hs-test: add nginx+quic test
Type: test
Change-Id: I15e4f2fb84cb4f34b6fea95978db000854a63e78
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
diff --git a/extras/hs-test/Makefile b/extras/hs-test/Makefile
index 3d7673a..7a5fb13 100644
--- a/extras/hs-test/Makefile
+++ b/extras/hs-test/Makefile
@@ -44,8 +44,11 @@
@echo " fixstyle - format .go source files"
@echo " list-tests - list all tests"
@echo
- @echo "Make arguments:"
+ @echo "make build arguments:"
@echo " UBUNTU_VERSION - ubuntu version for docker image"
+ @echo " HST_EXTENDED_TESTS - build extended tests"
+ @echo
+ @echo "make test arguments:"
@echo " PERSIST=[true|false] - whether clean up topology and dockers after test"
@echo " VERBOSE=[true|false] - verbose output"
@echo " UNCONFIGURE=[true|false] - unconfigure selected test"
@@ -76,12 +79,12 @@
build: .deps.ok build-vpp-release build-go
@rm -f .build.vpp
- bash ./script/build.sh release
+ bash ./script/build_hst.sh release
@touch .build.vpp
build-debug: .deps.ok build-vpp-debug build-go
@rm -f .build.vpp
- bash ./script/build.sh debug
+ bash ./script/build_hst.sh debug
@touch .build.vpp
.deps.ok:
diff --git a/extras/hs-test/docker/Dockerfile.build b/extras/hs-test/docker/Dockerfile.build
new file mode 100644
index 0000000..8b2652e
--- /dev/null
+++ b/extras/hs-test/docker/Dockerfile.build
@@ -0,0 +1,8 @@
+ARG UBUNTU_VERSION
+
+FROM ubuntu:${UBUNTU_VERSION}
+
+RUN apt-get update \
+ && apt-get install -y gcc git make autoconf libtool pkg-config cmake ninja-build golang \
+ && rm -rf /var/lib/apt/lists/*
+
diff --git a/extras/hs-test/docker/Dockerfile.curl b/extras/hs-test/docker/Dockerfile.curl
new file mode 100644
index 0000000..21f8f54
--- /dev/null
+++ b/extras/hs-test/docker/Dockerfile.curl
@@ -0,0 +1,7 @@
+FROM hs-test/build
+
+COPY script/build_curl.sh /build_curl.sh
+RUN git clone https://github.com/curl/curl
+RUN /build_curl.sh
+
+CMD ["/bin/sh"]
diff --git a/extras/hs-test/docker/Dockerfile.nginx b/extras/hs-test/docker/Dockerfile.nginx
index c426659..11ec6af 100644
--- a/extras/hs-test/docker/Dockerfile.nginx
+++ b/extras/hs-test/docker/Dockerfile.nginx
@@ -17,4 +17,4 @@
ENV VCL_DEBUG=0
ENV LDP_SID_BIT=8
-ENTRYPOINT ["nginx_ldp.sh", "-c", "/nginx.conf"]
+ENTRYPOINT ["nginx_ldp.sh", "nginx", "-c", "/nginx.conf"]
diff --git a/extras/hs-test/docker/Dockerfile.nginx-http3 b/extras/hs-test/docker/Dockerfile.nginx-http3
new file mode 100644
index 0000000..5d66a25
--- /dev/null
+++ b/extras/hs-test/docker/Dockerfile.nginx-http3
@@ -0,0 +1,24 @@
+FROM hs-test/build
+
+COPY script/build_boringssl.sh /build_boringssl.sh
+RUN git clone https://boringssl.googlesource.com/boringssl
+RUN ./build_boringssl.sh
