Optimizing the handshake and test cloud

Signed-off-by: Shiming Zhang <[email protected]>

Author: wzshiming

.github/workflows/test-cloud.yml

@@ -0,0 +1,104 @@
+name: Test Cloud
+
+on:
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build-ferrctl:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.18
+
+      - run: |
+          go build -o ferryctl ./cmd/ferryctl
+
+      - name: Upload ferryctl
+        uses: actions/upload-artifact@v2
+        with:
+          name: ferryctl
+          path: ferryctl
+
+  test-cloud:
+    continue-on-error: true
+    strategy:
+      matrix:
+        cloud:
+          - aliyun
+          - aws
+          - azure
+          - gcp
+    runs-on: ubuntu-latest
+    needs:
+      - build-ferrctl
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Download for ferryctl
+        uses: actions/download-artifact@v2
+        with:
+          name: ferryctl
+
+      - name: Set up ferryctl
+        run: |
+          cp ferryctl /usr/local/bin/ferryctl && chmod +x /usr/local/bin/ferryctl
+
+      - name: Set up eksctl
+        if: matrix.cloud == 'aws'
+        run: |
+          wget -O eksctl.tar.gc "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_linux_amd64.tar.gz"
+          tar -xzf eksctl.tar.gz -C /tmp/ && mv /tmp/eksctl /usr/local/bin/ && chmod +x /usr/local/bin/eksctl
+
+      - name: Set up gcloud
+        if: matrix.cloud == 'gcp'
+        uses: google-github-actions/setup-gcloud@v0
+        with:
+          install_components: 'gke-gcloud-auth-plugin'
+
+      - name: Login ${{ matrix.cloud }}
+        run: |
+          ./test/cloud/${{ matrix.cloud }}/login.sh
+          ./test/cloud/${{ matrix.cloud }}/list.sh
+        env:
+          ALIYUN_ACCESS_KEY_ID: ${{ secrets.ALIYUN_ACCESS_KEY_ID }}
+          ALIYUN_ACCESS_KEY_SECRET: ${{ secrets.ALIYUN_ACCESS_KEY_SECRET }}
+          ALIYUN_REGION_ID: ${{ secrets.ALIYUN_REGION_ID }}
+          ALIYUN_ZONE_ID: ${{ secrets.ALIYUN_ZONE_ID }}
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_ACCESS_KEY_SECRET: ${{ secrets.AWS_ACCESS_KEY_SECRET }}
+          AWS_REGION_ID: ${{ secrets.AWS_REGION_ID }}
+          AWS_ZONE_ID: ${{ secrets.AWS_ZONE_ID }}
+          AZURE_APP_ID: ${{ secrets.AZURE_APP_ID }}
+          AZURE_PASSWORD: ${{ secrets.AZURE_PASSWORD }}
+          AZURE_TENANT: ${{ secrets.AZURE_TENANT }}
+          AZURE_REGION_ID: ${{ secrets.AZURE_REGION_ID }}
+          AZURE_ZONE_ID: ${{ secrets.AZURE_ZONE_ID }}
+          GCP_CRED_DATA: ${{ secrets.GCP_CRED_DATA }}
+          GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
+          GCP_REGION_ID: ${{ secrets.GCP_REGION_ID }}
+          GCP_ZONE_ID: ${{ secrets.GCP_ZONE_ID }}
+      - name: Start cluster
+        run: |
+          ./test/hack/start-environment.sh cloud-${{ matrix.cloud }}
+
+      - name: Test control-plane and cluster-${{ matrix.cloud }}
+        run: ./test/test/test-in-both-easy.sh
+        env:
+          ROUTE_NAME: ferry-test
+          CONTROL_PLANE: control-plane
+          CLUSTER_1: cluster-${{ matrix.cloud }}
+          CLUSTER_2: control-plane
+          TARGET_1: web-${{ matrix.cloud }}
+          TARGET_2: web-0
+
+      - name: Clean cluster
+        run: |
+          ./test/hack/clean-environment.sh cloud-${{ matrix.cloud }}

.github/workflows/test.yml

@@ -12,7 +12,7 @@ env:
   FERRY_TUNNEL_IMAGE: ferry-tunnel:test
 
 concurrency:
-  group: ${{ github.head_ref || github.run_id }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:

.gitignore

@@ -22,5 +22,6 @@ testbin/*
 
 
 # Customs
+!/test/bin
 vendor
-kubeconfigs
+test/kubeconfigs

pkg/ferryctl/cmd/ferryctl/control_plane/join/join.go

@@ -124,7 +124,6 @@ func NewCommand(logger log.Logger) *cobra.Command {
 
 			utils.Prompt(
 				fmt.Sprintf("join the %s data cluster", dataPlaneName),
-				"ferryctl data-plane init",
 				next,
 			)
 

pkg/ferryctl/cmd/ferryctl/local/manual/export/export.go

@@ -96,7 +96,6 @@ func NewCommand(logger log.Logger) *cobra.Command {
 
 				utils.Prompt(
 					"peer tunnel",
-					"ferryctl data-plane init",
 					second,
 				)
 				return nil

pkg/ferryctl/cmd/ferryctl/local/manual/import/import.go

@@ -104,7 +104,6 @@ func NewCommand(logger log.Logger) *cobra.Command {
 
 				utils.Prompt(
 					"peer tunnel",
-					"ferryctl data-plane init",
 					second,
 				)
 				return nil

