kubernetes · k8s-ci-robot · Jun 28, 2019 · May 20, 2019 · May 20, 2019
diff --git a/test/images/BUILD b/test/images/BUILD
@@ -13,22 +13,16 @@ filegroup(
         ":package-srcs",
         "//test/images/agnhost:all-srcs",
         "//test/images/apparmor-loader:all-srcs",
-        "//test/images/audit-proxy:all-srcs",
-        "//test/images/crd-conversion-webhook:all-srcs",
         "//test/images/echoserver:all-srcs",
-        "//test/images/entrypoint-tester:all-srcs",
-        "//test/images/inclusterclient:all-srcs",
         "//test/images/metadata-concealment:all-srcs",
         "//test/images/mounttest:all-srcs",
         "//test/images/nonewprivs:all-srcs",
         "//test/images/pets/peer-finder:all-srcs",
-        "//test/images/porter:all-srcs",
         "//test/images/regression-issue-74839:all-srcs",
         "//test/images/resource-consumer:all-srcs",
         "//test/images/resource-consumer-controller:all-srcs",
         "//test/images/sample-apiserver:all-srcs",
         "//test/images/sample-device-plugin:all-srcs",
-        "//test/images/serve-hostname:all-srcs",
         "//test/images/test-webserver:all-srcs",
     ],
     tags = ["automanaged"],

diff --git a/test/images/agnhost/BUILD b/test/images/agnhost/BUILD
@@ -16,8 +16,12 @@ go_library(
     srcs = ["agnhost.go"],
     importpath = "k8s.io/kubernetes/test/images/agnhost",
     deps = [
+        "//test/images/agnhost/audit-proxy:go_default_library",
+        "//test/images/agnhost/crd-conversion-webhook:go_default_library",
         "//test/images/agnhost/dns:go_default_library",
+        "//test/images/agnhost/entrypoint-tester:go_default_library",
         "//test/images/agnhost/fakegitserver:go_default_library",
+        "//test/images/agnhost/inclusterclient:go_default_library",
         "//test/images/agnhost/liveness:go_default_library",
         "//test/images/agnhost/logs-generator:go_default_library",
         "//test/images/agnhost/net:go_default_library",
@@ -27,6 +31,8 @@ go_library(
         "//test/images/agnhost/no-snat-test-proxy:go_default_library",
         "//test/images/agnhost/pause:go_default_library",
         "//test/images/agnhost/port-forward-tester:go_default_library",
+        "//test/images/agnhost/porter:go_default_library",
+        "//test/images/agnhost/serve-hostname:go_default_library",
         "//test/images/agnhost/webhook:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
         "//vendor/k8s.io/klog:go_default_library",
@@ -44,8 +50,12 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
+        "//test/images/agnhost/audit-proxy:all-srcs",
+        "//test/images/agnhost/crd-conversion-webhook:all-srcs",
         "//test/images/agnhost/dns:all-srcs",
+        "//test/images/agnhost/entrypoint-tester:all-srcs",
         "//test/images/agnhost/fakegitserver:all-srcs",
+        "//test/images/agnhost/inclusterclient:all-srcs",
         "//test/images/agnhost/liveness:all-srcs",
         "//test/images/agnhost/logs-generator:all-srcs",
         "//test/images/agnhost/net:all-srcs",
@@ -55,6 +65,8 @@ filegroup(
         "//test/images/agnhost/no-snat-test-proxy:all-srcs",
         "//test/images/agnhost/pause:all-srcs",
         "//test/images/agnhost/port-forward-tester:all-srcs",
+        "//test/images/agnhost/porter:all-srcs",
+        "//test/images/agnhost/serve-hostname:all-srcs",
         "//test/images/agnhost/webhook:all-srcs",
     ],
     tags = ["automanaged"],

diff --git a/test/images/agnhost/Dockerfile b/test/images/agnhost/Dockerfile
@@ -20,15 +20,30 @@ CROSS_BUILD_COPY qemu-QEMUARCH-static /usr/bin/
 # install necessary packages:
 # - curl, nc: used by a lot of e2e tests
 # - iproute2: includes ss used in NodePort tests
-RUN apk --update add curl netcat-openbsd iproute2 && rm -rf /var/cache/apk/*
+# from iperf image
+# install necessary packages: iperf, bash
+RUN apk --update add curl netcat-openbsd iproute2 iperf bash && rm -rf /var/cache/apk/* \
+  && ln -s /usr/bin/iperf /usr/local/bin/iperf \
+  && ls -altrh /usr/local/bin/iperf
 
