hs-test: add nginx+quic test

Type: test

Change-Id: I15e4f2fb84cb4f34b6fea95978db000854a63e78
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>

diff --git a/extras/hs-test/Makefile b/extras/hs-test/Makefile
index 3d7673a..7a5fb13 100644 (file)
--- a/extras/hs-test/Makefile
+++ b/extras/hs-test/Makefile
@@ -44,8 +44,11 @@ help:
        @echo " fixstyle             - format .go source files"
        @echo " list-tests           - list all tests"
        @echo
-       @echo "Make arguments:"
+       @echo "make build arguments:"
        @echo " UBUNTU_VERSION           - ubuntu version for docker image"
+       @echo " HST_EXTENDED_TESTS       - build extended tests"
+       @echo
+       @echo "make test arguments:"
        @echo " PERSIST=[true|false]     - whether clean up topology and dockers after test"
        @echo " VERBOSE=[true|false]     - verbose output"
        @echo " UNCONFIGURE=[true|false] - unconfigure selected test"
@@ -76,12 +79,12 @@ build-go:
 
 build: .deps.ok build-vpp-release build-go
        @rm -f .build.vpp
-       bash ./script/build.sh release
+       bash ./script/build_hst.sh release
        @touch .build.vpp
 
 build-debug: .deps.ok build-vpp-debug build-go
        @rm -f .build.vpp
-       bash ./script/build.sh debug
+       bash ./script/build_hst.sh debug
        @touch .build.vpp
 
 .deps.ok:

diff --git a/extras/hs-test/docker/Dockerfile.build b/extras/hs-test/docker/Dockerfile.build
new file mode 100644 (file)
index 0000000..8b2652e
--- /dev/null
+++ b/extras/hs-test/docker/Dockerfile.build
@@ -0,0 +1,8 @@
+ARG UBUNTU_VERSION
+
+FROM ubuntu:${UBUNTU_VERSION}
+
+RUN apt-get update \
+ && apt-get install -y gcc git make autoconf libtool pkg-config cmake ninja-build golang \
+ && rm -rf /var/lib/apt/lists/*
+

diff --git a/extras/hs-test/docker/Dockerfile.curl b/extras/hs-test/docker/Dockerfile.curl
new file mode 100644 (file)
index 0000000..21f8f54
--- /dev/null
+++ b/extras/hs-test/docker/Dockerfile.curl
@@ -0,0 +1,7 @@
+FROM hs-test/build
+
+COPY script/build_curl.sh /build_curl.sh
+RUN git clone https://github.com/curl/curl
+RUN /build_curl.sh
+
+CMD ["/bin/sh"]

diff --git a/extras/hs-test/docker/Dockerfile.nginx b/extras/hs-test/docker/Dockerfile.nginx
index c426659..11ec6af 100644 (file)
--- a/extras/hs-test/docker/Dockerfile.nginx
+++ b/extras/hs-test/docker/Dockerfile.nginx
@@ -17,4 +17,4 @@ ENV LDP_DEBUG=0
 ENV VCL_DEBUG=0
 ENV LDP_SID_BIT=8
 
-ENTRYPOINT ["nginx_ldp.sh", "-c", "/nginx.conf"]
+ENTRYPOINT ["nginx_ldp.sh", "nginx", "-c", "/nginx.conf"]

diff --git a/extras/hs-test/docker/Dockerfile.nginx-http3 b/extras/hs-test/docker/Dockerfile.nginx-http3
new file mode 100644 (file)
index 0000000..5d66a25
--- /dev/null
+++ b/extras/hs-test/docker/Dockerfile.nginx-http3
@@ -0,0 +1,24 @@
+FROM hs-test/build
+
+COPY script/build_boringssl.sh /build_boringssl.sh
+RUN git clone https://boringssl.googlesource.com/boringssl
+RUN ./build_boringssl.sh
+
+COPY script/build_nginx.sh /build_nginx.sh
+RUN git clone https://github.com/nginx/nginx
+RUN ./build_nginx.sh
+
+COPY vpp-data/lib/* /usr/lib/
+COPY resources/nginx/vcl.conf /vcl.conf
+COPY resources/nginx/nginx_http3.conf /nginx.conf
+COPY script/nginx_ldp.sh /usr/bin/nginx_ldp.sh
+
+COPY resources/nginx/html/index.html /usr/share/nginx/index.html
+
+ENV VCL_CONFIG=/vcl.conf
+ENV LDP=/usr/lib/libvcl_ldpreload.so
+ENV LDP_DEBUG=0
+ENV VCL_DEBUG=0
+ENV LDP_SID_BIT=8
+
+ENTRYPOINT ["nginx_ldp.sh", "/usr/local/nginx/sbin/nginx", "-c", "/nginx.conf"]