pkg/ferryctl/cmd/ferryctl/root.go

@@ -41,6 +41,7 @@ func NewCommand(logger log.Logger) *cobra.Command {
 
 	persistentFlags := cmd.PersistentFlags()
 	persistentFlags.StringVar(&vars.KubeconfigPath, "kubeconfig", vars.KubeconfigPath, "override the default kubeconfig path")
+	persistentFlags.StringVar(&vars.PeerKubeconfigPath, "peer-kubeconfig", vars.PeerKubeconfigPath, "this Kubeconfig specifies the handshake peer for operations that require handshaking")
 	persistentFlags.StringVar(&vars.FerryControllerImage, "ferry-controller-image", vars.FerryControllerImage, "default ferry controller image")
 	persistentFlags.StringVar(&vars.FerryTunnelImage, "ferry-tunnel-image", vars.FerryTunnelImage, "default ferry tunnel image")
 	persistentFlags.StringVar(&vars.ControlPlaneName, "control-plane-name", vars.ControlPlaneName, "default control plane name")

pkg/ferryctl/utils/prompt.go

@@ -18,13 +18,34 @@ package utils
 
 import (
 	"fmt"
+	"github.com/ferryproxy/ferry/pkg/ferryctl/vars"
+	"os"
+	"os/exec"
 )
 
 func Prompt(want string, lines ...string) {
-	fmt.Printf("# ++++ Please run the following command to %s:\n", want)
-	fmt.Printf("# =============================================\n")
-	defer fmt.Printf("# =============================================\n")
-	for _, line := range lines {
-		fmt.Printf("%s\n", line)
+	if vars.PeerKubeconfigPath != "" {
+		fmt.Printf("# Run command to %s:\n", want)
+		for _, line := range lines {
+			cmd := exec.Command("sh", "-c", line)
+			cmd.Env = append(os.Environ(),
+				"KUBECONFIG="+vars.PeerKubeconfigPath,
+				"FERRY_PEER_KUBECONFIG="+vars.KubeconfigPath,
+			)
+			fmt.Printf("> %s\n", line)
+			cmd.Stdout = os.Stdout
+			cmd.Stderr = os.Stderr
+			err := cmd.Run()
+			if err != nil {
+				fmt.Println(cmd)
+			}
+		}
+	} else {
+		fmt.Printf("# ++++ Please run the following command to %s:\n", want)
+		fmt.Printf("# =============================================\n")
+		defer fmt.Printf("# =============================================\n")
+		for _, line := range lines {
+			fmt.Printf("%s\n", line)
+		}
 	}
 }

pkg/ferryctl/vars/vars.go

@@ -25,9 +25,10 @@ import (
 )
 
 var (
-	ControlPlaneName = "control-plane"
-	home, _          = os.UserHomeDir()
-	KubeconfigPath   = env.GetEnv("KUBECONFIG", filepath.Join(home, ".kube/config"))
+	ControlPlaneName   = "control-plane"
+	home, _            = os.UserHomeDir()
+	KubeconfigPath     = env.GetEnv("KUBECONFIG", filepath.Join(home, ".kube/config"))
+	PeerKubeconfigPath = env.GetEnv("FERRY_PEER_KUBECONFIG", "")
 
 	FerryImagePrefix = env.GetEnv("FERRY_IMAGE_PREFIX", "ghcr.io/ferryproxy/ferry")
 

test/cloud/README.md

@@ -0,0 +1,47 @@
+# Cloud
+
+The following are the Kubernetes services for various public cloud platforms
+that Ferry has tested and validated. If there are multiple Kubernetes services 
+on the same platform, we prefer to choose the one that does not require a management server.
+
+- Aliyun (Alibaba Cloud)
+  [ ] ACK (Managed Kubernetes Cluster Service)
+  [x] ASK (Serverless Kubernetes Cluster Service)
+- AWS (Amazon Web Services)
+  [x] EKS (Elastic Kubernetes Engine)
+- GCP (Google Cloud Platform)
+  [ ] GKE Standard (Google Kubernetes Engine Standard)
+  [x] GKE Autopilot (Google Kubernetes Engine Autopilot)
+- Azure (Microsoft Azure)
+  [x] AKS (Azure Kubernets Service)
+
+The following scripts are included in each platform's directory
+- login.sh `[This requires special handling, as each platform has a different login method]`
+- create.sh `<cluster-name>`
+- get_kubeconfig.sh` <cluster-name>`
+- list.sh
+- delete.sh `<cluster-name>`
+
+## Login
+
+### Aliyun
+ALIYUN_ACCESS_KEY_ID=
+ALIYUN_ACCESS_KEY_SECRET=
+ALIYUN_REGION_ID=
+ALIYUN_ZONE_ID=
+
+### AWS
+AWS_ACCESS_KEY_ID=
+AWS_ACCESS_KEY_SECRET=
+AWS_REGION_ID=
+
+### GCP
+GCP_PROJECT_ID=
+GCP_CRED_DATA=
+GCP_REGION_ID=
+
+### Azure
+AZURE_APP_ID=
+AZURE_PASSWORD=
+AZURE_TENANT=
+AZURE_REGION_ID=