kingluo commented on code in PR #10012:
URL: https://github.com/apache/apisix/pull/10012#discussion_r1301051619
##########
t/chaos/killetcd/killetcd.go:
##########
@@ -140,17 +140,12 @@ var _ = ginkgo.Describe("Test Get Success When Etcd Got
Killed", func() {
// fail to set route since etcd is all killed
// while get route could still succeed
ginkgo.It("get stats after kill etcd", func() {
- timeStart := time.Now()
utils.SetRoute(e, httpexpect.Status5xx)
utils.GetRoute(eDataPanel, http.StatusOK)
utils.TestPrometheusEtcdMetric(ePrometheus, 0)
bandwidthAfter, durationAfter =
utils.GetEgressBandwidthPerSecond(ePrometheus)
bpsAfter = bandwidthAfter / durationAfter
-
- errorLog, err := utils.Log(apisixPod, cliSet.KubeCli, timeStart)
Review Comment:
Skip this test because it fails because it's a conf server specific test.
Note that we must keep this test even if we do not execute it, because it
shares some data with the next test.
```
Error: 023/08/19 08:19:53 [error] 46#46: *9103 [lua] exporter.lua:456:
handler(): prometheus: failed to reach config server while processing metrics
endpoint: has no healthy etcd endpoint available
```
##########
t/cli/test_deployment_control_plane.sh:
##########
@@ -19,57 +19,6 @@
. ./t/cli/common.sh
-echo '
Review Comment:
remove useless schema tests
##########
t/cli/test_deployment_control_plane.sh:
##########
@@ -103,40 +45,6 @@ fi
echo "passed: control_plane should enable Admin API"
-# use https
Review Comment:
no https between cp and conf server anymore
##########
t/core/config_etcd.t:
##########
@@ -118,42 +118,7 @@ qr/(closed){1,}/
-=== TEST 4: originate TLS connection to etcd cluster and verify TLS
certificate (default behavior)
Review Comment:
Now we should make a CA bundle into the
https://github.com/openresty/lua-nginx-module#lua_ssl_trusted_certificate
directive in "/" location, instead of the conf server one.
##########
t/cli/test_deployment_traditional.sh:
##########
@@ -100,57 +100,6 @@ fi
echo "passed: could connect to etcd"
-echo '
-deployment:
- role: traditional
- role_traditional:
- config_provider: etcd
- etcd:
- prefix: "/apisix"
- host:
- - http://127.0.0.1:2379
- - https://127.0.0.1:2379
-' > conf/config.yaml
-
-out=$(make init 2>&1 || true)
-if ! echo "$out" | grep 'all nodes in the etcd cluster should enable/disable
TLS together'; then
- echo "failed: should validate etcd host"
- exit 1
-fi
-
-echo "passed: validate etcd host"
-
-# The 'admin.apisix.dev' is injected by ci/common.sh@set_coredns
-
-# etcd mTLS verify
Review Comment:
the mtls do not happen bewteen conf server and etcd anymore
##########
t/cli/test_deployment_traditional.sh:
##########
@@ -100,57 +100,6 @@ fi
echo "passed: could connect to etcd"
-echo '
Review Comment:
only conf server requires all hosts to have the same scheme,
##########
t/cli/test_access_log.sh:
##########
@@ -91,12 +91,6 @@ if [ $count_test_access_log -eq 1 ]; then
exit 1
fi
-count_access_log_off=`grep -c "access_log off;" conf/nginx.conf || true`
Review Comment:
no access log for conf server anymore.
##########
t/core/config_etcd.t:
##########
@@ -84,9 +84,9 @@ end
--- request
GET /t
--- grep_error_log chop
-peer closed connection in SSL handshake while SSL handshaking to upstream
+peer closed connection in SSL handshake
--- grep_error_log_out eval
-qr/(peer closed connection in SSL handshake while SSL handshaking to
upstream){1,}/
Review Comment:
Now https happens between lua-resty-http and etcd, and the log changes.
##########
t/cli/test_etcd_mtls.sh:
##########
@@ -168,7 +168,7 @@ make run
sleep 1
make stop
-if ! grep -E 'upstream SSL certificate does not match \"127.0.0.1\" while SSL
handshaking to upstream' logs/error.log; then
+if ! grep -F 'certificate host mismatch' logs/error.log; then
Review Comment:
Now https happens between lua-resty-http and etcd, and the log changes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
