Examples with NetworkPolicy com.google.container.v1.NetworkPolicy used on opensource projects

Search in sources :

Example 36 with NetworkPolicy

use of com.google.container.v1.NetworkPolicy in project strimzi by strimzi.

the class KafkaMirrorMaker2AssemblyOperatorTest method testUpdateClusterScaleDown.

@Test
public void testUpdateClusterScaleDown(VertxTestContext context) {
    int scaleTo = 2;
    ResourceOperatorSupplier supplier = ResourceUtils.supplierWithMocks(true);
    CrdOperator mockMirrorMaker2Ops = supplier.mirrorMaker2Operator;
    DeploymentOperator mockDcOps = supplier.deploymentOperations;
    PodDisruptionBudgetOperator mockPdbOps = supplier.podDisruptionBudgetOperator;
    ConfigMapOperator mockCmOps = supplier.configMapOperations;
    ServiceOperator mockServiceOps = supplier.serviceOperations;
    NetworkPolicyOperator mockNetPolOps = supplier.networkPolicyOperator;
    SecretOperator mockSecretOps = supplier.secretOperations;
    String kmm2Name = "foo";
    String kmm2Namespace = "test";
    KafkaMirrorMaker2 kmm2 = ResourceUtils.createEmptyKafkaMirrorMaker2(kmm2Namespace, kmm2Name);
    KafkaMirrorMaker2Cluster mirrorMaker2 = KafkaMirrorMaker2Cluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kmm2, VERSIONS);
    // Change replicas to create ScaleDown
    kmm2.getSpec().setReplicas(scaleTo);
    when(mockMirrorMaker2Ops.get(kmm2Namespace, kmm2Name)).thenReturn(kmm2);
    when(mockMirrorMaker2Ops.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(kmm2));
    when(mockMirrorMaker2Ops.updateStatusAsync(any(), any(KafkaMirrorMaker2.class))).thenReturn(Future.succeededFuture());
    when(mockServiceOps.get(kmm2Namespace, mirrorMaker2.getName())).thenReturn(mirrorMaker2.generateService());
    when(mockDcOps.get(kmm2Namespace, mirrorMaker2.getName())).thenReturn(mirrorMaker2.generateDeployment(new HashMap<String, String>(), true, null, null));
    when(mockDcOps.readiness(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
    when(mockDcOps.waitForObserved(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
    when(mockServiceOps.reconcile(any(), eq(kmm2Namespace), any(), any())).thenReturn(Future.succeededFuture());
    when(mockSecretOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture());
    when(mockDcOps.reconcile(any(), eq(kmm2Namespace), any(), any())).thenReturn(Future.succeededFuture());
    doAnswer(i -> Future.succeededFuture(scaleTo)).when(mockDcOps).scaleUp(any(), eq(kmm2Namespace), eq(mirrorMaker2.getName()), eq(scaleTo));
    doAnswer(i -> Future.succeededFuture(scaleTo)).when(mockDcOps).scaleDown(any(), eq(kmm2Namespace), eq(mirrorMaker2.getName()), eq(scaleTo));
    when(mockMirrorMaker2Ops.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new KafkaMirrorMaker2())));
    when(mockCmOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new ConfigMap())));
    when(mockPdbOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new PodDisruptionBudget())));
    when(mockNetPolOps.reconcile(any(), eq(kmm2.getMetadata().getNamespace()), eq(KafkaMirrorMaker2Resources.deploymentName(kmm2.getMetadata().getName())), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new NetworkPolicy())));
    KafkaConnectApi mockConnectClient = mock(KafkaConnectApi.class);
    when(mockConnectClient.list(anyString(), anyInt())).thenReturn(Future.succeededFuture(emptyList()));
    when(mockConnectClient.updateConnectLoggers(any(), anyString(), anyInt(), anyString(), any(OrderedProperties.class))).thenReturn(Future.succeededFuture());
    KafkaMirrorMaker2AssemblyOperator ops = new KafkaMirrorMaker2AssemblyOperator(vertx, new PlatformFeaturesAvailability(true, kubernetesVersion), supplier, ResourceUtils.dummyClusterOperatorConfig(VERSIONS), x -> mockConnectClient);
    Checkpoint async = context.checkpoint();
    ops.createOrUpdate(new Reconciliation("test-trigger", KafkaMirrorMaker2.RESOURCE_KIND, kmm2Namespace, kmm2Name), kmm2).onComplete(context.succeeding(v -> context.verify(() -> {
        verify(mockDcOps).scaleUp(any(), eq(kmm2Namespace), eq(mirrorMaker2.getName()), eq(scaleTo));
        async.flag();
    })));
}
