From 07b3f8b767d77c72cc1e255d79eb30e92f4ff5ee Mon Sep 17 00:00:00 2001 From: vakr Date: Tue, 15 Feb 2022 11:44:04 -0800 Subject: [PATCH 1/6] [NPM] Adding a SCTP sxclusion increasing tests to 214 in cyclonus --- test/cyclonus/install-cyclonus.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/cyclonus/install-cyclonus.yaml b/test/cyclonus/install-cyclonus.yaml index c74e4d59ea..08bb0d7fd9 100644 --- a/test/cyclonus/install-cyclonus.yaml +++ b/test/cyclonus/install-cyclonus.yaml @@ -21,7 +21,8 @@ spec: - --job-timeout-seconds=2 - --server-protocol=TCP,UDP - --verbosity=debug + - --exclude=sctp name: cyclonus imagePullPolicy: IfNotPresent image: mfenwick100/cyclonus:v0.4.7 - serviceAccount: cyclonus \ No newline at end of file + serviceAccount: cyclonus From 84a6a3082a3d6247d21e440d9dafac1a90807fa7 Mon Sep 17 00:00:00 2001 From: vakr Date: Thu, 17 Feb 2022 10:11:44 -0800 Subject: [PATCH 2/6] Adding support for a new extended github workflow nightly --- ...cyclonus-netpol-extended-nightly-test.yaml | 79 +++++++++++++++++++ Makefile | 4 + .../install-cyclonus-exclude-sctp.yaml | 28 +++++++ test/cyclonus/install-cyclonus.yaml | 1 - test/cyclonus/test-cyclonus.sh | 17 +++- 5 files changed, 125 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/cyclonus-netpol-extended-nightly-test.yaml create mode 100644 test/cyclonus/install-cyclonus-exclude-sctp.yaml diff --git a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml new file mode 100644 index 0000000000..4a87de443f --- /dev/null +++ b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml @@ -0,0 +1,79 @@ +name: Cyclonus Network Policy Extended Test + +on: + workflow_dispatch: + schedule: + # run once a day at midnight + - cron: "0 0 * * *" + +jobs: + cyclonus-test: + runs-on: ubuntu-latest + strategy: + matrix: + # run cyclonus tests in parallel for NPM with the given ConfigMaps + profile: + [ + v1-default.yaml, + v1-place-azure-chain-first.yaml, + v2-default.yaml, + v2-apply-on-need.yaml, + v2-place-azure-after-kube-services.yaml, + ] + steps: + - name: Checkout + uses: actions/checkout@v2 + + - uses: actions/setup-go@v2 + with: + go-version: "^1.17" + + - name: Setup Kind + uses: engineerd/setup-kind@v0.5.0 + with: + version: "v0.11.1" + config: ./test/kind/kind.yaml + name: npm-kind + + - name: Check Kind + run: | + kubectl get po -owide -A + + - name: Make NPM image + run: | + make npm-image VERSION=cyclonus PLATFORM=linux/amd64 CONTAINER_BUILDER=docker + + - name: Install Azure NPM + # set the ConfigMap based on the build matrix + # currently have to restart the daemonset because changing the ConfigMap doesn't restart NPM + run: | + sed -i 's/mcr.microsoft.com\/containernetworking\/azure-npm:.*/acnpublic.azurecr.io\/azure-npm:cyclonus/' ./npm/azure-npm.yaml + kind load docker-image acnpublic.azurecr.io/azure-npm:cyclonus --name npm-kind + kubectl apply -f ./npm/azure-npm.yaml + echo "Applying profile: ${{ matrix.profile }}" + kubectl apply -f ./npm/profiles/${{ matrix.profile }} + kubectl rollout restart ds azure-npm -n kube-system + + - name: Check Cluster Components + run: | + sleep 10 + kubectl get po -owide -A + kubectl describe ds azure-npm -n kube-system + + - name: Run Cyclonus network policy test + run: test-extended-cyclonus + + - name: Fetch logs + if: always() + run: | + kubectl