From eb2a6e1242af8a0d6d43c71d2bd72055d5c68eb1 Mon Sep 17 00:00:00 2001 From: tellet Date: Tue, 10 Sep 2019 11:56:36 +0100 Subject: [PATCH] Add checks on 'buffering' upstream option in VS/VSRs --- .../configmap-with-keys.yaml | 5 +++- .../route-multiple-invalid-keys.yaml | 8 +++++ .../route-single-invalid-keys.yaml | 4 +++ .../configmap-with-keys.yaml | 5 +++- .../virtual-server-with-invalid-keys.yaml | 8 +++++ .../suite/test_v_s_route_upstream_options.py | 28 +++++++++++++----- .../test_virtual_server_upstream_options.py | 29 ++++++++++++++----- 7 files changed, 70 insertions(+), 17 deletions(-) diff --git a/tests/data/virtual-server-route-upstream-options/configmap-with-keys.yaml b/tests/data/virtual-server-route-upstream-options/configmap-with-keys.yaml index af4a0aa6ff..e00d6029eb 100644 --- a/tests/data/virtual-server-route-upstream-options/configmap-with-keys.yaml +++ b/tests/data/virtual-server-route-upstream-options/configmap-with-keys.yaml @@ -12,4 +12,7 @@ data: proxy-send-timeout: "55s" keepalive: "1024" max-conns: "1000" # there is no support for this key - client-max-body-size: "3m" \ No newline at end of file + client-max-body-size: "3m" + proxy-buffering: "false" + proxy-buffer-size: "1k" + proxy-buffers: "8 1k" \ No newline at end of file diff --git a/tests/data/virtual-server-route-upstream-options/route-multiple-invalid-keys.yaml b/tests/data/virtual-server-route-upstream-options/route-multiple-invalid-keys.yaml index ac66e8867b..06ddb14372 100644 --- a/tests/data/virtual-server-route-upstream-options/route-multiple-invalid-keys.yaml +++ b/tests/data/virtual-server-route-upstream-options/route-multiple-invalid-keys.yaml @@ -20,6 +20,10 @@ spec: next-upstream-timeout: "time" next-upstream-tries: -12 client-max-body-size: "3.2m" + buffers: + number: 0 + size: "k" + buffer-size: "±!@£$%^&*()_+#" - name: backend3 service: backend3-svc port: 80 @@ -35,6 +39,10 @@ spec: next-upstream-timeout: "1.5d" next-upstream-tries: -10 client-max-body-size: "-2m" + buffers: + number: -4 + size: "" + buffer-size: "k" subroutes: - path: "/backends/backend1" upstream: backend1 diff --git a/tests/data/virtual-server-route-upstream-options/route-single-invalid-keys.yaml b/tests/data/virtual-server-route-upstream-options/route-single-invalid-keys.yaml index 4354cb4492..57819fe327 100644 --- a/tests/data/virtual-server-route-upstream-options/route-single-invalid-keys.yaml +++ b/tests/data/virtual-server-route-upstream-options/route-single-invalid-keys.yaml @@ -20,6 +20,10 @@ spec: next-upstream-timeout: "time" next-upstream-tries: -12 client-max-body-size: "1.3m" + buffers: + number: 0 + size: "k" + buffer-size: "one" subroutes: - path: "/backend2" upstream: backend2 \ No newline at end of file diff --git a/tests/data/virtual-server-upstream-options/configmap-with-keys.yaml b/tests/data/virtual-server-upstream-options/configmap-with-keys.yaml index af4a0aa6ff..e00d6029eb 100644 --- a/tests/data/virtual-server-upstream-options/configmap-with-keys.yaml +++ b/tests/data/virtual-server-upstream-options/configmap-with-keys.yaml @@ -12,4 +12,7 @@ data: proxy-send-timeout: "55s" keepalive: "1024" max-conns: "1000" # there is no support for this key - client-max-body-size: "3m" \ No newline at end of file + client-max-body-size: "3m" + proxy-buffering: "false" + proxy-buffer-size: "1k" + proxy-buffers: "8 1k" \ No newline at end of file diff --git a/tests/data/virtual-server-upstream-options/virtual-server-with-invalid-keys.yaml b/tests/data/virtual-server-upstream-options/virtual-server-with-invalid-keys.yaml index a11123f22c..3412f53e82 100644 --- a/tests/data/virtual-server-upstream-options/virtual-server-with-invalid-keys.yaml +++ b/tests/data/virtual-server-upstream-options/virtual-server-with-invalid-keys.yaml @@ -20,6 +20,10 @@ spec: next-upstream-timeout: "time" next-upstream-tries: -12 client-max-body-size: "1.2m" + buffers: + number: 0 + size: "k" + buffer-size: "±!