grpc · sergiitk · Oct 15, 2024 · Oct 16, 2024 · Oct 17, 2024 · Oct 17, 2024
@@ -19,8 +19,7 @@ display_usage() {
   cat <<EOF >/dev/stderr
 Performs full TD and K8S resource cleanup
 
-USAGE: $0 [--nosecure] [arguments]
-   --nosecure: Skip cleanup for the resources specific for PSM Security
+USAGE: $0 [arguments]
    arguments ...: additional arguments passed to ./run.sh
 
 ENVIRONMENT:
@@ -31,7 +30,7 @@ ENVIRONMENT:
                             Default: $XDS_K8S_DRIVER_DIR/venv
 EXAMPLES:
 $0
-$0 --nosecure
+$0 --mode=app_net
 XDS_K8S_CONFIG=./path-to-flagfile.cfg $0 --resource_suffix=override-suffix
 EOF
   exit 1
@@ -47,13 +46,6 @@ readonly XDS_K8S_DRIVER_DIR="${SCRIPT_DIR}/.."
 
 cd "${XDS_K8S_DRIVER_DIR}"
 
-if [[ "$1" == "--nosecure" ]]; then
-  shift
-  ./run.sh bin/run_td_setup.py --cmd=cleanup "$@" && \
-  ./run.sh bin/run_test_client.py --cmd=cleanup --cleanup_namespace "$@" && \
-  ./run.sh bin/run_test_server.py --cmd=cleanup --cleanup_namespace "$@"
-else
-  ./run.sh bin/run_td_setup.py --cmd=cleanup --security=mtls "$@" && \
-  ./run.sh bin/run_test_client.py --cmd=cleanup --cleanup_namespace --mode=secure "$@" && \
-  ./run.sh bin/run_test_server.py --cmd=cleanup --cleanup_namespace --mode=secure "$@"
-fi
+./run.sh bin/run_td_setup.py --cmd=cleanup "$@" && \
+./run.sh bin/run_test_client.py --cmd=cleanup --cleanup_namespace "$@" && \
+./run.sh bin/run_test_server.py --cmd=cleanup --cleanup_namespace "$@"
@@ -21,12 +21,12 @@ readonly XDS_K8S_DRIVER_DIR="${SCRIPT_DIR}/.."
 
 cd "${XDS_K8S_DRIVER_DIR}"
 
-NO_SECURE="yes"
+MODE=""
 DATE_TO=$(date -Iseconds)
 
 while [[ $# -gt 0 ]]; do
   case $1 in
-    --secure) NO_SECURE=""; shift ;;
+    --mode=*) MODE="${1#*=}"; shift ;;
     --date_to=*) DATE_TO="${1#*=}T00:00:00Z"; shift ;;
     *) echo "Unknown argument $1"; exit 1 ;;
   esac
@@ -68,7 +68,7 @@ echo "Count: ${#namespaces[@]}"
 
 echo "Run plan:"
 for suffix in "${suffixes[@]}"; do
-  echo ./bin/cleanup.sh ${NO_SECURE:+"--nosecure"} "--resource_suffix=${suffix}"
+  echo ./bin/cleanup.sh ${MODE:+"--mode=$MODE"} "--resource_suffix=${suffix}"
 done
 
 read -r -n 1 -p "Continue? (y/N) " answer
@@ -85,7 +85,7 @@ failed=0
 for suffix in "${suffixes[@]}"; do
   echo "-------------------- Cleaning suffix ${suffix} --------------------"
   set -x
-  ./bin/cleanup.sh ${NO_SECURE:+"--nosecure"} "--resource_suffix=${suffix}" || (( ++failed ))
+  ./bin/cleanup.sh ${MODE:+"--mode=$MODE"} "--resource_suffix=${suffix}" || (( ++failed ))
   set +x
   echo "-------------------- Finished cleaning ${suffix} --------------------"
 done

@@ -33,13 +33,67 @@
 logger = logging.get_absl_logger()
 # TODO(sergiitk): move common flags/validations here: mode, security, etc
 
