#!/bin/bash # Nginx NodePort IPv6 Testing Script # Tests and validates IPv6 accessibility for nginx-nodeport deployment set -e echo "🌐 Mycelium Cloud - Nginx NodePort IPv6 Testing" echo "==================================================" # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Function to print colored output print_status() { echo -e "${GREEN}✅ $1${NC}" } print_warning() { echo -e "${YELLOW}⚠️ $1${NC}" } print_error() { echo -e "${RED}❌ $1${NC}" } print_info() { echo -e "${BLUE}ℹ️ $1${NC}" } # Check if kubectl is available if ! command -v kubectl &> /dev/null; then print_error "kubectl is not installed or not in PATH" exit 1 fi # Check if we can connect to the cluster if ! kubectl cluster-info &> /dev/null; then print_error "Cannot connect to Kubernetes cluster" exit 1 fi print_status "Connected to Kubernetes cluster" # Check if nginx-nodeport deployment exists if ! kubectl get deployment nginx-nodeport &> /dev/null; then print_error "nginx-nodeport deployment not found. Please deploy first:" echo " kubectl apply -f nginx-nodeport-configmaps.yaml" echo " kubectl apply -f nginx-nodeport-deployment.yaml" echo " kubectl apply -f nginx-nodeport-service.yaml" exit 1 fi print_status "nginx-nodeport deployment found" # Wait for pods to be ready print_info "Waiting for nginx-nodeport pods to be ready..." if kubectl wait --for=condition=ready pod -l app=nginx-nodeport --timeout=60s; then print_status "nginx-nodeport pods are ready" else print_error "nginx-nodeport pods failed to become ready" kubectl get pods -l app=nginx-nodeport exit 1 fi # Get pod information and node it's running on POD_NAME=$(kubectl get pods -l app=nginx-nodeport -o name | head -1) POD_NODE=$(kubectl get pods -l app=nginx-nodeport -o jsonpath='{.items[0].spec.nodeName}') print_info "Testing pod: $POD_NAME" print_info "Pod is running on node: $POD_NODE" # Test nginx configuration print_info "Testing nginx configuration..." if kubectl exec $POD_NAME -- nginx -t &> /dev/null; then print_status "nginx configuration is valid" else print_error "nginx configuration is invalid" kubectl exec $POD_NAME -- nginx -t exit 1 fi # Test health endpoint print_info "Testing health endpoint..." if kubectl exec $POD_NAME -- curl -s http://localhost:8080/health | grep -q "healthy"; then print_status "Health endpoint is working" else print_error "Health endpoint failed" exit 1 fi # Test IPv6 listening print_info "Checking IPv6 support in nginx..." if kubectl exec $POD_NAME -- netstat -tuln | grep -q ":8080"; then print_status "nginx is listening on port 8080" else print_error "nginx is not listening on port 8080" exit 1 fi # Get service information print_info "Checking NodePort service..." SERVICE_TYPE=$(kubectl get svc nginx-nodeport-service -o jsonpath='{.spec.type}') if [ "$SERVICE_TYPE" = "NodePort" ]; then print_status "NodePort service is configured correctly" else print_error "Service type is '$SERVICE_TYPE', expected 'NodePort'" exit 1 fi # Extract NodePort NODEPORT=$(kubectl get svc nginx-nodeport-service -o jsonpath='{.spec.ports[0].nodePort}') if [ "$NODEPORT" = "30091" ]; then print_status "NodePort is correctly set to 30091" else print_warning "NodePort is $NODEPORT (expected 30091)" fi print_info "NodePort: $NODEPORT" # Get the Mycelium IPv6 address of the SPECIFIC node where the pod is running # This is critical with externalTrafficPolicy: Local print_info "Getting Mycelium IPv6 address of node where pod is running..." # Get Mycelium IPv6 of the specific node where our pod is running NODE_IPV6=$(kubectl get node "$POD_NODE" -o jsonpath='{range .status.addresses[?(@.type=="InternalIP")]}{.address}{"\n"}{end}' 2>/dev/null | grep -E '^[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+$' | head -1) if [ -z "$NODE_IPV6" ]; then print_warning "Could not get Mycelium IPv6 address for node $POD_NODE" print_info "Please manually find your node IPv6 address with:" echo " kubectl get node $POD_NODE -o jsonpath='{range .status.addresses[?