Skip to content

Instantly share code, notes, and snippets.

@ajohnstone

ajohnstone/cluster_networking.bats Secret

Created September 22, 2016 00:18
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save ajohnstone/aa5bf0968bc32608c479925f558c7ccd to your computer and use it in GitHub Desktop.
Save ajohnstone/aa5bf0968bc32608c479925f558c7ccd to your computer and use it in GitHub Desktop.
Download ZIP
Raw
cluster_networking.bats
#!/usr/bin/env bats
set -o pipefail;
load ../helpers;
@test "cluster networking external access" {
kubectl exec --tty -i ${TEST_POD} -- ping -w 1 8.8.8.8;
}
@test "cluster networking pod-2-pod" {
RANDOM_POD_IP=$(kubectl get pods --namespace=kube-system -o jsonpath='{.items[0].status.podIP}');
FROM_POD_IP=$(kubectl get pods --namespace=default ${TEST_POD} -o jsonpath='{.status.podIP}');
echo FROM $FROM_POD_IP TO $RANDOM_POD_IP;
kubectl exec --tty -i ${TEST_POD} -- ping -w 1 ${RANDOM_POD_IP};
}
@test "cluster networking dns external" {
DNS_IP=$(kubectl exec --tty -i ${TEST_POD} -- cat /etc/resolv.conf | awk '/nameserver/ {print $2}' | head -n1);
echo ${DNS_IP};
kubectl exec --tty -i ${TEST_POD} -- dig +time=1 goog.com;
}
@test "cluster networking dns internal" {
DNS_IP=$(kubectl exec --tty -i ${TEST_POD} -- cat /etc/resolv.conf | awk '/nameserver/ {print $2}' | head -n1);
echo ${DNS_IP};
kubectl exec --tty -i ${TEST_POD} -- dig +time=1 default.svc.cluster.local;
}
Raw
ingress.bats
#!/usr/bin/env bats
set -o pipefail;
load ../helpers;
# Ingress
@test "echomap ingress" {
retry_timeout "kubectl get ing echomap --namespace=default --no-headers" ${TIMEOUT};
}
@test "consul ingress" {
retry_timeout "kubectl get ing consul --namespace=kube-system --no-headers" ${TIMEOUT};
}
#@test "vault ingress" {
# retry_timeout "kubectl get ing vault --namespace=kube-system --no-headers" ${TIMEOU}T
#}
Raw
instance_counts.bats
#!/usr/bin/env bats
set -o pipefail;
load ../helpers;
# Infrastructure
@test "minion count" {
MINIONS=`kubectl get nodes --selector=role=minion --no-headers | wc -l`;
min_value_met ${MINION_COUNT} ${MINIONS};
}
@test "loadbalancer count" {
LOADBALANCERS=`kubectl get nodes --selector=role=loadbalancer --no-headers | wc -l`;
values_equal ${LOADBALANCERS} ${LOADBALANCERS};
}
Raw
pod_counts.bats
#!/usr/bin/env bats
set -o pipefail;
load ../helpers;
# Elastic search
@test "monitoring-elastalert pods" {
KUBE_ELASTALERT_DESIRED=`kubectl get deployments elastalert --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
KUBE_ELASTALERT_CURRENT=`kubectl get deployments elastalert --namespace=kube-system -o jsonpath='{.status.replicas}'`;
values_equal ${KUBE_ELASTALERT_DESIRED} ${KUBE_ELASTALERT_CURRENT};
}
@test "elastic-search-curator pods" {
KUBE_ES_CURATOR_DESIRED=`kubectl get deployments elastic-search-curator --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
KUBE_ES_CURATOR_CURRENT=`kubectl get deployments elastic-search-curator --namespace=kube-system -o jsonpath='{.status.replicas}'`;
values_equal ${KUBE_ES_CURATOR_DESIRED} ${KUBE_ES_CURATOR_CURRENT};
}
# DNS
@test "photobox-svc-dns pods" {
KUBE_PBX_DNS_DESIRED=`kubectl get deployments photobox-svc-dns-v2 --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
KUBE_PBX_DNS_CURRENT=`kubectl get deployments photobox-svc-dns-v2 --namespace=kube-system -o jsonpath='{.status.replicas}';`
values_equal ${KUBE_PBX_DNS_DESIRED} ${KUBE_PBX_DNS_CURRENT};
}
@test "kube-dns pods" {
KUBE_DNS_DESIRED=`kubectl get rc kube-dns-v17.1 --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
KUBE_DNS_CURRENT=`kubectl get rc kube-dns-v17.1 --namespace=kube-system -o jsonpath='{.status.replicas}'`;
values_equal ${KUBE_DNS_DESIRED} ${KUBE_DNS_CURRENT};
}
# Monitoring
@test "kube-dashboard pods" {
KUBE_DASHBOARD_DESIRED=`kubectl get rc kubernetes-dashboard-v11 --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
