-
Notifications
You must be signed in to change notification settings - Fork 338
CNI Accptance test on Kind #1445
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from 7 commits
8ef2c28
e49970c
be0ad22
e9d029e
691f10a
b95c83c
bce75ed
a3814e2
92ab438
d3feb5e
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -48,7 +48,6 @@ commands: | |||||
| wget https://get.helm.sh/helm-v3.7.0-linux-amd64.tar.gz | ||||||
| tar -zxvf helm-v3.7.0-linux-amd64.tar.gz | ||||||
| sudo mv linux-amd64/helm /usr/local/bin/helm | ||||||
|
|
||||||
| create-kind-clusters: | ||||||
| parameters: | ||||||
| version: | ||||||
|
|
@@ -59,6 +58,18 @@ commands: | |||||
| command: | | ||||||
| kind create cluster --name dc1 --image kindest/node:<< parameters.version >> | ||||||
| kind create cluster --name dc2 --image kindest/node:<< parameters.version >> | ||||||
| create-kind-cni-clusters: | ||||||
| parameters: | ||||||
| version: | ||||||
| type: string | ||||||
| steps: | ||||||
| - run: | ||||||
| name: Create CNI kind clusters | ||||||
| command: | | ||||||
| kind create cluster --config=acceptance/framework/environment/cni-kind/kind.config --name dc1 --image kindest/node:<< parameters.version >> | ||||||
| make kind-cni-calico | ||||||
| kind create cluster --config=acceptance/framework/environment/cni-kind/kind.config --name dc2 --image kindest/node:<< parameters.version >> | ||||||
| make kind-cni-calico | ||||||
| run-acceptance-tests: | ||||||
| parameters: | ||||||
| failfast: | ||||||
|
|
@@ -878,6 +889,42 @@ jobs: | |||||
| fail_only: true | ||||||
| failure_message: "Acceptance tests against Kind with Kubernetes v1.23 failed. Check the logs at: ${CIRCLE_BUILD_URL}" | ||||||
|
|
||||||
| acceptance-kind-cni-1-23: | ||||||
| parallelism: 6 | ||||||
| environment: | ||||||
| - TEST_RESULTS: /tmp/test-results | ||||||
| machine: | ||||||
| image: ubuntu-2004:202010-01 | ||||||
| resource_class: xlarge | ||||||
| steps: | ||||||
| - checkout | ||||||
| - install-prereqs | ||||||
| - create-kind-cni-clusters: | ||||||
| version: "v1.23.0" | ||||||
| - restore_cache: | ||||||
| keys: | ||||||
| - consul-helm-modcache-v2-{{ checksum "acceptance/go.mod" }} | ||||||
| - run: | ||||||
| name: go mod download | ||||||
| working_directory: *acceptance-mod-path | ||||||
| command: go mod download | ||||||
| - save_cache: | ||||||
| key: consul-helm-modcache-v2-{{ checksum "acceptance/go.mod" }} | ||||||
| paths: | ||||||
| - ~/.go_workspace/pkg/mod | ||||||
| - run: mkdir -p $TEST_RESULTS | ||||||
| - run-acceptance-tests: | ||||||
| additional-flags: -use-kind -kubecontext="kind-dc1" -secondary-kubecontext="kind-dc2" -enable-transparent-proxy -enable-cni | ||||||
| - store_test_results: | ||||||
| path: /tmp/test-results | ||||||
| - store_artifacts: | ||||||
| path: /tmp/test-results | ||||||
| - slack/status: | ||||||
| # temporarily sending to #cni-acceptance-tests channel | ||||||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Will remove before merge. |
||||||
| channel: C03V3K0040G | ||||||
| fail_only: true | ||||||
| failure_message: "Acceptance tests for CNI against Kind with Kubernetes v1.23 failed. Check the logs at: ${CIRCLE_BUILD_URL}" | ||||||
|
|
||||||
| acceptance-kind-1-23-consul-nightly-1-11: | ||||||
| environment: | ||||||
| - TEST_RESULTS: /tmp/test-results | ||||||
|
|
@@ -1007,18 +1054,22 @@ workflows: | |||||
| context: consul-ci | ||||||
| requires: | ||||||
| - dev-upload-docker | ||||||
| - acceptance-kind-cni-1-23: | ||||||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Also, we should use the same kind version as other acceptance tests in this pipeline
Suggested change
|
||||||
| context: consul-ci | ||||||
| requires: | ||||||
| - dev-upload-docker | ||||||
| - acceptance-tproxy: | ||||||
| context: consul-ci | ||||||
| requires: | ||||||
| - dev-upload-docker | ||||||
| nightly-acceptance-tests: | ||||||
| triggers: | ||||||
| - schedule: | ||||||
| cron: "0 0 * * *" | ||||||
| filters: | ||||||
| branches: | ||||||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Will fix before merge. |
||||||
| only: | ||||||
| - main | ||||||
| # triggers: | ||||||
| # - schedule: | ||||||
| # cron: "0 0 * * *" | ||||||
| # filters: | ||||||
| # branches: | ||||||
| # only: | ||||||
| # - main | ||||||