(@.type==\"InternalIP\")]}{.address}{\"\n\"}{end}' | grep ':'" else print_status "Pod's node ($POD_NODE) Mycelium IPv6: $NODE_IPV6" print_info "⚠️ NOTE: With externalTrafficPolicy: Local, service is only accessible on THIS node's IP" # Test external connectivity print_info "Testing external Mycelium IPv6 connectivity..." # Test with IPv6 if command -v curl &> /dev/null; then print_info "Testing: curl -6 \"http://[$NODE_IPV6]:$NODEPORT/\"" if curl -6 -s -m 10 "http://[$NODE_IPV6]:$NODEPORT/" > /tmp/nodeport_test.html 2>/dev/null; then if [ -s /tmp/nodeport_test.html ]; then print_status "External Mycelium IPv6 connectivity is working!" print_info "Your website is accessible at: http://[$NODE_IPV6]:$NODEPORT/" print_info "Content preview:" head -3 /tmp/nodeport_test.html | sed 's/^/ /' rm -f /tmp/nodeport_test.html else print_warning "Connected but received no content" fi else print_warning "External Mycelium IPv6 connectivity test failed" print_info "This might be due to:" print_info " • Firewall or network policies blocking port $NODEPORT" print_info " • Pod not running on this specific node" print_info " • Mycelium network not properly configured" print_info "" print_info "Try testing from within the cluster:" echo " kubectl exec $POD_NAME -- curl -s http://localhost:8080/" fi rm -f /tmp/nodeport_test.html else print_info "curl not available, skipping external connectivity test" fi fi # Test ConfigMaps print_info "Checking ConfigMaps..." if kubectl get configmap nginx-nodeport-content &> /dev/null; then print_status "nginx-nodeport-content ConfigMap exists" else print_error "nginx-nodeport-content ConfigMap not found" exit 1 fi if kubectl get configmap nginx-nodeport-nginx-config &> /dev/null; then print_status "nginx-nodeport-nginx-config ConfigMap exists" else print_error "nginx-nodeport-nginx-config ConfigMap not found" exit 1 fi # Test content mounting print_info "Testing content mounting..." if kubectl exec $POD_NAME -- ls -la /usr/share/nginx/html/index.html &> /dev/null; then print_status "Website content is properly mounted" else print_error "Website content mounting failed" exit 1 fi # Test nginx config mounting print_info "Testing nginx config mounting..." if kubectl exec $POD_NAME -- ls -la /etc/nginx/conf.d/default.conf &> /dev/null; then print_status "nginx configuration is properly mounted" else print_error "nginx configuration mounting failed" exit 1 fi # Display access information echo "" echo "🎉 Nginx NodePort IPv6 Testing Complete!" echo "=========================================" echo "" echo "📊 Summary:" echo " • nginx-nodeport deployment: Running" echo " • NodePort service: Configured (Port $NODEPORT)" echo " • Health endpoint: Working" echo " • Content mounting: OK" echo " • nginx configuration: Valid" echo "" echo "🌐 Access Information:" if [ ! -z "$NODE_IPV6" ]; then echo " • External URL: http://[$NODE_IPV6]:$NODEPORT/" echo " • Health check: http://[$NODE_IPV6]:$NODEPORT/health" echo " • Internal test: kubectl exec $POD_NAME -- curl -s http://localhost:8080/" echo "" echo " 💡 All worker node Mycelium IPv6 addresses:" kubectl get nodes -o jsonpath='{range .items[*]}{range .status.addresses[?(@.type=="InternalIP")]}{.address}{"\n"}{end}{end}' | grep -E '^[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+:[0-9a-f]+$' | nl -v 1 -w 5 -s '. ' | sed 's/^/ /' else echo " • Get your node Mycelium IPv6 addresses:" echo " kubectl get nodes -o jsonpath='{range .items[*]}{range .status.addresses[?(@.type==\"InternalIP\")]}{.address}{\"\n\"}{end}{end}' | grep ':'" echo " • Access URL: http://[YOUR-NODE-IPV6]:$NODEPORT/" fi echo "" echo "📋 Next Steps:" echo " • Open the external URL in a browser to see your secure website" echo " • Check the compare-approaches.md for security comparison" echo " • Test scaling: kubectl scale deployment nginx-nodeport --replicas=3" echo " • Monitor logs: kubectl logs -f deployment/nginx-nodeport" echo "" # Show recent logs print_info "Recent nginx access logs:" kubectl logs --tail=5 deployment/nginx-nodeport echo "" print_status "All tests passed! Your nginx-nodeport deployment is working correctly."