e2e

package
v1.14.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 26, 2024 License: Apache-2.0 Imports: 52 Imported by: 0

README

Running the Antrea end-to-end tests

Creating the test Kubernetes cluster

The tests must be run on an actual Kubernetes cluster. At the moment, we require the cluster to be created using Vagrant and the provided Vagrantfile, which you can do by following the instructions below.

Creating the test Kubernetes cluster with Vagrant

We use Vagrant to provision two Virtual Machines (one Kubernetes control-plane Node and one worker Node). The required software is installed on each machine with Ansible. By default the Vagrantfile uses VirtualBox but you should be able to edit the file to use your favorite Vagrant provider.

Dependencies

We require the following to be installed on your host machine:

  • vagrant (>= 2.0.0)
  • ansible (>= 2.4.0)
  • virtualbox (See supported versions here).
Ubuntu 18.04 (or later)

You can install all dependencies with sudo apt install vagrant ansible virtualbox.

Mac OS

You can install all the dependencies with brew:

  • brew install --cask virtualbox
  • brew install --cask vagrant
  • brew install ansible

If an action is required on your part, brew will let you know in its log messages.

Managing the cluster

Use the following Bash scripts to manage the Kubernetes Nodes with Vagrant:

  • ./infra/vagrant/provision.sh: create the required VMs and provision them
  • ./infra/vagrant/push_antrea.sh: load Antrea Docker image to each Node, along with the Antrea deployment YAML
  • ./infra/vagrant/suspend.sh: suspend all Node VMs
  • ./infra/vagrant/resume.sh: resume all Node VMs
  • ./infra/vagrant/destroy.sh: destoy all Node VMs, you will need to run provision.sh again to create a new cluster

Note that ./infra/vagrant/provision.sh can take a while to complete but it only needs to be run once.

IPv6 cluster

To test Antrea IPv6 support, an IPv6-only cluster can be created, by provisioning a private IPv6 network to connect Kubernetes Nodes, instead of a private IPv4 network. You simply need to invoke ./infra/vagrant/provision.sh with --ip-family v6. This option can be used even if the host machine does not support IPv6 itself. Note however that the Nodes do not have public IPv6 connectivity; they can still connect to the Internet using IPv4, which means that Docker images can be pulled without issue. Similarly, Pods (which only support IPv6) cannot connect to the Internet. To avoid issues when running Kubernetes conformance tests, we configure a proxy on the control-plane Node for all DNS traffic. While CoreDNS will reply to cluster local DNS queries directly, all other queries will be forwarded to the proxy over IPv6, and the proxy will then forward them to the default resolver for the Node (this time over IPv4). This means that all DNS queries from the Pods should succeed, even though the returned public IP addresses (IPv4 and / or IPv6) are not accessible.

You may need more recent versions of the dependencies (virtualbox, vagrant, ansible) than the ones listed above when creating an IPv6 cluster. The following versions were tested successfully:

  • vagrant 2.2.14
  • ansible 2.9.18
  • virtualbox 5.2
Debugging

You can SSH into any of the Node VMs using vagrant ssh [Node name] (must be run from the infra/vagrant directory. The control-plane Node is named k8s-node-control-plane and the worker Nodes are named k8s-node-worker-<N> (for a single worker Node, the name is k8s-node-worker-1. kubectl is installed on all the Nodes.

The kubeconfig file for the cluster can also be found locally on your machine at ./infra/vagrant/playbook/kube/config. If you install kubectl locally and set the KUBECONFIG environment variable to the absolute path of this kubeconfig file, you can run commands against your test cluster created with Vagrant. For example:

cd <directory containing this README file>
export KUBECONFIG=`pwd`/infra/vagrant/playbook/kube/config
kubectl cluster-info
Known issues
The IP address configured for the host-only network is not within the allowed ranges

With recent versions of VirtualBox (> 6.1.26), you may see the following error when running ./infra/vagrant/provision.sh:

The IP address configured for the host-only network is not within the
allowed ranges. Please update the address used to be within the allowed
ranges and run the command again.

  Address: 192.168.77.100
  Ranges: 192.168.56.0/21

Valid ranges can be modified in the /etc/vbox/networks.conf file. For
more information including valid format see:

  https://www.virtualbox.org/manual/ch06.html#network_hostonly

To workaround this issue, you can either:

  • downgrade your VirtualBox version to 6.1.26
  • create a /etc/vbox/networks.conf file with the following contents:
* 192.168.77.0/24

Running the tests

Make sure that your cluster was provisioned and that the Antrea build artifacts were pushed to all the Nodes. You can then run the tests from the top-level directory with go test -v -timeout=30m antrea.io/antrea/test/e2e (the -v enables verbose output).

Running the tests with vagrant

If you are running the test for the first time and are using the scripts we provide under infra/vagrant to provision your Kubernetes cluster, you will therefore need the following steps:

  1. ./infra/vagrant/provision.sh
  2. make
  3. ./infra/vagrant/push_antrea.sh
  4. go test -v -timeout=30m antrea.io/antrea/test/e2e

If you need to test an updated version of Antrea, just run ./infra/vagrant/push_antrea.sh and then run the tests again.

