From 31eaea9eef0594117e83733aa01f8bbda940e4da Mon Sep 17 00:00:00 2001 From: Filip Tehlar Date: Thu, 15 Jun 2023 10:06:57 +0200 Subject: [PATCH] hs-test: add nginx+quic test Type: test Change-Id: I15e4f2fb84cb4f34b6fea95978db000854a63e78 Signed-off-by: Filip Tehlar --- extras/hs-test/Makefile | 9 ++++-- extras/hs-test/docker/Dockerfile.build | 8 ++++++ extras/hs-test/docker/Dockerfile.curl | 7 +++++ extras/hs-test/docker/Dockerfile.nginx | 2 +- extras/hs-test/docker/Dockerfile.nginx-http3 | 24 ++++++++++++++++ extras/hs-test/hst_suite.go | 16 +++++++++++ extras/hs-test/http_test.go | 20 +++++++++++++ extras/hs-test/resources/cert/localhost.crt | 21 ++++++++++++++ extras/hs-test/resources/cert/localhost.key | 28 ++++++++++++++++++ extras/hs-test/resources/nginx/html/index.html | 6 ++++ extras/hs-test/resources/nginx/nginx_http3.conf | 25 ++++++++++++++++ extras/hs-test/script/build_boringssl.sh | 4 +++ extras/hs-test/script/build_curl.sh | 36 ++++++++++++++++++++++++ extras/hs-test/script/{build.sh => build_hst.sh} | 5 ++++ extras/hs-test/script/build_nginx.sh | 5 ++++ extras/hs-test/script/nginx_ldp.sh | 2 +- extras/hs-test/topo-containers/single.yaml | 21 ++++++++++++++ extras/hs-test/vars | 1 + 18 files changed, 235 insertions(+), 5 deletions(-) create mode 100644 extras/hs-test/docker/Dockerfile.build create mode 100644 extras/hs-test/docker/Dockerfile.curl create mode 100644 extras/hs-test/docker/Dockerfile.nginx-http3 create mode 100644 extras/hs-test/resources/cert/localhost.crt create mode 100644 extras/hs-test/resources/cert/localhost.key create mode 100644 extras/hs-test/resources/nginx/html/index.html create mode 100644 extras/hs-test/resources/nginx/nginx_http3.conf create mode 100755 extras/hs-test/script/build_boringssl.sh create mode 100755 extras/hs-test/script/build_curl.sh rename extras/hs-test/script/{build.sh => build_hst.sh} (91%) create mode 100755 extras/hs-test/script/build_nginx.sh diff --git a/extras/hs-test/Makefile b/extras/hs-test/Makefile index 3d7673a7267..7a5fb138397 100644 --- a/extras/hs-test/Makefile +++ b/extras/hs-test/Makefile @@ -44,8 +44,11 @@ help: @echo " fixstyle - format .go source files" @echo " list-tests - list all tests" @echo - @echo "Make arguments:" + @echo "make build arguments:" @echo " UBUNTU_VERSION - ubuntu version for docker image" + @echo " HST_EXTENDED_TESTS - build extended tests" + @echo + @echo "make test arguments:" @echo " PERSIST=[true|false] - whether clean up topology and dockers after test" @echo " VERBOSE=[true|false] - verbose output" @echo " UNCONFIGURE=[true|false] - unconfigure selected test" @@ -76,12 +79,12 @@ build-go: build: .deps.ok build-vpp-release build-go @rm -f .build.vpp - bash ./script/build.sh release + bash ./script/build_hst.sh release @touch .build.vpp build-debug: .deps.ok build-vpp-debug build-go @rm -f .build.vpp - bash ./script/build.sh debug + bash ./script/build_hst.sh debug @touch .build.vpp .deps.ok: diff --git a/extras/hs-test/docker/Dockerfile.build b/extras/hs-test/docker/Dockerfile.build new file mode 100644 index 00000000000..8b2652e93fc --- /dev/null +++ b/extras/hs-test/docker/Dockerfile.build @@ -0,0 +1,8 @@ +ARG UBUNTU_VERSION + +FROM ubuntu:${UBUNTU_VERSION} + +RUN apt-get update \ + && apt-get install -y gcc git make autoconf libtool pkg-config cmake ninja-build golang \ + && rm -rf /var/lib/apt/lists/* + diff --git a/extras/hs-test/docker/Dockerfile.curl b/extras/hs-test/docker/Dockerfile.curl new file mode 100644 index 00000000000..21f8f54e186 --- /dev/null +++ b/extras/hs-test/docker/Dockerfile.curl @@ -0,0 +1,7 @@ +FROM hs-test/build + +COPY script/build_curl.sh /build_curl.sh +RUN git clone https://github.com/curl/curl +RUN /build_curl.sh + +CMD ["/bin/sh"] diff --git a/extras/hs-test/docker/Dockerfile.nginx b/extras/hs-test/docker/Dockerfile.nginx index c426659905b..11ec6af156d 100644 --- a/extras/hs-test/docker/Dockerfile.nginx +++ b/extras/hs-test/docker/Dockerfile.nginx @@ -17,4 +17,4 @@ ENV LDP_DEBUG=0 ENV VCL_DEBUG=0 ENV LDP_SID_BIT=8 -ENTRYPOINT ["nginx_ldp.sh", "-c", "/nginx.conf"] +ENTRYPOINT ["nginx_ldp.sh", "nginx", "-c", "/nginx.conf"] diff --git a/extras/hs-test/docker/Dockerfile.nginx-http3 b/extras/hs-test/docker/Dockerfile.nginx-http3 new file mode 100644 index 00000000000..5d66a2528a6 --- /dev/null +++ b/extras/hs-test/docker/Dockerfile.nginx-http3 @@ -0,0 +1,24 @@ +FROM hs-test/build + +COPY script/build_boringssl.sh /build_boringssl.sh +RUN git clone https://boringssl.googlesource.com/boringssl +RUN ./build_boringssl.sh + +COPY script/build_nginx.sh /build_nginx.sh +RUN git clone https://github.com/nginx/nginx +RUN ./build_nginx.sh + +COPY vpp-data/lib/* /usr/lib/ +COPY resources/nginx/vcl.conf /vcl.conf +COPY resources/nginx/nginx_http3.conf /nginx.conf +COPY script/nginx_ldp.sh /usr/bin/nginx_ldp.sh + +COPY resources/nginx/html/index.html /usr/share/nginx/index.html + +ENV VCL_CONFIG=/vcl.conf +ENV LDP=/usr/lib/libvcl_ldpreload.so +ENV LDP_DEBUG=0 +ENV VCL_DEBUG=0 +ENV LDP_SID_BIT=8 + +ENTRYPOINT ["nginx_ldp.sh", "/usr/local/nginx/sbin/nginx", "-c", "/nginx.conf"] diff --git a/extras/hs-test/hst_suite.go b/extras/hs-test/hst_suite.go index d972c9d9b8e..093bca0b56f 100644 --- a/extras/hs-test/hst_suite.go +++ b/extras/hs-test/hst_suite.go @@ -4,6 +4,8 @@ import ( "flag" "io/ioutil" "os" + "os/exec" + "strings" "time" "github.com/edwarnicke/exechelper" @@ -162,6 +164,20 @@ func (s *HstSuite) SkipIfMultiWorker(args ...any) { } } +func (s *HstSuite) SkipUnlessExtendedTestsBuilt() { + imageName := "hs-test/nginx-http3" + + cmd := exec.Command("docker", "images", imageName) + byteOutput, err := cmd.CombinedOutput() + if err != nil { + s.log("error while searching for docker image") + return + } + if !strings.Contains(string(byteOutput), imageName) { + s.skip("extended tests not built") + } +} + func (s *HstSuite) resetContainers() { for _, container := range s.containers { container.stop() diff --git a/extras/hs-test/http_test.go b/extras/hs-test/http_test.go index e576e4a832d..503f42a47c7 100644 --- a/extras/hs-test/http_test.go +++ b/extras/hs-test/http_test.go @@ -40,6 +40,26 @@ func (s *VethsSuite) TestHttpCli() { s.assertContains(o, "", " not found in the result!") } +func (s *NoTopoSuite) TestNginxHttp3() { + s.SkipUnlessExtendedTestsBuilt() + + query := "index.html" + nginxCont := s.getContainerByName("nginx-http3") + s.assertNil(nginxCont.run()) + + vpp := s.getContainerByName("vpp").vppInstance + vpp.waitForApp("nginx-", 5) + serverAddress := s.netInterfaces[tapInterfaceName].peer.ip4AddressString() + + defer func() { os.Remove(query) }() + curlCont := s.getContainerByName("curl") + args := fmt.Sprintf("curl --noproxy '*' --http3-only -k https://%s:8443/%s", serverAddress, query) + curlCont.extraRunningArgs = args + o, err := curlCont.combinedOutput() + s.assertNil(err) + s.assertContains(o, "", " not found in the result!") +} + func (s *NoTopoSuite) TestNginxAsServer() { query := "return_ok" finished := make(chan error, 1) diff --git a/extras/hs-test/resources/cert/localhost.crt b/extras/hs-test/resources/cert/localhost.crt new file mode 100644 index 00000000000..b21fb48906e --- /dev/null +++ b/extras/hs-test/resources/cert/localhost.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDZTCCAk2gAwIBAgIUF116CAipHqQBCyAEvNesV0u4u0swDQYJKoZIhvcNAQEL +BQAwQjELMAkGA1UEBhMCU0sxEDAOBgNVBAgMB1ZwcExhbmQxITAfBgNVBAoMGElu +dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzA1MjkxMDI0MjhaFw0yNDA1Mjgx +MDI0MjhaMEIxCzAJBgNVBAYTAlNLMRAwDgYDVQQIDAdWcHBMYW5kMSEwHwYDVQQK +DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQCy40rDzrrHPGIyhP24hOBQefEgKD5uUGgSUyJTCur4yB/r2PGt +LlfipKwDmNArmZuFOgKh8evipu2jYaxf4GHQmi7PGLddvPkqo5FWtVW8oAVJMcp+ +fwfs7OgkqtYD6Y7qjmjfXb9+rMpPN8WZ7cKbJwZpF3lf8GGaLqRmPiQg2j8qzcVy +nz8cIwBZP8BJVclA9GIagijY7Zcmz0HnTPrPoLMeyLJOTqPMfkUYA2H2eHeISkQP +BeoFoiwCI5eM35UiWiLyiv9Kojn4BHx6MLrfKBjV13WtcRMgYm5VftsWOZ92lmHm +bpj9mGgtd84JWtWxs33oG4mNRSAeujf9AE5VAgMBAAGjUzBRMB0GA1UdDgQWBBTj +s+A5M/Cao+0Phgg6xFBKIPxLqjAfBgNVHSMEGDAWgBTjs+A5M/Cao+0Phgg6xFBK +IPxLqjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB3EcGDby5u +cEGjgAFR18kH4ztnYUdZUrPI72sOFfjRLtJpx00n759SBawqNW1Y2a1QRd+GgUBK +YpYd2gzWYFjf/4c5BN4SrjeZGnQ8N0YomqqGKvOQO0YdYK4i/lWJjLRaLiVBn9EX +Z+odYhGqQgoAJHnm5Mmqhx9ts8qxZLbdsh+T93mKvj+/yuai2Is+AJfLgZpdKPQN +bCoZemRm+nghRvEP8aX/469wiz7SOLqUzxrTOtXV48wTU5LWLDCs1lF9ZdGHR9/r +vj8unnEHIZiH3ZjN7OgaAoNHZE26Ywbmllc/a0vPw8iHdrLe7+Wtp4zXe2rcxhW7 +b+X1/yRCZ+Wg +-----END CERTIFICATE----- diff --git a/extras/hs-test/resources/cert/localhost.key b/extras/hs-test/resources/cert/localhost.key new file mode 100644 index 00000000000..2d65db50900 --- /dev/null +++ b/extras/hs-test/resources/cert/localhost.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCy40rDzrrHPGIy +hP24hOBQefEgKD5uUGgSUyJTCur4yB/r2PGtLlfipKwDmNArmZuFOgKh8evipu2j +Yaxf4GHQmi7PGLddvPkqo5FWtVW8oAVJMcp+fwfs7OgkqtYD6Y7qjmjfXb9+rMpP +N8WZ7cKbJwZpF3lf8GGaLqRmPiQg2j8qzcVynz8cIwBZP8BJVclA9GIagijY7Zcm +z0HnTPrPoLMeyLJOTqPMfkUYA2H2eHeISkQPBeoFoiwCI5eM35UiWiLyiv9Kojn4 +BHx6MLrfKBjV13WtcRMgYm5VftsWOZ92lmHmbpj9mGgtd84JWtWxs33oG4mNRSAe +ujf9AE5VAgMBAAECggEANwiZ/bdh2t2G0Ef9zoCCif+Z4OzAmCuAePK+gpG/TB41 +Q9eQMlkpjH5gtRKUKHWvVMNOAAhvK2FzhmoMH8rmDMkCUZAnCV2TwjxkACr1X3xT +Y/s/cr8d7xPLL0ynXrjB0QNS3DT5Lr111/0ue3acAiN1Y2tnWc6YGFj1FsdTUg+O +zRysrpNUp3LAK+MXIhAXMCGKOOLxpjeyrcnUokH0I8e06of1AfAHX8jTn65MG5Ex +n9wBYPl+u2J3SjILHoqBKjcSoNILUfBN9mQGeXhoqCzwcnygDtOxIu9xgu2nCcJr +C1R/WXoQ8Jr6wa1n0aEVXDJeOEK9kKXLTt2/I4HB2QKBgQDemLy+o2/tbFwlU2Xy +8/tZa30kfLCAZ+kq+lE3Kkfqt3pPYzH+lfO7u/UWtavKRQRdsKsNKbpe/EdGq7c4 +YN3L1KG5JiIo3TxilUPilYacGHklfMMbEK7cs8Jebsl6rL7BgnKuqlXGY0HEEx8L +XqIKN1RdzL04WLOiA8qDGwYp7wKBgQDNu3DECCTkTa+mZdNDRntoffkgyd0AnwPA +PEf43BHORpKcfGwFIrf8QWRXcLdh72Yrc9o3D53GCq+NSYGPL2OiY+/3HoAy1mH1 +EBgS08qfkZBKr6+VGjWuVAlD2m2jW+AhGXMS+Lu4yzK3V+0EzlAu4WZVBUngg1// +6ZtyvXLf+wKBgQCozmO0nvUutFJc7BYQXP5sHZvVo8mmVyb4NMSKdUH8ug/DTJKJ +YuZnpG6FPlh9GEHrWyMc5Fw11FOpQGe+FZeeEC5k3ophOwWkLVZB6useTWDyEN9V +Ex3IuXnZa2LX6VDwJyEZXIuX24XwUB/m22k/Hh6Y079bj8kKQJ2/NytBeQKBgQCZ +RGMmJ8sUKqwJEyLoo8GcfvzyaHC03cI1nLMhuxGo0vq2ihsPWGYpD65pVhfIZkl/ +ZbfT/VZVC/DtGS3kNjHL8Rf8ykRHm18u6uaEYDQ73H3apjfwpK4JSaH9YuT7Jp87 +CXKpV5TCft8xp9d0FR+3TUSnYmE/WaBTTv335RuHsQKBgCFLyxzs0hM/MhCLHJ6b +AqyNPz36Xcwsgit1Svhwm1IC6FqkSJl3cRKhp1AP5w6ktUfUGNpF/TYI3x2jCg/m +c0nwmqi/3Cha64XKJcI4iT2+lyuE8jXovMdNiJEEKCDalpyYJbhzRaLsoSFSbiD1 +mFDl8/aNVaQKDDboSuj9AkKs +-----END PRIVATE KEY----- diff --git a/extras/hs-test/resources/nginx/html/index.html b/extras/hs-test/resources/nginx/html/index.html new file mode 100644 index 00000000000..6b7c97d7542 --- /dev/null +++ b/extras/hs-test/resources/nginx/html/index.html @@ -0,0 +1,6 @@ + + nginx docker with quic + +

Greetings!

+ + diff --git a/extras/hs-test/resources/nginx/nginx_http3.conf b/extras/hs-test/resources/nginx/nginx_http3.conf new file mode 100644 index 00000000000..c7bd78a224b --- /dev/null +++ b/extras/hs-test/resources/nginx/nginx_http3.conf @@ -0,0 +1,25 @@ +master_process off; +daemon off; + +events { + use epoll; + accept_mutex off; + multi_accept off; +} + +http { + quic_gso on; + quic_retry on; + + access_log logs/access.log; + keepalive_timeout 300s; + sendfile on; + server { + listen 0.0.0.0:8443 quic; + listen 0.0.0.0:8443 ssl; + root /usr/share/nginx; + ssl_certificate /etc/nginx/ssl/localhost.crt; + ssl_certificate_key /etc/nginx/ssl/localhost.key; + index index.html index.htm; + } +} diff --git a/extras/hs-test/script/build_boringssl.sh b/extras/hs-test/script/build_boringssl.sh new file mode 100755 index 00000000000..441878a77ca --- /dev/null +++ b/extras/hs-test/script/build_boringssl.sh @@ -0,0 +1,4 @@ +#!/bin/bash +cd boringssl +cmake -GNinja -B build +ninja -C build diff --git a/extras/hs-test/script/build_curl.sh b/extras/hs-test/script/build_curl.sh new file mode 100755 index 00000000000..ae675c270fe --- /dev/null +++ b/extras/hs-test/script/build_curl.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +dir1=/tmp/dir1 +dir2=/tmp/dir2 +dir3=/tmp/dir3 + +git clone --depth 1 -b openssl-3.0.9+quic https://github.com/quictls/openssl +cd openssl +echo "install path ${dir1}" +./config enable-tls1_3 --prefix=${dir1} +make +make install + +cd .. +git clone -b v0.12.0 https://github.com/ngtcp2/nghttp3 +cd nghttp3 +autoreconf -fi +./configure --prefix=${dir2} --enable-lib-only +make +make install + +cd .. +git clone -b v0.16.0 https://github.com/ngtcp2/ngtcp2 +cd ngtcp2 +autoreconf -fi +./configure PKG_CONFIG_PATH=${dir1}/lib64/pkgconfig:${dir2}/lib/pkgconfig LDFLAGS="-Wl,-rpath,${dir1}/lib64" --prefix=${dir3} --enable-lib-only +make +make install + +cd .. +git clone https://github.com/curl/curl +cd curl +autoreconf -fi +LDFLAGS="-Wl,-rpath,${dir1}/lib64" ./configure --with-openssl=${dir1} --with-nghttp3=${dir2} --with-ngtcp2=${dir3} +make +make install diff --git a/extras/hs-test/script/build.sh b/extras/hs-test/script/build_hst.sh similarity index 91% rename from extras/hs-test/script/build.sh rename to extras/hs-test/script/build_hst.sh index 398cdd71fc3..0212e776aec 100755 --- a/extras/hs-test/script/build.sh +++ b/extras/hs-test/script/build_hst.sh @@ -62,6 +62,11 @@ docker_build () { docker_build hs-test/vpp vpp docker_build hs-test/nginx-ldp nginx docker_build hs-test/nginx-server nginx-server +docker_build hs-test/build build +if [ "$HST_EXTENDED_TESTS" = true ] ; then + docker_build hs-test/nginx-http3 nginx-http3 + docker_build hs-test/curl curl +fi # cleanup detached images images=$(docker images --filter "dangling=true" -q --no-trunc) diff --git a/extras/hs-test/script/build_nginx.sh b/extras/hs-test/script/build_nginx.sh new file mode 100755 index 00000000000..69d366aab0e --- /dev/null +++ b/extras/hs-test/script/build_nginx.sh @@ -0,0 +1,5 @@ +#!/bin/bash +cd nginx +./auto/configure --with-debug --with-http_v3_module --with-cc-opt="-I../boringssl/include" --with-ld-opt="-L../boringssl/build/ssl -L../boringssl/build/crypto" --without-http_rewrite_module --without-http_gzip_module +make +make install diff --git a/extras/hs-test/script/nginx_ldp.sh b/extras/hs-test/script/nginx_ldp.sh index 90146f61443..4a22e14aaf7 100755 --- a/extras/hs-test/script/nginx_ldp.sh +++ b/extras/hs-test/script/nginx_ldp.sh @@ -1,3 +1,3 @@ #!/usr/bin/env bash -LD_PRELOAD=$LDP nginx $@ 2>&1 > /proc/1/fd/1 +LD_PRELOAD=$LDP $@ 2>&1 > /proc/1/fd/1 diff --git a/extras/hs-test/topo-containers/single.yaml b/extras/hs-test/topo-containers/single.yaml index 83212c88b3d..6fd4d31bed8 100644 --- a/extras/hs-test/topo-containers/single.yaml +++ b/extras/hs-test/topo-containers/single.yaml @@ -9,6 +9,7 @@ containers: - <<: *shared-vol container-dir: "/tmp/vpp" is-default-work-dir: true + - name: "nginx" volumes: - <<: *shared-vol @@ -16,11 +17,31 @@ containers: is-default-work-dir: true image: "hs-test/nginx-ldp" is-optional: true + + - name: "nginx-http3" + volumes: + - <<: *shared-vol + container-dir: "/tmp/nginx" + is-default-work-dir: true + - host-dir: $HST_DIR/resources/cert + container-dir: "/etc/nginx/ssl" + image: "hs-test/nginx-http3" + is-optional: true + - name: "ab" image: "jordi/ab" is-optional: true run-detached: false + - name: "wrk" image: "skandyla/wrk" is-optional: true + run-detached: false + + - name: "curl" + vars: + - name: LD_LIBRARY_PATH + value: "/usr/local/lib" + image: "hs-test/curl" + is-optional: true run-detached: false \ No newline at end of file diff --git a/extras/hs-test/vars b/extras/hs-test/vars index b27c5c530e7..d1ca078fe21 100644 --- a/extras/hs-test/vars +++ b/extras/hs-test/vars @@ -4,3 +4,4 @@ export HST_LDPRELOAD=${VPP_WS}/build-root/build-vpp-native/vpp/lib/x86_64-linux- export PATH=${VPP_WS}/build-root/build-vpp-native/vpp/bin:$PATH export UBUNTU_VERSION=$(lsb_release -rs) +export HST_EXTENDED_TESTS=false -- 2.16.6