+
+COPY script/build_nginx.sh /build_nginx.sh
+RUN git clone https://github.com/nginx/nginx
+RUN ./build_nginx.sh
+
+COPY vpp-data/lib/* /usr/lib/
+COPY resources/nginx/vcl.conf /vcl.conf
+COPY resources/nginx/nginx_http3.conf /nginx.conf
+COPY script/nginx_ldp.sh /usr/bin/nginx_ldp.sh
+
+COPY resources/nginx/html/index.html /usr/share/nginx/index.html
+
+ENV VCL_CONFIG=/vcl.conf
+ENV LDP=/usr/lib/libvcl_ldpreload.so
+ENV LDP_DEBUG=0
+ENV VCL_DEBUG=0
+ENV LDP_SID_BIT=8
+
+ENTRYPOINT ["nginx_ldp.sh", "/usr/local/nginx/sbin/nginx", "-c", "/nginx.conf"]
diff --git a/extras/hs-test/hst_suite.go b/extras/hs-test/hst_suite.go
index d972c9d..093bca0 100644
--- a/extras/hs-test/hst_suite.go
+++ b/extras/hs-test/hst_suite.go
@@ -4,6 +4,8 @@
"flag"
"io/ioutil"
"os"
+ "os/exec"
+ "strings"
"time"
"github.com/edwarnicke/exechelper"
@@ -162,6 +164,20 @@
}
}
+func (s *HstSuite) SkipUnlessExtendedTestsBuilt() {
+ imageName := "hs-test/nginx-http3"
+
+ cmd := exec.Command("docker", "images", imageName)
+ byteOutput, err := cmd.CombinedOutput()
+ if err != nil {
+ s.log("error while searching for docker image")
+ return
+ }
+ if !strings.Contains(string(byteOutput), imageName) {
+ s.skip("extended tests not built")
+ }
+}
+
func (s *HstSuite) resetContainers() {
for _, container := range s.containers {
container.stop()
diff --git a/extras/hs-test/http_test.go b/extras/hs-test/http_test.go
index e576e4a..503f42a 100644
--- a/extras/hs-test/http_test.go
+++ b/extras/hs-test/http_test.go
@@ -40,6 +40,26 @@
s.assertContains(o, "<html>", "<html> not found in the result!")
}
+func (s *NoTopoSuite) TestNginxHttp3() {
+ s.SkipUnlessExtendedTestsBuilt()
+
+ query := "index.html"
+ nginxCont := s.getContainerByName("nginx-http3")
+ s.assertNil(nginxCont.run())
+
+ vpp := s.getContainerByName("vpp").vppInstance
+ vpp.waitForApp("nginx-", 5)
+ serverAddress := s.netInterfaces[tapInterfaceName].peer.ip4AddressString()
+
+ defer func() { os.Remove(query) }()
+ curlCont := s.getContainerByName("curl")
+ args := fmt.Sprintf("curl --noproxy '*' --http3-only -k https://%s:8443/%s", serverAddress, query)
+ curlCont.extraRunningArgs = args
+ o, err := curlCont.combinedOutput()
+ s.assertNil(err)
+ s.assertContains(o, "<http>", "<http> not found in the result!")
+}
+
func (s *NoTopoSuite) TestNginxAsServer() {
query := "return_ok"
finished := make(chan error, 1)
diff --git a/extras/hs-test/resources/cert/localhost.crt b/extras/hs-test/resources/cert/localhost.crt
new file mode 100644
index 0000000..b21fb48
--- /dev/null
+++ b/extras/hs-test/resources/cert/localhost.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZTCCAk2gAwIBAgIUF116CAipHqQBCyAEvNesV0u4u0swDQYJKoZIhvcNAQEL