+MODE = flags.DEFINE_enum(
+    "mode",
+    default="default",
+    enum_values=[
+        "default",
+        "secure",
+        "app_net",
+        "rlqs",
+        "gamma",
+    ],
+    help="Select server mode",
+)
+SECURITY = flags.DEFINE_enum(
+    "security",
+    default=None,
+    enum_values=[
+        "mtls",
+        "tls",
+        "plaintext",
+        "mtls_error",
+        "server_authz_error",
+    ],
+    help="Configure TD with security",
+)
 SERVER_REPLICA_COUNT = flags.DEFINE_integer(
     "server_replica_count",
     default=1,
     lower_bound=1,
     upper_bound=999,
     help="The number server replicas to run.",
 )
+ROUTE_KIND_GAMMA = flags.DEFINE_enum_class(
+    "gamma_route_kind",
+    default=k8s.RouteKind.HTTP,
+    enum_class=k8s.RouteKind,
+    help="When --mode=gamma, select the kind of a gamma route the server uses",
+)
+
+# Running outside of a test suite, so require explicit resource_suffix.
+flags.mark_flag_as_required(xds_flags.RESOURCE_SUFFIX)
+
+# Require --security when --mode=secure.
+flags.register_multi_flags_validator(
+    (MODE, SECURITY),
+    lambda values: values[MODE.name] != "secure" or values[SECURITY.name],
+    "When --mode=secure; --security flag is required",
+)
+
+
+@flags.multi_flags_validator(
+    (xds_flags.SERVER_XDS_PORT.name, MODE.name),
+    message=(
+        "Run outside of a test suite, must provide"
+        " the exact port value (must be greater than 0)."
+    ),
+)
+def _check_server_xds_port_flag(flags_dict):
+    if flags_dict[MODE.name] == "gamma":
+        return True
+    return flags_dict[xds_flags.SERVER_XDS_PORT.name] > 0
+
 
 # Type aliases
 KubernetesClientRunner = k8s_xds_client_runner.KubernetesClientRunner
@@ -151,7 +205,11 @@ def make_server_runner(
             f"{xds_flags.RESOURCE_PREFIX.value}-"
             f"{xds_flags.RESOURCE_SUFFIX.value}"
         )
+        runner_kwargs["route_kind"] = ROUTE_KIND_GAMMA.value
         server_runner = GammaServerRunner
+    elif mode == "rlqs":
+        depl_args = k8s_xds_server_runner.ServerDeploymentArgs(enable_rlqs=True)
+        runner_kwargs["deployment_args"] = depl_args
 
     return server_runner(namespace, **runner_kwargs)
 

@@ -49,47 +49,9 @@
 from framework.test_app import server_app
 
 # Flags
-_MODE = flags.DEFINE_enum(
-    "mode",
-    default="default",
-    enum_values=[
-        "default",
-        "secure",
-        "app_net",
-        "gamma",
-    ],
-    help="Select test mode",
-)
-_SECURITY = flags.DEFINE_enum(
-    "security",
-    default=None,
-    enum_values=[
-        "mtls",
-        "tls",
-        "plaintext",
-        "mtls_error",
-        "server_authz_error",
-    ],
-    help="Show info for a security setup",
-)
 flags.adopt_module_key_flags(common)
 flags.adopt_module_key_flags(xds_flags)
 flags.adopt_module_key_flags(xds_k8s_flags)
-# Running outside of a test suite, so require explicit resource_suffix.
-flags.mark_flag_as_required(xds_flags.RESOURCE_SUFFIX.name)
-
-
-@flags.multi_flags_validator(
-    (xds_flags.SERVER_XDS_PORT.name, _MODE.name),
-    message=(
-        "Run outside of a test suite, must provide"
-        " the exact port value (must be greater than 0)."
-    ),
-)
-def _check_server_xds_port_flag(flags_dict):
-    if flags_dict[_MODE.name] == "gamma":
-        return True
-    return flags_dict[xds_flags.SERVER_XDS_PORT.name] > 0
 
 
 logger = logging.get_absl_logger()
@@ -244,15 +206,19 @@ def main(argv):
     enable_workload_identity: bool = (
         xds_k8s_flags.ENABLE_WORKLOAD_IDENTITY.value
     )
-    is_secure: bool = bool(_SECURITY.value)
+    is_secure: bool = bool(common.SECURITY.value)
+    security_mode = common.SECURITY.value
+    if security_mode:
+        flags.set_default(common.MODE, "secure")
+    mode = common.MODE.value
 
