-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DNM] Observ: testing #2299
base: master
Are you sure you want to change the base?
[DNM] Observ: testing #2299
Conversation
Skipping CI for Draft Pull Request. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: npinaeva The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Martin Kennelly <[email protected]>
Prior to this PR, we may try to insert a rule to jump to a chain that doesn't exist. Signed-off-by: Martin Kennelly <[email protected]>
ensure that user defined networks are using ipfamilies that the cluster supports Signed-off-by: Jacob Tanenbaum <[email protected]>
currently the udn/nad primary network e2e testing does nothing to check to state of the cluster before creating the network. This makes it possible to test primary networks with ip families that the underlying cluster does not support which is not possible. This commit ensures that e2e testing will only create primary networks that conform to the cluster being tested Signed-off-by: Jacob Tanenbaum <[email protected]>
adding testing using User Defined Network objects to pod2Egress testing and "isolates overlapping CIDRs" tests Signed-off-by: Jacob Tanenbaum <[email protected]>
This commit is to add some unit tests to make sure proper NAT entries are being created i NBDB while DisableSNATMultipleGWs is set to true. Signed-off-by: Arnab Ghosh <[email protected]>
Signed-off-by: Enrique Llorente <[email protected]>
In our e2e tests, a strange behaviour for ipv6 was seen: newly created pod can't reach ipv6 destination. But if the same pod is re-created, everything works. We don't know what causes that behaviour, so given function is a workaround for this issue. It also only historically fails for the first ef test "Should validate the egress firewall policy functionality for allowed IP", so only used there for now. Signed-off-by: Nadia Pinaeva <[email protected]>
When users attach pod to a secondary network and override the default route pod. It will cause the assymetric routing for service haripin traffic. We add static routes to ensure the traffic to the hairpin masquerade IP always goes to OVN. Signed-off-by: Peng Liu <[email protected]>
There are some expectation at the dev-env interface at metallb that can change and break ovn-k CI, let's pin it so we can propertly consume those changes at a PR later on. Signed-off-by: Enrique Llorente <[email protected]>
Test opens a TCP connection that simulates a GCP LB environment where the packet is redirected via iptables to a local server on a node. Note, in GCP the LB does not DNAT the VIP, so the packet arrives to the node with the GCP VIP on it. In OCP, we then redirect that packet to the local kapi server running on the node. Once the test opens the TCP connection, it leaves it open for 2 minutes while ovnkube-node is then deleted. Post ovn-controller starting it should not flush the conntrack in zone 0, and the test ensures that the conntrack entry still exists. Recent OVN regression that prompted this E2E: https://issues.redhat.com/browse/FDP-773 Signed-off-by: Tim Rozet <[email protected]>
Signed-off-by: Tim Rozet <[email protected]>
When deploying the kind cluster, in order to allow running VMs with primary-UDN, the kubevirt CR is patched with: - NetworkBindingPlugins feature gate. - the passt network binding Signed-off-by: Ram Lavi <[email protected]>
Co-authored-by: Miguel Duarte Barroso <[email protected]> Signed-off-by: Ram Lavi <[email protected]>
Signed-off-by: Ram Lavi <[email protected]>
Separating two different installations into different functions. In future commit this will allow deploying kubevirt-ipam separately when needed. Signed-off-by: Ram Lavi <[email protected]>
Although they usually deployed together, ipam may sometimes need to be deployed out of band for dev purposes. For this purpose, introducing an opt-out flag that will prevent installing the latest ipam-controller while still installing cert-manager. Signed-off-by: Ram Lavi <[email protected]>
Signed-off-by: Miguel Duarte Barroso <[email protected]>
As a bonus add some coverage to the function that generates the syntetic network selection element we use to request the primary UDN attachment. Signed-off-by: Miguel Duarte Barroso <[email protected]>
Signed-off-by: Enrique Llorente <[email protected]>
Co-authored-by: Miguel Duarte Barroso <[email protected]> Signed-off-by: Enrique Llorente <[email protected]>
Signed-off-by: Enrique Llorente <[email protected]>
Signed-off-by: Miguel Duarte Barroso <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
It allows using `*string` as a client index. Signed-off-by: Nadia Pinaeva <[email protected]>
Use freshly-baked libovsdb functionality to index ACLs by sample_new and sample_est. This allows to avoid expensive predicate search. Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
We were setting the hostSubnet as the clusterSubnet for UDN L3 which was creating wrong routes in ovn cluster router for UDN Signed-off-by: Surya Seetharaman <[email protected]>
Since hostSubnets was getting feeded as clusterSubnet when I fixed the hostSubnet in the previous commit we started to break GR routes Let's also fix that back up. Signed-off-by: Surya Seetharaman <[email protected]>
UTs were silently translating /16 to /24 which was not correct. Let's make the L3 tests pass the nodesubnet in as well to atleast make it more transparent which is what. Signed-off-by: Surya Seetharaman <[email protected]>
Signed-off-by: Nadia Pinaeva <[email protected]>
/test |
@jtaleric: The
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Signed-off-by: Nadia Pinaeva <[email protected]>
No description provided.