@@ -1687,6 +1687,67 @@ var _ = SIGDescribe("Services", func() {
16871687 svc .Spec .ExternalTrafficPolicy = v1 .ServiceExternalTrafficPolicyTypeCluster
16881688 execAffinityTestForLBService (f , cs , svc , true )
16891689 })
1690+
1691+ It ("should implement service.kubernetes.io/service-proxy-name" , func () {
1692+ // this test uses framework.NodeSSHHosts that does not work if a Node only reports LegacyHostIP
1693+ framework .SkipUnlessProviderIs (framework .ProvidersWithSSH ... )
1694+ // this test does not work if the Node does not support SSH Key
1695+ framework .SkipUnlessSSHKeyPresent ()
1696+
1697+ ns := f .Namespace .Name
1698+ numPods , servicePort := 3 , defaultServeHostnameServicePort
1699+ serviceProxyNameLabels := map [string ]string {"service.kubernetes.io/service-proxy-name" : "foo-bar" }
1700+
1701+ // We will create 2 services to test creating services in both states and also dynamic updates
1702+ // svcDisabled: Created with the label, will always be disabled. We create this early and
1703+ // test again late to make sure it never becomes available.
1704+ // svcToggled: Created without the label then the label is toggled verifying reachability at each step.
1705+
1706+ By ("creating service-disabled in namespace " + ns )
1707+ svcDisabled := getServeHostnameService ("service-disabled" )
1708+ svcDisabled .ObjectMeta .Labels = serviceProxyNameLabels
1709+ _ , svcDisabledIP , err := framework .StartServeHostnameService (cs , internalClientset , svcDisabled , ns , numPods )
1710+ Expect (err ).NotTo (HaveOccurred ())
1711+
1712+ By ("creating service in namespace " + ns )
1713+ svcToggled := getServeHostnameService ("service" )
1714+ podToggledNames , svcToggledIP , err := framework .StartServeHostnameService (cs , internalClientset , svcToggled , ns , numPods )
1715+ Expect (err ).NotTo (HaveOccurred ())
1716+
1717+ jig := framework .NewServiceTestJig (cs , svcToggled .ObjectMeta .Name )
1718+
1719+ hosts , err := framework .NodeSSHHosts (cs )
1720+ Expect (err ).NotTo (HaveOccurred ())
1721+ if len (hosts ) == 0 {
1722+ framework .Failf ("No ssh-able nodes" )
1723+ }
1724+ host := hosts [0 ]
1725+
1726+ By ("verifying service is up" )
1727+ framework .ExpectNoError (framework .VerifyServeHostnameServiceUp (cs , ns , host , podToggledNames , svcToggledIP , servicePort ))
1728+
1729+ By ("verifying service-disabled is not up" )
1730+ framework .ExpectNoError (framework .VerifyServeHostnameServiceDown (cs , host , svcDisabledIP , servicePort ))
1731+
1732+ By ("adding service-proxy-name label" )
1733+ jig .UpdateServiceOrFail (ns , svcToggled .ObjectMeta .Name , func (svc * v1.Service ) {
1734+ svc .ObjectMeta .Labels = serviceProxyNameLabels
1735+ })
1736+
1737+ By ("verifying service is not up" )
1738+ framework .ExpectNoError (framework .VerifyServeHostnameServiceDown (cs , host , svcToggledIP , servicePort ))
1739+
1740+ By ("removing service-proxy-name annotation" )
1741+ jig .UpdateServiceOrFail (ns , svcToggled .ObjectMeta .Name , func (svc * v1.Service ) {
1742+ svc .ObjectMeta .Labels = nil
1743+ })
1744+
1745+ By ("verifying service is up" )
1746+ framework .ExpectNoError (framework .VerifyServeHostnameServiceUp (cs , ns , host , podToggledNames , svcToggledIP , servicePort ))
1747+
1748+ By ("verifying service-disabled is still not up" )
1749+ framework .ExpectNoError (framework .VerifyServeHostnameServiceDown (cs , host , svcDisabledIP , servicePort ))
1750+ })
16901751})
16911752
16921753// TODO: Get rid of [DisabledForLargeClusters] tag when issue #56138 is fixed.
0 commit comments