Running the tests with remote (existing K8s cluster)

If you already have a K8s cluster, these steps should be followed to run the e2e tests.

First, you should provide the ssh information for each Node in the cluster. Here is an example:

Host <Control-Plane-Node>
    HostName <Control-Plane-IP>
    Port 22
    user ubuntu
    IdentityFile /home/ubuntu/.ssh/id_rsa
Host <Worker-Node>
    HostName <Worker-Node-IP>
    Port 22
    user ubuntu
    IdentityFile /home/ubuntu/.ssh/id_rsa

Make sure the Host entry for each Node matches the K8s Node name. The Port is the port used by the ssh service on the Node.

Besides, you should add the public key to authorized_keys of each Node and set PubkeyAuthentication of ssh service to yes.

Second, the kubeconfig of the cluster should be copied to the right location, e.g. $HOME/.kube/config or the path specified by -remote.kubeconfig.

Third, the antrea.yml (and antrea-windows.yml if the cluster has Windows Nodes) should be put under the $HOME directory of the control-plane Node.

Now you can start e2e tests using the command below:

go test -v antrea.io/antrea/test/e2e -provider=remote

You can specify ssh and kubeconfig locations with -remote.sshconfig and -remote.kubeconfig. The default location of -remote.sshconfig is $HOME/.ssh/config and the default location of -remote.kubeconfig is $HOME/.kube/config.

Running the e2e tests on a Kind cluster

The simplest way is to run the following command:

./ci/kind/test-e2e-kind.sh [options]

It will set up a two worker Node Kind cluster to run the e2e tests, and destroy the cluster after the tests stop (succeed or fail). kubectl needs to be present in your PATH to set up the test cluster. For more information on the usage of this script and the options, run:

./ci/kind/test-e2e-kind.sh --help

You can also run the e2e tests with an existing Kind cluster. Refer to this document for instructions on how to create a Kind cluster and use Antrea as the CNI. You need at least one control-plane Node and one worker Node. Before running the Go e2e tests, you will also need to copy the Antrea manifest to the control-plane Docker container:

./hack/generate-manifest.sh | docker exec -i kind-control-plane dd of=/root/antrea.yml
go test -timeout=75 -v antrea.io/antrea/test/e2e -provider=kind

The default timeout of go test is 10 minutes. If you encounter any timeout issue during e2e, you can try to increase timeout first. Some cases take more than 10 minutes. eg: go test -v -timeout=20m antrea.io/antrea/test/e2e -run=TestAntreaPolicy -provider=kind.

generate-manifest.sh supports generating the Antrea manifest with different Antrea configurations. Run ./hack/generate-manifest.sh --help to see the supported config options.

As part of code development, if you want to run the tests with local changes, then make the code changes on the local repo and build the image. You can load the new image into the kind cluster using the command below:

kind load docker-image antrea/antrea-ubuntu:latest --name <kind_cluster_name>

By default, if a test case fails, we write some useful debug information to a temporary directory on disk. This information includes the detailed description (obtained with kubectl describe) and the logs (obtained with kubectl logs) of each Antrea Pod at the time the test case exited. When running the tests in verbose mode (i.e. with -v), the test logs will tell you the location of that temporary directory. You may also choose your own directory using --logs-export-dir. For example:

mkdir antrea-test-logs
go test -count=1 -v -run=TestDeletePod antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs

If the user provides a log directory which was used for a previous run, existing contents (subdirectories for each test case) will be overridden. By default the description and logs for Antrea Pods are only written to disk if a test fails. You can choose to dump this information unconditionally with --logs-export-on-success.

Testing the Prometheus Integration

The Prometheus integration tests can be run as part of the e2e tests when enabled explicitly.

  • To load Antrea into the cluster with Prometheus enabled, use: ./infra/vagrant/push_antrea.sh --prometheus
  • To run the Prometheus tests within the e2e suite, use: go test -v antrea.io/antrea/test/e2e --prometheus

Running the performance test

To run all benchmarks, without the standard e2e tests:

go test -v -timeout=30m -run=XXX -bench=. \
    antrea.io/antrea/test/e2e \
    -perf.http.concurrency=16

The above command uses -run=XXX to deselect all Test* tests and uses -bench=. to select all Benchmark* tests. Since performance tests take a while to complete, you need to extend the timeout duration -timeout from the default 10m to a longer one like 30m.