+BQAwQjELMAkGA1UEBhMCU0sxEDAOBgNVBAgMB1ZwcExhbmQxITAfBgNVBAoMGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzA1MjkxMDI0MjhaFw0yNDA1Mjgx
+MDI0MjhaMEIxCzAJBgNVBAYTAlNLMRAwDgYDVQQIDAdWcHBMYW5kMSEwHwYDVQQK
+DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCy40rDzrrHPGIyhP24hOBQefEgKD5uUGgSUyJTCur4yB/r2PGt
+LlfipKwDmNArmZuFOgKh8evipu2jYaxf4GHQmi7PGLddvPkqo5FWtVW8oAVJMcp+
+fwfs7OgkqtYD6Y7qjmjfXb9+rMpPN8WZ7cKbJwZpF3lf8GGaLqRmPiQg2j8qzcVy
+nz8cIwBZP8BJVclA9GIagijY7Zcmz0HnTPrPoLMeyLJOTqPMfkUYA2H2eHeISkQP
+BeoFoiwCI5eM35UiWiLyiv9Kojn4BHx6MLrfKBjV13WtcRMgYm5VftsWOZ92lmHm
+bpj9mGgtd84JWtWxs33oG4mNRSAeujf9AE5VAgMBAAGjUzBRMB0GA1UdDgQWBBTj
+s+A5M/Cao+0Phgg6xFBKIPxLqjAfBgNVHSMEGDAWgBTjs+A5M/Cao+0Phgg6xFBK
+IPxLqjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB3EcGDby5u
+cEGjgAFR18kH4ztnYUdZUrPI72sOFfjRLtJpx00n759SBawqNW1Y2a1QRd+GgUBK
+YpYd2gzWYFjf/4c5BN4SrjeZGnQ8N0YomqqGKvOQO0YdYK4i/lWJjLRaLiVBn9EX
+Z+odYhGqQgoAJHnm5Mmqhx9ts8qxZLbdsh+T93mKvj+/yuai2Is+AJfLgZpdKPQN
+bCoZemRm+nghRvEP8aX/469wiz7SOLqUzxrTOtXV48wTU5LWLDCs1lF9ZdGHR9/r
+vj8unnEHIZiH3ZjN7OgaAoNHZE26Ywbmllc/a0vPw8iHdrLe7+Wtp4zXe2rcxhW7
+b+X1/yRCZ+Wg
+-----END CERTIFICATE-----
diff --git a/extras/hs-test/resources/cert/localhost.key b/extras/hs-test/resources/cert/localhost.key
new file mode 100644
index 0000000..2d65db5
--- /dev/null
+++ b/extras/hs-test/resources/cert/localhost.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCy40rDzrrHPGIy
+hP24hOBQefEgKD5uUGgSUyJTCur4yB/r2PGtLlfipKwDmNArmZuFOgKh8evipu2j
+Yaxf4GHQmi7PGLddvPkqo5FWtVW8oAVJMcp+fwfs7OgkqtYD6Y7qjmjfXb9+rMpP
+N8WZ7cKbJwZpF3lf8GGaLqRmPiQg2j8qzcVynz8cIwBZP8BJVclA9GIagijY7Zcm
+z0HnTPrPoLMeyLJOTqPMfkUYA2H2eHeISkQPBeoFoiwCI5eM35UiWiLyiv9Kojn4
+BHx6MLrfKBjV13WtcRMgYm5VftsWOZ92lmHmbpj9mGgtd84JWtWxs33oG4mNRSAe
+ujf9AE5VAgMBAAECggEANwiZ/bdh2t2G0Ef9zoCCif+Z4OzAmCuAePK+gpG/TB41
+Q9eQMlkpjH5gtRKUKHWvVMNOAAhvK2FzhmoMH8rmDMkCUZAnCV2TwjxkACr1X3xT
+Y/s/cr8d7xPLL0ynXrjB0QNS3DT5Lr111/0ue3acAiN1Y2tnWc6YGFj1FsdTUg+O
+zRysrpNUp3LAK+MXIhAXMCGKOOLxpjeyrcnUokH0I8e06of1AfAHX8jTn65MG5Ex
+n9wBYPl+u2J3SjILHoqBKjcSoNILUfBN9mQGeXhoqCzwcnygDtOxIu9xgu2nCcJr
+C1R/WXoQ8Jr6wa1n0aEVXDJeOEK9kKXLTt2/I4HB2QKBgQDemLy+o2/tbFwlU2Xy
+8/tZa30kfLCAZ+kq+lE3Kkfqt3pPYzH+lfO7u/UWtavKRQRdsKsNKbpe/EdGq7c4
+YN3L1KG5JiIo3TxilUPilYacGHklfMMbEK7cs8Jebsl6rL7BgnKuqlXGY0HEEx8L
+XqIKN1RdzL04WLOiA8qDGwYp7wKBgQDNu3DECCTkTa+mZdNDRntoffkgyd0AnwPA
+PEf43BHORpKcfGwFIrf8QWRXcLdh72Yrc9o3D53GCq+NSYGPL2OiY+/3HoAy1mH1
+EBgS08qfkZBKr6+VGjWuVAlD2m2jW+AhGXMS+Lu4yzK3V+0EzlAu4WZVBUngg1//
+6ZtyvXLf+wKBgQCozmO0nvUutFJc7BYQXP5sHZvVo8mmVyb4NMSKdUH8ug/DTJKJ
+YuZnpG6FPlh9GEHrWyMc5Fw11FOpQGe+FZeeEC5k3ophOwWkLVZB6useTWDyEN9V