Also used : CoreMatchers.is(org.hamcrest.CoreMatchers.is) OrderedProperties(io.strimzi.operator.common.model.OrderedProperties) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Annotations(io.strimzi.operator.common.Annotations) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) AfterAll(org.junit.jupiter.api.AfterAll) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) PodDisruptionBudgetV1Beta1Operator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetV1Beta1Operator) BeforeAll(org.junit.jupiter.api.BeforeAll) Arrays.asList(java.util.Arrays.asList) Map(java.util.Map) Mockito.doAnswer(org.mockito.Mockito.doAnswer) ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier) ResourceUtils(io.strimzi.operator.cluster.ResourceUtils) AbstractModel(io.strimzi.operator.cluster.model.AbstractModel) KafkaJmxOptionsBuilder(io.strimzi.api.kafka.model.KafkaJmxOptionsBuilder) Collections.emptyList(java.util.Collections.emptyList) DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator) KafkaVersion(io.strimzi.operator.cluster.model.KafkaVersion) SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator) Set(java.util.Set) VertxExtension(io.vertx.junit5.VertxExtension) CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet) Future(io.vertx.core.Future) KafkaMirrorMaker2Resources(io.strimzi.api.kafka.model.KafkaMirrorMaker2Resources) Test(org.junit.jupiter.api.Test) KafkaMirrorMaker2(io.strimzi.api.kafka.model.KafkaMirrorMaker2) KafkaMirrorMaker2Status(io.strimzi.api.kafka.model.status.KafkaMirrorMaker2Status) List(java.util.List) Labels(io.strimzi.operator.common.model.Labels) Optional(java.util.Optional) Checkpoint(io.vertx.junit5.Checkpoint) PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator) PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability) Mockito.mock(org.mockito.Mockito.mock) VertxTestContext(io.vertx.junit5.VertxTestContext) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) ArgumentMatchers.anyLong(org.mockito.ArgumentMatchers.anyLong) NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator) HashMap(java.util.HashMap) HashSet(java.util.HashSet) ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator) ArgumentCaptor(org.mockito.ArgumentCaptor) KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils) ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator) CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator) TestUtils(io.strimzi.test.TestUtils) KafkaMirrorMaker2MirrorSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMaker2MirrorSpecBuilder) Matchers.hasSize(org.hamcrest.Matchers.hasSize) ReconcileResult(io.strimzi.operator.common.operator.resource.ReconcileResult) Service(io.fabric8.kubernetes.api.model.Service) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) ArgumentMatchers.anyInt(org.mockito.ArgumentMatchers.anyInt) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) KafkaMirrorMaker2ClusterSpec(io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec) KafkaJmxAuthenticationPasswordBuilder(io.strimzi.api.kafka.model.KafkaJmxAuthenticationPasswordBuilder) KubernetesVersion(io.strimzi.operator.KubernetesVersion) Vertx(io.vertx.core.Vertx) KafkaMirrorMaker2MirrorSpec(io.strimzi.api.kafka.model.KafkaMirrorMaker2MirrorSpec) KafkaMirrorMaker2Cluster(io.strimzi.operator.cluster.model.KafkaMirrorMaker2Cluster) Mockito.when(org.mockito.Mockito.when) ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap) Mockito.verify(org.mockito.Mockito.verify) ConfigMapBuilder(io.fabric8.kubernetes.api.model.ConfigMapBuilder) Reconciliation(io.strimzi.operator.common.Reconciliation) Mockito.never(org.mockito.Mockito.never) Util(io.strimzi.operator.common.Util) KafkaMirrorMaker2ClusterSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpecBuilder) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) Collections(java.util.Collections) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) HashMap(java.util.HashMap) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) KafkaMirrorMaker2Cluster(io.strimzi.operator.cluster.model.KafkaMirrorMaker2Cluster) PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Checkpoint(io.vertx.junit5.Checkpoint) ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator) NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator) SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator) ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier) Checkpoint(io.vertx.junit5.Checkpoint) PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability) CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator) Reconciliation(io.strimzi.operator.common.Reconciliation) ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator) OrderedProperties(io.strimzi.operator.common.model.OrderedProperties) DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator) KafkaMirrorMaker2(io.strimzi.api.kafka.model.KafkaMirrorMaker2) Test(org.junit.jupiter.api.Test)

