[DNM] Observ: testing #2299
Draft
[DNM] Observ: testing #2299
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: npinaeva The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Martin Kennelly <[email protected]>
Prior to this PR, we may try to insert a rule to jump to a chain that doesn't exist. Signed-off-by: Martin Kennelly <[email protected]>
ensure that user defined networks are using ipfamilies that the cluster supports Signed-off-by: Jacob Tanenbaum <[email protected]>
currently the udn/nad primary network e2e testing does nothing to check to state of the cluster before creating the network. This makes it possible to test primary networks with ip families that the underlying cluster does not support which is not possible. This commit ensures that e2e testing will only create primary networks that conform to the cluster being tested Signed-off-by: Jacob Tanenbaum <[email protected]>
adding testing using User Defined Network objects to pod2Egress testing and "isolates overlapping CIDRs" tests Signed-off-by: Jacob Tanenbaum <[email protected]>
This commit is to add some unit tests to make sure proper NAT entries are being created i NBDB while DisableSNATMultipleGWs is set to true. Signed-off-by: Arnab Ghosh <[email protected]>
Signed-off-by: Enrique Llorente <[email protected]>
In our e2e tests, a strange behaviour for ipv6 was seen: newly created pod can't reach ipv6 destination. But if the same pod is re-created, everything works. We don't know what causes that behaviour, so given function is a workaround for this issue. It also only historically fails for the first ef test "Should validate the egress firewall policy functionality for allowed IP", so only used there for now. Signed-off-by: Nadia Pinaeva <[email protected]>
When users attach pod to a secondary network and override the default route pod. It will cause the assymetric routing for service haripin traffic. We add static routes to ensure the traffic to the hairpin masquerade IP always goes to OVN. Signed-off-by: Peng Liu <[email protected]>
There are some expectation at the dev-env interface at metallb that can change and break ovn-k CI, let's pin it so we can propertly consume those changes at a PR later on. Signed-off-by: Enrique Llorente <[email protected]>
Test opens a TCP connection that simulates a GCP LB environment where the packet is redirected via iptables to a local server on a node. Note, in GCP the LB does not DNAT the VIP, so the packet arrives to the node with the GCP VIP on it. In OCP, we then redirect that packet to the local kapi server running on the node. Once the test opens the TCP connection, it leaves it open for 2 minutes while ovnkube-node is then deleted. Post ovn-controller starting it should not flush the conntrack in zone 0, and the test ensures that the conntrack entry still exists. Recent OVN regression that prompted this E2E: https://issues.redhat.com/browse/FDP-773 Signed-off-by: Tim Rozet <[email protected]>
Signed-off-by: Tim Rozet <[email protected]>
When deploying the kind cluster, in order to allow running VMs with primary-UDN, the kubevirt CR is patched with: - NetworkBindingPlugins feature gate. - the passt network binding Signed-off-by: Ram Lavi <[email protected]>
Co-authored-by: Miguel Duarte Barroso <[email protected]> Signed-off-by: Ram Lavi <[email protected]>
Signed-off-by: Ram Lavi <[email protected]>
Separating two different installations into different functions. In future commit this will allow deploying kubevirt-ipam separately when needed. Signed-off-by: Ram Lavi <[email protected]>
Although they usually deployed together, ipam may sometimes need to be deployed out of band for dev purposes. For this purpose, introducing an opt-out flag that will prevent installing the latest ipam-controller while still installing cert-manager. Signed-off-by: Ram Lavi <[email protected]>
Signed-off-by: Miguel Duarte Barroso <[email protected]>
As a bonus add some coverage to the function that generates the syntetic network selection element we use to request the primary UDN attachment. Signed-off-by: Miguel Duarte Barroso <[email protected]>
Signed-off-by: Enrique Llorente <[email protected]>
Co-authored-by: Miguel Duarte Barroso <[email protected]> Signed-off-by: Enrique Llorente <[email protected]>
Signed-off-by: Enrique Llorente <[email protected]>
Signed-off-by: Miguel Duarte Barroso <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
It allows using `*string` as a client index. Signed-off-by: Nadia Pinaeva <[email protected]>
Use freshly-baked libovsdb functionality to index ACLs by sample_new and sample_est. This allows to avoid expensive predicate search. Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
We were setting the hostSubnet as the clusterSubnet for UDN L3 which was creating wrong routes in ovn cluster router for UDN Signed-off-by: Surya Seetharaman <[email protected]>
Since hostSubnets was getting feeded as clusterSubnet when I fixed the hostSubnet in the previous commit we started to break GR routes Let's also fix that back up. Signed-off-by: Surya Seetharaman <[email protected]>
UTs were silently translating /16 to /24 which was not correct. Let's make the L3 tests pass the nodesubnet in as well to atleast make it more transparent which is what. Signed-off-by: Surya Seetharaman <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
|
/test |
|
@jtaleric: The
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Signed-off-by: Nadia Pinaeva <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.