+Ex3IuXnZa2LX6VDwJyEZXIuX24XwUB/m22k/Hh6Y079bj8kKQJ2/NytBeQKBgQCZ
+RGMmJ8sUKqwJEyLoo8GcfvzyaHC03cI1nLMhuxGo0vq2ihsPWGYpD65pVhfIZkl/
+ZbfT/VZVC/DtGS3kNjHL8Rf8ykRHm18u6uaEYDQ73H3apjfwpK4JSaH9YuT7Jp87
+CXKpV5TCft8xp9d0FR+3TUSnYmE/WaBTTv335RuHsQKBgCFLyxzs0hM/MhCLHJ6b
+AqyNPz36Xcwsgit1Svhwm1IC6FqkSJl3cRKhp1AP5w6ktUfUGNpF/TYI3x2jCg/m
+c0nwmqi/3Cha64XKJcI4iT2+lyuE8jXovMdNiJEEKCDalpyYJbhzRaLsoSFSbiD1
+mFDl8/aNVaQKDDboSuj9AkKs
+-----END PRIVATE KEY-----
diff --git a/extras/hs-test/resources/nginx/html/index.html b/extras/hs-test/resources/nginx/html/index.html
new file mode 100644
index 0000000..6b7c97d
--- /dev/null
+++ b/extras/hs-test/resources/nginx/html/index.html
@@ -0,0 +1,6 @@
+<http>
+ <title>nginx docker with quic</title>
+<body>
+ <p>Greetings!</p>
+</body>
+</http>
diff --git a/extras/hs-test/resources/nginx/nginx_http3.conf b/extras/hs-test/resources/nginx/nginx_http3.conf
new file mode 100644
index 0000000..c7bd78a
--- /dev/null
+++ b/extras/hs-test/resources/nginx/nginx_http3.conf
@@ -0,0 +1,25 @@
+master_process off;
+daemon off;
+
+events {
+ use epoll;
+ accept_mutex off;
+ multi_accept off;
+}
+
+http {
+ quic_gso on;
+ quic_retry on;
+
+ access_log logs/access.log;
+ keepalive_timeout 300s;
+ sendfile on;
+ server {
+ listen 0.0.0.0:8443 quic;
+ listen 0.0.0.0:8443 ssl;
+ root /usr/share/nginx;
+ ssl_certificate /etc/nginx/ssl/localhost.crt;
+ ssl_certificate_key /etc/nginx/ssl/localhost.key;
+ index index.html index.htm;
+ }
+}
diff --git a/extras/hs-test/script/build_boringssl.sh b/extras/hs-test/script/build_boringssl.sh
new file mode 100755
index 0000000..441878a
--- /dev/null
+++ b/extras/hs-test/script/build_boringssl.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+cd boringssl
+cmake -GNinja -B build
+ninja -C build
diff --git a/extras/hs-test/script/build_curl.sh b/extras/hs-test/script/build_curl.sh
new file mode 100755
index 0000000..ae675c2
--- /dev/null
+++ b/extras/hs-test/script/build_curl.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+dir1=/tmp/dir1
+dir2=/tmp/dir2
+dir3=/tmp/dir3
+
+git clone --depth 1 -b openssl-3.0.9+quic https://github.com/quictls/openssl
+cd openssl
+echo "install path ${dir1}"
+./config enable-tls1_3 --prefix=${dir1}
+make
+make install
+
+cd ..
+git clone -b v0.12.0 https://github.com/ngtcp2/nghttp3
+cd nghttp3
+autoreconf -fi
+./configure --prefix=${dir2} --enable-lib-only
+make
+make install
+
+cd ..
+git clone -b v0.16.0 https://github.com/ngtcp2/ngtcp2
+cd ngtcp2
+autoreconf -fi
+./configure PKG_CONFIG_PATH=${dir1}/lib64/pkgconfig:${dir2}/lib/pkgconfig LDFLAGS="-Wl,-rpath,${dir1}/lib64" --prefix=${dir3} --enable-lib-only
+make
+make install
+
+cd ..