Example 37 with NetworkPolicy

use of com.google.container.v1.NetworkPolicy in project strimzi by strimzi.

the class KafkaMirrorMaker2AssemblyOperatorTest method testCreateClusterWithZeroReplicas.

@Test
public void testCreateClusterWithZeroReplicas(VertxTestContext context) {
    ResourceOperatorSupplier supplier = ResourceUtils.supplierWithMocks(true);
    CrdOperator mockMirrorMaker2Ops = supplier.mirrorMaker2Operator;
    DeploymentOperator mockDcOps = supplier.deploymentOperations;
    PodDisruptionBudgetOperator mockPdbOps = supplier.podDisruptionBudgetOperator;
    ConfigMapOperator mockCmOps = supplier.configMapOperations;
    ServiceOperator mockServiceOps = supplier.serviceOperations;
    NetworkPolicyOperator mockNetPolOps = supplier.networkPolicyOperator;
    SecretOperator mockSecretOps = supplier.secretOperations;
    String kmm2Name = "foo";
    String kmm2Namespace = "test";
    KafkaMirrorMaker2 kmm2 = ResourceUtils.createEmptyKafkaMirrorMaker2(kmm2Namespace, kmm2Name, 0);
    when(mockMirrorMaker2Ops.get(kmm2Namespace, kmm2Name)).thenReturn(kmm2);
    when(mockMirrorMaker2Ops.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(kmm2));
    ArgumentCaptor<Service> serviceCaptor = ArgumentCaptor.forClass(Service.class);
    when(mockServiceOps.reconcile(any(), anyString(), anyString(), serviceCaptor.capture())).thenReturn(Future.succeededFuture());
    ArgumentCaptor<Deployment> dcCaptor = ArgumentCaptor.forClass(Deployment.class);
    when(mockDcOps.reconcile(any(), anyString(), anyString(), dcCaptor.capture())).thenReturn(Future.succeededFuture());
    when(mockDcOps.scaleUp(any(), anyString(), anyString(), anyInt())).thenReturn(Future.succeededFuture(42));
    when(mockDcOps.scaleDown(any(), anyString(), anyString(), anyInt())).thenReturn(Future.succeededFuture(42));
    when(mockDcOps.waitForObserved(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
    when(mockCmOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new ConfigMap())));
    when(mockNetPolOps.reconcile(any(), eq(kmm2.getMetadata().getNamespace()), eq(KafkaMirrorMaker2Resources.deploymentName(kmm2.getMetadata().getName())), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new NetworkPolicy())));
    when(mockSecretOps.reconcile(any(), eq(kmm2Namespace), any(), any())).thenReturn(Future.succeededFuture());
    ArgumentCaptor<PodDisruptionBudget> pdbCaptor = ArgumentCaptor.forClass(PodDisruptionBudget.class);
    when(mockPdbOps.reconcile(any(), anyString(), any(), pdbCaptor.capture())).thenReturn(Future.succeededFuture());
    ArgumentCaptor<KafkaMirrorMaker2> mirrorMaker2Captor = ArgumentCaptor.forClass(KafkaMirrorMaker2.class);
    when(mockMirrorMaker2Ops.updateStatusAsync(any(), mirrorMaker2Captor.capture())).thenReturn(Future.succeededFuture());
    KafkaConnectApi mockConnectClient = mock(KafkaConnectApi.class);
    when(mockConnectClient.list(anyString(), anyInt())).thenReturn(Future.succeededFuture(emptyList()));
    when(mockConnectClient.updateConnectLoggers(any(), anyString(), anyInt(), anyString(), any(OrderedProperties.class))).thenReturn(Future.succeededFuture());
    KafkaMirrorMaker2AssemblyOperator ops = new KafkaMirrorMaker2AssemblyOperator(vertx, new PlatformFeaturesAvailability(true, kubernetesVersion), supplier, ResourceUtils.dummyClusterOperatorConfig(VERSIONS), x -> mockConnectClient);
    KafkaMirrorMaker2Cluster mirrorMaker2 = KafkaMirrorMaker2Cluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kmm2, VERSIONS);
    Checkpoint async = context.checkpoint();
