kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #11374 from ilya-zuyev/ilyaz/hairpin_test 

Fix TestNetworkPlugins/group/auto/HairPin
pull/11405/head
Medya Ghazizadeh 2021-05-13 11:45:57 -07:00 committed by GitHub
parent c97984a4b9 0de5687f92
commit db917920b5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
site/content/en/docs/contrib/tests.en.md
View File

@ -267,6 +267,11 @@ tests all supported CNI options
Options tested: kubenet, bridge, flannel, kindnet, calico, cilium
Flags tested: enable-default-cni (legacy), false (CNI off), auto-detection
#### validateHairpinMode
makes sure the hairpinning (https://en.wikipedia.org/wiki/Hairpinning) is correctly configured for given CNI
try to access deployment/netcat pod using external, obtained from 'netcat' service dns resolution, IP address
should fail if hairpinMode is off
## TestChangeNoneUser
tests to make sure the CHANGE_MINIKUBE_NONE_USER environemt variable is respected
and changes the minikube file permissions from root to the correct user.
@ -357,4 +362,4 @@ upgrades Kubernetes from oldest to newest
## TestMissingContainerUpgrade
tests a Docker upgrade where the underlying container is missing
TEST COUNT: 114
TEST COUNT: 115

37
test/integration/net_test.go
View File

@ -49,7 +49,8 @@ func TestNetworkPlugins(t *testing.T) {
podLabel string
hairpin bool
}{
{"auto", []string{}, "", "", false},
// for containerd and crio runtimes kindnet CNI is used by default and hairpin is enabled
{"auto", []string{}, "", "", ContainerRuntime() != "docker"},
{"kubenet", []string{"--network-plugin=kubenet"}, "kubenet", "", true},
{"bridge", []string{"--cni=bridge"}, "cni", "", true},
{"enable-default-cni", []string{"--enable-default-cni=true"}, "cni", "", true},
@ -172,20 +173,7 @@ func TestNetworkPlugins(t *testing.T) {
if !t.Failed() {
t.Run("HairPin", func(t *testing.T) {
tryHairPin := func() error {
_, err := Run(t, exec.CommandContext(ctx, "kubectl", "--context", profile, "exec", "deployment/netcat", "--", "/bin/sh", "-c", "nc -w 5 -i 5 -z netcat 8080"))
return err
}
if tc.hairpin {
if err := retry.Expo(tryHairPin, 1*time.Second, Seconds(60)); err != nil {
t.Errorf("failed to connect via pod host: %v", err)
}
} else {
if tryHairPin() == nil {
t.Fatalf("hairpin connection unexpectedly succeeded - misconfigured test?")
}
}
validateHairpinMode(ctx, t, profile, tc.hairpin)
})
}
@ -195,6 +183,25 @@ func TestNetworkPlugins(t *testing.T) {
})
}
// validateHairpinMode makes sure the hairpinning (https://en.wikipedia.org/wiki/Hairpinning) is correctly configured for given CNI
// try to access deployment/netcat pod using external, obtained from 'netcat' service dns resolution, IP address
// should fail if hairpinMode is off
func validateHairpinMode(ctx context.Context, t *testing.T, profile string, hairpin bool) {
tryHairPin := func() error {
_, err := Run(t, exec.CommandContext(ctx, "kubectl", "--context", profile, "exec", "deployment/netcat", "--", "/bin/sh", "-c", "nc -w 5 -i 5 -z netcat 8080"))
return err
}
if hairpin {
if err := retry.Expo(tryHairPin, 1*time.Second, Seconds(60)); err != nil {
t.Errorf("failed to connect via pod host: %v", err)
}
} else {
if tryHairPin() == nil {
t.Fatalf("hairpin connection unexpectedly succeeded - misconfigured test?")
}
}
}
func verifyKubeletFlagsOutput(t *testing.T, kubeletPlugin, out string) {
if kubeletPlugin == "" {
if strings.Contains(out, "--network-plugin") && ContainerRuntime() == "docker" {