+git clone https://github.com/curl/curl
+cd curl
+autoreconf -fi
+LDFLAGS="-Wl,-rpath,${dir1}/lib64" ./configure --with-openssl=${dir1} --with-nghttp3=${dir2} --with-ngtcp2=${dir3}
+make
+make install
diff --git a/extras/hs-test/script/build.sh b/extras/hs-test/script/build_hst.sh
similarity index 91%
rename from extras/hs-test/script/build.sh
rename to extras/hs-test/script/build_hst.sh
index 398cdd7..0212e77 100755
--- a/extras/hs-test/script/build.sh
+++ b/extras/hs-test/script/build_hst.sh
@@ -62,6 +62,11 @@
docker_build hs-test/vpp vpp
docker_build hs-test/nginx-ldp nginx
docker_build hs-test/nginx-server nginx-server
+docker_build hs-test/build build
+if [ "$HST_EXTENDED_TESTS" = true ] ; then
+ docker_build hs-test/nginx-http3 nginx-http3
+ docker_build hs-test/curl curl
+fi
# cleanup detached images
images=$(docker images --filter "dangling=true" -q --no-trunc)
diff --git a/extras/hs-test/script/build_nginx.sh b/extras/hs-test/script/build_nginx.sh
new file mode 100755
index 0000000..69d366a
--- /dev/null
+++ b/extras/hs-test/script/build_nginx.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+cd nginx
+./auto/configure --with-debug --with-http_v3_module --with-cc-opt="-I../boringssl/include" --with-ld-opt="-L../boringssl/build/ssl -L../boringssl/build/crypto" --without-http_rewrite_module --without-http_gzip_module
+make
+make install
diff --git a/extras/hs-test/script/nginx_ldp.sh b/extras/hs-test/script/nginx_ldp.sh
index 90146f6..4a22e14 100755
--- a/extras/hs-test/script/nginx_ldp.sh
+++ b/extras/hs-test/script/nginx_ldp.sh
@@ -1,3 +1,3 @@
#!/usr/bin/env bash
-LD_PRELOAD=$LDP nginx $@ 2>&1 > /proc/1/fd/1
+LD_PRELOAD=$LDP $@ 2>&1 > /proc/1/fd/1
diff --git a/extras/hs-test/topo-containers/single.yaml b/extras/hs-test/topo-containers/single.yaml
index 83212c8..6fd4d31 100644
--- a/extras/hs-test/topo-containers/single.yaml
+++ b/extras/hs-test/topo-containers/single.yaml
@@ -9,6 +9,7 @@
- <<: *shared-vol
container-dir: "/tmp/vpp"
is-default-work-dir: true
+
- name: "nginx"
volumes:
- <<: *shared-vol
@@ -16,11 +17,31 @@
is-default-work-dir: true
image: "hs-test/nginx-ldp"
is-optional: true
+
+ - name: "nginx-http3"
+ volumes:
+ - <<: *shared-vol
+ container-dir: "/tmp/nginx"
+ is-default-work-dir: true
+ - host-dir: $HST_DIR/resources/cert
+ container-dir: "/etc/nginx/ssl"
+ image: "hs-test/nginx-http3"
+ is-optional: true
+
- name: "ab"
image: "jordi/ab"
is-optional: true
run-detached: false
+
- name: "wrk"
image: "skandyla/wrk"
is-optional: true
+ run-detached: false
+
+ - name: "curl"
+ vars:
+ - name: LD_LIBRARY_PATH
+ value: "/usr/local/lib"
+ image: "hs-test/curl"
+ is-optional: true
run-detached: false
\ No newline at end of file
diff --git a/extras/hs-test/vars b/extras/hs-test/vars
index b27c5c5..d1ca078 100644
--- a/extras/hs-test/vars
+++ b/extras/hs-test/vars
@@ -4,3 +4,4 @@
export PATH=${VPP_WS}/build-root/build-vpp-native/vpp/bin:$PATH
export UBUNTU_VERSION=$(lsb_release -rs)
+export HST_EXTENDED_TESTS=false