    ops.reconcile(new Reconciliation("test-trigger", KafkaMirrorMaker2.RESOURCE_KIND, kmm2Namespace, kmm2Name)).onComplete(context.succeeding(v -> context.verify(() -> {
        // 0 Replicas - readiness should never get called.
        verify(mockDcOps, never()).readiness(any(), anyString(), anyString(), anyLong(), anyLong());
        // Verify service
        List<Service> capturedServices = serviceCaptor.getAllValues();
        assertThat(capturedServices, hasSize(1));
        Service service = capturedServices.get(0);
        assertThat(service.getMetadata().getName(), is(mirrorMaker2.getServiceName()));
        assertThat(service, is(mirrorMaker2.generateService()));
        // Verify Deployment
        List<Deployment> capturedDc = dcCaptor.getAllValues();
        assertThat(capturedDc, hasSize(1));
        Deployment dc = capturedDc.get(0);
        assertThat(dc.getMetadata().getName(), is(mirrorMaker2.getName()));
        Map<String, String> annotations = new HashMap<>();
        annotations.put(Annotations.ANNO_STRIMZI_LOGGING_DYNAMICALLY_UNCHANGEABLE_HASH, Util.hashStub(Util.getLoggingDynamicallyUnmodifiableEntries(LOGGING_CONFIG)));
        assertThat(dc, is(mirrorMaker2.generateDeployment(annotations, true, null, null)));
        // Verify PodDisruptionBudget
        List<PodDisruptionBudget> capturedPdb = pdbCaptor.getAllValues();
        assertThat(capturedPdb, hasSize(1));
        PodDisruptionBudget pdb = capturedPdb.get(0);
        assertThat(pdb.getMetadata().getName(), is(mirrorMaker2.getName()));
        assertThat(pdb, is(mirrorMaker2.generatePodDisruptionBudget()));
        // Verify status
        List<KafkaMirrorMaker2> capturedMirrorMaker2s = mirrorMaker2Captor.getAllValues();
        assertThat(capturedMirrorMaker2s.get(0).getStatus().getUrl(), is(nullValue()));
        assertThat(capturedMirrorMaker2s.get(0).getStatus().getReplicas(), is(mirrorMaker2.getReplicas()));
        assertThat(capturedMirrorMaker2s.get(0).getStatus().getLabelSelector(), is(mirrorMaker2.getSelectorLabels().toSelectorString()));
        assertThat(capturedMirrorMaker2s.get(0).getStatus().getConditions().get(0).getStatus(), is("True"));
        assertThat(capturedMirrorMaker2s.get(0).getStatus().getConditions().get(0).getType(), is("Ready"));
        async.flag();
    })));
}
Also used : CoreMatchers.is(org.hamcrest.CoreMatchers.is) OrderedProperties(io.strimzi.operator.common.model.OrderedProperties) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Annotations(io.strimzi.operator.common.Annotations) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) AfterAll(org.junit.jupiter.api.AfterAll) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) PodDisruptionBudgetV1Beta1Operator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetV1Beta1Operator) BeforeAll(org.junit.jupiter.api.BeforeAll) Arrays.asList(java.util.Arrays.asList) Map(java.util.Map) Mockito.doAnswer(org.mockito.Mockito.doAnswer) ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier) ResourceUtils(io.strimzi.operator.cluster.ResourceUtils) AbstractModel(io.strimzi.operator.cluster.model.AbstractModel) KafkaJmxOptionsBuilder(io.strimzi.api.kafka.model.KafkaJmxOptionsBuilder) Collections.emptyList(java.util.Collections.emptyList) DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator) KafkaVersion(io.strimzi.operator.cluster.model.KafkaVersion) SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator) Set(java.util.Set) VertxExtension(io.vertx.junit5.VertxExtension) CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet) Future(io.vertx.core.Future) KafkaMirrorMaker