Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Testing an apiserver as part of development #7

Open
maleck13 opened this issue Jun 30, 2017 · 17 comments
Open

Testing an apiserver as part of development #7

maleck13 opened this issue Jun 30, 2017 · 17 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.

Comments

@maleck13
Copy link
Contributor

This is a great resource and very useful, thanks for putting it together. Something that is not clear to me however is what is a good approach to testing the external api of the apiserver (integration, blackbox). Is there a good example of this? When developing a non kubernetes api server, I would normally use the httptest package, start the server with a mocked implementation of the storage layer and the use the http.Client to make a request against the exposed API. Is something similar available and if so are there examples of how to do this?
@deads2k
Copy link
Collaborator

deads2k commented Jun 30, 2017

Take a look at how I wired together the integration tests for the CRD server here: https://github.com/kubernetes/apiextensions-apiserver/blob/master/test/integration/basic_test.go#L45 . Basically it stands up an insecure server for a local integration test of just that server.

It does seem like this would be an ideal location to demonstrate that concept. @maleck13 do you feel up to opening a pull into k8s.io/kubernetes that adds an integration test like that to show people how they can test?

@maleck13
Copy link
Contributor Author

maleck13 commented Jun 30, 2017
edited
Loading

@deads2k sure I will take a look at doing that.

I have added something similar here https://github.com/openshift/open-service-broker-sdk/pull/29/files

I will base the PR for this repo from that work

@deads2k deads2k mentioned this issue Jul 3, 2017
Merged
@maleck13
Copy link
Contributor Author

maleck13 commented Jul 4, 2017

@deads2k Looking for some guidance. Fairly new to Kubernetes apiservers. In this repo the clientsets are not generated yet, should the generated clientsets be part of the sample-apiserver? In your example, which I used as a base for creating the referenced PR against the open-service-broker-sdk, it makes use of the clientsets, so it seems these would need to be generated before the test could be executed.

@p0lyn0mial
Copy link
Contributor

correct, the sample-apiserver lacks the clientsets. In fact I am going to need them in my upcoming PR. It would be really nice if you could add them :) Here you should find some info:

https://github.com/kubernetes/community/blob/master/contributors/devel/generating-clientset.md

https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/sample-apiserver/hack/update-codegen.sh

@maleck13
Copy link
Contributor Author

maleck13 commented Jul 6, 2017

@p0lyn0mial ok thanks, I had looked at those, having trouble with the update-codegen as it seems to want to be run from the root of kubernetes. Hoping to give this some time tomorrow.

@maleck13 maleck13 closed this as completed Jul 6, 2017
@maleck13 maleck13 reopened this Jul 6, 2017
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

Prevent issues from auto-closing with an /lifecycle frozen comment.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Dec 31, 2017
@nikhita
Copy link
Member

nikhita commented Jan 16, 2018

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jan 16, 2018
@nikhita nikhita mentioned this issue Jan 30, 2018
Closed
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 16, 2018
@nikhita
Copy link
Member

nikhita commented Apr 17, 2018

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 17, 2018
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 16, 2018
@nikhita
Copy link
Member

nikhita commented Jul 20, 2018

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 20, 2018
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 18, 2018
@nikhita
Copy link
Member

nikhita commented Nov 11, 2018

/lifecycle frozen

@k8s-ci-robot k8s-ci-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Nov 11, 2018
@nikhita
Copy link
Member

nikhita commented Nov 11, 2018

/kind feature

@k8s-ci-robot k8s-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Nov 11, 2018
@jot-hub
Copy link

jot-hub commented Aug 12, 2020

hi, almost 2 years late :)

KUBERNETES_VERSION=v1.13.10
minikube=v1.12.0

am trying to get a stand-alone api server up and running with no authn, authz (originally the goal was to have it running with oidc config, independent of the minikube's api server, but gave up after several attempts).

Following is how I start it:
1.

sample-apiserver --etcd-prefix=blah
--etcd-servers=http://localhost:2379
--v=7
--client-ca-file=/cax509.crt         
--kubeconfig=/dummy-kube-config
--authentication-kubeconfig=/dummy-kube-config
--authorization-kubeconfig=/dummy-kube-config
--disable-admission-plugins
"NamespaceLifecycle,MutatingAdmissionWebhook,ValidatingAdmissionWebhook

dummy-kube-config refers to a dummy cluster (obviously) - http://127.1.2.3:12345

I later port-forward the svc (k port-forward svc/api 8001:443 -n wardle)

  1. curl -k https://localhost:8001/apis
    Internal Server Error: "/apis": Post "http://127.1.2.3:12345/apis/authorization.k8s.io/v1/subjectaccessreviews": dial tcp 127.1.2.3:12345: connect: connection ref

I tried --authorization-skip-lookup but its not recognized at all

is it possible to get the api server running independent of the actual kubernetes api server at all?

@erwinvaneyk
Copy link
Contributor

erwinvaneyk commented Aug 28, 2020
edited
Loading

@jot-hub as far as I know, without any changes sample-apiserver can't be brought up independently. I got it working independently by stripping out all authn/authz/admission functionality in start.go—but that was possible because my use case didn't require that functionality.

@jot-hub jot-hub mentioned this issue Mar 10, 2022
Closed
@jot-hub
Copy link

jot-hub commented Mar 10, 2022
edited
Loading

Hi, I had another look at this (I agree, its been a long time). Just some minor typos caused a confusion. I fixed those minor typos ☝️ - hopefully it helps someone.
c.c: @sttts

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@maleck13 @erwinvaneyk @deads2k @nikhita @jot-hub @k8s-ci-robot @p0lyn0mial @fejta-bot