From 8b5481c26be88cbb8db6fce6efcc8a2e989626eb Mon Sep 17 00:00:00 2001 From: camrynl <31013536+camrynl@users.noreply.github.com> Date: Wed, 31 Aug 2022 10:48:31 -0700 Subject: [PATCH 1/5] cilium connectivity tests --- .../cilium/cilium-e2e-step-template.yaml | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml index 723a339249..e8cce293c1 100644 --- a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml +++ b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml @@ -58,6 +58,19 @@ steps: name: "installCilium" displayName: "Install Cilium" + - script: | + echo "install cilium CLI" + CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/master/stable.txt) + CLI_ARCH=amd64 + if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi + curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum} + sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum + sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin + rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum} + cilium status + name: "installCiliumCLI" + displayName: "Install Cilium CLI" + - script: | echo "install kubetest2 and gsutils" go get github.com/onsi/ginkgo/ginkgo @@ -106,6 +119,13 @@ steps: name: "servicesConformance" displayName: "Run Services Conformance Tests" + - script: | + echo "Run Cilium Connectivity Tests" + cilium status + cilium connectivity test + name: "ciliumConnectivityTests" + displayName: "Run Cilium Connectivity Tests" + - script: | ARTIFACT_DIR=$(Build.ArtifactStagingDirectory)/test-output/ echo $ARTIFACT_DIR From 86ed28feea9834dd407824c5dc8fdb68a725ba63 Mon Sep 17 00:00:00 2001 From: camrynl <31013536+camrynl@users.noreply.github.com> Date: Wed, 31 Aug 2022 16:59:06 -0700 Subject: [PATCH 2/5] skip 2 failing tests --- .pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml index e8cce293c1..2b1fe0bffa 100644 --- a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml +++ b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml @@ -122,7 +122,7 @@ steps: - script: | echo "Run Cilium Connectivity Tests" cilium status - cilium connectivity test + cilium connectivity test --test '!/no-policies/pod-to-hostport' --test '!/allow-all-except-world/pod-to-service' name: "ciliumConnectivityTests" displayName: "Run Cilium Connectivity Tests" From 560d9a6990cb598702ce16e44714b5750fa9c3ea Mon Sep 17 00:00:00 2001 From: camrynl <31013536+camrynl@users.noreply.github.com> Date: Wed, 31 Aug 2022 17:26:39 -0700 Subject: [PATCH 3/5] skip 2 failing tests --- .pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml index 2b1fe0bffa..a0bde37a14 100644 --- a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml +++ b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml @@ -122,7 +122,7 @@ steps: - script: | echo "Run Cilium Connectivity Tests" cilium status - cilium connectivity test --test '!/no-policies/pod-to-hostport' --test '!/allow-all-except-world/pod-to-service' + cilium connectivity test --test '!no-policies/pod-to-hostport' --test '!allow-all-except-world/pod-to-service' name: "ciliumConnectivityTests" displayName: "Run Cilium Connectivity Tests" From f8d6855902b77406528bf5ed68535c8f7d46bb19 Mon Sep 17 00:00:00 2001 From: camrynl <31013536+camrynl@users.noreply.github.com> Date: Thu, 1 Sep 2022 10:34:35 -0700 Subject: [PATCH 4/5] skip deploy cilium-cni, update cilium helm vals --- .../singletenancy/cilium/cilium-e2e-step-template.yaml | 2 +- cilium/cilium_helm_values.yaml | 5 +---- test/integration/setup_test.go | 2 +- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml index a0bde37a14..e8cce293c1 100644 --- a/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml +++ b/.pipelines/singletenancy/cilium/cilium-e2e-step-template.yaml @@ -122,7 +122,7 @@ steps: - script: | echo "Run Cilium Connectivity Tests" cilium status - cilium connectivity test --test '!no-policies/pod-to-hostport' --test '!allow-all-except-world/pod-to-service' + cilium connectivity test name: "ciliumConnectivityTests" displayName: "Run Cilium Connectivity Tests" diff --git a/cilium/cilium_helm_values.yaml b/cilium/cilium_helm_values.yaml index c4318da290..dfa387e900 100644 --- a/cilium/cilium_helm_values.yaml +++ b/cilium/cilium_helm_values.yaml @@ -27,12 +27,10 @@ extraArgs: ipv4NativeRoutingCIDR: 10.241.0.0/16 enableIPv4Masquerade: false install-no-conntrack-iptables-rules: false -installIptablesRules: false +installIptablesRules: true l7Proxy: false hubble: enabled: false -l2NeighDiscovery: - enabled: false kubeProxyReplacement: strict endpointHealthChecking: @@ -41,4 +39,3 @@ endpointHealthChecking: cni: install: true customConf: true - configMap: cni-configuration diff --git a/test/integration/setup_test.go b/test/integration/setup_test.go index 5eb01d5e3a..a8e5d26521 100644 --- a/test/integration/setup_test.go +++ b/test/integration/setup_test.go @@ -144,7 +144,7 @@ func installCNSDaemonset(ctx context.Context, clientset *kubernetes.Clientset, i log.Printf("Env %v set to true, deploy azure-ipam and cilium-cni", envInstallAzilium) initImage, _ := parseImageString(cns.Spec.Template.Spec.InitContainers[0].Image) cns.Spec.Template.Spec.InitContainers[0].Image = getImageString(initImage, imageTag) - cns.Spec.Template.Spec.InitContainers[0].Args = []string{"deploy", "azure-ipam", "-o", "/opt/cni/bin/azure-ipam", "azilium.conflist", "-o", "/etc/cni/net.d/05-cilium.conflist", "cilium-cni", "-o", "/opt/cni/bin/cilium-cni"} + cns.Spec.Template.Spec.InitContainers[0].Args = []string{"deploy", "azure-ipam", "-o", "/opt/cni/bin/azure-ipam", "azilium.conflist", "-o", "/etc/cni/net.d/05-cilium.conflist"} } } else { log.Printf("Env %v not set to true, skipping", envInstallAzilium) From 92f01f03d45ee4962633f6c0f46adf0c3e5cf634 Mon Sep 17 00:00:00 2001 From: camrynl <31013536+camrynl@users.noreply.github.com> Date: Thu, 1 Sep 2022 13:39:23 -0700 Subject: [PATCH 5/5] update setup_test --- test/integration/setup_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/test/integration/setup_test.go b/test/integration/setup_test.go index a3e95bb48f..a43fb5adcf 100644 --- a/test/integration/setup_test.go +++ b/test/integration/setup_test.go @@ -120,6 +120,7 @@ func installCNSDaemonset(ctx context.Context, clientset *kubernetes.Clientset, l initImage, _ := parseImageString(cns.Spec.Template.Spec.InitContainers[0].Image) cns.Spec.Template.Spec.InitContainers[0].Image = getImageString(initImage, cniDropgzVersion) cns.Spec.Template.Spec.InitContainers[0].Args = []string{"deploy", "azure-ipam", "-o", "/opt/cni/bin/azure-ipam", "azilium.conflist", "-o", "/etc/cni/net.d/05-cilium.conflist"} + } } else { log.Printf("Env %v not set to true, skipping", envInstallAzilium) }