feat: Add nginx-nodeport example with comprehensive documentation and security comparison
This commit is contained in:
mik-tf
213
examples/nginx-nodeport/test-nodeport-ipv6.sh
Executable file
213
examples/nginx-nodeport/test-nodeport-ipv6.sh
Executable file
@@ -0,0 +1,213 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Nginx NodePort IPv6 Testing Script
|
||||
# Tests and validates IPv6 accessibility for nginx-nodeport deployment
|
||||
|
||||
set -e
|
||||
|
||||
echo "🌐 Mycelium Cloud - Nginx NodePort IPv6 Testing"
|
||||
echo "=================================================="
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
# Function to print colored output
|
||||
print_status() {
|
||||
echo -e "${GREEN}✅ $1${NC}"
|
||||
}
|
||||
|
||||
print_warning() {
|
||||
echo -e "${YELLOW}⚠️ $1${NC}"
|
||||
}
|
||||
|
||||
print_error() {
|
||||
echo -e "${RED}❌ $1${NC}"
|
||||
}
|
||||
|
||||
print_info() {
|
||||
echo -e "${BLUE}ℹ️ $1${NC}"
|
||||
}
|
||||
|
||||
# Check if kubectl is available
|
||||
if ! command -v kubectl &> /dev/null; then
|
||||
print_error "kubectl is not installed or not in PATH"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if we can connect to the cluster
|
||||
if ! kubectl cluster-info &> /dev/null; then
|
||||
print_error "Cannot connect to Kubernetes cluster"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
print_status "Connected to Kubernetes cluster"
|
||||
|
||||
# Check if nginx-nodeport deployment exists
|
||||
if ! kubectl get deployment nginx-nodeport &> /dev/null; then
|
||||
print_error "nginx-nodeport deployment not found. Please deploy first:"
|
||||
echo " kubectl apply -f nginx-nodeport-configmaps.yaml"
|
||||
echo " kubectl apply -f nginx-nodeport-deployment.yaml"
|
||||
echo " kubectl apply -f nginx-nodeport-service.yaml"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
print_status "nginx-nodeport deployment found"
|
||||
|
||||
# Wait for pods to be ready
|
||||
print_info "Waiting for nginx-nodeport pods to be ready..."
|
||||
if kubectl wait --for=condition=ready pod -l app=nginx-nodeport --timeout=60s; then
|
||||
print_status "nginx-nodeport pods are ready"
|
||||
else
|
||||
print_error "nginx-nodeport pods failed to become ready"
|
||||
kubectl get pods -l app=nginx-nodeport
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Get pod information
|
||||
POD_NAME=$(kubectl get pods -l app=nginx-nodeport -o name | head -1)
|
||||
print_info "Testing pod: $POD_NAME"
|
||||
|
||||
# Test nginx configuration
|
||||
print_info "Testing nginx configuration..."
|
||||
if kubectl exec $POD_NAME -- nginx -t &> /dev/null; then
|
||||
print_status "nginx configuration is valid"
|
||||
else
|
||||
print_error "nginx configuration is invalid"
|
||||
kubectl exec $POD_NAME -- nginx -t
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Test health endpoint
|
||||
print_info "Testing health endpoint..."
|
||||
if kubectl exec $POD_NAME -- curl -s http://localhost:8080/health | grep -q "healthy"; then
|
||||
print_status "Health endpoint is working"
|
||||
else
|
||||
print_error "Health endpoint failed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Test IPv6 listening
|
||||
print_info "Checking IPv6 support in nginx..."
|
||||
if kubectl exec $POD_NAME -- netstat -tuln | grep -q ":8080"; then
|
||||
print_status "nginx is listening on port 8080"
|
||||
else
|
||||
print_error "nginx is not listening on port 8080"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Get service information
|
||||
print_info "Checking NodePort service..."
|
||||
SERVICE_INFO=$(kubectl get svc nginx-nodeport-service -o yaml)
|
||||
if echo "$SERVICE_INFO" | grep -q "type: NodePort"; then
|
||||
print_status "NodePort service is configured"
|
||||
else
|
||||
print_error "NodePort service not properly configured"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Extract NodePort
|
||||
NODEPORT=$(kubectl get svc nginx-nodeport-service -o jsonpath='{.spec.ports[0].nodePort}')
|
||||
print_info "NodePort: $NODEPORT"
|
||||
|
||||
# Get node IPv6 address
|
||||
print_info "Getting node IPv6 address..."