If you would like to run the performance tests in a different scale, you could run:

go test -v -timeout=30m -run=XXX -bench=BenchmarkCustomize \
    antrea.io/antrea/test/e2e \
    -perf.http.requests=5000 \
    -perf.http.policy_rules=1000 \
    -perf.http.concurrency=16

All flags of performance tests includes:

  • performance.http.concurrency (int): Number of allowed concurrent http requests (default 1)
  • performance.http.requests (int): Total Number of http requests
  • performance.http.policy_rules (int): Number of CIDRs in the network policy
  • performance.realize.timeout (duration): Timeout of the realization of network policies (default 5m0s)

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AntreaConfigMap *corev1.ConfigMap
View Source 
var ErrPodNotFound = errors.New("Pod not found")

Functions

func GetAgentFeatures added in v1.3.0 

func GetAgentFeatures() (featuregate.FeatureGate, error)

func GetControllerFeatures added in v1.3.0 

func GetControllerFeatures() (featuregate.FeatureGate, error)

func IPFamily added in v1.13.0 

func IPFamily(ip string) string

func IsDirEmpty 

func IsDirEmpty(name string) (bool, error)

IsDirEmpty checks whether a directory is empty or not.

func ProbeCommand added in v1.13.0 

func ProbeCommand(url, protocol, executor string) []string

ProbeCommand generates a command to probe the provider url. The executor parameter can be used to change where the prober will run. For example, it could be "ip netns exec NAME" to run the prober in another namespace. We try to connect 3 times. This dates back to when we were using the OVS netdev datapath for Kind clusters, as the first packet sent on a tunnel was always dropped (https://github.com/antrea-io/antrea/issues/467). We may be able to revisit this now that we use the OVS kernel datapath for Kind. "agnhost connect" outputs nothing when it succeeds. We output "CONNECTED" in such case and prepend a sequence number for each attempt, to make the result more informative. Example output: 1: CONNECTED 2: TIMEOUT 3: TIMEOUT

Types

type ClusterInfo 

type ClusterInfo struct {
	// contains filtered or unexported fields
}

type ClusterNode 

type ClusterNode struct {
	// contains filtered or unexported fields
}

type Connectivity 

type Connectivity struct {
	From         Pod
	To           Pod
	Connectivity PodConnectivityMark
}

type ConnectivityTable 

type ConnectivityTable struct {
	Items []string

	Values map[string]map[string]PodConnectivityMark
	// contains filtered or unexported fields
}

func NewConnectivityTable 

func NewConnectivityTable(items []string, defaultValue *PodConnectivityMark) *ConnectivityTable

func (*ConnectivityTable) Compare 

func (ct *ConnectivityTable) Compare(other *ConnectivityTable) *TruthTable

func (*ConnectivityTable) Get 

func (ct *ConnectivityTable) Get(from string, to string) PodConnectivityMark

func (*ConnectivityTable) PrettyPrint 

func (ct *ConnectivityTable) PrettyPrint(indent string) string

func (*ConnectivityTable) Set 

func (ct *ConnectivityTable) Set(from string, to string, value PodConnectivityMark)

func (*ConnectivityTable) SetAllFrom 

func (ct *ConnectivityTable) SetAllFrom(from string, value PodConnectivityMark)

func (*ConnectivityTable) SetAllTo 

func (ct *ConnectivityTable) SetAllTo(to string, value PodConnectivityMark)

type CustomPod 

type CustomPod struct {
	Pod    Pod
	Labels map[string]string
}

type CustomProbe added in v1.6.0 

type CustomProbe struct {
	// Create or update a source Pod.
	SourcePod CustomPod
	// Create or update a destination Pod.
	DestPod CustomPod
	// Port on which the probe will be made.
	Port int32
	// Set the expected connectivity.
	ExpectConnectivity PodConnectivityMark
}

CustomProbe will spin up (or update) SourcePod and DestPod such that Add event of Pods can be tested against expected connectivity among those Pods.

type KubernetesUtils 

type KubernetesUtils struct {
	*TestData
	// contains filtered or unexported fields
}

func NewKubernetesUtils 

func NewKubernetesUtils(data *TestData) (*KubernetesUtils, error)

func (*KubernetesUtils) Bootstrap 

func (k *KubernetesUtils) Bootstrap(namespaces map[string]string, pods []string, createNamespaces bool) (map[string][]string, error)

func (*KubernetesUtils) CleanGroups added in v1.8.0 

func (k *KubernetesUtils) CleanGroups(namespace string) error

CleanGroups is a convenience function for deleting all Groups in the namespace.

func (*KubernetesUtils) Cleanup 

func (k *KubernetesUtils) Cleanup(namespaces map[string]string)

func (*KubernetesUtils) CreateOrUpdateGroup added in v1.13.0 

func (k *KubernetesUtils) CreateOrUpdateGroup(g *crdv1beta1.Group) (*crdv1beta1.Group, error)

CreateOrUpdateGroup is a convenience function for idempotent setup of crd/v1beta1 Groups

func (*KubernetesUtils) DeleteGroup added in v1.13.0 

func (k *KubernetesUtils) DeleteGroup(namespace, name string) error

DeleteGroup is a convenience function for deleting core/v1beta1 Group by namespace and name.

func (*KubernetesUtils) GetCG 

func (k *KubernetesUtils) GetCG(name string) (*crdv1beta1.ClusterGroup, error)

GetCG is a convenience function for getting ClusterGroups

func (*KubernetesUtils) GetGroup added in v1.8.0 

func (k *KubernetesUtils) GetGroup(namespace, name string) (*crdv1beta1.Group, error)