logs -n kube-system -l k8s-app=azure-npm --tail -1 --prefix > npm-logs_${{ matrix.profile }}.txt + mv ./test/cyclonus/cyclonus-test.txt ./cyclonus-test_${{ matrix.profile }}.txt + + - name: "Upload Logs" + uses: actions/upload-artifact@v2 + if: always() + with: + name: logs + path: | + ./npm-logs_${{ matrix.profile }}.txt + ./cyclonus-test_${{ matrix.profile }}.txt diff --git a/Makefile b/Makefile index 5c80e200e4..6d3e61775a 100644 --- a/Makefile +++ b/Makefile @@ -513,6 +513,10 @@ test-cyclonus: ## run the cyclonus test for npm. cd test/cyclonus && bash ./test-cyclonus.sh cd .. +test-extended-cyclonus: ## run the cyclonus test for npm. + cd test/cyclonus && bash ./test-cyclonus.sh extended + cd .. + .PHONY: kind kind: kind create cluster --config ./test/kind/kind.yaml diff --git a/test/cyclonus/install-cyclonus-exclude-sctp.yaml b/test/cyclonus/install-cyclonus-exclude-sctp.yaml new file mode 100644 index 0000000000..08bb0d7fd9 --- /dev/null +++ b/test/cyclonus/install-cyclonus-exclude-sctp.yaml @@ -0,0 +1,28 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: cyclonus + namespace: kube-system + labels: + app: cyclonus +spec: + template: + spec: + restartPolicy: Never + containers: + - command: + - ./cyclonus + - generate + - --noisy=true + - --ignore-loopback=true + - --cleanup-namespaces=true + - --perturbation-wait-seconds=5 + - --pod-creation-timeout-seconds=30 + - --job-timeout-seconds=2 + - --server-protocol=TCP,UDP + - --verbosity=debug + - --exclude=sctp + name: cyclonus + imagePullPolicy: IfNotPresent + image: mfenwick100/cyclonus:v0.4.7 + serviceAccount: cyclonus diff --git a/test/cyclonus/install-cyclonus.yaml b/test/cyclonus/install-cyclonus.yaml index 08bb0d7fd9..a4b97e5dd2 100644 --- a/test/cyclonus/install-cyclonus.yaml +++ b/test/cyclonus/install-cyclonus.yaml @@ -21,7 +21,6 @@ spec: - --job-timeout-seconds=2 - --server-protocol=TCP,UDP - --verbosity=debug - - --exclude=sctp name: cyclonus imagePullPolicy: IfNotPresent image: mfenwick100/cyclonus:v0.4.7 diff --git a/test/cyclonus/test-cyclonus.sh b/test/cyclonus/test-cyclonus.sh index 114fc1ca7f..2aa7da50c4 100755 --- a/test/cyclonus/test-cyclonus.sh +++ b/test/cyclonus/test-cyclonus.sh @@ -3,9 +3,20 @@ set -eo pipefail set -xv +cyclonusProfile="./install-cyclonus.yaml" +if [ -z "$1" ] + then + echo "Running with default profile: $cyclonusProfile" +elif [[ $1 == "extended" ]]; +then + # extended will exclude SCTP and will run 214 testcases with cyclonus + cyclonusProfile="./install-cyclonus-exclude-sctp.yaml" + echo "Running with exclude SCTP profile with 214 testcases: $cyclonusProfile" +fi + kubectl delete --ignore-not-found=true clusterrolebinding cyclonus kubectl delete --ignore-not-found=true sa cyclonus -n kube-system -kubectl delete --ignore-not-found=true -f ./install-cyclonus.yaml +kubectl delete --ignore-not-found=true -f $cyclonusProfile kubectl delete --ignore-not-found=true ns x y z sleep 5 @@ -13,7 +24,7 @@ sleep 5 # set up cyclonus kubectl create clusterrolebinding cyclonus --clusterrole=cluster-admin --serviceaccount=kube-system:cyclonus kubectl create sa cyclonus -n kube-system -kubectl create -f ./install-cyclonus.yaml +kubectl create -f $cyclonusProfile sleep 5 @@ -33,7 +44,7 @@ cat "$LOG_FILE" kubectl delete --ignore-not-found=true clusterrolebinding