Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable running connectivity tests requiring a node without Cilium in combination with clustermesh #2191

Merged
merged 9 commits into from
Jan 9, 2024
Merged

Enable running connectivity tests requiring a node without Cilium in combination with clustermesh #2191

merged 9 commits into from
Jan 9, 2024

Conversation

giorio94
Copy link
Member

Please review commit by commit, and refer to the individual messages for additional details.

@giorio94 giorio94 force-pushed the pr/giorio94/more-tests-compatible-with-clustermesh branch from 8761380 to d1534e6 Compare December 15, 2023 17:04
@giorio94 giorio94 force-pushed the pr/giorio94/more-tests-compatible-with-clustermesh branch from d1534e6 to f482c1f Compare December 15, 2023 17:45
@giorio94 giorio94 force-pushed the pr/giorio94/more-tests-compatible-with-clustermesh branch from f482c1f to 709898d Compare December 18, 2023 11:00
@giorio94 giorio94 force-pushed the pr/giorio94/more-tests-compatible-with-clustermesh branch from 709898d to 70fe178 Compare December 18, 2023 11:26
@giorio94
Copy link
Member Author

Additionally tested in cilium/cilium#29926

@giorio94 giorio94 marked this pull request as ready for review December 18, 2023 13:17
@giorio94 giorio94 requested review from a team as code owners December 18, 2023 13:17
@giorio94 giorio94 mentioned this pull request Dec 18, 2023
Merged
nbusseneau
nbusseneau approved these changes Dec 19, 2023
View reviewed changes
Copy link
Member

@nbusseneau nbusseneau left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks sensible to me, I suppose similar changes to the multicluster workflow on the main repo will be needed?

@giorio94
Copy link
Member Author

This looks sensible to me, I suppose similar changes to the multicluster workflow on the main repo will be needed?

Yes, they are part of cilium/cilium#29926.

brb
brb approved these changes Dec 20, 2023
View reviewed changes
Copy link
Member

@brb brb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 8, 2024
@tklauser
Copy link
Member

tklauser commented Jan 9, 2024

@giorio94 looks like this picked up a merge conflict. Could you please rebase and resolve?

@tklauser tklauser added the needs-rebase This PR needs to be rebased because it has merge conflicts. label Jan 9, 2024
@giorio94
connectivity: fix wait for external deployment with clustermesh
c1ab6cf 
Currently, the deployment originating the pod scheduled on a node
without Cilium is added to the incorrect wait list. While this does
not create issues in single cluster environments (given that they
are merged anyhow as there's a single client), it does not work
with clustermesh, as we would use the incorrect client to wait
until it becomes ready.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
connectivity: detect PodCIDR for both local and remote nodes
1c65f6f 
The detected PodCIDRs are later used to configure the routes
required by "from-outside" tests. Let's make sure that we
retrieve them for both local and remote nodes when clustermesh
is enabled, so that we can run these tests also in that case.

From outside tests work under the assumption that the nodes (of both
clusters) are on the same LAN, and therefore we can configure a
direct route targeting them. This holds for CI workflows using Kind.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
connectivity: skip more nodeport tests with clustermesh + KPR disabled
5bbe3bb 
756b7a2 ("connectivity: skip nodeport tests with clustermesh if KPR is
disabled") skipped the execution of NodePort tests in the aforementioned
scenario, as iptables/ipvs don't know about remote endpoints.

Let's add the same requisite also to the other N/S loadbalancing tests,
to ensure they are compatible with clustermesh.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
connectivity: make ingress target echo-other-node deployment
fb47d8f 
The echo-other-node deployment is hosted on the remote cluster in case
of clustermesh, which allows to additionally test that ingress and multi
cluster services play well together.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
connectivity: make from external to pod tests ipv6 friendly
df392fc 
Extend the tests generating traffic from nodes external to the cluster
(i.e., without Cilium) to the echo pods to cover both address families,
when enabled. To this end, let's additionally configure routes towards
the IPv6 PodCIDR. We explicitly skip the configuration for the CIDRs of
the nodes where Cilium is not installed, as the insertion of an IPv6
route with next hop a local address appears to fail with:

  ip: RTNETLINK answers: Invalid argument

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
connectivity: explicitly wait for daemonsets to become ready
3794d31 
Make sure that the host-netns daemonsets leveraged by the connectivity
tests are ready before proceeding with the subsequent checks, to prevent
possible flakiness caused by some pods not being yet completely running.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
gha: don't wait for kind clusters to become ready
33574ae 
They will never, because no CNI is present at that point. Hence, let's
just avoid wasting one minute waiting for the timeout to expire.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
gha: switch to kubeadm.k8s.io/v1beta3 API
5e3f7cd 
The v1beta2 API is no longer recognized by newer versions of kubeadm.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94
gha: enable node without cilium tests for clustermesh
e6ddd1c 
Let's make sure that we don't introduce regressions in the tests
requiring an external node that doesn't run cilium when enabled
in combination with clustermesh.

Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
@giorio94 giorio94 force-pushed the pr/giorio94/more-tests-compatible-with-clustermesh branch from 70fe178 to e6ddd1c Compare January 9, 2024 09:55
@giorio94 giorio94 removed needs-rebase This PR needs to be rebased because it has merge conflicts. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. labels Jan 9, 2024
@giorio94
Copy link
Member Author

giorio94 commented Jan 9, 2024

@giorio94 looks like this picked up a merge conflict. Could you please rebase and resolve?

Thanks for the heads up! Rebased.

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 9, 2024
@tklauser tklauser merged commit 38f066e into main Jan 9, 2024
13 checks passed
@tklauser tklauser deleted the pr/giorio94/more-tests-compatible-with-clustermesh branch January 9, 2024 13:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brb brb brb approved these changes

@squeed squeed squeed approved these changes

@christarazi christarazi christarazi approved these changes

@nbusseneau nbusseneau nbusseneau approved these changes

Assignees
No one assigned
Labels
ready-to-merge This PR has passed all tests and received consensus from code owners to merge.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@giorio94 @tklauser @brb @squeed @christarazi @nbusseneau