GetGroup is a convenience function for getting Groups

func (*KubernetesUtils) GetPodByLabel 

func (k *KubernetesUtils) GetPodByLabel(ns string, name string) (*v1.Pod, error)

GetPodByLabel returns a Pod with the matching Namespace and "pod" label if it's found. If the pod is not found, GetPodByLabel returns "ErrPodNotFound".

func (*KubernetesUtils) GetPodsByLabel 

func (k *KubernetesUtils) GetPodsByLabel(ns string, key string, val string) ([]v1.Pod, error)

GetPodsByLabel returns an array of all Pods in the given Namespace having a k/v label pair.

func (*KubernetesUtils) LabelPod added in v1.7.0 

func (k *KubernetesUtils) LabelPod(ns, name, key, value string) (*v1.Pod, error)

func (*KubernetesUtils) Probe 

func (k *KubernetesUtils) Probe(ns1, pod1, ns2, pod2 string, port int32, protocol utils.AntreaPolicyProtocol,
	remoteCluster *KubernetesUtils, expectedResult *PodConnectivityMark) (PodConnectivityMark, error)

Probe execs into a Pod and checks its connectivity to another Pod. It assumes that the target Pod is serving on the input port, and also that agnhost is installed. The connectivity from source Pod to all IPs of the target Pod should be consistent. Otherwise, Error PodConnectivityMark will be returned.

func (*KubernetesUtils) ProbeAddr added in v1.4.0 

func (k *KubernetesUtils) ProbeAddr(ns, podLabelKey, podLabelValue, dstAddr string, port int32, protocol utils.AntreaPolicyProtocol, expectedResult *PodConnectivityMark) (PodConnectivityMark, error)

ProbeAddr execs into a Pod and checks its connectivity to an arbitrary destination address.

func (*KubernetesUtils) Validate 

func (k *KubernetesUtils) Validate(allPods []Pod, reachability *Reachability, ports []int32, protocol utils.AntreaPolicyProtocol)

Validate checks the connectivity between all Pods in both directions with a list of ports and a protocol. The connectivity from a Pod to another Pod should be consistent across all provided ports. Otherwise, this connectivity will be treated as Error.

func (*KubernetesUtils) ValidateRemoteCluster added in v1.11.0 

func (k *KubernetesUtils) ValidateRemoteCluster(remoteCluster *KubernetesUtils, allPods []Pod, reachability *Reachability, port int32, protocol utils.AntreaPolicyProtocol)

type Pod 

type Pod string

func NewPod 

func NewPod(namespace string, podName string) Pod

func (Pod) Namespace 

func (pod Pod) Namespace() string

func (Pod) PodName 

func (pod Pod) PodName() string

func (Pod) String 

func (pod Pod) String() string

type PodBuilder added in v1.8.0 

type PodBuilder struct {
	Name               string
	Namespace          string
	VolumeMounts       []corev1.VolumeMount
	Volumes            []corev1.Volume
	Image              string
	ContainerName      string
	Command            []string
	Args               []string
	Env                []corev1.EnvVar
	Ports              []corev1.ContainerPort
	HostNetwork        bool
	IsPrivileged       bool
	ServiceAccountName string
	Annotations        map[string]string
	Labels             map[string]string
	NodeName           string
	MutateFunc         func(*corev1.Pod)
	ResourceRequests   corev1.ResourceList
	ResourceLimits     corev1.ResourceList
	ReadinessProbe     *corev1.Probe
}

func NewPodBuilder added in v1.8.0 

func NewPodBuilder(name, ns, image string) *PodBuilder

func (*PodBuilder) AddVolume added in v1.11.0 

func (b *PodBuilder) AddVolume(volume []corev1.Volume) *PodBuilder

func (*PodBuilder) AddVolumeMount added in v1.11.0 

func (b *PodBuilder) AddVolumeMount(volumeMount []corev1.VolumeMount) *PodBuilder

func (*PodBuilder) Create added in v1.8.0 

func (b *PodBuilder) Create(data *TestData) error

func (*PodBuilder) InHostNetwork added in v1.8.0 

func (b *PodBuilder) InHostNetwork() *PodBuilder

func (*PodBuilder) MountConfigMap added in v1.11.0 

func (b *PodBuilder) MountConfigMap(configMapName string, mountPath string, volumeName string) *PodBuilder

func (*PodBuilder) MountHostPath added in v1.14.0 

func (b *PodBuilder) MountHostPath(hostPath string, hostPathType corev1.HostPathType, mountPath string, volumeName string) *PodBuilder