cyclonus kubectl delete --ignore-not-found=true sa cyclonus -n kube-system -kubectl delete --ignore-not-found=true -f ./install-cyclonus.yaml +kubectl delete --ignore-not-found=true -f $cyclonusProfile # if 'failure' is in the logs, fail; otherwise succeed rc=0 From 4e014cbb0b52b00e08e6aaab3790ae52b3f68e4a Mon Sep 17 00:00:00 2001 From: vakr Date: Thu, 17 Feb 2022 10:14:02 -0800 Subject: [PATCH 3/6] fix the make command --- .github/workflows/cyclonus-netpol-extended-nightly-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml index 4a87de443f..cf42d6e228 100644 --- a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml +++ b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml @@ -61,7 +61,7 @@ jobs: kubectl describe ds azure-npm -n kube-system - name: Run Cyclonus network policy test - run: test-extended-cyclonus + run: make test-extended-cyclonus - name: Fetch logs if: always() From 5abed0c195213bba9bb9a4d2e6c146729955258e Mon Sep 17 00:00:00 2001 From: vakr Date: Thu, 17 Feb 2022 10:17:09 -0800 Subject: [PATCH 4/6] fix the make command --- .github/workflows/cyclonus-netpol-extended-nightly-test.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml index cf42d6e228..e9af255c23 100644 --- a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml +++ b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml @@ -9,6 +9,7 @@ on: jobs: cyclonus-test: runs-on: ubuntu-latest + timeout-minutes: 180 strategy: matrix: # run cyclonus tests in parallel for NPM with the given ConfigMaps From 792cee301ffea9e39b93f146796d3a85bcefc9ff Mon Sep 17 00:00:00 2001 From: vakr Date: Thu, 3 Mar 2022 15:33:44 -0800 Subject: [PATCH 5/6] remove dbug flag --- test/cyclonus/install-cyclonus-exclude-sctp.yaml | 1 - test/cyclonus/install-cyclonus.yaml | 1 - 2 files changed, 2 deletions(-) diff --git a/test/cyclonus/install-cyclonus-exclude-sctp.yaml b/test/cyclonus/install-cyclonus-exclude-sctp.yaml index 08bb0d7fd9..a2b1b55785 100644 --- a/test/cyclonus/install-cyclonus-exclude-sctp.yaml +++ b/test/cyclonus/install-cyclonus-exclude-sctp.yaml @@ -20,7 +20,6 @@ spec: - --pod-creation-timeout-seconds=30 - --job-timeout-seconds=2 - --server-protocol=TCP,UDP - - --verbosity=debug - --exclude=sctp name: cyclonus imagePullPolicy: IfNotPresent diff --git a/test/cyclonus/install-cyclonus.yaml b/test/cyclonus/install-cyclonus.yaml index a4b97e5dd2..ac30e08754 100644 --- a/test/cyclonus/install-cyclonus.yaml +++ b/test/cyclonus/install-cyclonus.yaml @@ -20,7 +20,6 @@ spec: - --pod-creation-timeout-seconds=30 - --job-timeout-seconds=2 - --server-protocol=TCP,UDP - - --verbosity=debug name: cyclonus imagePullPolicy: IfNotPresent image: mfenwick100/cyclonus:v0.4.7 From 77874f29fc141e83e8742f90e80fcc849cd91a8c Mon Sep 17 00:00:00 2001 From: vakr Date: Fri, 4 Mar 2022 13:41:05 -0800 Subject: [PATCH 6/6] increasinf timeout --- .github/workflows/cyclonus-netpol-extended-nightly-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml index e9af255c23..aab619ceae 100644 --- a/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml +++ b/.github/workflows/cyclonus-netpol-extended-nightly-test.yaml @@ -9,7 +9,7 @@ on: jobs: cyclonus-test: runs-on: ubuntu-latest - timeout-minutes: 180 + timeout-minutes: 240 strategy: matrix: # run cyclonus tests in parallel for NPM with the given ConfigMaps