-
Notifications
You must be signed in to change notification settings - Fork 347
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The following changes were required: * Disable TX HW checksum offload in containers. This is done in the Antrea CNI server when setting-up Pod networking, using an ioctl ethtool system call. * Disable TX HW checksum offload in the Linux host for the veth interface of each Kind Node. This must be done by invoking an additional script (hack/kind_linux.sh) after creating the Kind cluster. * Create a secondary br-phy bridge on each Node, as required by OVS userspace tunneling. * Use a new version of start_ovs (start_ovs_netdev) which modifies the ovs-ctl script in-place to avoid loading the kernel module. Refer to #14 for the rationale for all the above bullet points. A new test "provider" was added to the e2e test framework so that all the e2e tests can be run on Kind clusters. As part of this, some changes to the framework had to be performed. For example it is impractical to run SSH commands on Kind Nodes - as they do not have an SSH server - so instead we use "docker exec". Fixes #14 Fixes #13
- Loading branch information
1 parent
e34cc0e
commit c7c497d
Showing
22 changed files
with
507 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
name: Kind | ||
on: | ||
pull_request: | ||
branches: | ||
- master | ||
- release-* | ||
jobs: | ||
test-unit: | ||
name: E2e tests on a Kind cluster on Linux | ||
runs-on: [ubuntu-18.04] | ||
steps: | ||
- uses: actions/checkout@v1 | ||
- uses: actions/setup-go@v1 | ||
with: | ||
go-version: 1.12 | ||
- name: Build Antrea image | ||
run: make | ||
- name: Install Kind | ||
env: | ||
KIND_VERSION: v0.6.0 | ||
run: | | ||
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | ||
chmod +x ./kind | ||
sudo mv kind /usr/local/bin | ||
- name: Create Kind cluster | ||
run: | | ||
kind create cluster --config ci/kind/config.yml | ||
kind get nodes | xargs ./hack/kind_linux.sh | ||
- name: Deploy Antrea | ||
# kubectl is installed on the Github Ubuntu 18.04 worker | ||
run: | | ||
kind load docker-image antrea/antrea-ubuntu:latest | ||
./hack/generate-manifest.sh --kind | kubectl apply -f - | ||
- name: Printing some debug information | ||
run: | | ||
sleep 30 | ||
kubectl get -A all | ||
kubectl -n kube-system logs --all-containers -l app=antrea | ||
- name: Run e2e tests | ||
run: | | ||
./hack/generate-manifest.sh --kind | docker exec -i kind-control-plane dd of=/root/antrea.yml | ||
go test github.com/vmware-tanzu/antrea/test/e2e -provider=kind |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
FROM ubuntu:18.04 | ||
|
||
LABEL maintainer="Antrea <projectantrea-dev@googlegroups.com>" | ||
LABEL description="A Docker image based on Ubuntu 18.04 which includes ethtool and ip tools." | ||
|
||
RUN apt-get update && \ | ||
apt-get install -y --no-install-recommends ethtool iproute2 && \ | ||
rm -rf /var/cache/apt/* /var/lib/apt/lists/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
# images/ethtool | ||
|
||
This Docker image is a very lightweight image based on Ubuntu 18.04 which | ||
includes ethtool and the ip tools. | ||
|
||
If you need to build a new version of the image and push it to Dockerhub, you | ||
can run the following: | ||
|
||
```bash | ||
cd build/images/ethtool | ||
docker build -t antrea/ethtool:latest . | ||
docker push antrea/ethtool:latest | ||
``` | ||
|
||
The `docker push` command will fail if you do not have permission to push to the | ||
`antrea` Dockerhub repository. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
#!/usr/bin/env bash | ||
|
||
source logging | ||
source daemon_status | ||
|
||
CONTAINER_NAME="antrea-ovs" | ||
OVS_DB_FILE="/var/run/openvswitch/conf.db" | ||
|
||
set -euo pipefail | ||
|
||
hwaddr=$(ip link show eth0 | grep link/ether | awk '{print $2}') | ||
inet=$(ip addr show eth0 | grep "inet " | awk '{ print $2 }') | ||
gw=$(ip route | grep default | awk '{ print $3 }') | ||
|
||
# Modify ovs-ctl so that the kernel module is no longer loaded since it is not | ||
# needed when using OVS in userspace mode. It also enables running OVS with the | ||
# netdev datapath type on platforms which do not have the OVS kernel module. | ||
# This is easier than starting daemons manually... | ||
function fix_ovs_ctl { | ||
