "tcp/with_middleware_with_cross_namespace.yml"}, 5088 allowCrossNamespace: true, 5089 expected: &dynamic.Configuration{ 5090 UDP: &dynamic.UDPConfiguration{ 5091 Routers: map[string]*dynamic.UDPRouter{}, 5092 Services: map[string]*dynamic.UDPService{}, 5093 }, 5094 TCP: &dynamic.TCPConfiguration{ 5095 Routers: map[string]*dynamic.TCPRouter{ 5096 "default-test.route-fdd3e9338e47a45efefc": { 5097 EntryPoints: []string{"foo"}, 5098 Service: "default-test.route-fdd3e9338e47a45efefc", 5099 Middlewares: []string{"default-ipwhitelist"}, 5100 Rule: "HostSNI(`foo.com`)", 5101 }, 5102 "default-test.route-f44ce589164e656d231c": { 5103 EntryPoints: []string{"foo"}, 5104 Service: "default-test.route-f44ce589164e656d231c", 5105 Middlewares: []string{"cross-ns-ipwhitelist"}, 5106 Rule: "HostSNI(`bar.com`)", 5107 }, 5108 }, 5109 Middlewares: map[string]*dynamic.TCPMiddleware{ 5110 "default-ipwhitelist": { 5111 IPWhiteList: &dynamic.TCPIPWhiteList{ 5112 SourceRange: []string{"127.0.0.1/32"}, 5113 }, 5114 }, 5115 "cross-ns-ipwhitelist": { 5116 IPWhiteList: &dynamic.TCPIPWhiteList{ 5117 SourceRange: []string{"127.0.0.1/32"}, 5118 }, 5119 }, 5120 }, 5121 Services: map[string]*dynamic.TCPService{ 5122 "default-test.route-f44ce589164e656d231c": { 5123 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5124 Servers: []dynamic.TCPServer{ 5125 { 5126 Address: "10.10.0.1:8000", 5127 }, 5128 { 5129 Address: "10.10.0.2:8000", 5130 }, 5131 }, 5132 }, 5133 }, 5134 "default-test.route-fdd3e9338e47a45efefc": { 5135 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5136 Servers: []dynamic.TCPServer{ 5137 { 5138 Address: "10.10.0.1:8000", 5139 }, 5140 { 5141 Address: "10.10.0.2:8000", 5142 }, 5143 }, 5144 }, 5145 }, 5146 }, 5147 }, 5148 HTTP: &dynamic.HTTPConfiguration{ 5149 Routers: map[string]*dynamic.Router{}, 5150 Middlewares: map[string]*dynamic.Middleware{}, 5151 Services: map[string]*dynamic.Service{}, 5152 ServersTransports: map[string]*dynamic.ServersTransport{}, 5153 }, 5154 TLS: &dynamic.TLSConfiguration{}, 5155 }, 5156 }, 5157 { 5158 desc: "TCP cross namespace allowed", 5159 paths: []string{"tcp/services.yml", "tcp/with_cross_namespace.yml"}, 5160 allowCrossNamespace: true, 5161 expected: &dynamic.Configuration{ 5162 UDP: &dynamic.UDPConfiguration{ 5163 Routers: map[string]*dynamic.UDPRouter{}, 5164 Services: map[string]*dynamic.UDPService{}, 5165 }, 5166 HTTP: &dynamic.HTTPConfiguration{ 5167 Routers: map[string]*dynamic.Router{}, 5168 Middlewares: map[string]*dynamic.Middleware{}, 5169 Services: map[string]*dynamic.Service{}, 5170 ServersTransports: map[string]*dynamic.ServersTransport{}, 5171 }, 5172 TCP: &dynamic.TCPConfiguration{ 5173 Routers: map[string]*dynamic.TCPRouter{ 5174 "default-test.route-fdd3e9338e47a45efefc": { 5175 EntryPoints: []string{"foo"}, 5176 Service: "default-test.route-fdd3e9338e47a45efefc", 5177 Rule: "HostSNI(`foo.com`)", 5178 }, 5179 }, 5180 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5181 Services: map[string]*dynamic.TCPService{ 5182 "default-test.route-fdd3e9338e47a45efefc": { 5183 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5184 Servers: []dynamic.TCPServer{ 5185 { 5186 Address: "10.10.0.1:8000", 5187 }, 5188 { 5189 Address: "10.10.0.2:8000", 5190 }, 5191 }, 5192 }, 5193 }, 5194 }, 5195 }, 5196 TLS: &dynamic.TLSConfiguration{}, 5197 }, 5198 }, 5199 { 5200 desc: "TCP cross namespace disallowed", 5201 paths: []string{"tcp/services.yml", "tcp/with_cross_namespace.yml"}, 5202 expected: &dynamic.Configuration{ 5203 UDP: &dynamic.UDPConfiguration{ 5204 Routers: map[string]*dynamic.UDPRouter{}, 5205 Services: map[string]*dynamic.UDPService{}, 5206 }, 5207 TCP: &dynamic.TCPConfiguration{ 5208 // The router that references the invalid service will be discarded. 