2Resources(io.strimzi.api.kafka.model.KafkaMirrorMaker2Resources) Test(org.junit.jupiter.api.Test) KafkaMirrorMaker2(io.strimzi.api.kafka.model.KafkaMirrorMaker2) KafkaMirrorMaker2Status(io.strimzi.api.kafka.model.status.KafkaMirrorMaker2Status) List(java.util.List) Labels(io.strimzi.operator.common.model.Labels) Optional(java.util.Optional) Checkpoint(io.vertx.junit5.Checkpoint) PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator) PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability) Mockito.mock(org.mockito.Mockito.mock) VertxTestContext(io.vertx.junit5.VertxTestContext) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) ArgumentMatchers.anyLong(org.mockito.ArgumentMatchers.anyLong) NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator) HashMap(java.util.HashMap) HashSet(java.util.HashSet) ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator) ArgumentCaptor(org.mockito.ArgumentCaptor) KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils) ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator) CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator) TestUtils(io.strimzi.test.TestUtils) KafkaMirrorMaker2MirrorSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMaker2MirrorSpecBuilder) Matchers.hasSize(org.hamcrest.Matchers.hasSize) ReconcileResult(io.strimzi.operator.common.operator.resource.ReconcileResult) Service(io.fabric8.kubernetes.api.model.Service) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) ArgumentMatchers.anyInt(org.mockito.ArgumentMatchers.anyInt) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) KafkaMirrorMaker2ClusterSpec(io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec) KafkaJmxAuthenticationPasswordBuilder(io.strimzi.api.kafka.model.KafkaJmxAuthenticationPasswordBuilder) KubernetesVersion(io.strimzi.operator.KubernetesVersion) Vertx(io.vertx.core.Vertx) KafkaMirrorMaker2MirrorSpec(io.strimzi.api.kafka.model.KafkaMirrorMaker2MirrorSpec) KafkaMirrorMaker2Cluster(io.strimzi.operator.cluster.model.KafkaMirrorMaker2Cluster) Mockito.when(org.mockito.Mockito.when) ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap) Mockito.verify(org.mockito.Mockito.verify) ConfigMapBuilder(io.fabric8.kubernetes.api.model.ConfigMapBuilder) Reconciliation(io.strimzi.operator.common.Reconciliation) Mockito.never(org.mockito.Mockito.never) Util(io.strimzi.operator.common.Util) KafkaMirrorMaker2ClusterSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpecBuilder) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) Collections(java.util.Collections) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) HashMap(java.util.HashMap) KafkaMirrorMaker2Cluster(io.strimzi.operator.cluster.model.KafkaMirrorMaker2Cluster) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator) NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator) ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier) Reconciliation(io.strimzi.operator.common.Reconciliation) OrderedProperties(io.strimzi.operator.common.model.OrderedProperties) DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator) ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator) Service(io.fabric8.kubernetes.api.model.Service) SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator) Checkpoint(io.vertx.junit5.Checkpoint) PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability) CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator) ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator) KafkaMirrorMaker2(io.strimzi.api.kafka.model.KafkaMirrorMaker2) Test(org.junit.jupiter.api.Test)