@£$%^&*()_+#" - name: backend1 service: backend1-svc port: 80 @@ -35,6 +39,10 @@ spec: next-upstream-timeout: "1.5d" next-upstream-tries: -10 client-max-body-size: "-4m" + buffers: + number: -4 + size: "k" + buffer-size: "k" routes: - path: "/backend1" upstream: backend1 diff --git a/tests/suite/test_v_s_route_upstream_options.py b/tests/suite/test_v_s_route_upstream_options.py index 9b5ee73ceb..ed9edbf7b5 100644 --- a/tests/suite/test_v_s_route_upstream_options.py +++ b/tests/suite/test_v_s_route_upstream_options.py @@ -83,14 +83,20 @@ def test_nginx_config_upstreams_defaults(self, kube_apis, ingress_controller_pre assert "client_max_body_size 1m;" in config + assert "proxy_buffer_size" not in config + assert "proxy_buffering on;" in config + assert "proxy_buffers" not in config + @pytest.mark.parametrize('options, expected_strings', [ ({"lb-method": "least_conn", "max-fails": 8, "fail-timeout": "13s", "connect-timeout": "55s", "read-timeout": "1s", "send-timeout": "1h", - "keepalive": 54, "max-conns": 1024, "client-max-body-size": "1048K"}, + "keepalive": 54, "max-conns": 1024, "client-max-body-size": "1048K", + "buffering": True, "buffer-size": "2k", "buffers": {"number": 4, "size": "2k"}}, ["least_conn;", "max_fails=8 ", "fail_timeout=13s ", "proxy_connect_timeout 55s;", "proxy_read_timeout 1s;", "proxy_send_timeout 1h;", "keepalive 54;", 'set $default_connection_header "";', "max_conns=1024;", - "client_max_body_size 1048K;"]), + "client_max_body_size 1048K;", + "proxy_buffering on;", "proxy_buffer_size 2k;", "proxy_buffers 4 2k;"]), ({"lb-method": "ip_hash", "connect-timeout": "75", "read-timeout": "15", "send-timeout": "1h"}, ["ip_hash;", "proxy_connect_timeout 75;", "proxy_read_timeout 15;", "proxy_send_timeout 1h;"]), ({"connect-timeout": "1m", "read-timeout": "1m", "send-timeout": "1s"}, @@ -149,12 +155,14 @@ def test_when_option_in_v_s_r_only(self, kube_apis, ["max_fails=3 ", "fail_timeout=33s ", "max_conns=0;", "proxy_connect_timeout 44s;", "proxy_read_timeout 22s;", "proxy_send_timeout 55s;", "keepalive 1024;", 'set $default_connection_header "";', - "client_max_body_size 3m;"], + "client_max_body_size 3m;", + "proxy_buffering off;", "proxy_buffer_size 1k;", "proxy_buffers 8 1k;"], ["ip_hash;", "least_conn;", "random ", "hash", "least_time ", "max_fails=1 ", "fail_timeout=10s ", "max_conns=1000;", "proxy_connect_timeout 60s;", "proxy_read_timeout 60s;", "proxy_send_timeout 60s;", "client_max_body_size 1m;", - "slow_start=0s"]), + "slow_start=0s", + "proxy_buffering on;"]), ]) def test_when_option_in_config_map_only(self, kube_apis, ingress_controller_prerequisites, @@ -202,16 +210,19 @@ def test_when_option_in_config_map_only(self, kube_apis, @pytest.mark.parametrize('options, expected_strings, unexpected_strings', [ ({"lb-method": "least_conn", "max-fails": 12, "fail-timeout": "1m", "connect-timeout": "1m", "read-timeout": "77s", "send-timeout": "23s", - "keepalive": 48, "client-max-body-size": "0"}, + "keepalive": 48, "client-max-body-size": "0", + "buffering": True, "buffer-size": "2k", "buffers": {"number": 4, "size": "2k"}}, ["least_conn;", "max_fails=12 ", "fail_timeout=1m ", "max_conns=0;", "proxy_connect_timeout 1m;", "proxy_read_timeout 77s;", "proxy_send_timeout 23s;", "keepalive 48;", 'set $default_connection_header "";', - "client_max_body_size 0;"], + "client_max_body_size 0;", + "proxy_buffering on;", "proxy_buffer_size 2k;", "proxy_buffers 4 2k;"], ["ip_hash;", "random ", "hash", "least_time ", "max_fails=1 ", "fail_timeout=10s ", "proxy_connect_timeout 44s;", "proxy_read_timeout 22s;", "proxy_send_timeout 55s;", "keepalive 1024;", - "client_max_body_size 3m;", "client_max_body_size 1m;"]) + "client_max_body_size 3m;", "client_max_body_size 1m;", + "proxy_buffering off;", "proxy_buffer_size 1k;", "proxy_buffers 8 1k;"]) ]) def test_v_s_r_overrides_config_map(self, kube_apis, ingress_controller_prerequisites, @@ -279,6 +290,7 @@ def test_event_message_and_config(self, kube_apis, ingress_controller_prerequisi "upstreams[0].next-upstream", "upstreams[0].next-upstream-timeout", "upstreams[0].next-upstream-tries", "upstreams[0].client-max-body-size", + "upstreams[0].buffers.number", "upstreams[0].buffers.size", "upstreams[0].buffer-size" ] invalid_fields_m = [ "upstreams[0].lb-method", "upstreams[0].fail-timeout", @@ -288,6 +300,7 @@ def test_event_message_and_config(self, kube_apis, ingress_controller_prerequisi "upstreams[0].next-upstream", "upstreams[0].next-upstream-timeout", "upstreams[0].next-upstream-tries", "upstreams[0].client-max-body-size", + "upstreams[0].buffers.number", "upstreams[0].buffers.size", "upstreams[0].buffer-size", "upstreams[1].lb-method", "upstreams[1].fail-timeout", "upstreams[1].max-fails", "upstreams[1].connect-timeout", "upstreams[1].read-timeout", "upstreams[1].send-timeout", @@ -295,6 +308,7 @@ def test_event_message_and_config(self, kube_apis, ingress_controller_prerequisi "upstreams[1].next-upstream", "upstreams[1].next-upstream-timeout", "upstreams[1].next-upstream-tries", "upstreams[1].client-max-body-size", + "upstreams[1].buffers.number", "upstreams[1].buffers.size", "upstreams[1].buffer-size" ] text_s = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" text_m = f"{v_s_route_setup.route_m.namespace}/{v_s_route_setup.route_m.name}" diff --git a/tests/suite/test_virtual_server_upstream_options.py b/tests/suite/test_virtual_server_upstream_options.py index f33a67b1ba..7fffc04c04 100644 --- a/tests/suite/test_virtual_server_upstream_options.py +++ b/tests/suite/test_virtual_server_upstream_options.py @@ -87,14 +87,20 @@ def test_nginx_config_defaults(self, kube_apis, ingress_controller_prerequisites assert "client_max_body_size 1m;" in config + assert "proxy_buffer_size" not in config + assert "proxy_buffering on;" in config + assert "proxy_buffers" not in config + @pytest.mark.parametrize('options, expected_strings', [ ({"lb-method": "least_conn", "max-fails": 8, "fail-timeout": "13s", "connect-timeout": "55s", "read-timeout": "1s", "send-timeout": "1h", - "keepalive": 54, "max-conns": 1048, "client-max-body-size": "1048K"}, + "keepalive": 54, "max-conns": 1048, "client-max-body-size": "1048K", + "buffering": True, "buffer-size": "2k", "buffers": {"number": 4, "size": "2k"}}, ["least_conn;", "max_fails=8 ", "fail_timeout=13s ", "proxy_connect_timeout 55s;", "proxy_read_timeout 1s;", "proxy_send_timeout 1h;", "keepalive 54;", 'set $default_connection_header "";', "max_conns=1048;", - "client_max_body_size 1048K;"]), + "client_max_body_size 1048K;", + "proxy_buffering on;", "proxy_buffer_size 2k;", "proxy_buffers 4 2k;"]), ({"lb-method": "ip_hash", "connect-timeout": "75", "read-timeout": "15", "send-timeout": "1h"}, ["ip_hash;", "proxy_connect_timeout 75;", "proxy_read_timeout 15;", "proxy_send_timeout 1h;"]), ({"connect-timeout": "1m", "read-timeout": "1m", "send-timeout": "1s"}, @@ -139,11 +145,13 @@ def test_when_option_in_v_s_only(self, kube_apis, ingress_controller_prerequisit ["max_fails=3 ", "fail_timeout=33s ", "max_conns=0;", "proxy_connect_timeout 44s;", "proxy_read_timeout 22s;", "proxy_send_timeout 55s;", "keepalive 1024;", 'set $default_connection_header "";', - "client_max_body_size 3m;"], + "client_max_body_size 3m;", + "proxy_buffering off;", "proxy_buffer_size 1k;", "proxy_buffers 8 1k;"], ["ip_hash;", "least_conn;", "random ", "hash", "least_time ", "max_fails=1 ", "fail_timeout=10s ", "max_conns=1000;", "proxy_connect_timeout 60s;", "proxy_read_timeout 60s;", "proxy_send_timeout 60s;", - "client_max_body_size 1m;", "slow_start=0s"]), + "client_max_body_size 1m;", "slow_start=0s", + "proxy_buffering on;"]), ]) def test_when_option_in_config_map_only(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, @@ -181,15 +189,18 @@ def test_when_option_in_config_map_only(self, kube_apis, ingress_controller_prer @pytest.mark.parametrize('options, expected_strings, unexpected_strings', [ ({"lb-method": "least_conn", "max-fails": 12, "fail-timeout": "1m", "connect-timeout": "1m", "read-timeout": "77s", "send-timeout": "23s", - "keepalive": 48, "client-max-body-size": "0"}, + "keepalive": 48, "client-max-body-size": "0", + "buffering": True, "buffer-size": "2k", "buffers": {"number": 4, "size": "2k"}}, ["least_conn;", "max_fails=12 ", "fail_timeout=1m ", "max_conns=0;", "proxy_connect_timeout 1m;", "proxy_read_timeout 77s;", "proxy_send_timeout 23s;", "keepalive 48;", 'set $default_connection_header "";', - "client_max_body_size 0;"], + "client_max_body_size 0;", + "proxy_buffering on;", "proxy_buffer_size 2k;", "proxy_buffers 4 2k;"], ["ip_hash;", "random ", "hash", "least_time ", "max_fails=1 ", "fail_timeout=10s ", "proxy_connect_timeout 44s;", "proxy_read_timeout 22s;", "proxy_send_timeout 55s;", "keepalive 1024;", - "client_max_body_size 3m;", "client_max_body_size 1m;"]) + "client_max_body_size 3m;", "client_max_body_size 1m;", + "proxy_buffering off;", "proxy_buffer_size 1k;", "proxy_buffers 8 1k;"]) ]) def test_v_s_overrides_config_map(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, @@ -244,13 +255,15 @@ def test_event_message_and_config(self, kube_apis, ingress_controller_prerequisi "upstreams[0].next-upstream", "upstreams[0].next-upstream-timeout", "upstreams[0].next-upstream-tries", "upstreams[0].client-max-body-size", + "upstreams[0].buffers.number", "upstreams[0].buffers.size", "upstreams[0].buffer-size", "upstreams[1].lb-method", "upstreams[1].fail-timeout", "upstreams[1].max-fails", "upstreams[1].connect-timeout", "upstreams[1].read-timeout", "upstreams[1].send-timeout", "upstreams[1].keepalive", "upstreams[1].max-conns", "upstreams[1].next-upstream", "upstreams[1].next-upstream-timeout", "upstreams[1].next-upstream-tries", - "upstreams[1].client-max-body-size" + "upstreams[1].client-max-body-size", + "upstreams[1].buffers.number", "upstreams[1].buffers.size", "upstreams[1].buffer-size" ] text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" vs_event_text = f"VirtualServer {text} is invalid and was rejected: "