5209 Routers: map[string]*dynamic.TCPRouter{ 5210 "default-test.route-fdd3e9338e47a45efefc": { 5211 EntryPoints: []string{"foo"}, 5212 Service: "default-test.route-fdd3e9338e47a45efefc", 5213 Rule: "HostSNI(`foo.com`)", 5214 }, 5215 }, 5216 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5217 Services: map[string]*dynamic.TCPService{}, 5218 }, 5219 HTTP: &dynamic.HTTPConfiguration{ 5220 Routers: map[string]*dynamic.Router{}, 5221 Middlewares: map[string]*dynamic.Middleware{}, 5222 Services: map[string]*dynamic.Service{}, 5223 ServersTransports: map[string]*dynamic.ServersTransport{}, 5224 }, 5225 TLS: &dynamic.TLSConfiguration{}, 5226 }, 5227 }, 5228 { 5229 desc: "TCP TLSOption cross namespace allowed", 5230 paths: []string{"tcp/services.yml", "tcp/with_tls_options_cross_namespace.yml"}, 5231 allowCrossNamespace: true, 5232 expected: &dynamic.Configuration{ 5233 UDP: &dynamic.UDPConfiguration{ 5234 Routers: map[string]*dynamic.UDPRouter{}, 5235 Services: map[string]*dynamic.UDPService{}, 5236 }, 5237 HTTP: &dynamic.HTTPConfiguration{ 5238 Routers: map[string]*dynamic.Router{}, 5239 Middlewares: map[string]*dynamic.Middleware{}, 5240 Services: map[string]*dynamic.Service{}, 5241 ServersTransports: map[string]*dynamic.ServersTransport{}, 5242 }, 5243 TCP: &dynamic.TCPConfiguration{ 5244 Routers: map[string]*dynamic.TCPRouter{ 5245 "default-test.route-fdd3e9338e47a45efefc": { 5246 EntryPoints: []string{"foo"}, 5247 Service: "default-test.route-fdd3e9338e47a45efefc", 5248 Rule: "HostSNI(`foo.com`)", 5249 TLS: &dynamic.RouterTCPTLSConfig{ 5250 Options: "cross-ns-tls-options-cn", 5251 }, 5252 }, 5253 }, 5254 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5255 Services: map[string]*dynamic.TCPService{ 5256 "default-test.route-fdd3e9338e47a45efefc": { 5257 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5258 Servers: []dynamic.TCPServer{ 5259 { 5260 Address: "10.10.0.1:8000", 5261 }, 5262 { 5263 Address: "10.10.0.2:8000", 5264 }, 5265 }, 5266 }, 5267 }, 5268 }, 5269 }, 5270 TLS: &dynamic.TLSConfiguration{ 5271 Options: map[string]tls.Options{ 5272 "cross-ns-tls-options-cn": { 5273 MinVersion: "VersionTLS12", 5274 ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"}, 5275 }, 5276 }, 5277 }, 5278 }, 5279 }, 5280 { 5281 desc: "TCP TLSOption cross namespace disallowed", 5282 paths: []string{"tcp/services.yml", "tcp/with_tls_options_cross_namespace.yml"}, 5283 allowCrossNamespace: false, 5284 expected: &dynamic.Configuration{ 5285 UDP: &dynamic.UDPConfiguration{ 5286 Routers: map[string]*dynamic.UDPRouter{}, 5287 Services: map[string]*dynamic.UDPService{}, 5288 }, 5289 HTTP: &dynamic.HTTPConfiguration{ 5290 Routers: map[string]*dynamic.Router{}, 5291 Middlewares: map[string]*dynamic.Middleware{}, 5292 Services: map[string]*dynamic.Service{}, 5293 ServersTransports: map[string]*dynamic.ServersTransport{}, 5294 }, 5295 TCP: &dynamic.TCPConfiguration{ 5296 Routers: map[string]*dynamic.TCPRouter{}, 5297 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5298 Services: map[string]*dynamic.TCPService{ 5299 "default-test.route-fdd3e9338e47a45efefc": { 5300 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5301 Servers: []dynamic.TCPServer{ 5302 { 5303 Address: "10.10.0.1:8000", 5304 }, 5305 { 5306 Address: "10.10.0.2:8000", 5307 }, 5308 }, 5309 }, 5310 }, 5311 }, 5312 }, 5313 TLS: &dynamic.TLSConfiguration{ 5314 Options: map[string]tls.Options{ 5315 "cross-ns-tls-options-cn": { 5316 MinVersion: "VersionTLS12", 5317 ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"}, 5318 }, 5319 }, 5320 }, 5321 }, 5322 }, 5323 { 5324 desc: "UDP cross namespace allowed", 5325 paths: []string{"udp/services.yml", "udp/with_cross_namespace.yml"}, 5326 allowCrossNamespace: true, 5327 expected: &dynamic.Configuration{ 5328 UDP: &dynamic.UDPConfiguration{ 5329 Routers: map[string]*dynamic.UDPRouter{ 5330 "default-test.route-0": { 5331 EntryPoints: []string{"foo"}, 5332 Service: "default-test.route-0", 5333 }, 5334 }, 5335 Services: map[string]*dynamic.UDPService{ 5336 "default-test.route-0": { 5337 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 5338 Servers: []dynamic.UDPServer{ 5339 { 5340 Address: "10.10.0.1:8000", 5341 }, 5342 { 5343 Address: "10.10.0.2:8000", 5344 }, 5345 }, 5346 }, 5347 }, 5348 }, 5349 }, 5350 HTTP: &dynamic.HTTPConfiguration{ 5351 Routers: map[string]*dynamic.Router{}, 5352 Middlewares: map[string]*dynamic.Middleware{}, 5353 Services: map[string]*dynamic.Service{}, 5354 ServersTransports: map[string]*dynamic.ServersTransport{}, 5355 }, 5356 TCP: &dynamic.TCPConfiguration{ 5357 Routers: map[string]*dynamic.TCPRouter{}, 5358 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5359 Services: map[string]*dynamic.TCPService{}, 5360 }, 5361 TLS: &dynamic.TLSConfiguration{}, 5362 }, 5363 }, 5364 { 5365 desc: "UDP cross namespace disallowed", 5366 paths: []string{"udp/services.yml", "udp/with_cross_namespace.yml"}, 5367 expected: &dynamic.Configuration{ 5368 // The router that references the invalid service will be discarded. 5369 UDP: &dynamic.UDPConfiguration{ 5370 Routers: map[string]*dynamic.UDPRouter{ 5371 "default-test.route-0": { 5372 EntryPoints: []string{"foo"}, 5373 Service: "default-test.route-0", 5374 }, 5375 }, 5376 Services: map[string]*dynamic.UDPService{}, 5377 }, 5378 TCP: &dynamic.TCPConfiguration{ 5379 Routers: map[string]*dynamic.TCPRouter{}, 5380 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5381 Services: map[string]*dynamic.TCPService{}, 5382 }, 5383 HTTP: &dynamic.HTTPConfiguration{ 5384 Routers: map[string]*dynamic.Router{}, 5385 Middlewares: map[string]*dynamic.Middleware{}, 5386 Services: map[string]*dynamic.Service{}, 5387 ServersTransports: map[string]*dynamic.ServersTransport{}, 5388 }, 5389 TLS: &dynamic.TLSConfiguration{}, 5390 }, 5391 }, 5392 } 5393 5394 for _, test := range testCases { 5395 test := test 5396 5397 t.Run(test.desc, func(t *testing.T) { 5398 t.Parallel() 5399 5400 var k8sObjects []runtime.Object 5401 var crdObjects []runtime.Object 5402 for _, path := range test.paths { 5403 yamlContent, err := os.ReadFile(filepath.FromSlash("./fixtures/" + path)) 5404 if err != nil { 5405 panic(err) 5406 } 5407 5408 objects := k8s.MustParseYaml(yamlContent) 5409 for _, obj := range objects { 5410 switch o := obj.