New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test: Debug IPsec test #16700
test: Debug IPsec test #16700
Conversation
Signed-off-by: Paul Chaignon <paul@cilium.io>
In the IPsec test with native routing, the Cilium agent sometimes fails to determine the correct IPsec interface and fatals. In such case, we can't rely on the bugtool report to inspect routes (from which the interface is determined). This commit therefore dumps additional logs using the hostns log-gatherer pods. Signed-off-by: Paul Chaignon <paul@cilium.io>
test-1.19-5.4 |
6 similar comments
test-1.19-5.4 |
test-1.19-5.4 |
test-1.19-5.4 |
test-1.19-5.4 |
test-1.19-5.4 |
test-1.19-5.4 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why can't the bugtool retrieve this output?
Because the Cilium agent is fataling, so by the time we get the bugtool reports, the Cilium pods are crashlooping and we can't run anything on them. See https://jenkins.cilium.io/job/cilium-master-k8s-1.19-kernel-5.4/367/testReport/junit/Suite-k8s-1/19/K8sDatapathConfig_Transparent_encryption_DirectRouting_Check_connectivity_with_transparent_encryption_and_direct_routing/ from #16699. |
The changes here are not specific to IPsec or the datapath so skipping that review. Tests are passing. Merging. |
First commit cleans up some test conditions. The second adds some debug logs in case of failure, to help debug #16699.
Related: #16699.