|
||||
NODE_IPV6=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}' 2>/dev/null || echo "")
|
||||
|
||||
if [ -z "$NODE_IPV6" ]; then
|
||||
print_warning "Could not get node IPv6 address automatically"
|
||||
print_info "Please manually find your node IPv6 address with:"
|
||||
echo " kubectl get nodes -o wide"
|
||||
else
|
||||
print_status "Node IPv6 address: $NODE_IPV6"
|
||||
|
||||
# Test external connectivity
|
||||
print_info "Testing external IPv6 connectivity..."
|
||||
|
||||
# Test with IPv6
|
||||
if command -v curl &> /dev/null; then
|
||||
if curl -6 -s -m 10 "http://[$NODE_IPV6]:$NODEPORT/" &> /dev/null; then
|
||||
print_status "External IPv6 connectivity is working!"
|
||||
print_info "Your website is accessible at: http://[$NODE_IPV6]:$NODEPORT/"
|
||||
else
|
||||
print_warning "External IPv6 connectivity test failed"
|
||||
print_info "This might be due to firewall or network policies"
|
||||
print_info "Website should still be accessible from within the cluster"
|
||||
fi
|
||||
else
|
||||
print_info "curl not available, skipping external connectivity test"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Test ConfigMaps
|
||||
print_info "Checking ConfigMaps..."
|
||||
if kubectl get configmap nginx-nodeport-content &> /dev/null; then
|
||||
print_status "nginx-nodeport-content ConfigMap exists"
|
||||
else
|
||||
print_error "nginx-nodeport-content ConfigMap not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if kubectl get configmap nginx-nodeport-nginx-config &> /dev/null; then
|
||||
print_status "nginx-nodeport-nginx-config ConfigMap exists"
|
||||
else
|
||||
print_error "nginx-nodeport-nginx-config ConfigMap not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Test content mounting
|
||||
print_info "Testing content mounting..."
|
||||
if kubectl exec $POD_NAME -- ls -la /usr/share/nginx/html/index.html &> /dev/null; then
|
||||
print_status "Website content is properly mounted"
|
||||
else
|
||||
print_error "Website content mounting failed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Test nginx config mounting
|
||||
print_info "Testing nginx config mounting..."
|
||||
if kubectl exec $POD_NAME -- ls -la /etc/nginx/conf.d/default.conf &> /dev/null; then
|
||||
print_status "nginx configuration is properly mounted"
|
||||
else
|
||||
print_error "nginx configuration mounting failed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Display access information
|
||||
echo ""
|
||||
echo "🎉 Nginx NodePort IPv6 Testing Complete!"
|
||||
echo "========================================="
|
||||
echo ""
|
||||
echo "📊 Summary:"
|
||||
echo " • nginx-nodeport deployment: Running"
|
||||
echo " • NodePort service: Configured (Port $NODEPORT)"
|
||||
echo " • Health endpoint: Working"
|
||||
echo " • Content mounting: OK"
|
||||
echo " • nginx configuration: Valid"
|
||||
echo ""
|
||||
echo "🌐 Access Information:"
|
||||
if [ ! -z "$NODE_IPV6" ]; then
|
||||
echo " • External URL: http://[$NODE_IPV6]:$NODEPORT/"
|
||||
echo " • Health check: http://[$NODE_IPV6]:$NODEPORT/health"
|
||||
echo " • Internal test: kubectl exec $POD_NAME -- curl -s http://localhost:8080/"
|
||||
else
|
||||
echo " • Please get your node IPv6 address: kubectl get nodes -o wide"
|
||||
echo " • Access URL: http://[YOUR-NODE-IPV6]:$NODEPORT/"
|
||||
fi
|
||||
echo ""
|
||||
echo "📋 Next Steps:"
|
||||
echo " • Open the external URL in a browser to see your secure website"
|
||||
echo " • Check the compare-approaches.md for security comparison"
|
||||
echo " • Test scaling: kubectl scale deployment nginx-nodeport --replicas=3"
|
||||
echo " • Monitor logs: kubectl logs -f deployment/nginx-nodeport"
|
||||
echo ""
|
||||
|
||||
# Show recent logs
|
||||
print_info "Recent nginx access logs:"
|
||||
kubectl logs --tail=5 deployment/nginx-nodeport
|
||||
|
||||
echo ""
|
||||
print_status "All tests passed! Your nginx-nodeport deployment is working correctly."
|
||||
Reference in New Issue
Block a user