m/rdp-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3c139d307c2451e8948b890352f237e73b445277
rdp-proxy/scripts/fabric/c18z57-service-channel-remediation-command-smoke.ps1
T
m 8f69d53193 Record project continuation changes
2026-05-12 21:02:29 +03:00

314 lines
16 KiB
PowerShell
Raw Blame History

param(
[string]$ApiBaseUrl = "http://192.168.200.61:18121/api/v1",
[string]$ClusterID = "cfc0743d-d960-49fb-9de8-96e063d5e4aa",
[string]$ActorUserID = "f67d943f-5397-4b3a-a229-695fe67ad700",
[string]$EntryNodeName = "test-1",
[string]$RelayNodeName = "test-3",
[string]$ExitNodeName = "test-2",
[string]$EntryBaseUrl = "http://192.168.200.61:19131",
[string]$DockerSSH = "test-docker",
[string]$ExpectedBackendImage = "rap-backend:fabric-service-channel-0.2.239",
[string]$ExpectedNodeAgentImage = "rap-node-agent:0.2.237",
[string]$ResultPath = "artifacts\c18z57-service-channel-remediation-command-smoke-result.json"
)
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$scriptDir = Split-Path -Parent $MyInvocation.MyCommand.Path
$repoRoot = (Resolve-Path (Join-Path $scriptDir "..\..")).ProviderPath
$runId = "c18z57-" + (Get-Date -Format "yyyyMMdd-HHmmss")
function Invoke-Api {
param(
[string]$Method,
[string]$Path,
[object]$Body = $null
)
if ($null -eq $Body) {
return Invoke-RestMethod -Method $Method -Uri "$ApiBaseUrl$Path" -TimeoutSec 30
}
return Invoke-RestMethod -Method $Method -Uri "$ApiBaseUrl$Path" -ContentType "application/json" -Body ($Body | ConvertTo-Json -Depth 80) -TimeoutSec 30
}
function Get-PropertyValue {
param(
[object]$Item,
[string]$Name,
[object]$Default = $null
)
if ($null -eq $Item) { return $Default }
$property = $Item.PSObject.Properties[$Name]
if ($null -eq $property) { return $Default }
return $property.Value
}
function Get-NodeByName {
param([string]$Name)
$nodes = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID").nodes
$node = @($nodes | Where-Object { $_.name -eq $Name }) | Select-Object -First 1
if ($null -eq $node) {
throw "Node '$Name' was not found in cluster $ClusterID"
}
return $node
}
function New-RouteIntent {
param(
[string]$SourceNodeID,
[string]$DestinationNodeID,
[string[]]$Hops,
[int]$Priority,
[string]$Label
)
$expiresAt = (Get-Date).ToUniversalTime().AddMinutes(5).ToString("o")
return Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents" -Body @{
actor_user_id = $ActorUserID
source_selector = @{ node_id = $SourceNodeID }
destination_selector = @{ node_id = $DestinationNodeID }
service_class = "vpn_packets"
priority = $Priority
policy = @{
synthetic_enabled = $true
route_version = "$runId-$Label"
policy_version = "$runId-$Label"
peer_directory_version = "$runId-$Label"
hops = @($Hops)
allowed_channels = @("vpn_packet", "fabric_control")
max_ttl = 8
max_hops = 8
expires_at = $expiresAt
metadata = @{
smoke = "c18z57_service_channel_remediation_command"
run_id = $runId
label = $Label
}
}
}
}
function Send-DegradedHeartbeat {
param(
[string]$EntryNodeID,
[string]$PrimaryRouteID
)
$observedAt = (Get-Date).ToUniversalTime().ToString("o")
return Invoke-Api -Method POST -Path "/clusters/$ClusterID/nodes/$EntryNodeID/heartbeats" -Body @{
health_status = "healthy"
reported_version = "0.2.235"
capabilities = @{
fabric_service_channel_runtime = $true
fabric_service_channel_route_manager = $true
fabric_service_channel_route_quality_feedback = $true
smoke_feedback_injection = "c18z57"
}
service_states = @{ smoke = "c18z57_primary_degraded_alternate_available" }
metadata = @{
fabric_service_channel_runtime_report = @{
schema_version = "c18l.fabric_service_channel_runtime_report.v1"
config_version = "$runId-primary"
cluster_id = $ClusterID
local_node_id = $EntryNodeID
observed_at = $observedAt
ingress = @{
flow_scheduler = @{
schema_version = "rap.fabric_flow_scheduler.v1"
service_neutral = $true
service_mode = "application_protocol_agnostic"
channel_stats = @{
"c18z57-primary-degraded" = @{
last_route_id = $PrimaryRouteID
last_failed_route_id = $PrimaryRouteID
route_generation = "$runId-primary"
last_error = "c18z57 primary route degraded; alternate available"
last_send_duration_ms = 980
consecutive_failures = 3
stall_count = 2
route_rebuild_recommended = $true
degraded_fallback_recommended = $false
quality_window_sample_count = 8
quality_window_success_count = 2
quality_window_failure_count = 3
quality_window_slow_count = 2
quality_window_drop_count = 1
quality_window_avg_latency_ms = 980
quality_window_last_updated_at = $observedAt
}
