Add CI for testing antrea compatibility with 4 K8s versions on CAPA #5476
Conversation
jainpulkit22
force-pushed
the
capi-aws
branch
17 times, most recently
from
3f232e3
to
41a1ec1
Compare
jainpulkit22
force-pushed
the
capi-aws
branch
2 times, most recently
from
babe134
to
da53932
Compare
jainpulkit22
force-pushed
the
capi-aws
branch
3 times, most recently
from
7ecfa8d
to
88787a4
Compare
rajnkamr
added
area/provider/aws
jainpulkit22
changed the title
jainpulkit22
force-pushed
the
capi-aws
branch
from
88787a4
to
586dd0d
Compare
|
/test-rancher-e2e |
jainpulkit22
force-pushed
the
capi-aws
branch
from
586dd0d
to
5c8ce8d
Compare
|
@jainpulkit22 , |
using Cluster API, with provider as AWS. Signed-off-by: Pulkit Jain <jainpu@vmware.com> Signed-off-by: Shengkai Lin <jefflin@sjtu.edu.cn> Signed-off-by: Zhengsheng Zhou <zhengshengz@vmware.com>
jainpulkit22
force-pushed
the
capi-aws
branch
from
5c8ce8d
to
d0052b6
Compare
| #!/bin/bash | ||
| set -ex | ||
| DOCKER_REGISTRY="$(head -n1 ci/docker-registry)" | ||
| export JOB_NAME="matrix-${TEST_OS}-k8s-${K8S_VERSION//./-}-build-num" |
There was a problem hiding this comment.
I think Jenkins has a built-in variable JOB_NAME. We assign a custom value here. Is it because the custom values is more readable? In this case, maybe use CLUSTER_NAME as variable name. Same for JOB_NAME in other builders.
There was a problem hiding this comment.
we can do that as well, i preferred this because it was already in use, when i started working on capa task.
| ./ci/jenkins/test-vmc.sh --cluster-name "${JOB_NAME}-${BUILD_NUMBER}" --setup-only --provider aws --aws-region "us-west-2" --aws-access-key-id "${AWS_ACCESS_KEY}" --aws-secret-access-key "${AWS_SECRET_KEY}" --aws-service-user-name "${AWS_SERVICE_USER_NAME}" --aws-service-user-role "${AWS_SERVICE_USER_ROLE_ARN}" --aws-vpc-id "${CAPA_VPC}" --aws-subnet-id "${CAPA_SUBNET}" | ||
| testcases=("e2e" "conformance" "networkpolicy") | ||
| failure=0 | ||
| for testcase in "${testcases[@]}"; do |
There was a problem hiding this comment.
I think we need to turn off errexit before running the test, and turn on errexit after running the test. For example:
set +e
for testcase in ...; do
...
done
set -e
| if [[ $result == 124 ]]; then | ||
| echo "Error: Clean up job of ${clustername} timeout" | ||
| fi | ||
| if [[ $result == 124 ]]; then |
There was a problem hiding this comment.
Not sure why there are two result == 124 conditions?
| branches: | ||
| - '*/main' | ||
| included_regions: [] | ||
| cron: '' # 'H H * * *' |
There was a problem hiding this comment.
Can you explain why it's '' # 'H H * * *' ? I thought it should be 'H H * * *'. Same question for cron on line 1115.
| - v1.23.1 | ||
| - v1.24.1 | ||
| - v1.25.1 | ||
| - v1.26.1 |
There was a problem hiding this comment.
Are K8s v1.27 and v1.28 supported? Maybe we can change this to v1.25-v1.28.
| shift 2 | ||
| if [ "$provider" = "aws" ]; then | ||
| SSH_USERNAME=ubuntu | ||
| SKIP_LIST="TestEgress|TestProxy|TestProxyHairpinIPv4" |
There was a problem hiding this comment.
May I know why these test cases need to be skipped? If need to skip them, maybe add short comment here to explain.
| sed -i "s/SSHAUTHORIZEDKEYS/default/g" ${GIT_CHECKOUT_DIR}/jenkins/out/cluster.yaml | ||
| sed -i "s/CLUSTERNAMESPACE/${CLUSTER}/g" ${GIT_CHECKOUT_DIR}/jenkins/out/namespace.yaml | ||
|
|
||
| sleep 15s |
There was a problem hiding this comment.
A bit confused, too. When did it trigger or start the initialization of the management cluster? I thought the management cluster was created in advance, and it should be ready before creating any workload clusters.
| export AWS_CONTROLLER_IAM_ROLE=$AWS_SERVICE_USER_ROLE_ARN | ||
| clusterctl delete --infrastructure aws | ||
| export AWS_B64ENCODED_CREDENTIALS=$(clusterawsadm bootstrap credentials encode-as-profile --region $AWS_REGION) | ||
| clusterctl init --infrastructure aws |
There was a problem hiding this comment.
Can you explain why it need to run clusterctl delete and init here? Is it because the temporary assumed role has been expired?
| export AWS_B64ENCODED_CREDENTIALS=$(clusterawsadm bootstrap credentials encode-as-profile --region $AWS_REGION) | ||
| clusterctl init --infrastructure aws | ||
|
|
||
| kubectl delete cluster ${CLUSTER} -n ${CLUSTER} |
There was a problem hiding this comment.
After deleting the cluster, can it traverse though all kinds of resources in the cluster template, and kubectl delete --all $KIND -n ${CLUSTER}, and finally delete the namespace? If this still cannot delete the ec2 and LB instance, it can try deleting via ec2 and elb commands.
| aws elb delete-load-balancer --load-balancer-name ${loadbalancer_name} | ||
| sleep 90s | ||
|
|
||
| echo "=== Cleaning up Security Groups ===" |
There was a problem hiding this comment.
Can it keep the security groups? In case some clusters are created at the same time, the security group may be used by other clusters.
|
Our cloud CI has been migrated to jenkins.antrea.io, please continue verifying the job changes on it. |
|
@jainpulkit22 are you still actively working on this? please help to estimate your bandwidth and make sure you deliver this in Antrea 2.0, or please remove it from the milestone if it's not a must-have. |
|
@luolanzone , |
rajnkamr
changed the title
|
Paused for now, shifting to CAPV testbeds or GCP testbeds. |
Add CI for testing compatibility with previous four K8s versions using Cluster API, with provider as AWS.