test framework support connection via proxy (istio#34690)

* test framework support connection via proxy

* address comment

pkg/kube/spdy.go

@@ -38,7 +38,12 @@ func roundTripperFor(restConfig *rest.Config) (http.RoundTripper, spdy.Upgrader,
 		}
 	}
 
-	upgrader := spdyStream.NewRoundTripper(tlsConfig, true, false)
+	var upgrader *spdyStream.SpdyRoundTripper
+	if restConfig.Proxy != nil {
+		upgrader = spdyStream.NewRoundTripperWithProxy(tlsConfig, true, false, restConfig.Proxy)
+	} else {
+		upgrader = spdyStream.NewRoundTripper(tlsConfig, true, false)
+	}
 	wrapper, err := rest.HTTPWrappersForConfig(restConfig, upgrader)
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed creating SPDY upgrade wrapper: %w", err)

pkg/test/echo/server/forwarder/instance.go

@@ -41,6 +41,8 @@ type Config struct {
 
 	// XDSTestBootstrap, for gRPC forwarders, is used to set the bootstrap without using a global one defined in the env
 	XDSTestBootstrap []byte
+	// Http proxy used for connection
+	Proxy string
 }
 
 func (c Config) fillInDefaults() Config {

pkg/test/echo/server/forwarder/protocol.go

@@ -25,6 +25,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"net/url"
 	"os"
 	"strings"
 	"time"
@@ -180,6 +181,13 @@ func newProtocol(cfg Config) (protocol, error) {
 			},
 			do: cfg.Dialer.HTTP,
 		}
+		if len(cfg.Proxy) > 0 {
+			proxyURL, err := url.Parse(cfg.Proxy)
+			if err != nil {
+				return nil, err
+			}
+			proto.client.Transport.(*http.Transport).Proxy = http.ProxyURL(proxyURL)
+		}
 		if cfg.Request.Http3 && scheme.Instance(urlScheme) == scheme.HTTP {
 			return nil, fmt.Errorf("http3 requires HTTPS")
 		} else if cfg.Request.Http3 {

pkg/test/framework/components/cluster/cluster.go

@@ -208,4 +208,7 @@ type Cluster interface {
 
 	// ConfigName returns the name of the config cluster for this cluster.
 	ConfigName() string
+
+	// HTTPProxy returns the HTTP proxy config to connect to the cluster
+	HTTPProxy() string
 }

pkg/test/framework/components/cluster/config.go

@@ -32,6 +32,7 @@ type Config struct {
 	Kind               Kind       `yaml:"kind,omitempty"`
 	Name               string     `yaml:"clusterName,omitempty"`
 	Network            string     `yaml:"network,omitempty"`
+	HTTPProxy          string     `yaml:"httpProxy,omitempty"`
 	PrimaryClusterName string     `yaml:"primaryClusterName,omitempty"`
 	ConfigClusterName  string     `yaml:"configClusterName,omitempty"`
 	Meta               config.Map `yaml:"meta,omitempty"`

pkg/test/framework/components/cluster/kube/factory.go

@@ -16,6 +16,8 @@ package kube
 
 import (
 	"fmt"
+	"net/http"
+	"net/url"
 
 	"k8s.io/client-go/rest"
 
@@ -45,9 +47,21 @@ func buildKube(origCfg cluster.Config, topology cluster.Topology) (cluster.Clust
 		return nil, err
 	}
 
-	client, err := buildClient(kubeconfigPath)
-	if err != nil {
-		return nil, err
+	var client istioKube.ExtendedClient
+	if len(cfg.HTTPProxy) > 0 {
+		proxyURL, err := url.Parse(cfg.HTTPProxy)
+		if err != nil {
+			return nil, err
+		}
+		client, err = buildClientWithProxy(kubeconfigPath, proxyURL)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		client, err = buildClient(kubeconfigPath)
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	// support fake VMs by default
@@ -82,3 +96,15 @@ func buildClient(kubeconfig string) (istioKube.ExtendedClient, error) {
 	}
 	return istioKube.NewExtendedClient(istioKube.NewClientConfigForRestConfig(rc), "")
 }
+
+func buildClientWithProxy(kubeconfig string, proxyURL *url.URL) (istioKube.ExtendedClient, error) {
+	rc, err := istioKube.DefaultRestConfig(kubeconfig, "", func(config *rest.Config) {
+		config.QPS = 200
+		config.Burst = 400
+	})
+	if err != nil {
+		return nil, err
+	}
+	rc.Proxy = http.ProxyURL(proxyURL)
+	return istioKube.NewExtendedClient(istioKube.NewClientConfigForRestConfig(rc), "")
+}

pkg/test/framework/components/cluster/topology.go

@@ -30,6 +30,7 @@ func NewTopology(config Config, allClusters Map) Topology {
 		ClusterName:        config.Name,
 		ClusterKind:        config.Kind,
 		Network:            config.Network,
+		ClusterHTTPProxy:   config.HTTPProxy,
 		PrimaryClusterName: config.PrimaryClusterName,
 		ConfigClusterName:  config.ConfigClusterName,
 		AllClusters:        allClusters,
@@ -43,6 +44,7 @@ type Topology struct {
 	ClusterName        string
 	ClusterKind        Kind
 	Network            string
+	ClusterHTTPProxy   string
 	PrimaryClusterName string
 	ConfigClusterName  string
 	Index              int
@@ -60,6 +62,11 @@ func (c Topology) Name() string {
 	return c.ClusterName
 }
 
+// HTTPProxy to connect to the cluster
+func (c Topology) HTTPProxy() string {
+	return c.ClusterHTTPProxy
+}
+
 // knownClusterNames maintains a well-known set of cluster names. These will always be used with
 // StableNames if encountered.
 var knownClusterNames = map[string]struct{}{
@@ -180,6 +187,7 @@ func (c Topology) String() string {
 	_, _ = fmt.Fprintf(buf, "PrimaryCluster:     %s\n", c.Primary().Name())
 	_, _ = fmt.Fprintf(buf, "ConfigCluster:      %s\n", c.Config().Name())
 	_, _ = fmt.Fprintf(buf, "Network:            %s\n", c.NetworkName())
+	_, _ = fmt.Fprintf(buf, "HTTPProxy:            %s\n", c.HTTPProxy())
 
 	return buf.String()
 }

pkg/test/framework/components/echo/call.go

@@ -86,6 +86,9 @@ type CallOptions struct {
 	// will be verified.
 	Validator Validator
 
+	// HTTProxy used for making ingress echo call via proxy
+	HTTPProxy string
+
 	Alpn       *proto.Alpn
 	ServerName string
 }

pkg/test/framework/components/echo/common/call.go

@@ -128,6 +128,7 @@ func CallEcho(opts *echo.CallOptions, retry bool, retryOptions ...retry.Option)
 	send := func(req *proto.ForwardEchoRequest) (client.ParsedResponses, error) {
 		instance, err := forwarder.New(forwarder.Config{
 			Request: req,
+			Proxy:   opts.HTTPProxy,
 		})
 		if err != nil {
 			return nil, err

pkg/test/framework/components/istio/ingress.go

@@ -236,6 +236,9 @@ func (c *ingressImpl) callEcho(options echo.CallOptions, retry bool, retryOption
 	if host := options.Headers["Host"]; len(host) == 0 {
 		options.Headers["Host"] = []string{options.Address}
 	}
+	if len(c.cluster.HTTPProxy()) > 0 {
+		options.HTTPProxy = c.cluster.HTTPProxy()
+	}
 	return common.CallEcho(&options, retry, retryOptions...)
 }