| jobs: | ||||||
| - build-distro: | ||||||
| OS: "linux" | ||||||
|
|
@@ -1027,29 +1078,33 @@ workflows: | |||||
| - dev-upload-docker: | ||||||
| requires: | ||||||
| - build-distros-linux | ||||||
| - cleanup-gcp-resources | ||||||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Will fix before merge. |
||||||
| - cleanup-azure-resources | ||||||
| - cleanup-eks-resources | ||||||
| # - cleanup-gcp-resources | ||||||
| # - cleanup-azure-resources | ||||||
| # - cleanup-eks-resources | ||||||
| # Disable until we can use UBI images. | ||||||
| # - acceptance-openshift: | ||||||
| # requires: | ||||||
| # - cleanup-azure-resources | ||||||
| - acceptance-gke-1-20: | ||||||
| requires: | ||||||
| - cleanup-gcp-resources | ||||||
| - dev-upload-docker | ||||||
| - acceptance-eks-1-19: | ||||||
| requires: | ||||||
| - cleanup-eks-resources | ||||||
| - dev-upload-docker | ||||||
| - acceptance-aks-1-21: | ||||||
| requires: | ||||||
| - cleanup-azure-resources | ||||||
| - dev-upload-docker | ||||||
| - acceptance-kind-1-23: | ||||||
| # - acceptance-gke-1-20: | ||||||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Will fix before merge. |
||||||
| # requires: | ||||||
| # - cleanup-gcp-resources | ||||||
| # - dev-upload-docker | ||||||
| # - acceptance-eks-1-19: | ||||||
| # requires: | ||||||
| # - cleanup-eks-resources | ||||||
| # - dev-upload-docker | ||||||
| # - acceptance-aks-1-21: | ||||||
| # requires: | ||||||
| # - cleanup-azure-resources | ||||||
| # - dev-upload-docker | ||||||
| # - acceptance-kind-1-23: | ||||||
| # requires: | ||||||
| # - dev-upload-docker | ||||||
| - acceptance-kind-cni-1-23: | ||||||
| requires: | ||||||
| - dev-upload-docker | ||||||
|
|
||||||
|
|
||||||
| # nightly-acceptance-tests-consul: | ||||||
| # triggers: | ||||||
| # - schedule: | ||||||
|
|
||||||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| kind: Cluster | ||
| apiVersion: kind.x-k8s.io/v1alpha4 | ||
| networking: | ||
| # Calicos default subnet. Needed for Calico to run on kind | ||
| podSubnet: 192.168.0.0/16 | ||
| serviceSubnet: 10.110.0.0/16 | ||
| # The default kind.net CNI plugin will not be installed | ||
| disableDefaultCNI: true | ||
| nodes: | ||
| - role: control-plane |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -135,7 +135,7 @@ rollingUpdate: | |
| --set 'connectInject.enabled=true' \ | ||
| . | tee /dev/stderr | | ||
| yq -rc '.spec.template.spec.containers[0].resources' | tee /dev/stderr) | ||
| [ "${actual}" = '{"limits":{"cpu":"75m","memory":"75Mi"},"requests":{"cpu":"50m","memory":"50Mi"}}' ] | ||
| [ "${actual}" = '{"limits":{"cpu":"100m","memory":"100Mi"},"requests":{"cpu":"75m","memory":"75Mi"}}' ] | ||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This needed to be increased because the CNI installer was getting OOMKilled on Kind. |
||
| } | ||
|
|
||
| @test "cni/DaemonSet: resources can be overridden" { | ||
|
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -32,7 +32,7 @@ load _helpers | |
| #-------------------------------------------------------------------- | ||
| # rules | ||
|
|
||
| @test "connectInject/ClusterRole: sets get, list, and watch access to endpoints, services, and namespaces in all api groups" { | ||
| @test "connectInject/ClusterRole: sets get, list, and watch access to endpoints, services, namespaces and nodes in all api groups" { | ||
| cd `chart_dir` | ||
| local object=$(helm template \ | ||
| -s templates/connect-inject-clusterrole.yaml \ | ||
|
|
@@ -51,6 +51,9 @@ load _helpers | |
| local actual=$(echo $object | yq -r '.resources[| index("namespaces")' | tee /dev/stderr) | ||
| [ "${actual}" != null ] | ||
|
|
||
| local actual=$(echo $object | yq -r '.resources[| index("nodes")' | tee /dev/stderr) | ||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I had added 'node' back to the connect inject cluster role in a previous PR (yesterday) and I missed the bats test for it. |
||
| [ "${actual}" != null ] | ||
|
|
||
| local actual=$(echo $object | yq -r '.apiGroups[0]' | tee /dev/stderr) | ||
| [ "${actual}" = "" ] | ||
|
|
||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could we add a job for the
test-and-buildpipeline as well so that it runs on every PR?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.