Example 38 with NetworkPolicy

use of com.google.container.v1.NetworkPolicy in project strimzi by strimzi.

the class NetworkPolicyResource method allowNetworkPolicySettingsForKafkaExporter.

public static void allowNetworkPolicySettingsForKafkaExporter(ExtensionContext extensionContext, String clusterName, String namespace) {
    String kafkaExporterDeploymentName = KafkaExporterResources.deploymentName(clusterName);
    LabelSelector labelSelector = new LabelSelectorBuilder().addToMatchLabels(Constants.SCRAPER_LABEL_KEY, Constants.SCRAPER_LABEL_VALUE).build();
    LOGGER.info("Apply NetworkPolicy access to {} from pods with LabelSelector {}", kafkaExporterDeploymentName, labelSelector);
    NetworkPolicy networkPolicy = NetworkPolicyTemplates.networkPolicyBuilder(namespace, kafkaExporterDeploymentName, labelSelector).editSpec().editFirstIngress().addNewPort().withNewPort(Constants.COMPONENTS_METRICS_PORT).withProtocol("TCP").endPort().endIngress().withNewPodSelector().addToMatchLabels("strimzi.io/cluster", clusterName).addToMatchLabels("strimzi.io/kind", Kafka.RESOURCE_KIND).addToMatchLabels("strimzi.io/name", kafkaExporterDeploymentName).endPodSelector().endSpec().build();
    LOGGER.debug("Creating NetworkPolicy: {}", networkPolicy.toString());
    ResourceManager.getInstance().createResource(extensionContext, networkPolicy);
    LOGGER.info("Network policy for LabelSelector {} successfully created", labelSelector);
}
Also used : LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) DefaultNetworkPolicy(io.strimzi.systemtest.enums.DefaultNetworkPolicy) LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)

Example 39 with NetworkPolicy

use of com.google.container.v1.NetworkPolicy in project strimzi by strimzi.

the class NetworkPolicyResource method allowNetworkPolicySettingsForResource.

/**
 * Method for allowing network policies for Connect
 * @param resource mean Connect resource
 * @param deploymentName name of resource deployment - for setting strimzi.io/name
 */
public static void allowNetworkPolicySettingsForResource(ExtensionContext extensionContext, HasMetadata resource, String deploymentName) {
    LabelSelector labelSelector = new LabelSelectorBuilder().addToMatchLabels(Constants.SCRAPER_LABEL_KEY, Constants.SCRAPER_LABEL_VALUE).build();
    final String namespaceName = StUtils.isParallelNamespaceTest(extensionContext) && !Environment.isNamespaceRbacScope() ? // if parallel namespace test use namespace from store and if RBAC is enable we don't run tests in parallel mode and with that said we don't create another namespaces
    extensionContext.getStore(ExtensionContext.Namespace.GLOBAL).get(Constants.NAMESPACE_KEY).toString() : // otherwise use resource namespace
    resource.getMetadata().getNamespace();
    if (kubeClient(namespaceName).listPods(namespaceName, labelSelector).size() == 0) {
        List<String> pods = kubeClient(namespaceName).listPods(namespaceName).stream().map(pod -> pod.getMetadata().getName()).collect(Collectors.toList());
        LOGGER.error("Pods inside {} namespace are {}", namespaceName, pods.toString());
        throw new RuntimeException("You did not create the Scraper instance(pod) before using the " + resource.getKind() + " in namespace:" + namespaceName);
    }
    LOGGER.info("Apply NetworkPolicy access to {} from pods with LabelSelector {}", deploymentName, labelSelector);
    NetworkPolicy networkPolicy = new NetworkPolicyBuilder().withApiVersion("networking.k8s.io/v1").withKind(Constants.NETWORK_POLICY).withNewMetadata().withName(resource.getMetadata().getName() + "-allow").withNamespace(namespaceName).endMetadata().withNewSpec().addNewIngress().addNewFrom().withPodSelector(labelSelector).endFrom().addNewPort().withNewPort(8083).withProtocol("TCP").endPort().addNewPort().withNewPort(9404).withProtocol("TCP").endPort().addNewPort().withNewPort(8080).withProtocol("TCP").endPort().addNewPort().withNewPort(Constants.JMX_PORT).withProtocol("TCP").endPort().endIngress().withNewPodSelector().addToMatchLabels("strimzi.io/cluster", resource.getMetadata().getName()).addToMatchLabels("strimzi.io/kind", resource.getKind()).addToMatchLabels("strimzi.io/name", deploymentName).endPodSelector().withPolicyTypes("Ingress").endSpec().build();
    LOGGER.debug("Creating NetworkPolicy: {}", networkPolicy.toString());
    ResourceManager.getInstance().createResource(extensionContext, networkPolicy);
    LOGGER.info("Network policy for LabelSelector {} successfully created", labelSelector);
}
Also used : Environment(io.strimzi.systemtest.Environment) LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector) LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) KafkaExporterResources(io.strimzi.api.kafka.model.KafkaExporterResources) Constants(io.strimzi.systemtest.Constants) ExtensionContext(org.junit.jupiter.api.extension.ExtensionContext) HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata) Spec(io.strimzi.api.kafka.model.Spec) Collectors(java.util.stream.Collectors) NetworkPolicyTemplates(io.strimzi.systemtest.templates.kubernetes.NetworkPolicyTemplates) KubeClusterResource.kubeClient(io.strimzi.test.k8s.KubeClusterResource.kubeClient) List(java.util.List) Logger(org.apache.logging.log4j.Logger) ResourceManager(io.strimzi.systemtest.resources.ResourceManager) KafkaResources(io.strimzi.api.kafka.model.KafkaResources) Status(io.strimzi.api.kafka.model.status.Status) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) NetworkPolicyBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyBuilder) DefaultNetworkPolicy(io.strimzi.systemtest.enums.DefaultNetworkPolicy) ResourceType(io.strimzi.systemtest.resources.ResourceType) Kafka(io.strimzi.api.kafka.model.Kafka) StUtils(io.strimzi.systemtest.utils.StUtils) LogManager(org.apache.logging.log4j.LogManager) CustomResource(io.fabric8.kubernetes.client.CustomResource) LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) DefaultNetworkPolicy(io.strimzi.systemtest.enums.DefaultNetworkPolicy) LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector) NetworkPolicyBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyBuilder)

