test: Parallelize host firewall test

For each of the host firewall test cases, we check both an allowed and a blocked request. We therefore spend a fair amount of time waiting for the timeout to occur on blocked requests. We can parallelize test cases to waste less time. Signed-off-by: Paul Chaignon <paul@cilium.io>
cilium · May 11, 2021 · 9e141aa · 9e141aa
1 parent 79e5351
commit 9e141aa
Showing 1 changed file with 45 additions and 17 deletions.
diff --git a/test/k8sT/DatapathConfiguration.go b/test/k8sT/DatapathConfiguration.go
@@ -23,6 +23,7 @@ import (
 	"regexp"
 	"strconv"
 	"strings"
+	"sync"
 	"time"
 
 	"github.com/cilium/cilium/test/config"
@@ -892,23 +893,50 @@ func testHostFirewall(kubectl *helpers.Kubectl) {
 	_, err := kubectl.CiliumPolicyAction(randomNs, demoHostPolicies, helpers.KubectlApply, helpers.HelperTimeout)
 	ExpectWithOffset(1, err).Should(BeNil(), fmt.Sprintf("Error creating resource %s: %s", demoHostPolicies, err))
 
-	By("Checking host policies on ingress from local pod")
-	testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClient", "zgroup=testServerHost", false)
-
-	By("Checking host policies on ingress from remote pod")
-	testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClient", "zgroup=testServerHost", true)
-
-	By("Checking host policies on egress to local pod")
-	testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClientHost", "zgroup=testServer", false)
-
-	By("Checking host policies on egress to remote pod")
-	testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClientHost", "zgroup=testServer", true)
-
-	By("Checking host policies on ingress from remote node")
-	testHostFirewallWithPath(kubectl, randomNs, "zgroup=testServerHost", "zgroup=testClientHost", true)
-
-	By("Checking host policies on egress to remote node")
-	testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClientHost", "zgroup=testServerHost", true)
+	var wg sync.WaitGroup
+	wg.Add(1)
+	go func() {
+		defer GinkgoRecover()
+		defer wg.Done()
+		By("Checking host policies on ingress from local pod")
+		testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClient", "zgroup=testServerHost", false)
+	}()
+	wg.Add(1)
+	go func() {
+		defer GinkgoRecover()
+		defer wg.Done()
+		By("Checking host policies on ingress from remote pod")
+		testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClient", "zgroup=testServerHost", true)
+	}()
+	wg.Add(1)
+	go func() {
+		defer GinkgoRecover()
+		defer wg.Done()
+		By("Checking host policies on egress to local pod")
+		testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClientHost", "zgroup=testServer", false)
+	}()
+	wg.Add(1)
+	go func() {
+		defer GinkgoRecover()
+		defer wg.Done()
+		By("Checking host policies on egress to remote pod")
+		testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClientHost", "zgroup=testServer", true)
+	}()
+	wg.Add(1)
+	go func() {
+		defer GinkgoRecover()
+		defer wg.Done()
+		By("Checking host policies on ingress from remote node")
+		testHostFirewallWithPath(kubectl, randomNs, "zgroup=testServerHost", "zgroup=testClientHost", true)
+	}()
+	wg.Add(1)
+	go func() {
+		defer GinkgoRecover()
+		defer wg.Done()
+		By("Checking host policies on egress to remote node")
+		testHostFirewallWithPath(kubectl, randomNs, "zgroup=testClientHost", "zgroup=testServerHost", true)
+	}()
+	wg.Wait()
 }
 
 func testHostFirewallWithPath(kubectl *helpers.Kubectl, randomNs, client, server string, crossNodes bool) {