func (*PodBuilder) OnNode added in v1.8.0 

func (b *PodBuilder) OnNode(nodeName string) *PodBuilder

func (*PodBuilder) Privileged added in v1.8.0 

func (b *PodBuilder) Privileged() *PodBuilder

func (*PodBuilder) WithAnnotations added in v1.8.0 

func (b *PodBuilder) WithAnnotations(annotations map[string]string) *PodBuilder

func (*PodBuilder) WithArgs added in v1.8.0 

func (b *PodBuilder) WithArgs(args []string) *PodBuilder

func (*PodBuilder) WithCommand added in v1.8.0 

func (b *PodBuilder) WithCommand(command []string) *PodBuilder

func (*PodBuilder) WithContainerName added in v1.8.0 

func (b *PodBuilder) WithContainerName(ctrName string) *PodBuilder

func (*PodBuilder) WithEnv added in v1.8.0 

func (b *PodBuilder) WithEnv(env []corev1.EnvVar) *PodBuilder

func (*PodBuilder) WithHostNetwork added in v1.8.0 

func (b *PodBuilder) WithHostNetwork(v bool) *PodBuilder

func (*PodBuilder) WithLabels added in v1.8.0 

func (b *PodBuilder) WithLabels(labels map[string]string) *PodBuilder

func (*PodBuilder) WithMutateFunc added in v1.8.0 

func (b *PodBuilder) WithMutateFunc(f func(*corev1.Pod)) *PodBuilder

func (*PodBuilder) WithPorts added in v1.8.0 

func (b *PodBuilder) WithPorts(ports []corev1.ContainerPort) *PodBuilder

func (*PodBuilder) WithReadinessProbe added in v1.14.0 

func (b *PodBuilder) WithReadinessProbe(probe *corev1.Probe) *PodBuilder

func (*PodBuilder) WithResources added in v1.9.0 

func (b *PodBuilder) WithResources(ResourceRequests, ResourceLimits corev1.ResourceList) *PodBuilder

func (*PodBuilder) WithServiceAccountName added in v1.8.0 

func (b *PodBuilder) WithServiceAccountName(name string) *PodBuilder

type PodCondition 

type PodCondition func(*corev1.Pod) (bool, error)

type PodConnectivityMark 

type PodConnectivityMark string
const (
	Connected PodConnectivityMark = "Con"
	Unknown   PodConnectivityMark = "Unk"
	Error     PodConnectivityMark = "Err"
	Dropped   PodConnectivityMark = "Drp"
	Rejected  PodConnectivityMark = "Rej"
)

func DecideProbeResult added in v1.6.0 

func DecideProbeResult(stderr string, probeNum int) PodConnectivityMark

DecideProbeResult uses the probe stderr to decide the connectivity.

type PodIPs 

type PodIPs struct {
	// contains filtered or unexported fields
}

func (PodIPs) String 

func (p PodIPs) String() string

type Reachability 

type Reachability struct {
	Expected        *ConnectivityTable
	Observed        *ConnectivityTable
	Pods            []Pod
	PodsByNamespace map[string][]Pod
}

func NewReachability 

func NewReachability(pods []Pod, defaultExpectation PodConnectivityMark) *Reachability

func (*Reachability) Expect 

func (r *Reachability) Expect(pod1 Pod, pod2 Pod, connectivity PodConnectivityMark)

func (*Reachability) ExpectAllEgress 

func (r *Reachability) ExpectAllEgress(pod Pod, connectivity PodConnectivityMark)

ExpectAllEgress defines that any traffic going out of the pod will be allowed/dropped/rejected

func (*Reachability) ExpectAllIngress 

func (r *Reachability) ExpectAllIngress(pod Pod, connectivity PodConnectivityMark)

ExpectAllIngress defines that any traffic going into the pod will be allowed/dropped/rejected

func (*Reachability) ExpectAllSelfNamespace 

func (r *Reachability) ExpectAllSelfNamespace(connectivity PodConnectivityMark)

func (*Reachability) ExpectConn 

func (r *Reachability) ExpectConn(spec *Connectivity)

ExpectConn is an experimental way to describe connectivity with named fields

func (*Reachability) ExpectEgressToNamespace 

func (r *Reachability) ExpectEgressToNamespace(pod Pod, namespace string, connectivity PodConnectivityMark)

func (*Reachability) ExpectIngressFromNamespace 

func (r *Reachability) ExpectIngressFromNamespace(pod Pod, namespace string, connectivity PodConnectivityMark)

func (*Reachability) ExpectSelf 

func (r *Reachability) ExpectSelf(allPods []Pod, connectivity PodConnectivityMark)

func (*Reachability) ExpectSelfNamespace 

func (r *Reachability) ExpectSelfNamespace(namespace string, connectivity PodConnectivityMark)

func (*Reachability) NewReachabilityWithSameExpectations added in v1.11.0 

func (r *Reachability) NewReachabilityWithSameExpectations() *Reachability

func (*Reachability) Observe 

func (r *Reachability) Observe(pod1 Pod, pod2 Pod, connectivity PodConnectivityMark)

func (*Reachability) PrintSummary 

func (r *Reachability) PrintSummary(printExpected bool, printObserved bool, printComparison bool)

func (*Reachability) Summary 

func (r *Reachability) Summary() (trueObs int, falseObs int, comparison *TruthTable)

type TestCase added in v1.6.0 

type TestCase struct {
	Name  string
	Steps []*TestStep
}

TestCase is a collection of TestSteps to be tested against.

type TestData 

type TestData struct {
	ClusterName string
	// contains filtered or unexported fields
}

TestData stores the state required for each test case.

func (*TestData) BuildService added in v1.6.0 

func (data *TestData) BuildService(svcName, svcNS string, port, targetPort int, selector map[string]string, serviceType *v1.ServiceType) *v1.Service

BuildService is a convenience function for building a corev1.Service spec.

func (*TestData) BuildServiceAccount added in v1.6.0 

func (data *TestData) BuildServiceAccount(name, ns string, labels map[string]string) *v1.ServiceAccount

BuildServiceAccount is a convenience function for building a corev1.SerivceAccount spec.

func (*TestData) CleanACNPs added in v1.6.0 

func (data *TestData) CleanACNPs() error

CleanACNPs is a convenience function for deleting all Antrea ClusterNetworkPolicies in the cluster.

func (*TestData) CleanANNPs added in v1.13.0 

func (data *TestData) CleanANNPs(namespaces []string) error

CleanANNPs is a convenience function for deleting all Antrea NetworkPolicies in provided namespaces.

func (*TestData) CleanCGs added in v1.6.0 

func (data *TestData) CleanCGs() error

CleanCGs is a convenience function for deleting all ClusterGroups in the cluster.

func (*TestData) CleanNetworkPolicies added in v1.6.0 

func (data *TestData) CleanNetworkPolicies(namespaces map[string]string) error

CleanNetworkPolicies is a convenience function for deleting NetworkPolicies in the provided namespaces.

func (*TestData) CleanServices added in v1.6.0 

func (data *TestData) CleanServices(namespaces map[string]string) error

CleanServices is a convenience function for deleting Services in the cluster.

func (*TestData) CreateClient added in v1.6.0 

func (data *TestData) CreateClient(kubeconfigPath string) error

CreateClient initializes the K8s clientset in the TestData structure.

func (*TestData) CreateNamespace added in v1.6.0 

func (data *TestData) CreateNamespace(namespace string, mutateFunc func(*corev1.Namespace)) error

CreateNamespace creates the provided namespace.

func (*TestData) CreateNewTier added in v1.6.0 

func (data *TestData) CreateNewTier(name string, tierPriority int32) (*crdv1beta1.Tier, error)

CreateTier is a convenience function for creating an Antrea Policy Tier by name and priority.

func (*TestData) CreateOrUpdateACNP added in v1.6.0 

func (data *TestData) CreateOrUpdateACNP(cnp *crdv1beta1.ClusterNetworkPolicy) (*crdv1beta1.ClusterNetworkPolicy, error)

CreateOrUpdateACNP is a convenience function for updating/creating AntreaClusterNetworkPolicies.

func (*TestData) CreateOrUpdateANNP added in v1.13.0 

func (data *TestData) CreateOrUpdateANNP(annp *crdv1beta1.NetworkPolicy) (*crdv1beta1.NetworkPolicy, error)

CreateOrUpdateANNP is a convenience function for updating/creating Antrea NetworkPolicies.

func (*TestData) CreateOrUpdateCG added in v1.13.0 

func (data *TestData) CreateOrUpdateCG(cg *crdv1beta1.ClusterGroup) (*crdv1beta1.ClusterGroup, error)

CreateOrUpdateCG is a convenience function for idempotent setup of crd/v1beta1 ClusterGroups

func (*TestData) CreateOrUpdateDeployment added in v1.6.0 

func (data *TestData) CreateOrUpdateDeployment(ns, deploymentName string, replicas int32, labels map[string]string) (*appsv1.Deployment, error)

CreateOrUpdateDeployment is a convenience function for idempotent setup of deployments

func (*TestData) CreateOrUpdateNamespace added in v1.6.0 

func (data *TestData) CreateOrUpdateNamespace(n string, labels map[string]string) (*v1.Namespace, error)

CreateOrUpdateNamespace is a convenience function for idempotent setup of Namespaces

func (*TestData) CreateOrUpdateNetworkPolicy added in v1.6.0 

func (data *TestData) CreateOrUpdateNetworkPolicy(netpol *v1net.NetworkPolicy) (*v1net.NetworkPolicy, error)

CreateOrUpdateNetworkPolicy is a convenience function for updating/creating netpols. Updating is important since some tests update a network policy to confirm that mutation works with a CNI.

func (*TestData) CreateOrUpdateService added in v1.6.0 

func (data *TestData) CreateOrUpdateService(svc *v1.Service) (*v1.Service, error)

CreateOrUpdateService is a convenience function for updating/creating Services.

func (*TestData) CreateOrUpdateServiceAccount added in v1.6.0 

func (data *TestData) CreateOrUpdateServiceAccount(sa *v1.ServiceAccount) (*v1.ServiceAccount, error)

CreateOrUpdateServiceAccount is a convenience function for updating/creating ServiceAccount.

