From 71ba0873e30b91dda95dbb79397691fed37e7fdc Mon Sep 17 00:00:00 2001 From: Marek Siarkowicz Date: Sat, 1 Apr 2023 16:17:30 +0200 Subject: [PATCH 1/2] tests/robustness: Encrypt peer traffic to prevent proxy manipulating packets Signed-off-by: Marek Siarkowicz --- tests/framework/e2e/cluster.go | 3 +++ tests/robustness/linearizability_test.go | 1 + 2 files changed, 4 insertions(+) diff --git a/tests/framework/e2e/cluster.go b/tests/framework/e2e/cluster.go index 42cde6abd..5f6daa21c 100644 --- a/tests/framework/e2e/cluster.go +++ b/tests/framework/e2e/cluster.go @@ -478,6 +478,9 @@ func (cfg *EtcdProcessClusterConfig) EtcdServerProcessConfig(tb testing.TB, i in peerAdvertiseUrl := url.URL{Scheme: cfg.PeerScheme(), Host: fmt.Sprintf("localhost:%d", peerPort)} var proxyCfg *proxy.ServerConfig if cfg.PeerProxy { + if !cfg.IsPeerTLS { + panic("Can't use peer proxy without peer TLS as it can result in malformed packets") + } peerAdvertiseUrl.Host = fmt.Sprintf("localhost:%d", peer2Port) proxyCfg = &proxy.ServerConfig{ Logger: zap.NewNop(), diff --git a/tests/robustness/linearizability_test.go b/tests/robustness/linearizability_test.go index 5619dc0b6..806963bef 100644 --- a/tests/robustness/linearizability_test.go +++ b/tests/robustness/linearizability_test.go @@ -103,6 +103,7 @@ func TestRobustness(t *testing.T) { failpoint: RandomMultiNodeClusterFailpoint, traffic: &traffic, config: *e2e.NewConfig( + e2e.WithIsPeerTLS(true), e2e.WithSnapshotCount(100), e2e.WithPeerProxy(true), e2e.WithGoFailEnabled(true), From 03214c0239cba32605ef51a07d07ff56b3015c3a Mon Sep 17 00:00:00 2001 From: Marek Siarkowicz Date: Sat, 1 Apr 2023 16:17:30 +0200 Subject: [PATCH 2/2] Revert "tests/robustness: Disable testing network blackhole until #15595 is fixed" This reverts commit 013e25fab9f76f0c1a00459555fe42b33f379eb9. Signed-off-by: Marek Siarkowicz --- tests/robustness/failpoints.go | 8 +++----- tests/robustness/linearizability_test.go | 24 ++++++++++++------------ 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/tests/robustness/failpoints.go b/tests/robustness/failpoints.go index 9fb3d5a2b..1f72ad524 100644 --- a/tests/robustness/failpoints.go +++ b/tests/robustness/failpoints.go @@ -66,9 +66,8 @@ var ( CompactBeforeSetFinishedCompactPanic, CompactAfterSetFinishedCompactPanic, CompactBeforeCommitBatchPanic, CompactAfterCommitBatchPanic, RaftBeforeLeaderSendPanic, + BlackholePeerNetwork, DelayPeerNetwork, - // TODO(https://github.com/etcd-io/etcd/issues/15595): Re-enable after issue is fixed - //BlackholePeerNetwork, } RandomOneNodeClusterFailpoint Failpoint = randomFailpoint{oneNodeClusterFailpoints} RaftBeforeFollowerSendPanic Failpoint = goPanicFailpoint{"raftBeforeFollowerSend", nil, Follower} @@ -79,9 +78,8 @@ var ( RaftBeforeSaveSnapPanic Failpoint = goPanicFailpoint{"raftBeforeSaveSnap", triggerBlackholeUntilSnapshot, Follower} RaftAfterSaveSnapPanic Failpoint = goPanicFailpoint{"raftAfterSaveSnap", triggerBlackholeUntilSnapshot, Follower} RandomSnapshotFailpoint Failpoint = randomFailpoint{[]Failpoint{ - // TODO(https://github.com/etcd-io/etcd/issues/15595): Re-enable after issue is fixed - //RaftBeforeApplySnapPanic, RaftAfterApplySnapPanic, RaftAfterWALReleasePanic, RaftBeforeSaveSnapPanic, RaftAfterSaveSnapPanic, - //BlackholeUntilSnapshot, + RaftBeforeApplySnapPanic, RaftAfterApplySnapPanic, RaftAfterWALReleasePanic, RaftBeforeSaveSnapPanic, RaftAfterSaveSnapPanic, + BlackholeUntilSnapshot, }} ) diff --git a/tests/robustness/linearizability_test.go b/tests/robustness/linearizability_test.go index 806963bef..19a883b82 100644 --- a/tests/robustness/linearizability_test.go +++ b/tests/robustness/linearizability_test.go @@ -137,18 +137,18 @@ func TestRobustness(t *testing.T) { e2e.WithSnapshotCount(100), ), }, - // TODO(https://github.com/etcd-io/etcd/issues/15595): Re-enable after issue is fixed - //{ - // name: "Snapshot", - // failpoint: RandomSnapshotFailpoint, - // traffic: &HighTraffic, - // config: *e2e.NewConfig( - // e2e.WithGoFailEnabled(true), - // e2e.WithSnapshotCount(100), - // e2e.WithSnapshotCatchUpEntries(100), - // e2e.WithPeerProxy(true), - // ), - //}, + { + name: "Snapshot", + failpoint: RandomSnapshotFailpoint, + traffic: &HighTraffic, + config: *e2e.NewConfig( + e2e.WithGoFailEnabled(true), + e2e.WithSnapshotCount(100), + e2e.WithSnapshotCatchUpEntries(100), + e2e.WithPeerProxy(true), + e2e.WithIsPeerTLS(true), + ), + }, }...) for _, scenario := range scenarios { if scenario.traffic == nil {