def test_services_dns_prefix(self):
settings.PROXIES_CONFIG.auth_enabled = True
settings.PROXIES_CONFIG.dns_use_resolver = True
expected = """
location ~ /services/v1/([-_.:\w]+)/([-_.:\w]+)/([-_.:\w]+)/runs/([-_.:\w]+)/(.*) {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver coredns.kube-system.svc.cluster.local valid=5s;
proxy_pass http://plx-operation-$4.$1.svc.cluster.local;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options;
proxy_set_header Origin "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
}
""" # noqa
settings.PROXIES_CONFIG.dns_prefix = "coredns.kube-system"
settings.PROXIES_CONFIG.dns_custom_cluster = "cluster.local"
assert get_dns_config() == "coredns.kube-system.svc.cluster.local"
resolver = get_resolver()
assert (
get_services_location_config(
resolver=resolver, auth=get_auth_config(), rewrite=False
)
== expected
)
expected = """
location ~ /services/v1/([-_.:\w]+)/([-_.:\w]+)/([-_.:\w]+)/runs/([-_.:\w]+)/(.*) {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver kube-dns.new-system.svc.new-dns valid=5s;
proxy_pass http://plx-operation-$4.$1.svc.new-dns;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options;
proxy_set_header Origin "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
}
""" # noqa
settings.PROXIES_CONFIG.dns_prefix = "kube-dns.new-system"
settings.PROXIES_CONFIG.dns_custom_cluster = "new-dns"
assert get_dns_config() == "kube-dns.new-system.svc.new-dns"
resolver = get_resolver()
assert (
get_services_location_config(
resolver=resolver, auth=get_auth_config(), rewrite=False
)
== expected
)
def test_auth_config(self):
settings.PROXIES_CONFIG.auth_enabled = True
expected = r"""
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
""" # noqa
assert get_auth_config() == expected
settings.PROXIES_CONFIG.auth_enabled = False
assert get_auth_config() == ""
def get_base_config():
resolver = get_resolver()
auth = get_auth_config()
config = [get_listen_config(is_proxy=True)]
if settings.PROXIES_CONFIG.ssl_enabled:
config.append(get_ssl_config())
config += [
get_logging_config(),
get_gzip_config(),
get_charset_config(),
get_buffering_config(),
get_timeout_config(),
get_error_page_config(),
get_robots_config(),
get_favicon_config(),
get_healthz_location_config(),
get_auth_location_config(resolver=resolver),
get_streams_location_config(resolver=resolver, auth=auth),
get_services_location_config(resolver=resolver, auth=auth, rewrite=False),
get_services_location_config(resolver=resolver, auth=auth, rewrite=True),
get_api_location_config(resolver=resolver, auth=auth),
]
# config += get_plugins_location_config(resolver=resolver, auth=auth)
return clean_config(config)
def test_streams_location_with_dns_prefix(self):
settings.PROXIES_CONFIG.auth_enabled = False
settings.PROXIES_CONFIG.dns_use_resolver = True
expected = """
location /streams/ {
resolver coredns.kube-system.svc.cluster.local valid=5s;
proxy_pass http://polyaxon-polyaxon-streams;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Origin "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
}
""" # noqa
settings.PROXIES_CONFIG.dns_prefix = "coredns.kube-system"
settings.PROXIES_CONFIG.dns_custom_cluster = "cluster.local"
assert get_dns_config() == "coredns.kube-system.svc.cluster.local"
resolver = get_resolver()
assert get_streams_location_config(resolver=resolver, auth="") == expected
expected = """
location /streams/ {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver kube-dns.new-system.svc.new-dns valid=5s;
proxy_pass http://polyaxon-polyaxon-streams;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Origin "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
}
""" # noqa
settings.PROXIES_CONFIG.auth_enabled = True
settings.PROXIES_CONFIG.dns_prefix = "kube-dns.new-system"
settings.PROXIES_CONFIG.dns_custom_cluster = "new-dns"
assert get_dns_config() == "kube-dns.new-system.svc.new-dns"
resolver = get_resolver()
assert (
get_streams_location_config(resolver=resolver, auth=get_auth_config())
== expected
)
def test_streams_location_with_auth_config(self):
expected = """
location /streams/ {
proxy_pass http://polyaxon-polyaxon-streams;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Origin "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
}
""" # noqa
assert get_streams_location_config(resolver="", auth="") == expected
settings.PROXIES_CONFIG.streams_port = 8888
settings.PROXIES_CONFIG.auth_enabled = True
settings.PROXIES_CONFIG.streams_host = "foo"
expected = """
location /streams/ {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
proxy_pass http://foo:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Origin "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
}
""" # noqa
assert (
get_streams_location_config(resolver="", auth=get_auth_config()) == expected
)
def test_plugins_dns_prefix(self):
proxy_services = {
"tensorboard": {
"port": 6006
},
"notebook": {
"port": 8888
}
}
settings.PROXIES_CONFIG.auth_enabled = True
settings.PROXIES_CONFIG.dns_use_resolver = True
expected = r"""
location ~ /tensorboard/proxy/([-_.:\w]+)/(.*) {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver coredns.kube-system.svc.cluster.local valid=5s;
rewrite_log on;
rewrite ^/tensorboard/proxy/([-_.:\w]+)/(.*) /tensorboard/proxy/$1/$2 break;
proxy_pass http://$1:6006;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options;
proxy_set_header Origin "";
proxy_buffering off;
}
location ~ /notebook/proxy/([-_.:\w]+)/(.*) {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver coredns.kube-system.svc.cluster.local valid=5s;
rewrite_log on;
rewrite ^/notebook/proxy/([-_.:\w]+)/(.*) /notebook/proxy/$1/$2 break;
proxy_pass http://$1:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options;
proxy_set_header Origin "";
proxy_buffering off;
}
""" # noqa
settings.PROXIES_CONFIG.dns_prefix = "coredns.kube-system"
settings.PROXIES_CONFIG.dns_custom_cluster = "cluster.local"
assert get_dns_config() == "coredns.kube-system.svc.cluster.local"
resolver = get_resolver()
assert ("\n".join(
get_plugins_location_config(
resolver=resolver,
auth=get_auth_config(),
proxy_services=proxy_services,
)) == expected)
expected = r"""
location ~ /tensorboard/proxy/([-_.:\w]+)/(.*) {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver kube-dns.new-system.svc.new-dns valid=5s;
rewrite_log on;
rewrite ^/tensorboard/proxy/([-_.:\w]+)/(.*) /tensorboard/proxy/$1/$2 break;
proxy_pass http://$1:6006;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options;
proxy_set_header Origin "";
proxy_buffering off;
}
location ~ /notebook/proxy/([-_.:\w]+)/(.*) {
auth_request /auth/v1/;
auth_request_set $auth_status $upstream_status;
resolver kube-dns.new-system.svc.new-dns valid=5s;
rewrite_log on;
rewrite ^/notebook/proxy/([-_.:\w]+)/(.*) /notebook/proxy/$1/$2 break;
proxy_pass http://$1:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options;
proxy_set_header Origin "";
proxy_buffering off;
}
""" # noqa
settings.PROXIES_CONFIG.dns_prefix = "kube-dns.new-system"
settings.PROXIES_CONFIG.dns_custom_cluster = "new-dns"
assert get_dns_config() == "kube-dns.new-system.svc.new-dns"
resolver = get_resolver()
assert ("\n".join(
get_plugins_location_config(
resolver=resolver,
auth=get_auth_config(),
proxy_services=proxy_services,
)) == expected)
