diff --git a/acceptance/tests/consul-dns/consul_dns_partitions_test.go b/acceptance/tests/consul-dns/consul_dns_partitions_test.go index fc745a9477..c7b51523c8 100644 --- a/acceptance/tests/consul-dns/consul_dns_partitions_test.go +++ b/acceptance/tests/consul-dns/consul_dns_partitions_test.go @@ -29,7 +29,7 @@ type dnsWithPartitionsTestCase struct { enableDNSProxy bool } -type dnsVerfication struct { +type dnsVerification struct { name string requestingCtx environment.TestContext svcContext environment.TestContext @@ -42,13 +42,13 @@ const defaultPartition = "default" const secondaryPartition = "secondary" const defaultNamespace = "default" -// TestConsulDNSProxy_WithPartitionsAndCatalogSync verifies DNS queries for services across partitions +// TestConsulDNS_WithPartitionsAndCatalogSync verifies DNS queries for services across partitions // when DNS proxy is enabled. It configures CoreDNS to use configure consul domain queries to // be forwarded to the Consul DNS Proxy. The test validates: // - returning the local partition's service when tenancy is not included in the DNS question. // - properly not resolving DNS for unexported services when ACLs are enabled. // - properly resolving DNS for exported services when ACLs are enabled. -func TestConsulDNSProxy_WithPartitionsAndCatalogSync(t *testing.T) { +func TestConsulDNS_WithPartitionsAndCatalogSync(t *testing.T) { env := suite.Environment() cfg := suite.Config() @@ -123,38 +123,43 @@ func TestConsulDNSProxy_WithPartitionsAndCatalogSync(t *testing.T) { }) } - if c.enableDNSProxy { - t.Run("restart dns-proxy and verify DNS queries for exported services across partitions", func(t *testing.T) { - restartDNSProxy(t, releaseName, defaultClusterContext) - verifyDNS(t, releaseName, staticServerNamespace, defaultClusterContext, secondaryClusterContext, - podLabelSelector, fmt.Sprintf("%s.service.%s.ap.consul", staticServerName, secondaryPartition), true, - dnsUtilsPodIndex) - verifyDNS(t, releaseName, staticServerNamespace, secondaryClusterContext, defaultClusterContext, - podLabelSelector, fmt.Sprintf("%s.service.%s.ap.consul", staticServerName, defaultPartition), true, - dnsUtilsPodIndex) - }) - } + //if c.enableDNSProxy { + // t.Run("restart dns-proxy and verify DNS queries for exported services across partitions", func(t *testing.T) { + // restartDNSProxy(t, releaseName, defaultClusterContext) + // verifyDNS(t, releaseName, staticServerNamespace, defaultClusterContext, secondaryClusterContext, + // podLabelSelector, fmt.Sprintf("%s.service.%s.ap.consul", staticServerName, secondaryPartition), true, + // dnsUtilsPodIndex) + // dnsUtilsPodIndex++ + // restartDNSProxy(t, releaseName, secondaryClusterContext) + // verifyDNS(t, releaseName, staticServerNamespace, secondaryClusterContext, defaultClusterContext, + // podLabelSelector, fmt.Sprintf("%s.service.%s.ap.consul", staticServerName, defaultPartition), true, + // dnsUtilsPodIndex) + // }) + //} }) } } -func restartDNSProxy(t *testing.T, releaseName string, ctx environment.TestContext) { - dnsDeploymentName := fmt.Sprintf("deployment/%s-consul-dns-proxy", releaseName) - restartDNSProxyCommand := []string{"rollout", "restart", dnsDeploymentName} - _, err := k8s.RunKubectlAndGetOutputE(t, ctx.KubectlOptions(t), restartDNSProxyCommand...) - require.NoError(t, err) - - // Wait for restart to finish. - out, err := k8s.RunKubectlAndGetOutputE(t, ctx.KubectlOptions(t), "rollout", "status", "--timeout", "1m", "--watch", dnsDeploymentName) - require.NoError(t, err, out, "rollout status command errored, this likely means the rollout didn't complete in time") -} +//func restartDNSProxy(t *testing.T, releaseName string, ctx environment.TestContext) { +// dnsDeploymentName := fmt.Sprintf("deployment/%s-consul-dns-proxy", releaseName) +// restartDNSProxyCommand := []string{"rollout", "restart", dnsDeploymentName} +// k8sOptions := ctx.KubectlOptions(t) +// logger.Log(t, fmt.Sprintf("restarting the dns-proxy deployment in %s k8s context", k8sOptions.ContextName)) +// _, err := k8s.RunKubectlAndGetOutputE(t, k8sOptions, restartDNSProxyCommand...) +// require.NoError(t, err) +// +// // Wait for restart to finish. +// out, err := k8s.RunKubectlAndGetOutputE(t, k8sOptions, "rollout", "status", "--timeout", "1m", "--watch", dnsDeploymentName) +// require.NoError(t, err, out, "rollout status command errored, this likely means the rollout didn't complete in time") +// logger.Log(t, fmt.Sprintf("dns-proxy deployment in %s k8s context has finished restarting", k8sOptions.ContextName)) +//} func getVerifications(defaultClusterContext environment.TestContext, secondaryClusterContext environment.TestContext, - shouldResolveUnexportedCrossPartitionDNSRecord bool, cfg *config.TestConfig) []dnsVerfication { + shouldResolveUnexportedCrossPartitionDNSRecord bool, cfg *config.TestConfig) []dnsVerification { serviceRequestWithNoPartition := fmt.Sprintf("%s.service.consul", staticServerName) serviceRequestInDefaultPartition := fmt.Sprintf("%s.service.%s.ap.consul", staticServerName, defaultPartition) serviceRequestInSecondaryPartition := fmt.Sprintf("%s.service.%s.ap.consul", staticServerName, secondaryPartition) - return []dnsVerfication{ + return []dnsVerification{ { name: "verify static-server.service.consul from default partition resolves the default partition ip address.", requestingCtx: defaultClusterContext, diff --git a/charts/consul/templates/dns-proxy-deployment.yaml b/charts/consul/templates/dns-proxy-deployment.yaml index 6af6fdfa28..c4cad4332e 100644 --- a/charts/consul/templates/dns-proxy-deployment.yaml +++ b/charts/consul/templates/dns-proxy-deployment.yaml @@ -188,11 +188,9 @@ spec: timeoutSeconds: 5 ports: - containerPort: {{ .Values.dns.proxy.port }} - hostPort: {{ .Values.dns.proxy.port }} protocol: "TCP" name: dns-tcp - containerPort: {{ .Values.dns.proxy.port }} - hostPort: {{ .Values.dns.proxy.port }} protocol: "UDP" name: dns-udp {{- end }} \ No newline at end of file