Example 40 with NetworkPolicy

use of com.google.container.v1.NetworkPolicy in project strimzi by strimzi.

the class NetworkPolicyResource method allowNetworkPolicySettingsForClusterOperator.

public static void allowNetworkPolicySettingsForClusterOperator(ExtensionContext extensionContext, String namespace) {
    String clusterOperatorKind = "cluster-operator";
    LabelSelector labelSelector = new LabelSelectorBuilder().addToMatchLabels(Constants.SCRAPER_LABEL_KEY, Constants.SCRAPER_LABEL_VALUE).build();
    LOGGER.info("Apply NetworkPolicy access to {} from pods with LabelSelector {}", clusterOperatorKind, labelSelector);
    NetworkPolicy networkPolicy = NetworkPolicyTemplates.networkPolicyBuilder(namespace, clusterOperatorKind, labelSelector).editSpec().editFirstIngress().addNewPort().withNewPort(Constants.CLUSTER_OPERATOR_METRICS_PORT).withProtocol("TCP").endPort().endIngress().withNewPodSelector().addToMatchLabels("strimzi.io/kind", clusterOperatorKind).endPodSelector().endSpec().build();
    LOGGER.debug("Creating NetworkPolicy: {}", networkPolicy.toString());
    ResourceManager.getInstance().createResource(extensionContext, networkPolicy);
    LOGGER.info("Network policy for LabelSelector {} successfully created", labelSelector);
}
Also used : LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) DefaultNetworkPolicy(io.strimzi.systemtest.enums.DefaultNetworkPolicy) LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)

Aggregations

NetworkPolicy (io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)147 Service (io.fabric8.kubernetes.api.model.Service)101 List (java.util.List)99 CoreMatchers.is (org.hamcrest.CoreMatchers.is)98 MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)98 KafkaVersionTestUtils (io.strimzi.operator.cluster.KafkaVersionTestUtils)96 ResourceUtils (io.strimzi.operator.cluster.ResourceUtils)96 Reconciliation (io.strimzi.operator.common.Reconciliation)96 ConfigMap (io.fabric8.kubernetes.api.model.ConfigMap)93 Collections.emptyList (java.util.Collections.emptyList)92 Deployment (io.fabric8.kubernetes.api.model.apps.Deployment)91 ConfigMapOperator (io.strimzi.operator.common.operator.resource.ConfigMapOperator)84 DeploymentOperator (io.strimzi.operator.common.operator.resource.DeploymentOperator)84 NetworkPolicyOperator (io.strimzi.operator.common.operator.resource.NetworkPolicyOperator)84 SecretOperator (io.strimzi.operator.common.operator.resource.SecretOperator)84 ServiceOperator (io.strimzi.operator.common.operator.resource.ServiceOperator)84 Optional (java.util.Optional)84 AfterAll (org.junit.jupiter.api.AfterAll)84 KafkaVersion (io.strimzi.operator.cluster.model.KafkaVersion)82 ResourceOperatorSupplier (io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)82
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial