scottk/talos
1
0
Fork 0
mirror of https://github.com/lingble/talos.git synced 2025-11-02 05:28:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
badbc51e63b685e22fffb82ae294a35cd9f65922
talos/internal/app/machined/pkg/controllers/kubespan/nftables_test.go
Andrey Smirnov badbc51e63 refactor: rewrite code to include preliminary support for multi-doc 
`config.Container` implements a multi-doc container which implements
both `Container` interface (encoding, validation, etc.), and `Conifg`
interface (accessing parts of the config).

Refactor `generate` and `bundle` packages to support multi-doc, and
provide backwards compatibility.

Implement a first (mostly example) machine config document for
SideroLink API URL.

Many places don't properly support multi-doc yet (e.g. config patches).

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
2023-05-31 18:38:05 +04:00

55 lines
1.4 KiB
Go
Raw Blame History

// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
package kubespan_test
import (
"net/netip"
"os"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"go4.org/netipx"
"github.com/siderolabs/talos/internal/app/machined/pkg/controllers/kubespan"
"github.com/siderolabs/talos/pkg/machinery/constants"
)
func TestNfTables(t *testing.T) {
if os.Geteuid() != 0 {
t.Skip("requires root")
}
// use a different mark to avoid conflicts with running kubespan
mgr := kubespan.NewNfTablesManager(
constants.KubeSpanDefaultFirewallMark<<1,
constants.KubeSpanDefaultForceFirewallMark<<1,
constants.KubeSpanDefaultFirewallMask<<1,
)
// cleanup should be fine if nothing is installed
assert.NoError(t, mgr.Cleanup())
defer mgr.Cleanup() //nolint:errcheck
var builder netipx.IPSetBuilder
builder.AddPrefix(netip.MustParsePrefix("172.20.0.0/24"))
builder.AddPrefix(netip.MustParsePrefix("10.0.0.0/16"))
ipSet, err := builder.IPSet()
require.NoError(t, err)
assert.NoError(t, mgr.Update(ipSet, constants.KubeSpanLinkMTU))
builder.AddPrefix(netip.MustParsePrefix("10.0.0.0/8"))
ipSet, err = builder.IPSet()
require.NoError(t, err)
assert.NoError(t, mgr.Update(ipSet, constants.KubeSpanLinkMTU))
assert.NoError(t, mgr.Cleanup())
}
Reference in New Issue View Git Blame Copy Permalink