From e2ad87c91e879877718ab60c2a473620ca39f7b0 Mon Sep 17 00:00:00 2001 From: Daniella Freese Date: Thu, 21 Sep 2023 11:23:24 -0400 Subject: [PATCH] Kong (#134) * Kong validation * upstream testJob * adding test jobs * cronjob, resource cleanup * cronjob * cronjob fix --------- Co-authored-by: Anuj Sharma --- .../Addons/Partner/Kong/kong-source.yaml | 9 ++++ .../Addons/Partner/Kong/kong.yaml | 42 ++++++++++++++++++ .../Addons/Partner/Kong/namespace.yaml | 7 +++ .../Testers/Kong/test-job-configmap.yaml | 44 +++++++++++++++++++ .../Testers/Kong/test-job-role.yaml | 30 +++++++++++++ .../Testers/Kong/test-job.yaml | 30 +++++++++++++ 6 files changed, 162 insertions(+) create mode 100644 eks-anywhere-common/Addons/Partner/Kong/kong-source.yaml create mode 100644 eks-anywhere-common/Addons/Partner/Kong/kong.yaml create mode 100644 eks-anywhere-common/Addons/Partner/Kong/namespace.yaml create mode 100644 eks-anywhere-common/Testers/Kong/test-job-configmap.yaml create mode 100644 eks-anywhere-common/Testers/Kong/test-job-role.yaml create mode 100644 eks-anywhere-common/Testers/Kong/test-job.yaml diff --git a/eks-anywhere-common/Addons/Partner/Kong/kong-source.yaml b/eks-anywhere-common/Addons/Partner/Kong/kong-source.yaml new file mode 100644 index 00000000..c97cafb4 --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/Kong/kong-source.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: kong-charts + namespace: flux-system +spec: + interval: 30s + url: https://charts.konghq.com diff --git a/eks-anywhere-common/Addons/Partner/Kong/kong.yaml b/eks-anywhere-common/Addons/Partner/Kong/kong.yaml new file mode 100644 index 00000000..84330faf --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/Kong/kong.yaml @@ -0,0 +1,42 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: kong + namespace: kong +spec: + chart: + spec: + chart: kong + reconcileStrategy: ChartVersion + sourceRef: + kind: HelmRepository + name: kong-charts + namespace: flux-system + version: 2.27.0 + interval: 1m0s + targetNamespace: kong + releaseName: eks-anywhere + values: + enterprise: + enabled: true + vitals: + enabled: false + portal: + enabled: false + rbac: + enabled: false + manager: + enabled: false + portal: + enabled: false + portalapi: + enabled: false + env: + database: "off" + ingressController: + enabled: true + installCRDs: false + proxy: + enabled: true + type: ClusterIP \ No newline at end of file diff --git a/eks-anywhere-common/Addons/Partner/Kong/namespace.yaml b/eks-anywhere-common/Addons/Partner/Kong/namespace.yaml new file mode 100644 index 00000000..bdd1314e --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/Kong/namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: kong + labels: + aws.conformance.vendor: kong + aws.conformance.vendor-solution: kong-enterprise \ No newline at end of file diff --git a/eks-anywhere-common/Testers/Kong/test-job-configmap.yaml b/eks-anywhere-common/Testers/Kong/test-job-configmap.yaml new file mode 100644 index 00000000..6304af87 --- /dev/null +++ b/eks-anywhere-common/Testers/Kong/test-job-configmap.yaml @@ -0,0 +1,44 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: test-configmap + namespace: kong +data: + test.sh: |- + #!/bin/bash + kubectl apply -f https://bit.ly/echo-service + echo " + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + labels: + app: echo + name: demo + spec: + ingressClassName: kong + rules: + - http: + paths: + - path: /foo + pathType: ImplementationSpecific + backend: + service: + name: echo + port: + number: 80 + " | kubectl apply -f - -n kong + + sleep 300 + + response=$(curl --silent -i http://eks-anywhere-kong-proxy.kong.svc.cluster.local:80/foo) + response_status=$(echo $response | awk '/^HTTP/{print $2}') + + kubectl delete deployment,service,ingress -l app=echo -n kong + + if [[ $response_status == "200" && $response == *"pod namespace"* ]]; then + echo -e "\n Kong Gateway is running, test service passed \n" + exit 0 + else + echo -e "\n Kong Gateway is running, test service failed \n" + exit 1 + fi diff --git a/eks-anywhere-common/Testers/Kong/test-job-role.yaml b/eks-anywhere-common/Testers/Kong/test-job-role.yaml new file mode 100644 index 00000000..ff535a55 --- /dev/null +++ b/eks-anywhere-common/Testers/Kong/test-job-role.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kong-gateway-job + namespace: kong +rules: + - apiGroups: [ "" ] + resources: ["pods","services"] + verbs: [ "get","list","create", "update", "patch", "watch", "delete" ] + - apiGroups: [ "apps" ] + resources: ["deployments"] + verbs: [ "get", "create", "update", "list", "patch", "delete" ] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: [ "get", "create", "update", "list", "patch", "delete" ] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kong-test + namespace: kong +subjects: + - kind: User + name: system:serviceaccount:kong:default + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: Role + name: kong-gateway-job + apiGroup: rbac.authorization.k8s.io diff --git a/eks-anywhere-common/Testers/Kong/test-job.yaml b/eks-anywhere-common/Testers/Kong/test-job.yaml new file mode 100644 index 00000000..01d96081 --- /dev/null +++ b/eks-anywhere-common/Testers/Kong/test-job.yaml @@ -0,0 +1,30 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: kong-enterprise-testjob + namespace: kong +spec: + schedule: "10 10 * * *" + jobTemplate: + spec: + template: + spec: + containers: + - name: job + image: 'alpine/k8s:1.26.2' + imagePullPolicy: Always + command: + - /bin/test.sh + volumeMounts: + - name: test-configmap-volume + mountPath: /bin/test.sh + readOnly: true + subPath: test.sh + volumes: + - name: test-configmap-volume + configMap: + defaultMode: 0700 + name: test-configmap + restartPolicy: Never + successfulJobsHistoryLimit: 3 + failedJobsHistoryLimit: 1 \ No newline at end of file