(type) { 5411 case *corev1.Service, *corev1.Endpoints, *corev1.Secret: 5412 k8sObjects = append(k8sObjects, o) 5413 case *v1alpha1.IngressRoute: 5414 crdObjects = append(crdObjects, o) 5415 case *v1alpha1.IngressRouteTCP: 5416 crdObjects = append(crdObjects, o) 5417 case *v1alpha1.IngressRouteUDP: 5418 crdObjects = append(crdObjects, o) 5419 case *v1alpha1.Middleware: 5420 crdObjects = append(crdObjects, o) 5421 case *v1alpha1.MiddlewareTCP: 5422 crdObjects = append(crdObjects, o) 5423 case *v1alpha1.TraefikService: 5424 crdObjects = append(crdObjects, o) 5425 case *v1alpha1.TLSOption: 5426 crdObjects = append(crdObjects, o) 5427 case *v1alpha1.TLSStore: 5428 crdObjects = append(crdObjects, o) 5429 case *v1alpha1.ServersTransport: 5430 crdObjects = append(crdObjects, o) 5431 default: 5432 } 5433 } 5434 } 5435 5436 kubeClient := kubefake.NewSimpleClientset(k8sObjects...) 5437 crdClient := crdfake.NewSimpleClientset(crdObjects...) 5438 5439 client := newClientImpl(kubeClient, crdClient) 5440 5441 stopCh := make(chan struct{}) 5442 5443 eventCh, err := client.WatchAll([]string{"default", "cross-ns"}, stopCh) 5444 require.NoError(t, err) 5445 5446 if k8sObjects != nil || crdObjects != nil { 5447 // just wait for the first event 5448 <-eventCh 5449 } 5450 5451 p := Provider{AllowCrossNamespace: test.allowCrossNamespace} 5452 5453 conf := p.loadConfigurationFromCRD(context.Background(), client) 5454 assert.Equal(t, test.expected, conf) 5455 }) 5456 } 5457} 5458 5459func TestExternalNameService(t *testing.T) { 5460 testCases := []struct { 5461 desc string 5462 allowExternalNameService bool 5463 ingressClass string 5464 paths []string 5465 expected *dynamic.Configuration 5466 }{ 5467 { 5468 desc: "Empty", 5469 expected: &dynamic.Configuration{ 5470 UDP: &dynamic.UDPConfiguration{ 5471 Routers: map[string]*dynamic.UDPRouter{}, 5472 Services: map[string]*dynamic.UDPService{}, 5473 }, 5474 TCP: &dynamic.TCPConfiguration{ 5475 Routers: map[string]*dynamic.TCPRouter{}, 5476 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5477 Services: map[string]*dynamic.TCPService{}, 5478 }, 5479 HTTP: &dynamic.HTTPConfiguration{ 5480 ServersTransports: map[string]*dynamic.ServersTransport{}, 5481 Routers: map[string]*dynamic.Router{}, 5482 Middlewares: map[string]*dynamic.Middleware{}, 5483 Services: map[string]*dynamic.Service{}, 5484 }, 5485 TLS: &dynamic.TLSConfiguration{}, 5486 }, 5487 }, 5488 { 5489 desc: "HTTP ExternalName services allowed", 5490 paths: []string{"services.yml", "with_externalname_with_http.yml"}, 5491 allowExternalNameService: true, 5492 expected: &dynamic.Configuration{ 5493 UDP: &dynamic.UDPConfiguration{ 5494 Routers: map[string]*dynamic.UDPRouter{}, 5495 Services: map[string]*dynamic.UDPService{}, 5496 }, 5497 TCP: &dynamic.TCPConfiguration{ 5498 Routers: map[string]*dynamic.TCPRouter{}, 5499 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5500 Services: map[string]*dynamic.TCPService{}, 5501 }, 5502 HTTP: &dynamic.HTTPConfiguration{ 5503 ServersTransports: map[string]*dynamic.ServersTransport{}, 5504 Routers: map[string]*dynamic.Router{ 5505 "default-test-route-6f97418635c7e18853da": { 5506 EntryPoints: []string{"foo"}, 5507 Service: "default-test-route-6f97418635c7e18853da", 5508 Rule: "Host(`foo.com`)", 5509 Priority: 0, 5510 }, 5511 }, 5512 Middlewares: map[string]*dynamic.Middleware{}, 5513 Services: map[string]*dynamic.Service{ 5514 "default-test-route-6f97418635c7e18853da": { 5515 LoadBalancer: &dynamic.ServersLoadBalancer{ 5516 Servers: []dynamic.Server{ 5517 { 5518 URL: "http://external.domain:80", 5519 }, 5520 }, 5521 PassHostHeader: Bool(true), 5522 }, 5523 }, 5524 }, 5525 }, 5526 TLS: &dynamic.TLSConfiguration{}, 5527 }, 5528 }, 5529 { 5530 desc: "HTTP Externalname services disallowed", 5531 paths: []string{"services.yml", "with_externalname_with_http.yml"}, 5532 expected: &dynamic.Configuration{ 5533 UDP: &dynamic.UDPConfiguration{ 5534 Routers: map[string]*dynamic.UDPRouter{}, 5535 Services: map[string]*dynamic.UDPService{}, 5536 }, 5537 TCP: &dynamic.TCPConfiguration{ 5538 Routers: map[string]*dynamic.TCPRouter{}, 5539 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5540 Services: map[string]*dynamic.TCPService{}, 5541 }, 5542 HTTP: &dynamic.HTTPConfiguration{ 5543 ServersTransports: map[string]*dynamic.ServersTransport{}, 5544 Routers: map[string]*dynamic.Router{}, 5545 Middlewares: map[string]*dynamic.Middleware{}, 5546 Services: map[string]*dynamic.Service{}, 5547 }, 5548 TLS: &dynamic.TLSConfiguration{}, 5549 }, 5550 }, 5551 { 5552 desc: "TCP ExternalName services allowed", 5553 paths: []string{"tcp/services.yml", "tcp/with_externalname_with_port.yml"}, 5554 allowExternalNameService: true, 5555 expected: &dynamic.Configuration{ 5556 UDP: &dynamic.UDPConfiguration{ 5557 Routers: map[string]*dynamic.UDPRouter{}, 5558 Services: map[string]*dynamic.UDPService{}, 5559 }, 5560 HTTP: &dynamic.HTTPConfiguration{ 5561 ServersTransports: map[string]*dynamic.ServersTransport{}, 5562 Routers: map[string]*dynamic.Router{}, 5563 Middlewares: map[string]*dynamic.Middleware{}, 5564 Services: map[string]*dynamic.Service{}, 5565 }, 5566 TCP: &dynamic.TCPConfiguration{ 5567 Routers: map[string]*dynamic.TCPRouter{ 5568 "default-test.route-fdd3e9338e47a45efefc": { 5569 EntryPoints: []string{"foo"}, 5570 Service: "default-test.route-fdd3e9338e47a45efefc", 5571 Rule: "HostSNI(`foo.com`)", 5572 }, 5573 }, 5574 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5575 Services: map[string]*dynamic.TCPService{ 5576 "default-test.route-fdd3e9338e47a45efefc": { 5577 LoadBalancer: &dynamic.TCPServersLoadBalancer{ 5578 Servers: []dynamic.TCPServer{ 5579 { 5580 Address: "external.domain:80", 5581 Port: "", 5582 }, 5583 }, 5584 }, 5585 }, 5586 }, 5587 }, 5588 TLS: &dynamic.TLSConfiguration{}, 5589 }, 5590 }, 5591 { 5592 desc: "TCP ExternalName services disallowed", 5593 paths: []string{"tcp/services.yml", "tcp/with_externalname_with_port.yml"}, 5594 expected: &dynamic.Configuration{ 5595 UDP: &dynamic.UDPConfiguration{ 5596 Routers: map[string]*dynamic.UDPRouter{}, 5597 Services: map[string]*dynamic.UDPService{}, 5598 }, 5599 TCP: &dynamic.TCPConfiguration{ 5600 // The router that references the invalid service will be discarded. 