diff --git a/extras/hs-test/hst_suite.go b/extras/hs-test/hst_suite.go
index d972c9d..093bca0 100644 (file)
--- a/extras/hs-test/hst_suite.go
+++ b/extras/hs-test/hst_suite.go
@@ -4,6 +4,8 @@ import (
        "flag"
        "io/ioutil"
        "os"
+       "os/exec"
+       "strings"
        "time"
 
        "github.com/edwarnicke/exechelper"
@@ -162,6 +164,20 @@ func (s *HstSuite) SkipIfMultiWorker(args ...any) {
        }
 }
 
+func (s *HstSuite) SkipUnlessExtendedTestsBuilt() {
+       imageName := "hs-test/nginx-http3"
+
+       cmd := exec.Command("docker", "images", imageName)
+       byteOutput, err := cmd.CombinedOutput()
+       if err != nil {
+               s.log("error while searching for docker image")
+               return
+       }
+       if !strings.Contains(string(byteOutput), imageName) {
+               s.skip("extended tests not built")
+       }
+}
+
 func (s *HstSuite) resetContainers() {
        for _, container := range s.containers {
                container.stop()

diff --git a/extras/hs-test/http_test.go b/extras/hs-test/http_test.go
index e576e4a..503f42a 100644 (file)
--- a/extras/hs-test/http_test.go
+++ b/extras/hs-test/http_test.go
@@ -40,6 +40,26 @@ func (s *VethsSuite) TestHttpCli() {
        s.assertContains(o, "<html>", "<html> not found in the result!")
 }
 
+func (s *NoTopoSuite) TestNginxHttp3() {
+       s.SkipUnlessExtendedTestsBuilt()
+
+       query := "index.html"
+       nginxCont := s.getContainerByName("nginx-http3")
+       s.assertNil(nginxCont.run())
+
+       vpp := s.getContainerByName("vpp").vppInstance
+       vpp.waitForApp("nginx-", 5)
+       serverAddress := s.netInterfaces[tapInterfaceName].peer.ip4AddressString()
+
+       defer func() { os.Remove(query) }()
+       curlCont := s.getContainerByName("curl")
+       args := fmt.Sprintf("curl --noproxy '*' --http3-only -k https://%s:8443/%s", serverAddress, query)
+       curlCont.extraRunningArgs = args
+       o, err := curlCont.combinedOutput()
+       s.assertNil(err)
+       s.assertContains(o, "<http>", "<http> not found in the result!")
+}
+
 func (s *NoTopoSuite) TestNginxAsServer() {
        query := "return_ok"
        finished := make(chan error, 1)