 # PORT 8080 needed by: netexec, nettest
 # PORT 8081 needed by: netexec
-EXPOSE 8080 8081
+# PORT 9376 needed by: serve-hostname
+EXPOSE 8080 8081 9376
 
 # from netexec
 RUN mkdir /uploads
 
+# from porter
+ADD porter/localhost.crt localhost.crt
+ADD porter/localhost.key localhost.key
+
 ADD agnhost agnhost
+
+# needed for the entrypoint-tester related tests. Some of the entrypoint-tester related tests
+# overrides this image's entrypoint with agnhost-2 binary, and will verify that the correct
+# entrypoint is used by the containers.
+RUN ln -s agnhost agnhost-2
+
 ENTRYPOINT ["/agnhost"]
 CMD ["pause"]
diff --git a/test/images/agnhost/README.md b/test/images/agnhost/README.md
@@ -31,7 +31,7 @@ For example, let's consider the following `pod.yaml` file:
       containers:
       - args:
         - dns-suffix
-        image: gcr.io/kubernetes-e2e-test-images/agnhost:2.1
+        image: gcr.io/kubernetes-e2e-test-images/agnhost:2.2
         name: agnhost
       dnsConfig:
         nameservers:
@@ -65,6 +65,35 @@ created with the `pause` argument instead, allowing us execute multiple commands
 The `agnhost` binary is a CLI with the following subcommands:
 
 
+### audit-proxy
+
+The audit proxy is used to test dynamic auditing. It listens on port 8080 for incoming audit
+events and writes them in a uniform manner to stdout.
+
+Usage:
+
+```console
+    kubectl exec test-agnhost -- /agnhost audit-proxy
+```
+
+
+### crd-conversion-webhook
+
+The subcommand tests `CustomResourceConversionWebhook`. After deploying it to Kubernetes cluster,
+the administrator needs to create a `CustomResourceConversion.Webhook` in Kubernetes cluster
+to use remote webhook for conversions.
+
+The subcommand starts a HTTP server, listening on port 443, and creating the `/crdconvert`
+endpoint.
+
+Usage
+
+```console
+    kubectl exec test-agnhost -- /agnhost crd-conversion-webhook \
+        [--tls-cert-file <tls-cert-file>] [--tls-private-key-file <tls-private-key-file>]
+```
+
+
 ### dns-server-list
 
 It will output the host's configured DNS servers, separated by commas.
@@ -87,6 +116,17 @@ Usage:
 ```
 
 
+### entrypoint-tester
+
+This subcommand will print the arguments it's passed and exists.
+
+Usage:
+
+```console
+    kubectl exec test-agnhost -- /agnhost entrypoint-tester foo lish args
+```
+
+
 ### etc-hosts
 
 It will output the contents of host's `hosts` file. This file's location is `/etc/hosts`
@@ -124,6 +164,22 @@ Usage:
 ```
 
 
+### inclusterclient
+
+The subcommand will periodically poll the Kubernetes `/healthz` endpoint using the in-cluster
+config. Because of this, the subcommand is meant to be run inside of a Kubernetes pod. It can
+also be used to validate token rotation.
+
+The given `--poll-interval` flag (default is 30 seconds) represents the poll interval in
+seconds of the call to `/healhz`.
+
+Usage:
+
+```console
+    kubectl exec test-agnhost -- /agnhost inclusterclient [--poll-interval <poll-interval>]
+```
+
+
 ### liveness
 