sed -i 's/\(\w*\)\(insert_mod_if_required || return 1\)/\1# \2/' /usr/share/openvswitch/scripts/ovs-ctl | ||
} | ||
|
||
# See http://docs.openvswitch.org/en/latest/howto/userspace-tunneling/ | ||
function add_br_phy { | ||
log_info $CONTAINER_NAME "Creating OVS br-phy bridge for netdev datapath type" | ||
ovs-vsctl --may-exist add-br br-phy \ | ||
-- set Bridge br-phy datapath_type=netdev \ | ||
-- br-set-external-id br-phy bridge-id br-phy \ | ||
-- set bridge br-phy fail-mode=standalone \ | ||
other_config:hwaddr="$hwaddr" | ||
|
||
ovs-vsctl --timeout 10 add-port br-phy eth0 | ||
ip addr add "$inet" dev br-phy | ||
ip link set br-phy up | ||
ip addr flush dev eth0 2>/dev/null | ||
ip link set eth0 up | ||
ip route add default via "$gw" dev br-phy | ||
} | ||
|
||
function del_br_phy { | ||
log_info $CONTAINER_NAME "Deleting OVS br-phy bridge" | ||
ovs-vsctl del-port br-phy eth0 | ||
ovs-vsctl del-br br-phy | ||
ip addr add "$inet" dev eth0 | ||
ip link set eth0 up | ||
ip route add default via "$gw" dev eth0 | ||
} | ||
|
||
function start_ovs { | ||
log_info $CONTAINER_NAME "Starting OVS" | ||
/usr/share/openvswitch/scripts/ovs-ctl --system-id=random start --db-file=$OVS_DB_FILE | ||
} | ||
|
||
function stop_ovs { | ||
log_info $CONTAINER_NAME "Stopping OVS" | ||
/usr/share/openvswitch/scripts/ovs-ctl stop | ||
} | ||
|
||
SLEEP_PID= | ||
|
||
function quit { | ||
log_info $CONTAINER_NAME "Stopping OVS before quit" | ||
# delete the bridge and move IP address back to eth0 to restore connectivity | ||
# when OVS is stopped. | ||
del_br_phy | ||
stop_ovs | ||
# kill background sleep process | ||
if [ "$SLEEP_PID" != "" ]; then kill $SLEEP_PID > /dev/null 2>&1 || true; fi | ||
exit 0 | ||
} | ||
|
||
# Do not trap EXIT as it would then ignore the "exit 0" statement in quit and | ||
# exit with code 128 + SIGNAL | ||
trap "quit" INT TERM | ||
|
||
fix_ovs_ctl | ||
|
||
start_ovs | ||
add_br_phy | ||
|
||
log_info $CONTAINER_NAME "Started the loop that checks OVS status every 30 seconds" | ||
while true; do | ||
# we run sleep in the background so that we can immediately exit when we | ||
# receive SIGINT / SIGTERM | ||
# see https://stackoverflow.com/questions/32041674/linux-how-to-kill-sleep | ||
sleep 30 & | ||
SLEEP_PID=$! | ||
wait $SLEEP_PID | ||
|
||
if ! check_ovs_status ; then | ||
# OVS was stopped in the container. | ||
log_warning $CONTAINER_NAME "OVS was stopped. Starting it again" | ||
|
||
start_ovs | ||
fi | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
apiVersion: apps/v1 | ||
kind: DaemonSet | ||
metadata: | ||
name: antrea-agent | ||
spec: | ||
template: | ||
spec: | ||
containers: | ||
- name: antrea-ovs | ||
command: ["start_ovs_netdev"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
kind: Cluster | ||
apiVersion: kind.sigs.k8s.io/v1alpha3 | ||
networking: | ||
disableDefaultCNI: true | ||
podSubnet: 10.10.0.0/16 | ||
nodes: | ||
- role: control-plane | ||
- role: worker |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
#!/usr/bin/env bash | ||
|
||
# Copyright 2019 Antrea Authors | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
# This script is required for Antrea to work properly in a Kind cluster on Linux. It takes care of | ||
# disabling TX hardware checksum offload for the veth interface (in the host's network namespace) of | ||
# each Kind Node. This is required when using OVS in userspace mode. Refer to | ||
# https://github.com/vmware-tanzu/antrea/issues/14 for more information. | ||
|
||
# The script uses the antrea/ethtool Docker image (so that ethtool does not need to be installed on | ||
# the Linux host). | ||
|
||
for node in "$@"; do | ||
peerIdx=$(docker exec "$node" ip link | grep eth0 | awk -F[@:] '{ print $3 }' | cut -c 3-) | ||
peerName=$(docker run --net=host antrea/ethtool:latest ip link | grep "$peerIdx": | awk -F[:@] '{ print $2 }' | cut -c 2-) | ||
echo "Disabling TX checksum offload for node $node ($peerName)" | ||
docker run --net=host --privileged antrea/ethtool:latest ethtool -K "$peerName" tx off | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.