diff --git a/extras/hs-test/resources/cert/localhost.crt b/extras/hs-test/resources/cert/localhost.crt
new file mode 100644 (file)
index 0000000..b21fb48
--- /dev/null
+++ b/extras/hs-test/resources/cert/localhost.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZTCCAk2gAwIBAgIUF116CAipHqQBCyAEvNesV0u4u0swDQYJKoZIhvcNAQEL
+BQAwQjELMAkGA1UEBhMCU0sxEDAOBgNVBAgMB1ZwcExhbmQxITAfBgNVBAoMGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzA1MjkxMDI0MjhaFw0yNDA1Mjgx
+MDI0MjhaMEIxCzAJBgNVBAYTAlNLMRAwDgYDVQQIDAdWcHBMYW5kMSEwHwYDVQQK
+DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCy40rDzrrHPGIyhP24hOBQefEgKD5uUGgSUyJTCur4yB/r2PGt
+LlfipKwDmNArmZuFOgKh8evipu2jYaxf4GHQmi7PGLddvPkqo5FWtVW8oAVJMcp+
+fwfs7OgkqtYD6Y7qjmjfXb9+rMpPN8WZ7cKbJwZpF3lf8GGaLqRmPiQg2j8qzcVy
+nz8cIwBZP8BJVclA9GIagijY7Zcmz0HnTPrPoLMeyLJOTqPMfkUYA2H2eHeISkQP
+BeoFoiwCI5eM35UiWiLyiv9Kojn4BHx6MLrfKBjV13WtcRMgYm5VftsWOZ92lmHm
+bpj9mGgtd84JWtWxs33oG4mNRSAeujf9AE5VAgMBAAGjUzBRMB0GA1UdDgQWBBTj
+s+A5M/Cao+0Phgg6xFBKIPxLqjAfBgNVHSMEGDAWgBTjs+A5M/Cao+0Phgg6xFBK
+IPxLqjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB3EcGDby5u
+cEGjgAFR18kH4ztnYUdZUrPI72sOFfjRLtJpx00n759SBawqNW1Y2a1QRd+GgUBK
+YpYd2gzWYFjf/4c5BN4SrjeZGnQ8N0YomqqGKvOQO0YdYK4i/lWJjLRaLiVBn9EX
+Z+odYhGqQgoAJHnm5Mmqhx9ts8qxZLbdsh+T93mKvj+/yuai2Is+AJfLgZpdKPQN
+bCoZemRm+nghRvEP8aX/469wiz7SOLqUzxrTOtXV48wTU5LWLDCs1lF9ZdGHR9/r
+vj8unnEHIZiH3ZjN7OgaAoNHZE26Ywbmllc/a0vPw8iHdrLe7+Wtp4zXe2rcxhW7
+b+X1/yRCZ+Wg
+-----END CERTIFICATE-----

diff --git a/extras/hs-test/resources/cert/localhost.key b/extras/hs-test/resources/cert/localhost.key
new file mode 100644 (file)
index 0000000..2d65db5
--- /dev/null
+++ b/extras/hs-test/resources/cert/localhost.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCy40rDzrrHPGIy
+hP24hOBQefEgKD5uUGgSUyJTCur4yB/r2PGtLlfipKwDmNArmZuFOgKh8evipu2j
+Yaxf4GHQmi7PGLddvPkqo5FWtVW8oAVJMcp+fwfs7OgkqtYD6Y7qjmjfXb9+rMpP
+N8WZ7cKbJwZpF3lf8GGaLqRmPiQg2j8qzcVynz8cIwBZP8BJVclA9GIagijY7Zcm
+z0HnTPrPoLMeyLJOTqPMfkUYA2H2eHeISkQPBeoFoiwCI5eM35UiWiLyiv9Kojn4
+BHx6MLrfKBjV13WtcRMgYm5VftsWOZ92lmHmbpj9mGgtd84JWtWxs33oG4mNRSAe
+ujf9AE5VAgMBAAECggEANwiZ/bdh2t2G0Ef9zoCCif+Z4OzAmCuAePK+gpG/TB41
+Q9eQMlkpjH5gtRKUKHWvVMNOAAhvK2FzhmoMH8rmDMkCUZAnCV2TwjxkACr1X3xT
+Y/s/cr8d7xPLL0ynXrjB0QNS3DT5Lr111/0ue3acAiN1Y2tnWc6YGFj1FsdTUg+O
+zRysrpNUp3LAK+MXIhAXMCGKOOLxpjeyrcnUokH0I8e06of1AfAHX8jTn65MG5Ex
+n9wBYPl+u2J3SjILHoqBKjcSoNILUfBN9mQGeXhoqCzwcnygDtOxIu9xgu2nCcJr
+C1R/WXoQ8Jr6wa1n0aEVXDJeOEK9kKXLTt2/I4HB2QKBgQDemLy+o2/tbFwlU2Xy
+8/tZa30kfLCAZ+kq+lE3Kkfqt3pPYzH+lfO7u/UWtavKRQRdsKsNKbpe/EdGq7c4
+YN3L1KG5JiIo3TxilUPilYacGHklfMMbEK7cs8Jebsl6rL7BgnKuqlXGY0HEEx8L
+XqIKN1RdzL04WLOiA8qDGwYp7wKBgQDNu3DECCTkTa+mZdNDRntoffkgyd0AnwPA
+PEf43BHORpKcfGwFIrf8QWRXcLdh72Yrc9o3D53GCq+NSYGPL2OiY+/3HoAy1mH1
+EBgS08qfkZBKr6+VGjWuVAlD2m2jW+AhGXMS+Lu4yzK3V+0EzlAu4WZVBUngg1//
+6ZtyvXLf+wKBgQCozmO0nvUutFJc7BYQXP5sHZvVo8mmVyb4NMSKdUH8ug/DTJKJ
+YuZnpG6FPlh9GEHrWyMc5Fw11FOpQGe+FZeeEC5k3ophOwWkLVZB6useTWDyEN9V
+Ex3IuXnZa2LX6VDwJyEZXIuX24XwUB/m22k/Hh6Y079bj8kKQJ2/NytBeQKBgQCZ
+RGMmJ8sUKqwJEyLoo8GcfvzyaHC03cI1nLMhuxGo0vq2ihsPWGYpD65pVhfIZkl/
+ZbfT/VZVC/DtGS3kNjHL8Rf8ykRHm18u6uaEYDQ73H3apjfwpK4JSaH9YuT7Jp87
+CXKpV5TCft8xp9d0FR+3TUSnYmE/WaBTTv335RuHsQKBgCFLyxzs0hM/MhCLHJ6b
+AqyNPz36Xcwsgit1Svhwm1IC6FqkSJl3cRKhp1AP5w6ktUfUGNpF/TYI3x2jCg/m
+c0nwmqi/3Cha64XKJcI4iT2+lyuE8jXovMdNiJEEKCDalpyYJbhzRaLsoSFSbiD1
+mFDl8/aNVaQKDDboSuj9AkKs
+-----END PRIVATE KEY-----

