рабочий вариант, но скороть 10 МБит
This commit is contained in:
@@ -0,0 +1,161 @@
|
||||
param(
|
||||
[string]$ApiBaseUrl = "http://192.168.200.61:18121/api/v1",
|
||||
[string]$ClusterID = "cfc0743d-d960-49fb-9de8-96e063d5e4aa",
|
||||
[string]$ActorUserID = "f67d943f-5397-4b3a-a229-695fe67ad700",
|
||||
[string]$EntryNodeName = "test-1",
|
||||
[string]$ExitNodeName = "test-3",
|
||||
[string]$DockerSSH = "test-docker",
|
||||
[string]$ExpectedBackendImage = "rap-backend:fabric-service-channel-0.2.281-c18z109",
|
||||
[string]$ExpectedNodeAgentImage = "rap-node-agent:0.2.270-c18z95",
|
||||
[string]$ResultPath = "artifacts\c18z92-node-agent-disabled-compat-fallback-smoke-result.json"
|
||||
)
|
||||
|
||||
Set-StrictMode -Version Latest
|
||||
$ErrorActionPreference = "Stop"
|
||||
$scriptDir = Split-Path -Parent $MyInvocation.MyCommand.Path
|
||||
$repoRoot = (Resolve-Path (Join-Path $scriptDir "..\..")).ProviderPath
|
||||
$runId = "c18z92-" + (Get-Date -Format "yyyyMMdd-HHmmss")
|
||||
|
||||
function Invoke-Api {
|
||||
param([string]$Method, [string]$Path, [object]$Body = $null)
|
||||
$params = @{ Method = $Method; Uri = "$ApiBaseUrl$Path"; TimeoutSec = 30 }
|
||||
if ($null -ne $Body) {
|
||||
$params.ContentType = "application/json"
|
||||
$params.Body = ($Body | ConvertTo-Json -Depth 80)
|
||||
}
|
||||
return Invoke-RestMethod @params
|
||||
}
|
||||
function Get-PropertyValue {
|
||||
param([object]$Item, [string]$Name, [object]$Default = $null)
|
||||
if ($null -eq $Item) { return $Default }
|
||||
$property = $Item.PSObject.Properties[$Name]
|
||||
if ($null -eq $property) { return $Default }
|
||||
return $property.Value
|
||||
}
|
||||
function Get-NodeByName {
|
||||
param([string]$Name)
|
||||
$nodes = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID").nodes
|
||||
$node = @($nodes | Where-Object { $_.name -eq $Name }) | Select-Object -First 1
|
||||
if ($null -eq $node) { throw "Node '$Name' was not found" }
|
||||
return $node
|
||||
}
|
||||
function ConvertTo-Base64UrlJson {
|
||||
param([object]$Value)
|
||||
$json = if ($Value -is [string]) { $Value } else { $Value | ConvertTo-Json -Depth 80 -Compress }
|
||||
$bytes = [System.Text.Encoding]::UTF8.GetBytes($json)
|
||||
return [Convert]::ToBase64String($bytes).TrimEnd("=").Replace("+", "-").Replace("/", "_")
|
||||
}
|
||||
function Disable-ExistingRoutePair {
|
||||
param([string]$SourceNodeID, [string]$DestinationNodeID)
|
||||
$items = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/mesh/route-intents?actor_user_id=$ActorUserID").route_intents
|
||||
foreach ($item in @($items)) {
|
||||
if ([string](Get-PropertyValue -Item $item -Name "status" -Default "") -ne "active") { continue }
|
||||
if ([string](Get-PropertyValue -Item $item -Name "service_class" -Default "") -ne "vpn_packets") { continue }
|
||||
$sourceSelector = Get-PropertyValue -Item $item -Name "source_selector" -Default $null
|
||||
$destinationSelector = Get-PropertyValue -Item $item -Name "destination_selector" -Default $null
|
||||
if ([string](Get-PropertyValue -Item $sourceSelector -Name "node_id" -Default "") -ne $SourceNodeID) { continue }
|
||||
if ([string](Get-PropertyValue -Item $destinationSelector -Name "node_id" -Default "") -ne $DestinationNodeID) { continue }
|
||||
[void](Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$($item.id)/disable" -Body @{
|
||||
actor_user_id = $ActorUserID
|
||||
reason = "c18z92 isolate disabled degraded route route pair"
|
||||
})
|
||||
}
|
||||
}
|
||||
function Set-PoolPolicy {
|
||||
param([object]$Policy, [bool]$DegradedRouteAllowed)
|
||||
return Invoke-Api -Method PUT -Path "/clusters/$ClusterID/fabric/service-channels/pool-policy" -Body @{
|
||||
actor_user_id = $ActorUserID
|
||||
entry_pool_node_ids = @(Get-PropertyValue -Item $Policy -Name "entry_pool_node_ids" -Default @())
|
||||
exit_pool_node_ids = @(Get-PropertyValue -Item $Policy -Name "exit_pool_node_ids" -Default @())
|
||||
preferred_entry_node_id = [string](Get-PropertyValue -Item $Policy -Name "preferred_entry_node_id" -Default "")
|
||||
preferred_exit_node_id = [string](Get-PropertyValue -Item $Policy -Name "preferred_exit_node_id" -Default "")
|
||||
selection_strategy = [string](Get-PropertyValue -Item $Policy -Name "selection_strategy" -Default "fastest_healthy")
|
||||
route_rebuild = [string](Get-PropertyValue -Item $Policy -Name "route_rebuild" -Default "automatic")
|
||||
entry_failover = [string](Get-PropertyValue -Item $Policy -Name "entry_failover" -Default "automatic")
|
||||
exit_failover = [string](Get-PropertyValue -Item $Policy -Name "exit_failover" -Default "automatic")
|
||||
degraded_route_allowed = $DegradedRouteAllowed
|
||||
sticky_session = [bool](Get-PropertyValue -Item $Policy -Name "sticky_session" -Default $true)
|
||||
}
|
||||
}
|
||||
|
||||
$entryNode = Get-NodeByName -Name $EntryNodeName
|
||||
$exitNode = Get-NodeByName -Name $ExitNodeName
|
||||
$originalPolicy = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/fabric/service-channels/pool-policy?actor_user_id=$ActorUserID").fabric_service_channel_pool_policy
|
||||
$originalDegradedRoute = [bool](Get-PropertyValue -Item $originalPolicy -Name "degraded_route_allowed" -Default $true)
|
||||
$lease = $null
|
||||
$packetStatus = 0
|
||||
$packetAcceptedBy = ""
|
||||
try {
|
||||
Disable-ExistingRoutePair -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id
|
||||
[void](Set-PoolPolicy -Policy $originalPolicy -DegradedRouteAllowed $false)
|
||||
$lease = (Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases" -Body @{
|
||||
actor_user_id = $ActorUserID
|
||||
organization_id = "org-home"
|
||||
user_id = "user-m"
|
||||
resource_id = "$runId-vpn"
|
||||
service_class = "vpn_packets"
|
||||
entry_node_ids = @([string]$entryNode.id)
|
||||
exit_node_ids = @([string]$exitNode.id)
|
||||
preferred_entry_node_id = [string]$entryNode.id
|
||||
preferred_exit_node_id = [string]$exitNode.id
|
||||
allowed_channels = @("vpn_packet", "fabric_control")
|
||||
ttl_seconds = 120
|
||||
metadata = @{ smoke = "c18z92_node_agent_disabled_degraded_route"; run_id = $runId }
|
||||
}).fabric_service_channel_lease
|
||||
$decodedAuthority = Get-PropertyValue -Item $lease -Name "authority_payload" -Default $null
|
||||
$authoritySignature = Get-PropertyValue -Item $lease -Name "authority_signature" -Default $null
|
||||
$packetUrl = "http://192.168.200.61:19131/api/v1/clusters/$ClusterID/fabric/service-channels/$($lease.channel_id)/vpn-connections/$($lease.resource_id)/packets"
|
||||
try {
|
||||
$packetResponse = Invoke-WebRequest -Method POST -Uri $packetUrl -Headers @{
|
||||
"X-RAP-Service-Channel-Token" = [string]$lease.token.token
|
||||
"X-RAP-Service-Channel-Authority-Payload" = ConvertTo-Base64UrlJson -Value $decodedAuthority
|
||||
"X-RAP-Service-Channel-Authority-Signature" = ConvertTo-Base64UrlJson -Value $authoritySignature
|
||||
"X-RAP-Service-Class" = "vpn_packets"
|
||||
"X-RAP-Channel-Class" = "vpn_packet"
|
||||
} -Body ([byte[]](0x45,0,0,40,0,0,0,0,64,6,0,0,10,77,0,2,192,168,200,95,0xD2,0x04,0x0D,0x3D,0,0,0,0,0,0,0,0,0x50,0,0,0,0,0,0,0)) -ContentType "application/octet-stream" -TimeoutSec 30
|
||||
$packetStatus = [int]$packetResponse.StatusCode
|
||||
$packetAcceptedBy = [string]$packetResponse.Headers["X-RAP-Service-Channel-Accepted-By"]
|
||||
} catch {
|
||||
$packetStatus = [int]$_.Exception.Response.StatusCode
|
||||
$packetAcceptedBy = [string]$_.Exception.Response.Headers["X-RAP-Service-Channel-Accepted-By"]
|
||||
}
|
||||
} finally {
|
||||
try { [void](Set-PoolPolicy -Policy $originalPolicy -DegradedRouteAllowed $originalDegradedRoute) } catch {}
|
||||
}
|
||||
|
||||
$dataPlane = Get-PropertyValue -Item $lease -Name "data_plane" -Default $null
|
||||
$backendLine = (& ssh $DockerSSH "docker ps --format '{{.Names}} {{.Image}} {{.Status}}' | grep '^rap_test_backend '") | Out-String
|
||||
$nodeLines = (& ssh $DockerSSH "docker ps --format '{{.Names}} {{.Image}} {{.Status}}' | grep '^rap_test_node_test_'") | Out-String
|
||||
$checks = [ordered]@{
|
||||
backend_expected_image_deployed = $backendLine.Contains($ExpectedBackendImage)
|
||||
node_agent_expected_image_deployed = $nodeLines.Contains($ExpectedNodeAgentImage)
|
||||
lease_blocks_without_fabric_route = ([string]$lease.status -eq "blocked_no_fabric_route")
|
||||
data_plane_disables_backend_relay = ($null -ne $dataPlane -and [string]$dataPlane.backend_relay_policy -eq "disabled")
|
||||
packet_rejected_without_backend_relay = ($packetStatus -eq 503)
|
||||
packet_contract_was_signed = ($packetAcceptedBy -eq "signed")
|
||||
}
|
||||
$failed = @($checks.GetEnumerator() | Where-Object { -not $_.Value } | ForEach-Object { $_.Key })
|
||||
$result = [ordered]@{
|
||||
schema_version = "c18z92.node_agent_disabled_degraded_route_smoke.v1"
|
||||
run_id = $runId
|
||||
cluster_id = $ClusterID
|
||||
channel_id = [string]$lease.channel_id
|
||||
passed = ($failed.Count -eq 0)
|
||||
checks = $checks
|
||||
failed_checks = $failed
|
||||
summary = [ordered]@{
|
||||
backend_container = $backendLine.Trim()
|
||||
node_containers = $nodeLines.Trim()
|
||||
lease = $lease
|
||||
packet_status_code = $packetStatus
|
||||
packet_accepted_by = $packetAcceptedBy
|
||||
}
|
||||
}
|
||||
$target = Join-Path $repoRoot $ResultPath
|
||||
$result | ConvertTo-Json -Depth 80 | Set-Content -Path $target -Encoding UTF8
|
||||
if (-not $result.passed) {
|
||||
throw "C18Z92 node-agent disabled degraded route smoke failed: $($failed -join ', ')"
|
||||
}
|
||||
Write-Host "C18Z92 node-agent disabled degraded route smoke passed. Result: $target"
|
||||
$result
|
||||
|
||||
Reference in New Issue
Block a user