func (*TestData) CreateService added in v1.6.0 

func (data *TestData) CreateService(serviceName, namespace string, port, targetPort int32, selector map[string]string, affinity, nodeLocalExternal bool,
	serviceType corev1.ServiceType, ipFamily *corev1.IPFamily) (*corev1.Service, error)

CreateService creates a service with port and targetPort.

func (*TestData) CreateServiceWithAnnotations added in v1.6.0 

func (data *TestData) CreateServiceWithAnnotations(serviceName, namespace string, port, targetPort int32, protocol corev1.Protocol, selector map[string]string, affinity, nodeLocalExternal bool,
	serviceType corev1.ServiceType, ipFamily *corev1.IPFamily, annotations map[string]string) (*corev1.Service, error)

CreateServiceWithAnnotations creates a service with Annotation

func (*TestData) DeleteACNP added in v1.6.0 

func (data *TestData) DeleteACNP(name string) error

DeleteACNP is a convenience function for deleting ACNP by name.

func (*TestData) DeleteANNP added in v1.13.0 

func (data *TestData) DeleteANNP(ns, name string) error

DeleteANNP is a convenience function for deleting ANNP by name and Namespace.

func (*TestData) DeleteCG added in v1.13.0 

func (data *TestData) DeleteCG(name string) error

DeleteCG is a convenience function for deleting core/v1beta1 ClusterGroup by name.

func (*TestData) DeleteNamespace added in v1.6.0 

func (data *TestData) DeleteNamespace(namespace string, timeout time.Duration) error

DeleteNamespace deletes the provided Namespace, and waits for deletion to actually complete if timeout>=0

func (*TestData) DeleteNetworkPolicy added in v1.6.0 

func (data *TestData) DeleteNetworkPolicy(ns, name string) error

DeleteNetworkPolicy is a convenience function for deleting NetworkPolicy by name and Namespace.

func (*TestData) DeletePod added in v1.6.0 

func (data *TestData) DeletePod(namespace, name string) error

DeletePod deletes a Pod in the test namespace.

func (*TestData) DeletePodAndWait added in v1.10.1 

func (data *TestData) DeletePodAndWait(timeout time.Duration, name string, ns string) error

Deletes a Pod in the test namespace then waits us to timeout for the Pod not to be visible to the client anymore.

func (*TestData) DeleteService added in v1.6.0 

func (data *TestData) DeleteService(ns, name string) error

DeleteService is a convenience function for deleting a Service by Namespace and name.

func (*TestData) DeleteServiceAccount added in v1.6.0 

func (data *TestData) DeleteServiceAccount(ns, name string) error

DeleteServiceAccount is a convenience function for deleting a ServiceAccount by Namespace and name.

func (*TestData) DeleteTier added in v1.6.0 

func (data *TestData) DeleteTier(name string) error

DeleteTier is a convenience function for deleting an Antrea Policy Tier with specific name.

func (*TestData) GetACNP added in v1.6.0 

func (data *TestData) GetACNP(name string) (*crdv1beta1.ClusterNetworkPolicy, error)

GetACNP is a convenience function for getting AntreaClusterNetworkPolicies.

func (*TestData) GetANNP added in v1.13.0 

func (data *TestData) GetANNP(namespace, name string) (*crdv1beta1.NetworkPolicy, error)

GetANNP is a convenience function for getting AntreaNetworkPolicies.

func (*TestData) GetAntreaAgentConf added in v1.7.0 

func (data *TestData) GetAntreaAgentConf() (*agentconfig.AgentConfig, error)

func (*TestData) GetAntreaConfigMap 

func (data *TestData) GetAntreaConfigMap(antreaNamespace string) (*corev1.ConfigMap, error)

func (*TestData) GetAntreaWindowsConfigMap added in v1.7.0 

func (data *TestData) GetAntreaWindowsConfigMap(antreaNamespace string) (*corev1.ConfigMap, error)

func (*TestData) GetConfigMap added in v1.12.0 

func (data *TestData) GetConfigMap(namespace, name string) (*v1.ConfigMap, error)

func (*TestData) GetEncapMode 

func (data *TestData) GetEncapMode() (config.TrafficEncapModeType, error)

func (*TestData) GetFlowAggregatorConfigMap 

func (data *TestData) GetFlowAggregatorConfigMap() (*corev1.ConfigMap, error)

func (*TestData) GetGatewayInterfaceName 

func (data *TestData) GetGatewayInterfaceName(antreaNamespace string) (string, error)

func (*TestData) GetMulticastInterfaces added in v1.5.0 

func (data *TestData) GetMulticastInterfaces(antreaNamespace string) ([]string, error)

func (*TestData) GetNetworkPolicy added in v1.6.0 

func (data *TestData) GetNetworkPolicy(namespace, name string) (*v1net.NetworkPolicy, error)

GetNetworkPolicy is a convenience function for getting k8s NetworkPolicies.