diff --git a/extras/hs-test/resources/nginx/html/index.html b/extras/hs-test/resources/nginx/html/index.html
new file mode 100644 (file)
index 0000000..6b7c97d
--- /dev/null
+++ b/extras/hs-test/resources/nginx/html/index.html
@@ -0,0 +1,6 @@
+<http>
+    <title>nginx docker with quic</title>
+<body>
+    <p>Greetings!</p>
+</body>
+</http>

diff --git a/extras/hs-test/resources/nginx/nginx_http3.conf b/extras/hs-test/resources/nginx/nginx_http3.conf
new file mode 100644 (file)
index 0000000..c7bd78a
--- /dev/null
+++ b/extras/hs-test/resources/nginx/nginx_http3.conf
@@ -0,0 +1,25 @@
+master_process off;
+daemon off;
+
+events {
+   use epoll;
+   accept_mutex       off;
+   multi_accept       off;
+}
+
+http {
+  quic_gso on;
+  quic_retry on;
+
+  access_log logs/access.log;
+  keepalive_timeout 300s;
+  sendfile on;
+  server {
+    listen 0.0.0.0:8443 quic;
+    listen 0.0.0.0:8443 ssl;
+    root /usr/share/nginx;
+    ssl_certificate     /etc/nginx/ssl/localhost.crt;
+    ssl_certificate_key /etc/nginx/ssl/localhost.key;
+    index index.html index.htm;
+  }
+}

diff --git a/extras/hs-test/script/build_boringssl.sh b/extras/hs-test/script/build_boringssl.sh
new file mode 100755 (executable)
index 0000000..441878a
--- /dev/null
+++ b/extras/hs-test/script/build_boringssl.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+cd boringssl
+cmake -GNinja -B build
+ninja -C build

diff --git a/extras/hs-test/script/build_curl.sh b/extras/hs-test/script/build_curl.sh
new file mode 100755 (executable)
index 0000000..ae675c2
--- /dev/null
+++ b/extras/hs-test/script/build_curl.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+dir1=/tmp/dir1
+dir2=/tmp/dir2
+dir3=/tmp/dir3
+
+git clone --depth 1 -b openssl-3.0.9+quic https://github.com/quictls/openssl
+cd openssl
+echo "install path ${dir1}"
+./config enable-tls1_3 --prefix=${dir1}
+make
+make install
+
+cd ..
+git clone -b v0.12.0 https://github.com/ngtcp2/nghttp3
+cd nghttp3
+autoreconf -fi
+./configure --prefix=${dir2} --enable-lib-only
+make
+make install
+
+cd ..
+git clone -b v0.16.0 https://github.com/ngtcp2/ngtcp2
+cd ngtcp2
+autoreconf -fi
+./configure PKG_CONFIG_PATH=${dir1}/lib64/pkgconfig:${dir2}/lib/pkgconfig LDFLAGS="-Wl,-rpath,${dir1}/lib64" --prefix=${dir3} --enable-lib-only
+make
+make install
+
+cd ..
+git clone https://github.com/curl/curl
+cd curl
+autoreconf -fi
+LDFLAGS="-Wl,-rpath,${dir1}/lib64" ./configure --with-openssl=${dir1} --with-nghttp3=${dir2} --with-ngtcp2=${dir3}
+make
+make install