KUBE_DASHBOARD_CURRENT=`kubectl get rc kubernetes-dashboard-v11 --namespace=kube-system -o jsonpath='{.status.replicas}'`;
values_equal ${KUBE_DASHBOARD_DESIRED} ${KUBE_DASHBOARD_CURRENT};
}
@test "monitoring-heapster pods" {
HEAPSTER_DESIRED=`kubectl get deployments heapster-v1.1.0 --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
HEAPSTER_CURRENT=`kubectl get deployments heapster-v1.1.0 --namespace=kube-system -o jsonpath='{.status.replicas}'`;
values_equal ${HEAPSTER_DESIRED} ${HEAPSTER_CURRENT};
}
@test "monitoring-sensu-client pods" {
SENSU_CLIENT_DESIRED=`kubectl get ds sensu-client --namespace=kube-system -o jsonpath='{.status.desiredNumberScheduled}'`;
SENSU_CLIENT_CURRENT=`kubectl get ds sensu-client --namespace=kube-system -o jsonpath='{.status.currentNumberScheduled}'`;
values_equal ${SENSU_CLIENT_DESIRED} ${SENSU_CLIENT_CURRENT};
}
@test "monitoring-fluentd-es pods" {
FLUENTD_DESIRED=`kubectl get ds fluentd-es-v1 --namespace=kube-system -o jsonpath='{.status.desiredNumberScheduled}'`;
FLUENTD_CURRENT=`kubectl get ds fluentd-es-v1 --namespace=kube-system -o jsonpath='{.status.currentNumberScheduled}'`;
values_equal ${FLUENTD_DESIRED} ${FLUENTD_CURRENT};
}
@test "kube-proxy pods" {
KUBE_PROXY_DESIRED=`kubectl get nodes --no-headers | wc -l`;
KUBE_PROXY_CURRENT=`kubectl get pods --namespace=kube-system --selector=component=kube-proxy --no-headers | wc -l`;
values_equal ${KUBE_PROXY_DESIRED} ${KUBE_PROXY_CURRENT};
}
@test "consul pods" {
CONSUL_DESIRED=`kubectl get deployments consul --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
CONSUL_CURRENT=`kubectl get deployments consul --namespace=kube-system -o jsonpath='{.status.replicas}'`;
values_equal ${CONSUL_DESIRED} ${CONSUL_CURRENT};
}
#@test "vault pods" {
# VAULT_DESIRED=`kubectl get rc vault --namespace=kube-system -o jsonpath='{.spec.replicas}'`;
# VAULT_CURRENT=`kubectl get rc vault --namespace=kube-system -o jsonpath='{.status.replicas}'`;
# values_equal ${VAULT_DESIRED} ${VAULT_CURRENT};
#}
Raw
service.bats
#!/usr/bin/env bats
set -o pipefail
load ../helpers
# Services
@test "kubernetes service" {
retry_timeout "kubectl get svc kubernetes --namespace=default --no-headers" ${TIMEOUT};
}
@test "kube-dns service" {
retry_timeout "kubectl get svc kube-dns --namespace=kube-system --no-headers" ${TIMEOUT};
}
@test "kube-dashboard service" {
retry_timeout "kubectl get svc kubernetes-dashboard-v11 --namespace=kube-system --no-headers" ${TIMEOUT};
}
@test "consul service" {
retry_timeout "kubectl get svc consul --namespace=kube-system --no-headers" ${TIMEOUT};
}
# Security
@test "keycloak service" {
retry_timeout "kubectl get svc keycloak --namespace=default --no-headers" ${TIMEOUT};
}
#@test "vault service" {
# retry_timeout "kubectl get svc vault --namespace=kube-system --no-headers" ${TIMEOUT};
#}
# Proxy/Routing
@test "secure-proxy service" {
retry_timeout "kubectl get svc secure-proxy --namespace=default --no-headers" ${TIMEOUT};
}
@test "nginx-ingress-controller service" {
retry_timeout "kubectl get svc nginx-ingress-controller --namespace=default --no-headers" ${TIMEOUT};
}
@test "default-http-backend service" {
retry_timeout "kubectl get svc default-http-backend --namespace=default --no-headers" ${TIMEOUT};
}
# Monitoring
@test "monitoring-heapster service" {
retry_timeout "kubectl get svc heapster --namespace=kube-system --no-headers" ${TIMEOUT};
}
@test "monitoring-influxdb service" {
retry_timeout "kubectl get svc monitoring-influxdb --namespace=kube-system --no-headers" ${TIMEOUT};
}
@test "monitoring-grafana service" {
retry_timeout "kubectl get svc monitoring-grafana --namespace=kube-system --no-headers" ${TIMEOUT};
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment