jonny/gce-centos-k8s
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
master
gce-centos-k8s/docs/14_Additional_Functional_Tests.md
Jonny Ervine c556fbaad5 new file: 10_delete_kube-dns.sh 
new file:   11_delete_all.sh
	new file:   12_uninstall_etcd.sh
	new file:   3_install_configure_kubernetes.sh
	new file:   5.1_worker_kubelet_setup.sh
	new file:   5.2_worker_kube-proxy_setup.sh
	new file:   5_worker_node_setup.sh
	new file:   6_client_admin_config.sh
	new file:   7_pod_routing.sh
	new file:   8_deploying_kube-dns.sh
	new file:   9_further_tests.sh
	new file:   certs-dir/admin-csr.json
	new file:   certs-dir/admin-key.pem
	new file:   certs-dir/admin.csr
	new file:   certs-dir/admin.kubeconfig
	new file:   certs-dir/admin.pem
	new file:   certs-dir/ca-config.json
	new file:   certs-dir/ca-csr.json
	new file:   certs-dir/ca-key.pem
	new file:   certs-dir/ca.csr
	new file:   certs-dir/ca.pem
	new file:   certs-dir/encryption-config.yaml
	new file:   certs-dir/kube-controller-manager-csr.json
	new file:   certs-dir/kube-controller-manager-key.pem
	new file:   certs-dir/kube-controller-manager.csr
	new file:   certs-dir/kube-controller-manager.kubeconfig
	new file:   certs-dir/kube-controller-manager.pem
	new file:   certs-dir/kube-proxy-csr.json
	new file:   certs-dir/kube-proxy-key.pem
	new file:   certs-dir/kube-proxy.csr
	new file:   certs-dir/kube-proxy.kubeconfig
	new file:   certs-dir/kube-proxy.pem
	new file:   certs-dir/kube-scheduler-csr.json
	new file:   certs-dir/kube-scheduler-key.pem
	new file:   certs-dir/kube-scheduler.csr
	new file:   certs-dir/kube-scheduler.kubeconfig
	new file:   certs-dir/kube-scheduler.pem
	new file:   certs-dir/kubernetes-csr.json
	new file:   certs-dir/kubernetes-key.pem
	new file:   certs-dir/kubernetes.csr
	new file:   certs-dir/kubernetes.pem
	new file:   certs-dir/service-account-csr.json
	new file:   certs-dir/service-account-key.pem
	new file:   certs-dir/service-account.csr
	new file:   certs-dir/service-account.pem
	new file:   certs-dir/worker-0-csr.json
	new file:   certs-dir/worker-0-key.pem
	new file:   certs-dir/worker-0.csr
	new file:   certs-dir/worker-0.kubeconfig
	new file:   certs-dir/worker-0.pem
	new file:   certs-dir/worker-1-csr.json
	new file:   certs-dir/worker-1-key.pem
	new file:   certs-dir/worker-1.csr
	new file:   certs-dir/worker-1.kubeconfig
	new file:   certs-dir/worker-1.pem
	new file:   cni/bridge
	new file:   cni/cni-plugins-amd64-v0.6.0.tgz
	new file:   cni/dhcp
	new file:   cni/flannel
	new file:   cni/host-local
	new file:   cni/ipvlan
	new file:   cni/loopback
	new file:   cni/macvlan
	new file:   cni/portmap
	new file:   cni/ptp
	new file:   cni/sample
	new file:   cni/tuning
	new file:   cni/vlan
	new file:   controller-0/apiserver
	new file:   controller-0/config
	new file:   controller-0/controller-manager
	new file:   controller-0/etcd.conf
	new file:   controller-0/etcd.service
	new file:   controller-0/kube-apiserver.service
	new file:   controller-0/kube-apiserver_rbac.yaml
	new file:   controller-0/kube-controller-manager.service
	new file:   controller-0/kube-scheduler.service
	new file:   controller-0/kube-scheduler.yaml
	new file:   controller-0/kubernetes.default.svc.cluster.local.conf
	new file:   controller-0/kubernetes.repo
	new file:   controller-0/rbac_authorizations.yaml
	new file:   controller-0/scheduler
	new file:   controller-1/apiserver
	new file:   controller-1/config
	new file:   controller-1/controller-manager
	new file:   controller-1/etcd.conf
	new file:   controller-1/etcd.service
	new file:   controller-1/kube-apiserver.service
	new file:   controller-1/kube-apiserver_rbac.yaml
	new file:   controller-1/kube-controller-manager.service
	new file:   controller-1/kube-scheduler.service
	new file:   controller-1/kube-scheduler.yaml
	new file:   controller-1/kubernetes.default.svc.cluster.local.conf
	new file:   controller-1/kubernetes.repo
	new file:   controller-1/rbac_authorizations.yaml
	new file:   controller-1/scheduler
	new file:   controller_manager_setup.sh
	new file:   controller_setup.sh
	new file:   controller_uninstall.sh
	new file:   controllers
	new file:   ctrl-mgr_vars
	new file:   docs/0_Environment_Setup.md
	new file:   docs/10_Create_kube-proxy_Instances.md
	new file:   docs/11_Create_client_kubectl_admin.md
	new file:   docs/12_Create_Pod_Routing_Rules.md
	new file:   docs/13_Create_kube-dns_instances.md
	new file:   docs/14_Additional_Functional_Tests.md
	new file:   docs/15_Delete_kube-dns_Deployment.md
	new file:   docs/16_Uninstall_etcd.md
	new file:   docs/17_Uninstall_Everything.md
	new file:   docs/1_GCloud_Resource_Setup.md
	new file:   docs/2_Certificate_and_Authentication_Creation.md
	new file:   docs/3_Install_and_Configure_etcd.md
	new file:   docs/4_Install_and_Configure_apiserver.md
	new file:   docs/5_Install_and_Configure_Controller_Manager.md
	new file:   docs/6_Install_and_Configure_Scheduler.md
	new file:   docs/7_Create_nginx_Health_Monitor.md
	new file:   docs/8_Create_Load_Balancer.md
	new file:   docs/9a_Create_Kubernetes_Workers_with_Docker.md
	new file:   docs/9b_Create_Kubernetes_Workers_with_containerd.md
	new file:   etcd-listen
	new file:   etcd_setup.sh
	new file:   etcd_vars
	new file:   instance
	new file:   kube-apiserver_setup.sh.orig
	new file:   kube-dns.yaml
	new file:   notes
	new file:   old_stuff/cni/bridge
	new file:   old_stuff/cni/cni-plugins-amd64-v0.6.0.tgz
	new file:   old_stuff/cni/dhcp
	new file:   old_stuff/cni/flannel
	new file:   old_stuff/cni/host-local
	new file:   old_stuff/cni/ipvlan
	new file:   old_stuff/cni/loopback
	new file:   old_stuff/cni/macvlan
	new file:   old_stuff/cni/portmap
	new file:   old_stuff/cni/ptp
	new file:   old_stuff/cni/sample
	new file:   old_stuff/cni/tuning
	new file:   old_stuff/cni/vlan
	new file:   old_stuff/controller-0/apiserver
	new file:   old_stuff/controller-0/config
	new file:   old_stuff/controller-0/controller-manager
	new file:   old_stuff/controller-0/etcd.conf
	new file:   old_stuff/controller-0/etcd.service
	new file:   old_stuff/controller-0/kube-apiserver.service
	new file:   old_stuff/controller-0/kube-apiserver_rbac.yaml
	new file:   old_stuff/controller-0/kube-controller-manager.service
	new file:   old_stuff/controller-0/kube-scheduler.service
	new file:   old_stuff/controller-0/kube-scheduler.yaml
	new file:   old_stuff/controller-0/kubernetes.default.svc.cluster.local.conf
	new file:   old_stuff/controller-0/kubernetes.repo
	new file:   old_stuff/controller-0/rbac_authorizations.yaml
	new file:   old_stuff/controller-0/scheduler
	new file:   old_stuff/controller-1/apiserver
	new file:   old_stuff/controller-1/config
	new file:   old_stuff/controller-1/controller-manager
	new file:   old_stuff/controller-1/etcd.conf
	new file:   old_stuff/controller-1/etcd.service
	new file:   old_stuff/controller-1/kube-apiserver.service
	new file:   old_stuff/controller-1/kube-apiserver_rbac.yaml
	new file:   old_stuff/controller-1/kube-controller-manager.service
	new file:   old_stuff/controller-1/kube-scheduler.service
	new file:   old_stuff/controller-1/kube-scheduler.yaml
	new file:   old_stuff/controller-1/kubernetes.default.svc.cluster.local.conf
	new file:   old_stuff/controller-1/kubernetes.repo
	new file:   old_stuff/controller-1/rbac_authorizations.yaml
	new file:   old_stuff/controller-1/scheduler
	new file:   old_stuff/controllers
	new file:   scheduler_setup.sh
	new file:   scripts/.gce_kubernetes.config
	new file:   scripts/.variables
	new file:   scripts/.worker_variables_0
	new file:   scripts/.worker_variables_1
	new file:   scripts/0_env_setup.sh
	new file:   scripts/10_worker_kube-proxy_setup.sh
	new file:   scripts/11_client_kubectl_admin_setup.sh
	new file:   scripts/12_setup_pod_routing.sh
	new file:   scripts/13_setup_core-dns.sh
	new file:   scripts/13_setup_kube-dns.sh
	new file:   scripts/14_additional_functional_tests.sh
	new file:   scripts/14b_additional_functional_tests.sh
	new file:   scripts/15_delete_kube-dns_pod.sh
	new file:   scripts/16_uninstall_etcd.sh
	new file:   scripts/17_uninstall_everything.sh
	new file:   scripts/1_client_side_gcloud_setup.sh
	new file:   scripts/2_cert_and_auth_create.sh
	new file:   scripts/3_install_configure_etcd.sh
	new file:   scripts/4_install_configure_apiserver.sh
	new file:   scripts/5_install_configure_controller_manager.sh
	new file:   scripts/6_install_configure_scheduler.sh
	new file:   scripts/7_nginx_health_monitor_setup.sh
	new file:   scripts/8_create_load_balancer.sh
	new file:   scripts/9a_worker_kubelet_via_docker_setup.sh
	new file:   scripts/9b_worker_kubelet_via_containerd_setup.sh
	new file:   scripts/controller-files/kube-apiserver_rbac.yaml
	new file:   scripts/controller-files/kubernetes.default.svc.cluster.local.conf
	new file:   scripts/controller-files/rbac_authorizations.yaml
	new file:   scripts/controller_manager_setup.sh
	new file:   scripts/controller_manager_setup.sh.template
	new file:   scripts/core-dns.yaml
	new file:   scripts/ctrl-mgr_vars
	new file:   scripts/etcd_setup.sh
	new file:   scripts/etcd_vars
	new file:   scripts/gvisor_tests.sh
	new file:   scripts/instance
	new file:   scripts/kube-apiserver_setup.sh
	new file:   scripts/kube-apiserver_setup.sh.template
	new file:   scripts/kube-dns.yaml
	new file:   scripts/kube-dns.yaml.1
	new file:   scripts/kube-dns.yaml.2
	new file:   scripts/kube-dns.yaml.3
	new file:   scripts/nginx_health_monitor_setup.sh
	new file:   scripts/scheduler_setup.sh
	new file:   scripts/scheduler_setup.sh.template
	new file:   scripts/untrusted.yaml
	new file:   scripts/worker_kube-proxy_setup.sh
	new file:   scripts/worker_kube-proxy_setup.sh.template
	new file:   scripts/worker_kubelet_containerd_setup.sh.template
	new file:   scripts/worker_kubelet_setup.sh
	new file:   scripts/worker_kubelet_setup.sh.template
	new file:   test.sh
	new file:   test2
	new file:   u3_uninstall_kubernetes_controllers.sh
	new file:   worker-0/10-bridge.conf
	new file:   worker-0/99-loopback.conf
	new file:   worker-0/config
	new file:   worker-0/kube-proxy-config.yaml
	new file:   worker-0/kube-proxy.service
	new file:   worker-0/kubelet
	new file:   worker-0/kubelet-config.yaml
	new file:   worker-0/kubelet.service
	new file:   worker-0/proxy
	new file:   worker-1/10-bridge.conf
	new file:   worker-1/99-loopback.conf
	new file:   worker-1/config
	new file:   worker-1/kube-proxy-config.yaml
	new file:   worker-1/kube-proxy.service
	new file:   worker-1/kubelet
	new file:   worker-1/kubelet-config.yaml
	new file:   worker-1/kubelet.service
	new file:   worker-1/proxy
	new file:   worker_kube-proxy_setup.sh
	new file:   worker_kube-proxy_setup.sh.template
	new file:   worker_kubelet_setup.sh
	new file:   worker_setup.sh
Initial commit
2020-02-19 07:40:43 +00:00

24 lines
1.3 KiB
Markdown
Raw Permalink Blame History

This is the final set of functional tests.
Test One:
Confirming the encryption of data at rest using the encryption key that was created earlier in the exercises.
A kubernetes secret is created from the command line, and then the contents of the stored secret (in etcd) are checked. If all is working correctly, the secret contents should be encrypted, and this is confirmed by finding the encryption header in etcd output:
Prefix should be: k8s:enc:aescbc:v1:key1
Test Two:
NGINX Deployment
A single pod nginx deployment is created and is then made available to the client workstation be using the kubectl port-forward function. This exposes the nginx port 80 to the local client on port 8080 and can be tested via a web browser or a utulity like curl or wget.
Test Three:
The logs from the nginx pod are diplayed on the screen using the kubectl command.
Test Four:
A command is executed inside the running pod - the version of nginx is displayed through the nginx -v command.
Test Five:
The nginx instance is exposed via a NodePort service and a firewall rule created to allow the outside world to communicate with the exposed service. Note to self: Shouldn't this be exposed through the GCE load balancer rather than a NodePort?
Future: Add in the untrusted workload via gVisor ... needs runsc installed on the worker nodes.
Reference in New Issue View Git Blame Copy Permalink