5601 Routers: map[string]*dynamic.TCPRouter{ 5602 "default-test.route-fdd3e9338e47a45efefc": { 5603 EntryPoints: []string{"foo"}, 5604 Service: "default-test.route-fdd3e9338e47a45efefc", 5605 Rule: "HostSNI(`foo.com`)", 5606 }, 5607 }, 5608 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5609 Services: map[string]*dynamic.TCPService{}, 5610 }, 5611 HTTP: &dynamic.HTTPConfiguration{ 5612 ServersTransports: map[string]*dynamic.ServersTransport{}, 5613 Routers: map[string]*dynamic.Router{}, 5614 Middlewares: map[string]*dynamic.Middleware{}, 5615 Services: map[string]*dynamic.Service{}, 5616 }, 5617 TLS: &dynamic.TLSConfiguration{}, 5618 }, 5619 }, 5620 { 5621 desc: "UDP ExternalName services allowed", 5622 paths: []string{"udp/services.yml", "udp/with_externalname_service.yml"}, 5623 allowExternalNameService: true, 5624 expected: &dynamic.Configuration{ 5625 UDP: &dynamic.UDPConfiguration{ 5626 Routers: map[string]*dynamic.UDPRouter{ 5627 "default-test.route-0": { 5628 EntryPoints: []string{"foo"}, 5629 Service: "default-test.route-0", 5630 }, 5631 }, 5632 Services: map[string]*dynamic.UDPService{ 5633 "default-test.route-0": { 5634 LoadBalancer: &dynamic.UDPServersLoadBalancer{ 5635 Servers: []dynamic.UDPServer{ 5636 { 5637 Address: "external.domain:80", 5638 Port: "", 5639 }, 5640 }, 5641 }, 5642 }, 5643 }, 5644 }, 5645 HTTP: &dynamic.HTTPConfiguration{ 5646 ServersTransports: map[string]*dynamic.ServersTransport{}, 5647 Routers: map[string]*dynamic.Router{}, 5648 Middlewares: map[string]*dynamic.Middleware{}, 5649 Services: map[string]*dynamic.Service{}, 5650 }, 5651 TCP: &dynamic.TCPConfiguration{ 5652 Routers: map[string]*dynamic.TCPRouter{}, 5653 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5654 Services: map[string]*dynamic.TCPService{}, 5655 }, 5656 TLS: &dynamic.TLSConfiguration{}, 5657 }, 5658 }, 5659 { 5660 desc: "UDP ExternalName service disallowed", 5661 paths: []string{"udp/services.yml", "udp/with_externalname_service.yml"}, 5662 expected: &dynamic.Configuration{ 5663 // The router that references the invalid service will be discarded. 5664 UDP: &dynamic.UDPConfiguration{ 5665 Routers: map[string]*dynamic.UDPRouter{ 5666 "default-test.route-0": { 5667 EntryPoints: []string{"foo"}, 5668 Service: "default-test.route-0", 5669 }, 5670 }, 5671 Services: map[string]*dynamic.UDPService{}, 5672 }, 5673 TCP: &dynamic.TCPConfiguration{ 5674 Routers: map[string]*dynamic.TCPRouter{}, 5675 Middlewares: map[string]*dynamic.TCPMiddleware{}, 5676 Services: map[string]*dynamic.TCPService{}, 5677 }, 5678 HTTP: &dynamic.HTTPConfiguration{ 5679 ServersTransports: map[string]*dynamic.ServersTransport{}, 5680 Routers: map[string]*dynamic.Router{}, 5681 Middlewares: map[string]*dynamic.Middleware{}, 5682 Services: map[string]*dynamic.Service{}, 5683 }, 5684 TLS: &dynamic.TLSConfiguration{}, 5685 }, 5686 }, 5687 } 5688 5689 for _, test := range testCases { 5690 test := test 5691 5692 t.Run(test.desc, func(t *testing.T) { 5693 t.Parallel() 5694 5695 var k8sObjects []runtime.Object 5696 var crdObjects []runtime.Object 5697 for _, path := range test.paths { 5698 yamlContent, err := os.ReadFile(filepath.FromSlash("./fixtures/" + path)) 5699 if err != nil { 5700 panic(err) 5701 } 5702 5703 objects := k8s.MustParseYaml(yamlContent) 5704 for _, obj := range objects { 5705 switch o := obj.