diff --git a/extras/hs-test/script/build.sh b/extras/hs-test/script/build_hst.sh
similarity index 91%
rename from extras/hs-test/script/build.sh
rename to extras/hs-test/script/build_hst.sh
index 398cdd7..0212e77 100755 (executable)
--- a/extras/hs-test/script/build.sh
+++ b/extras/hs-test/script/build_hst.sh
@@ -62,6 +62,11 @@ docker_build () {
 docker_build hs-test/vpp vpp
 docker_build hs-test/nginx-ldp nginx
 docker_build hs-test/nginx-server nginx-server
+docker_build hs-test/build build
+if [ "$HST_EXTENDED_TESTS" = true ] ; then
+    docker_build hs-test/nginx-http3 nginx-http3
+    docker_build hs-test/curl curl
+fi
 
 # cleanup detached images
 images=$(docker images --filter "dangling=true" -q --no-trunc)

diff --git a/extras/hs-test/script/build_nginx.sh b/extras/hs-test/script/build_nginx.sh
new file mode 100755 (executable)
index 0000000..69d366a
--- /dev/null
+++ b/extras/hs-test/script/build_nginx.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+cd nginx
+./auto/configure --with-debug --with-http_v3_module --with-cc-opt="-I../boringssl/include" --with-ld-opt="-L../boringssl/build/ssl -L../boringssl/build/crypto" --without-http_rewrite_module --without-http_gzip_module
+make
+make install

diff --git a/extras/hs-test/script/nginx_ldp.sh b/extras/hs-test/script/nginx_ldp.sh
index 90146f6..4a22e14 100755 (executable)
--- a/extras/hs-test/script/nginx_ldp.sh
+++ b/extras/hs-test/script/nginx_ldp.sh
@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 
-LD_PRELOAD=$LDP nginx $@ 2>&1 > /proc/1/fd/1
+LD_PRELOAD=$LDP $@ 2>&1 > /proc/1/fd/1

diff --git a/extras/hs-test/topo-containers/single.yaml b/extras/hs-test/topo-containers/single.yaml
index 83212c8..6fd4d31 100644 (file)
--- a/extras/hs-test/topo-containers/single.yaml
+++ b/extras/hs-test/topo-containers/single.yaml
@@ -9,6 +9,7 @@ containers:
       - <<: *shared-vol
         container-dir: "/tmp/vpp"
         is-default-work-dir: true
+
   - name: "nginx"
     volumes:
       - <<: *shared-vol
@@ -16,11 +17,31 @@ containers:
         is-default-work-dir: true
     image: "hs-test/nginx-ldp"
     is-optional: true
+
+  - name: "nginx-http3"
+    volumes:
+      - <<: *shared-vol
+        container-dir: "/tmp/nginx"
+        is-default-work-dir: true
+      - host-dir: $HST_DIR/resources/cert
+        container-dir: "/etc/nginx/ssl"
+    image: "hs-test/nginx-http3"
+    is-optional: true
+
   - name: "ab"
     image: "jordi/ab"
     is-optional: true
     run-detached: false
+
   - name: "wrk"
     image: "skandyla/wrk"
     is-optional: true
+    run-detached: false
+
+  - name: "curl"
+    vars:
+    - name: LD_LIBRARY_PATH
+      value: "/usr/local/lib"
+    image: "hs-test/curl"
+    is-optional: true
     run-detached: false
\ No newline at end of file

diff --git a/extras/hs-test/vars b/extras/hs-test/vars
index b27c5c5..d1ca078 100644 (file)
--- a/extras/hs-test/vars
+++ b/extras/hs-test/vars
@@ -4,3 +4,4 @@ export HST_LDPRELOAD=${VPP_WS}/build-root/build-vpp-native/vpp/lib/x86_64-linux-
 export PATH=${VPP_WS}/build-root/build-vpp-native/vpp/bin:$PATH
 
 export UBUNTU_VERSION=$(lsb_release -rs)
+export HST_EXTENDED_TESTS=false