 Starts a simple server that is alive for 10 seconds, then reports unhealthy for the rest
@@ -165,14 +221,14 @@ Examples:
 
 ```console
 docker run -i \
-  gcr.io/kubernetes-e2e-test-images/agnhost:2.1 \
+  gcr.io/kubernetes-e2e-test-images/agnhost:2.2 \
   logs-generator --log-lines-total 10 --run-duration 1s
 ```
 
 ```console
 kubectl run logs-generator \
   --generator=run-pod/v1 \
-  --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.1 \
+  --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.2 \
   --restart=Never \
   -- logs-generator -t 10 -d 1s
 ```
@@ -299,7 +355,7 @@ Usage:
 ```console
     kubectl run test-agnhost \
       --generator=run-pod/v1 \
-      --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.1 \
+      --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.2 \
       --restart=Never \
       --env "POD_IP=<POD_IP>" \
       --env "NODE_IP=<NODE_IP>" \
@@ -366,6 +422,59 @@ Usage:
 ```
 
 
+### porter
+
+Serves requested data on ports specified in ENV variables. For example, if the the environment
+variable `SERVE_PORT_9001` is set, then the subcommand will start serving on the port 9001.
+Additionally, if the environment variable `SERVE_TLS_PORT_9002` is set, then the subcommand
+will start a TLS server on that port.
+
+The included `localhost.crt` is a PEM-encoded TLS cert with SAN IPs `127.0.0.1` and `[::1]`,
+expiring in January 2084, generated from `src/crypto/tls`:
+
+```console
+    go run generate_cert.go  --rsa-bits 2048 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h
+```
+
+To use a different cert/key, mount them into the pod and set the `CERT_FILE` and `KEY_FILE`
+environment variables to the desired paths.
+
+Usage:
+
+```console
+    kubectl exec test-agnhost -- /agnhost porter
+```
+
+[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/porter/README.md?pixel)]()
+
+
+### serve-hostname
+
+This is a small util app to serve your hostname on TCP and/or UDP. Useful for testing.
+
+The subcommand can accept the following flags:
+
+- `tcp` (default: `false`): Serve raw over TCP.
+- `udp` (default: `false`): Serve raw over UDP.
+- `http` (default: `true`): Serve HTTP.
+- `close` (default: `false`): Close connection per each HTTP request.
+- `port` (default: `9376`): The port number to listen to.
+
+Keep in mind that `--http` cannot be given at the same time as `--tcp` or `--udp`.
+
+Usage:
+
+```console
+    kubectl exec test-agnhost -- /agnhost serve-hostname [--tcp] [--udp] [--http] [--close] [--port <port>]
+```
+
+[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/contrib/for-demos/serve_hostname/README.md
+?pixel)]()
+
+[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/serve_hostname/README.md?pixel
+)]()
+
+
 ### webhook (Kubernetes External Admission Webhook)
 
 The subcommand tests MutatingAdmissionWebhook and ValidatingAdmissionWebhook. After deploying
@@ -382,8 +491,14 @@ Usage:
     kubectl exec test-agnhost -- /agnhost webhook [--tls-cert-file <key-file>] [--tls-private-key-file <cert-file>]
 ```
 
+
+## Other tools
+
+The image contains `iperf`.
+
+
 ## Image
 
-The image can be found at `gcr.io/kubernetes-e2e-test-images/agnhost:2.1` for Linux
-containers, and `e2eteam/agnhost:2.1` for Windows containers. In the future, the same
+The image can be found at `gcr.io/kubernetes-e2e-test-images/agnhost:2.2` for Linux
+containers, and `e2eteam/agnhost:2.2` for Windows containers. In the future, the same
 repository can be used for both OSes.
diff --git a/test/images/agnhost/VERSION b/test/images/agnhost/VERSION
@@ -1 +1 @@
-2.1
+2.2
diff --git a/test/images/agnhost/agnhost.go b/test/images/agnhost/agnhost.go
@@ -22,8 +22,12 @@ import (
 	"github.com/spf13/cobra"
 
 	"k8s.io/klog"
+	"k8s.io/kubernetes/test/images/agnhost/audit-proxy"
+	"k8s.io/kubernetes/test/images/agnhost/crd-conversion-webhook"
 	"k8s.io/kubernetes/test/images/agnhost/dns"
+	"k8s.io/kubernetes/test/images/agnhost/entrypoint-tester"
 	"k8s.io/kubernetes/test/images/agnhost/fakegitserver"
+	"k8s.io/kubernetes/test/images/agnhost/inclusterclient"
 	"k8s.io/kubernetes/test/images/agnhost/liveness"
 	"k8s.io/kubernetes/test/images/agnhost/logs-generator"
 	"k8s.io/kubernetes/test/images/agnhost/net"
@@ -33,15 +37,21 @@ import (
 	"k8s.io/kubernetes/test/images/agnhost/no-snat-test-proxy"
 	"k8s.io/kubernetes/test/images/agnhost/pause"
 	"k8s.io/kubernetes/test/images/agnhost/port-forward-tester"
+	"k8s.io/kubernetes/test/images/agnhost/porter"
+	"k8s.io/kubernetes/test/images/agnhost/serve-hostname"
 	"k8s.io/kubernetes/test/images/agnhost/webhook"
 )
 
 func main() {
 	rootCmd := &cobra.Command{Use: "app"}
+	rootCmd.AddCommand(auditproxy.CmdAuditProxy)
+	rootCmd.AddCommand(crdconvwebhook.CmdCrdConversionWebhook)
 	rootCmd.AddCommand(dns.CmdDNSSuffix)
 	rootCmd.AddCommand(dns.CmdDNSServerList)
 	rootCmd.AddCommand(dns.CmdEtcHosts)
+	rootCmd.AddCommand(entrypoint.CmdEntrypointTester)
 	rootCmd.AddCommand(fakegitserver.CmdFakeGitServer)
+	rootCmd.AddCommand(inclusterclient.CmdInClusterClient)
 	rootCmd.AddCommand(liveness.CmdLiveness)
 	rootCmd.AddCommand(logsgen.CmdLogsGenerator)
 	rootCmd.AddCommand(net.CmdNet)
@@ -50,7 +60,9 @@ func main() {
 	rootCmd.AddCommand(nosnat.CmdNoSnatTest)
 	rootCmd.AddCommand(nosnatproxy.CmdNoSnatTestProxy)
 	rootCmd.AddCommand(pause.CmdPause)
+	rootCmd.AddCommand(porter.CmdPorter)
 	rootCmd.AddCommand(portforwardtester.CmdPortForwardTester)
+	rootCmd.AddCommand(servehostname.CmdServeHostname)
 	rootCmd.AddCommand(webhook.CmdWebhook)
 
 	// NOTE(claudiub): Some tests are passing logging related flags, so we need to be able to

diff --git a/test/images/audit-proxy/BUILD → test/images/agnhost/audit-proxy/BUILD b/test/images/audit-proxy/BUILD → test/images/agnhost/audit-proxy/BUILD
@@ -1,25 +1,20 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
 
 go_library(
     name = "go_default_library",
     srcs = ["main.go"],
-    importpath = "k8s.io/kubernetes/test/images/audit-proxy",
-    visibility = ["//visibility:private"],
+    importpath = "k8s.io/kubernetes/test/images/agnhost/audit-proxy",
+    visibility = ["//visibility:public"],
     deps = [
         "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",
         "//staging/src/k8s.io/apiserver/pkg/apis/audit/install:go_default_library",
         "//staging/src/k8s.io/apiserver/pkg/apis/audit/v1:go_default_library",
         "//staging/src/k8s.io/apiserver/pkg/audit:go_default_library",
+        "//vendor/github.com/spf13/cobra:go_default_library",
     ],
 )
 
-go_binary(
-    name = "audit-proxy",
-    embed = [":go_default_library"],
-    visibility = ["//visibility:public"],
-)
-
 filegroup(
     name = "package-srcs",
     srcs = glob(["**"]),