(type) { 5706 case *corev1.Service, *corev1.Endpoints, *corev1.Secret: 5707 k8sObjects = append(k8sObjects, o) 5708 case *v1alpha1.IngressRoute: 5709 crdObjects = append(crdObjects, o) 5710 case *v1alpha1.IngressRouteTCP: 5711 crdObjects = append(crdObjects, o) 5712 case *v1alpha1.IngressRouteUDP: 5713 crdObjects = append(crdObjects, o) 5714 case *v1alpha1.Middleware: 5715 crdObjects = append(crdObjects, o) 5716 case *v1alpha1.TraefikService: 5717 crdObjects = append(crdObjects, o) 5718 case *v1alpha1.TLSOption: 5719 crdObjects = append(crdObjects, o) 5720 case *v1alpha1.TLSStore: 5721 crdObjects = append(crdObjects, o) 5722 default: 5723 } 5724 } 5725 } 5726 5727 kubeClient := kubefake.NewSimpleClientset(k8sObjects...) 5728 crdClient := crdfake.NewSimpleClientset(crdObjects...) 5729 5730 client := newClientImpl(kubeClient, crdClient) 5731 5732 stopCh := make(chan struct{}) 5733 5734 eventCh, err := client.WatchAll([]string{"default", "cross-ns"}, stopCh) 5735 require.NoError(t, err) 5736 5737 if k8sObjects != nil || crdObjects != nil { 5738 // just wait for the first event 5739 <-eventCh 5740 } 5741 5742 p := Provider{AllowExternalNameServices: test.allowExternalNameService} 5743 5744 conf := p.loadConfigurationFromCRD(context.Background(), client) 5745 assert.Equal(t, test.expected, conf) 5746 }) 5747 } 5748} 5749 5750func TestCreateBasicAuthCredentials(t *testing.T) { 5751 var k8sObjects []runtime.Object 5752 var crdObjects []runtime.Object 5753 yamlContent, err := os.ReadFile(filepath.FromSlash("./fixtures/basic_auth_secrets.yml")) 5754 if err != nil { 5755 panic(err) 5756 } 5757 5758 objects := k8s.MustParseYaml(yamlContent) 5759 for _, obj := range objects { 5760 switch o := obj.(type) { 5761 case *corev1.Secret: 5762 k8sObjects = append(k8sObjects, o) 5763 default: 5764 } 5765 } 5766 5767 kubeClient := kubefake.NewSimpleClientset(k8sObjects...) 5768 crdClient := crdfake.NewSimpleClientset(crdObjects...) 5769 5770 client := newClientImpl(kubeClient, crdClient) 5771 5772 stopCh := make(chan struct{}) 5773 5774 eventCh, err := client.WatchAll([]string{"default"}, stopCh) 5775 require.NoError(t, err) 5776 5777 if k8sObjects != nil || crdObjects != nil { 5778 // just wait for the first event 5779 <-eventCh 5780 } 5781 5782 // Testing for username/password components in basic-auth secret 5783 basicAuth, secretErr := createBasicAuthMiddleware(client, "default", &v1alpha1.BasicAuth{Secret: "basic-auth-secret"}) 5784 require.NoError(t, secretErr) 5785 require.Len(t, basicAuth.Users, 1) 5786 5787 components := strings.Split(basicAuth.Users[0], ":") 5788 require.Len(t, components, 2) 5789 5790 username := components[0] 5791 hashedPassword := components[1] 5792 5793 require.Equal(t, "user", username) 5794 require.Equal(t, "{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=", hashedPassword) 5795 assert.True(t, auth.CheckSecret("password", hashedPassword)) 5796 5797 // Testing for username/password components in htpasswd secret 5798 basicAuth, secretErr = createBasicAuthMiddleware(client, "default", &v1alpha1.BasicAuth{Secret: "auth-secret"}) 5799 require.NoError(t, secretErr) 5800 require.Len(t, basicAuth.Users, 2) 5801 5802 components = strings.Split(basicAuth.Users[1], ":") 5803 require.Len(t, components, 2) 5804 5805 username = components[0] 5806 hashedPassword = components[1] 5807 5808 assert.Equal(t, username, "test2") 5809 assert.Equal(t, hashedPassword, "$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0") 5810 assert.True(t, auth.CheckSecret("test2", hashedPassword)) 5811} 5812