diff --git a/integration/301_internet_edge_with_ebpf_test.sh b/integration/301_internet_edge_with_ebpf_test.sh new file mode 100755 index 0000000000..89d69853df --- /dev/null +++ b/integration/301_internet_edge_with_ebpf_test.sh @@ -0,0 +1,28 @@ +#! /bin/bash + +# shellcheck disable=SC1091 +. ./config.sh + +start_suite "Test short lived connections from the Internet" + +weave_on "$HOST1" launch +scope_on "$HOST1" launch --probe.ebpf.connections=true +docker_on "$HOST1" run -d -p 80:80 --name nginx nginx + +do_connections() { + while true; do + curl -s "http://$HOST1:80/" >/dev/null || true + sleep 1 + done +} +do_connections & + +wait_for_containers "$HOST1" 60 nginx "The Internet" + +has_connection_by_id containers "$HOST1" "in-theinternet" "$(node_id containers "$HOST1" nginx)" + +endpoints_have_ebpf "$HOST1" + +kill %do_connections + +scope_end_suite diff --git a/integration/311_container_to_container_edge_with_ebpf_test.sh b/integration/311_container_to_container_edge_with_ebpf_test.sh new file mode 100755 index 0000000000..8d3356e2ef --- /dev/null +++ b/integration/311_container_to_container_edge_with_ebpf_test.sh @@ -0,0 +1,24 @@ +#! /bin/bash + +# shellcheck disable=SC1091 +. ./config.sh + +start_suite "Test short lived connections between containers, with ebpf connection tracking enabled" + +weave_on "$HOST1" launch +scope_on "$HOST1" launch --probe.ebpf.connections=true +weave_on "$HOST1" run -d --name nginx nginx +weave_on "$HOST1" run -d --name client alpine /bin/sh -c "while true; do \ + wget http://nginx.weave.local:80/ -O - >/dev/null || true; \ + sleep 1; \ +done" + +wait_for_containers "$HOST1" 60 nginx client + +has_container "$HOST1" nginx +has_container "$HOST1" client +has_connection containers "$HOST1" client nginx + +endpoints_have_ebpf "$HOST1" + +scope_end_suite diff --git a/integration/312_container_to_container_edge_same_netns_with_ebpf_test.sh b/integration/312_container_to_container_edge_same_netns_with_ebpf_test.sh new file mode 100755 index 0000000000..828c35dcf8 --- /dev/null +++ b/integration/312_container_to_container_edge_same_netns_with_ebpf_test.sh @@ -0,0 +1,20 @@ +#! /bin/bash + +# shellcheck disable=SC1091 +. ./config.sh + +start_suite "Test short lived connection between containers in same network namespace, with ebpf connection tracking enabled" + +scope_on "$HOST1" launch --probe.ebpf.connections=true +docker_on "$HOST1" run -d --name nginx nginx +docker_on "$HOST1" run -d --net=container:nginx --name client albanc/dialer /go/bin/dialer connectshortlived localhost:80 + +wait_for_containers "$HOST1" 60 nginx client + +has_container "$HOST1" nginx +has_container "$HOST1" client +has_connection containers "$HOST1" client nginx + +endpoints_have_ebpf "$HOST1" + +scope_end_suite diff --git a/integration/config.sh b/integration/config.sh index 75eac309d2..99f5cdf74e 100644 --- a/integration/config.sh +++ b/integration/config.sh @@ -90,6 +90,30 @@ has_connection_by_id() { assert "curl -s http://$host:4040/api/topology/${view}?system=show | jq -r '.nodes[\"$from_id\"].adjacency | contains([\"$to_id\"])'" true } +# this checks if ebpf is true on all endpoints on a given host +endpoints_have_ebpf() { + local host="$1" + local timeout="${2:-60}" + local number_of_endpoints=-1 + local have_ebpf=-1 + local report + + for i in $(seq "$timeout"); do + report=$(curl -s "http://${host}:4040/api/report") + number_of_endpoints=$(echo "${report}" | jq -r '.Endpoint.nodes | length') + have_ebpf=$(echo "${report}" | jq -r '.Endpoint.nodes[].latest.eBPF | select(.value != null) | contains({"value": "true"})' | wc -l) + if [[ "$number_of_endpoints" -gt 0 && "$have_ebpf" -gt 0 && "$number_of_endpoints" -eq "$have_ebpf" ]]; then + echo "Found ${number_of_endpoints} endpoints with ebpf enabled" + assert "echo '$have_ebpf'" "$number_of_endpoints" + return + fi + sleep 1 + done + + echo "Only ${have_ebpf} endpoints of ${number_of_endpoints} have ebpf enabled, should be equal" + assert "echo '$have_ebpf" "$number_of_endpoints" +} + has_connection() { local view="$1" local host="$2"