     # Server.
     server_namespace = common.make_server_namespace()
     server_runner = common.make_server_runner(
         server_namespace,
         port_forwarding=should_port_forward,
         enable_workload_identity=enable_workload_identity,
-        mode=_MODE.value,
+        mode=mode,
     )
     # Find server pod.
     server_pods = common.get_server_pods(
@@ -270,7 +236,7 @@ def main(argv):
         client_namespace,
         port_forwarding=should_port_forward,
         enable_workload_identity=enable_workload_identity,
-        mode=_MODE.value,
+        mode=mode,
     )
     # Find client pod.
     client_pod: k8s.V1Pod = common.get_client_pod(
@@ -292,7 +258,7 @@ def main(argv):
     )
 
     # Create client app for the client pod.
-    if _MODE.value == "gamma":
+    if mode == "gamma":
         server_target = (
             f"xds:///{server_runner.frontend_service_name}"
             f".{server_runner.k8s_namespace.name}.svc.cluster.local"
@@ -309,9 +275,9 @@ def main(argv):
     )
 
     with test_client, test_server:
-        if _SECURITY.value in ("mtls", "tls", "plaintext"):
+        if security_mode in ("mtls", "tls", "plaintext"):
             debug_security_setup_positive(test_client, test_server)
-        elif _SECURITY.value in ("mtls_error", "server_authz_error"):
+        elif security_mode in ("mtls_error", "server_authz_error"):
             debug_security_setup_negative(test_client)
         else:
             debug_basic_setup(test_client, test_server)

@@ -44,17 +44,6 @@
 from framework.test_app import server_app
 
 # Flags
-_MODE = flags.DEFINE_enum(
-    "mode",
-    default="default",
-    enum_values=[
-        "default",
-        "secure",
-        "app_net",
-        "gamma",
-    ],
-    help="Select a deployment of the client/server",
-)
 _NUM_RPCS = flags.DEFINE_integer(
     "num_rpcs",
     default=100,
@@ -65,22 +54,6 @@
 flags.adopt_module_key_flags(common)
 flags.adopt_module_key_flags(xds_flags)
 flags.adopt_module_key_flags(xds_k8s_flags)
-# Running outside of a test suite, so require explicit resource_suffix.
-flags.mark_flag_as_required(xds_flags.RESOURCE_SUFFIX.name)
-
-
-@flags.multi_flags_validator(
-    (xds_flags.SERVER_XDS_PORT.name, _MODE.name),
-    message=(
-        "Run outside of a test suite, must provide"
-        " the exact port value (must be greater than 0)."
-    ),
-)
-def _check_server_xds_port_flag(flags_dict):
-    if flags_dict[_MODE.name] == "gamma":
-        return True
-    return flags_dict[xds_flags.SERVER_XDS_PORT.name] > 0
-
 
 logger = logging.get_absl_logger()
 
@@ -141,7 +114,7 @@ def main(argv):
         common.make_server_namespace(),
         port_forwarding=should_port_forward,
         enable_workload_identity=enable_workload_identity,
-        mode=_MODE.value,
+        mode=common.MODE.value,
     )
     # Ensure server pods are running
     common.get_server_pods(server_runner, xds_flags.SERVER_NAME.value)
@@ -151,7 +124,7 @@ def main(argv):
         common.make_client_namespace(),
         port_forwarding=should_port_forward,
         enable_workload_identity=enable_workload_identity,
-        mode=_MODE.value,
+        mode=common.MODE.value,
     )
     # Find client pod.
     client_pod: k8s.V1Pod = common.get_client_pod(
@@ -162,7 +135,7 @@ def main(argv):
     common.register_graceful_exit(server_runner, client_runner)
 
     # Create client app for the client pod.
-    if _MODE.value == "gamma":
+    if common.MODE.value == "gamma":
         server_target = (
             f"xds:///{server_runner.frontend_service_name}"
             f".{server_runner.k8s_namespace.name}.svc.cluster.local"