func (*TestData) GetNodeMACAddress added in v1.11.3 

func (data *TestData) GetNodeMACAddress(node, device string) (string, error)

func (*TestData) GetPodInterfaceMTU added in v1.13.4 

func (data *TestData) GetPodInterfaceMTU(namespace string, podName string, containerName string) (int, error)

func (*TestData) GetPodLogs added in v1.14.0 

func (data *TestData) GetPodLogs(ctx context.Context, namespace, name, container string) (string, error)

GetPodLogs returns the current logs for the specified Pod container. If container is empty, it defaults to only container when there is one container in the Pod.

func (*TestData) GetService added in v1.6.0 

func (data *TestData) GetService(namespace, name string) (*v1.Service, error)

GetService is a convenience function for getting Service

func (*TestData) GetTier added in v1.6.0 

func (data *TestData) GetTier(name string) (*crdv1beta1.Tier, error)

GetTier is a convenience function for getting Tier.

func (*TestData) GetTransportInterface added in v1.11.3 

func (data *TestData) GetTransportInterface() (string, error)

func (*TestData) InitProvider added in v1.6.0 

func (data *TestData) InitProvider(providerName, providerConfigPath string) error

func (*TestData) PatchPod added in v1.12.0 

func (data *TestData) PatchPod(namespace, name string, patch []byte) error

func (*TestData) PodWaitFor added in v1.6.0 

func (data *TestData) PodWaitFor(timeout time.Duration, name, namespace string, condition PodCondition) (*corev1.Pod, error)

PodWaitFor polls the K8s apiserver until the specified Pod is found (in the test Namespace) and the condition predicate is met (or until the provided timeout expires).

func (*TestData) RestartAntreaAgentPods added in v1.12.0 

func (data *TestData) RestartAntreaAgentPods(timeout time.Duration) error

RestartAntreaAgentPods deletes all the antrea-agent Pods to force them to be re-scheduled. It then waits for the new Pods to become available.

func (*TestData) RunCommandFromAntreaPodOnNode added in v1.13.0 

func (data *TestData) RunCommandFromAntreaPodOnNode(nodeName string, cmd []string) (string, string, error)

func (*TestData) RunCommandFromPod added in v1.6.0 

func (data *TestData) RunCommandFromPod(podNamespace string, podName string, containerName string, cmd []string) (stdout string, stderr string, err error)

Run the provided command in the specified Container for the give Pod and returns the contents of stdout and stderr as strings. An error either indicates that the command couldn't be run or that the command returned a non-zero error code.

func (*TestData) RunCommandOnNode added in v1.6.0 

func (data *TestData) RunCommandOnNode(nodeName string, cmd string) (code int, stdout string, stderr string, err error)

RunCommandOnNode is a convenience wrapper around the Provider interface RunCommandOnNode method.

func (*TestData) RunCommandOnNodeExt added in v1.7.0 

func (data *TestData) RunCommandOnNodeExt(nodeName, cmd string, envs map[string]string, stdin string, sudo bool) (
	code int, stdout, stderr string, err error)

func (*TestData) UpdateConfigMap added in v1.12.0 

func (data *TestData) UpdateConfigMap(configMap *v1.ConfigMap) error

func (*TestData) UpdateNamespace added in v1.8.0 

func (data *TestData) UpdateNamespace(namespace string, mutateFunc func(*corev1.Namespace)) error

func (*TestData) UpdatePod added in v1.10.0 

func (data *TestData) UpdatePod(namespace, name string, mutateFunc func(*corev1.Pod)) error

func (*TestData) UpdateTier added in v1.6.0 

func (data *TestData) UpdateTier(tier *crdv1beta1.Tier) (*crdv1beta1.Tier, error)

UpdateTier is a convenience function for updating an Antrea Policy Tier.

func (*TestData) WaitForACNPCreationAndRealization added in v1.11.0 

func (data *TestData) WaitForACNPCreationAndRealization(t *testing.T, name string, timeout time.Duration) error

func (*TestData) WaitForANNPCreationAndRealization added in v1.13.0 

func (data *TestData) WaitForANNPCreationAndRealization(t *testing.T, namespace string, name string, timeout time.Duration) error

type TestOptions 

type TestOptions struct {
	// contains filtered or unexported fields
}

type TestStep added in v1.6.0 

type TestStep struct {
	Name          string
	Reachability  *Reachability
	TestResources []metav1.Object
	Ports         []int32
	Protocol      utils.AntreaPolicyProtocol
	Duration      time.Duration
	CustomProbes  []*CustomProbe
}

TestStep is a single unit of testing spec. It includes the policy specs that need to be applied for this test, the port to test traffic on and the expected Reachability matrix.

type TruthTable 

type TruthTable struct {
	Items []string

	Values map[string]map[string]bool
	// contains filtered or unexported fields
}

func (*TruthTable) IsComplete 

func (tt *TruthTable) IsComplete() bool

IsComplete returns true if there's a value set for every single pair of items, otherwise it returns false.

func (*TruthTable) PrettyPrint 

func (tt *TruthTable) PrettyPrint(indent string) string

Source Files

View all Source files

Directories

Path Synopsis
exec
portforwarder

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.