1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
--- ./test/clientcert_test.sh 2023-02-05 11:35:30.331041943 +0100
+++ /home/mba/debian/pkg-postgresql/git/vip-manager2/test/clientcert_test.sh 2023-02-05 11:46:39.844452539 +0100
@@ -47,7 +47,6 @@
echo -e "${RED}### Some tests failed! ###${NC}"
rm .failed
fi
- #podman stop etcd
}
trap cleanup EXIT
@@ -55,12 +54,10 @@
! ip address show dev $dev | grep $vip
# run etcd with podman/docker maybe?
-# podman rm etcd || true
-# podman run --rm -d --name etcd -p 2379:2379 -e "ETCD_ENABLE_V2=true" -e "ALLOW_NONE_AUTHENTICATION=yes" -v `pwd`/test/certs/:/certs:Z quay.io/coreos/etcd /usr/local/bin/etcd --trusted-ca-file=/certs/etcd_server_ca.crt --client-cert-auth --cert-file=/certs/etcd_server.crt --key-file=/certs/etcd_server.key --listen-client-urls https://127.0.0.1:2379 --advertise-client-urls https://127.0.0.1:2379
+#podman run --rm -d --name etcd -p 2379:2379 -e "ETCD_ENABLE_V2=true" -e "ALLOW_NONE_AUTHENTICATION=yes" -v `pwd`/test/certs/:/certs:Z quay.io/coreos/etcd /usr/local/bin/etcd --trusted-ca-file=/certs/etcd_server_ca.crt --client-cert-auth --cert-file=/certs/etcd_server.crt --key-file=/certs/etcd_server.key --listen-client-urls https://127.0.0.1:2379 --advertise-client-urls https://127.0.0.1:2379
-# run etcd locally maybe?
-#etcd --enable-v2 --trusted-ca-file=test/certs/etcd_server_ca.crt --client-cert-auth --cert-file=test/certs/etcd_server.crt --key-file=test/certs/etcd_server.key --listen-client-urls https://127.0.0.1:2379 --advertise-client-urls https://127.0.0.1:2379 &
-#echo $! > .etcdPid
+etcd --enable-v2 --trusted-ca-file=test/certs/etcd_server_ca.crt --client-cert-auth --cert-file=test/certs/etcd_server.crt --key-file=test/certs/etcd_server.key --listen-client-urls https://127.0.0.1:2379 --advertise-client-urls https://127.0.0.1:2379 &
+echo $! > .etcdPid
sleep 2
# simulate server, e.g. postgres
@@ -70,7 +67,7 @@
etcdctl --cert test/certs/etcd_client.crt --key test/certs/etcd_client.key --cacert test/certs/etcd_server_ca.crt del service/pgcluster/leader || true
touch .failed
-./vip-manager --etcd-cert-file test/certs/etcd_client.crt --etcd-key-file test/certs/etcd_client.key --etcd-ca-file test/certs/etcd_server_ca.crt --dcs-endpoints https://127.0.0.1:2379 --interface $dev --ip $vip --netmask 32 --trigger-key service/pgcluster/leader --trigger-value $HOSTNAME &> vip-manager.log &
+vip-manager --etcd-cert-file test/certs/etcd_client.crt --etcd-key-file test/certs/etcd_client.key --etcd-ca-file test/certs/etcd_server_ca.crt --dcs-endpoints https://127.0.0.1:2379 --interface $dev --ip $vip --netmask 32 --trigger-key service/pgcluster/leader --trigger-value $HOSTNAME &> vip-manager.log &
echo $! > .vipPid
sleep 2
@@ -81,8 +78,10 @@
etcdctl --cert test/certs/etcd_client.crt --key test/certs/etcd_client.key --cacert test/certs/etcd_server_ca.crt put service/pgcluster/leader $HOSTNAME
sleep 2
-# we're just checking whether vip-manager picked up the change, for some reason, we can't run an elevated container of quay.io/coreos/etcd
-grep 'state is false, desired true' vip-manager.log
+# test 2: vip should now be registered
+ip address show dev $dev | grep $vip
+
+ncat -vzw 1 $vip 12345
rm .failed
echo -e "${GREEN}### You've reached the end of the script, all \"tests\" have successfully been passed! ###${NC}"
|