}
}
}
}
smoke = @{
name = "c18z57_service_channel_remediation_command"
run_id = $runId
}
}
}
}
$entryNode = Get-NodeByName -Name $EntryNodeName
$relayNode = Get-NodeByName -Name $RelayNodeName
$exitNode = Get-NodeByName -Name $ExitNodeName
$primaryRouteID = ""
$alternateRouteID = ""
$result = $null
try {
$primary = (New-RouteIntent -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id -Hops @($entryNode.id, $exitNode.id) -Priority 2100000000 -Label "primary").route_intent
$alternate = (New-RouteIntent -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id -Hops @($entryNode.id, $relayNode.id, $exitNode.id) -Priority 2099999900 -Label "alternate").route_intent
$primaryRouteID = [string]$primary.id
$alternateRouteID = [string]$alternate.id
$resourceID = "c18z57-vpn-smoke"
$lease = (Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases" -Body @{
actor_user_id = $ActorUserID
organization_id = "smoke-org"
user_id = "smoke-user"
resource_id = $resourceID
service_class = "vpn_packets"
entry_node_ids = @([string]$entryNode.id)
exit_node_ids = @([string]$exitNode.id)
preferred_entry_node_id = [string]$entryNode.id
preferred_exit_node_id = [string]$exitNode.id
allowed_channels = @("vpn_packet", "fabric_control")
ttl_seconds = 180
metadata = @{
smoke = "c18z57_service_channel_remediation_command"
run_id = $runId
}
}).fabric_service_channel_lease
[void](Send-DegradedHeartbeat -EntryNodeID $entryNode.id -PrimaryRouteID $primaryRouteID)
$packetPath = $lease.entry_http.path_template.
Replace("{cluster_id}", $ClusterID).
Replace("{channel_id}", [string]$lease.channel_id).
Replace("{resource_id}", $resourceID)
$packetUrl = $EntryBaseUrl.TrimEnd("/") + $packetPath
$headers = @{
"X-RAP-Service-Channel-Token" = [string]$lease.token.token
"X-RAP-Fabric-Channel-ID" = [string]$lease.channel_id
"X-RAP-Service-Class" = "vpn_packets"
"X-RAP-Channel-Class" = "vpn_packet"
}
$response = Invoke-WebRequest -Method Post -Uri $packetUrl -Headers $headers -Body ([System.Text.Encoding]::UTF8.GetBytes("c18z57-alternate-remediation")) -ContentType "application/octet-stream" -TimeoutSec 30
$acceptedBy = [string]$response.Headers["X-RAP-Service-Channel-Accepted-By"]
$accessTelemetry = $null
$matchingChannel = $null
for ($i = 0; $i -lt 10; $i++) {
Start-Sleep -Seconds 3
$accessTelemetry = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/fabric/service-channels/access-telemetry?actor_user_id=$ActorUserID&limit=20").fabric_service_channel_access_telemetry
$channels = @()
if ($accessTelemetry.PSObject.Properties.Name -contains "active_channels") {
$channels = @($accessTelemetry.active_channels)
}
$matchingChannel = $channels | Where-Object { $_.channel_id -eq $lease.channel_id } | Select-Object -First 1
if ($null -ne $matchingChannel -and [string](Get-PropertyValue -Item $matchingChannel -Name "remediation_action" -Default "") -eq "prefer_alternate_route") {
break
}
}
$backendLine = (& ssh $DockerSSH "docker ps --format '{{.Names}} {{.Image}} {{.Status}}' | grep '^rap_test_backend '") | Out-String
$nodeLines = (& ssh $DockerSSH "docker ps --format '{{.Names}} {{.Image}} {{.Status}}' | grep '^rap_test_node_test_'") | Out-String
$leasePrimaryRouteID = [string](Get-PropertyValue -Item (Get-PropertyValue -Item $lease -Name "primary_route" -Default $null) -Name "route_id" -Default "")
$leaseAlternates = @()
if ($lease.PSObject.Properties.Name -contains "alternate_routes") {
$leaseAlternates = @($lease.alternate_routes)
}
$leaseHasAlternate = (@($leaseAlternates | Where-Object { [string]$_.route_id -eq $alternateRouteID }).Count -ge 1)
$remediationCommand = Get-PropertyValue -Item $matchingChannel -Name "remediation_command" -Default $null
$commandAction = [string](Get-PropertyValue -Item $remediationCommand -Name "action" -Default "")
$commandPrimaryRouteID = [string](Get-PropertyValue -Item $remediationCommand -Name "primary_route_id" -Default "")
$commandReplacementRouteID = [string](Get-PropertyValue -Item $remediationCommand -Name "replacement_route_id" -Default "")
$commandExpiresAt = [string](Get-PropertyValue -Item $remediationCommand -Name "expires_at" -Default "")
$result = [ordered]@{
schema_version = "c18z57.service_channel_remediation_command_smoke.v1"
run_id = $runId
cluster_id = $ClusterID
primary_route_id = $primaryRouteID
alternate_route_id = $alternateRouteID
channel_id = [string]$lease.channel_id
passed = [bool](
$backendLine.Contains($ExpectedBackendImage) -and
$nodeLines.Contains($ExpectedNodeAgentImage) -and
[string]$lease.status -eq "ready" -and
$leasePrimaryRouteID -eq $primaryRouteID -and
$leaseHasAlternate -and
[int]$response.StatusCode -eq 202 -and
$acceptedBy -eq "introspection" -and
$null -ne $matchingChannel -and
[string](Get-PropertyValue -Item $matchingChannel -Name "primary_route_id" -Default "") -eq $primaryRouteID -and
-not [bool](Get-PropertyValue -Item $matchingChannel -Name "force_backend_fallback" -Default $false) -and
[string](Get-PropertyValue -Item $matchingChannel -Name "route_feedback_status" -Default "") -eq "fenced" -and
[string](Get-PropertyValue -Item $matchingChannel -Name "remediation_action" -Default "") -eq "prefer_alternate_route" -and
[string](Get-PropertyValue -Item $matchingChannel -Name "remediation_route_id" -Default "") -eq $alternateRouteID -and
$null -ne $remediationCommand -and
$commandAction -eq "prefer_alternate_route" -and
$commandPrimaryRouteID -eq $primaryRouteID -and
$commandReplacementRouteID -eq $alternateRouteID -and
$commandExpiresAt.Length -gt 0 -and
[int]$accessTelemetry.degraded_fallback_channel_count -eq 0
)
checks = [ordered]@{
backend_expected_image_deployed = $backendLine.Contains($ExpectedBackendImage)
node_agent_expected_image_deployed = $nodeLines.Contains($ExpectedNodeAgentImage)
lease_ready = ([string]$lease.status -eq "ready")
lease_selected_primary_route = ($leasePrimaryRouteID -eq $primaryRouteID)
lease_contains_alternate_route = $leaseHasAlternate
packet_accepted = ([int]$response.StatusCode -eq 202)
accepted_by_header_is_introspection = ($acceptedBy -eq "introspection")
active_channel_visible = ($null -ne $matchingChannel)
active_channel_not_backend_fallback = ($null -ne $matchingChannel -and -not [bool](Get-PropertyValue -Item $matchingChannel -Name "force_backend_fallback" -Default $false))
route_quality_fenced = ($null -ne $matchingChannel -and [string](Get-PropertyValue -Item $matchingChannel -Name "route_feedback_status" -Default "") -eq "fenced")
remediation_prefers_alternate = ($null -ne $matchingChannel -and [string](Get-PropertyValue -Item $matchingChannel -Name "remediation_action" -Default "") -eq "prefer_alternate_route")
remediation_route_is_alternate = ($null -ne $matchingChannel -and [string](Get-PropertyValue -Item $matchingChannel -Name "remediation_route_id" -Default "") -eq $alternateRouteID)
remediation_command_visible = ($null -ne $remediationCommand)
remediation_command_prefers_alternate = ($commandAction -eq "prefer_alternate_route")
remediation_command_primary_route_matches = ($commandPrimaryRouteID -eq $primaryRouteID)
remediation_command_replacement_route_matches = ($commandReplacementRouteID -eq $alternateRouteID)
remediation_command_has_ttl = ($commandExpiresAt.Length -gt 0)
backend_fallback_not_recommended = ([int]$accessTelemetry.degraded_fallback_channel_count -eq 0)
}
summary = [ordered]@{
backend_container = $backendLine.Trim()
node_containers = $nodeLines.Trim()
accepted_by = $acceptedBy
lease_status = [string]$lease.status
lease_primary_route_id = $leasePrimaryRouteID
lease_alternate_route_count = $leaseAlternates.Count
access_status = [string]$accessTelemetry.status
active_channel_count = [int]$accessTelemetry.active_channel_count
correlated_route_count = [int]$accessTelemetry.correlated_route_count
degraded_route_count = [int]$accessTelemetry.degraded_route_count
degraded_fallback_channel_count = [int]$accessTelemetry.degraded_fallback_channel_count
matching_channel = $matchingChannel
}
}
$failedChecks = @($result.checks.GetEnumerator() | Where-Object { $_.Value -ne $true })
if ($failedChecks.Count -gt 0) {
throw "C18Z57 failed checks: $($failedChecks.Name -join ', ')"
}
}
finally {
if ($primaryRouteID) {
try { Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$primaryRouteID/expire" -Body @{ actor_user_id = $ActorUserID } | Out-Null } catch {}
}
if ($alternateRouteID) {
try { Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$alternateRouteID/expire" -Body @{ actor_user_id = $ActorUserID } | Out-Null } catch {}
}
}
$resultFullPath = Join-Path $repoRoot $ResultPath
$resultDir = Split-Path -Parent $resultFullPath
if (-not (Test-Path $resultDir)) {
New-Item -ItemType Directory -Path $resultDir | Out-Null
}
$result | ConvertTo-Json -Depth 100 | Set-Content -Path $resultFullPath -Encoding UTF8
Write-Host "C18Z57 service-channel remediation command smoke passed. Result: $resultFullPath"
$result
Reference in New Issue View Git Blame Copy Permalink