Skip to content

Commit

Permalink
Merge 9110456 into bd683b0
Browse files Browse the repository at this point in the history
  • Loading branch information
@GraysonWu
GraysonWu authored Jan 18, 2023
2 parents bd683b0 + 9110456 commit 7f2ce95
Show file tree
Hide file tree
Showing 8 changed files with 36 additions and 6 deletions.
1 change: 1 addition & 0 deletions build/charts/antrea/crds/clusternetworkpolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -640,6 +640,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
1 change: 1 addition & 0 deletions build/yamls/antrea-aks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1018,6 +1018,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
1 change: 1 addition & 0 deletions build/yamls/antrea-crds.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1011,6 +1011,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
1 change: 1 addition & 0 deletions build/yamls/antrea-eks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1018,6 +1018,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
1 change: 1 addition & 0 deletions build/yamls/antrea-gke.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1018,6 +1018,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
1 change: 1 addition & 0 deletions build/yamls/antrea-ipsec.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1018,6 +1018,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
1 change: 1 addition & 0 deletions build/yamls/antrea.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1018,6 +1018,7 @@ spec:
type: string
scope:
type: string
enum: [ 'Cluster', 'ClusterSet' ]
name:
type: string
enableLogging:
Expand Down
35 changes: 29 additions & 6 deletions multicluster/test/e2e/service_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,25 +170,48 @@ func (data *MCTestData) testANPToServices(t *testing.T) {
eastGwClientName := getClusterGatewayClientPodName(eastCluster)
eastRegularClientName := getClusterRegularClientPodName(eastCluster)

// Verify that ACNP ToServices works fine with the new Multi-cluster Service.
anpBuilder := &e2euttils.AntreaNetworkPolicySpecBuilder{}
anpBuilder = anpBuilder.SetName(multiClusterTestNamespace, "block-west-exported-service").
// Verify that ANP ToServices works fine with the new Multi-cluster Service.
anpBuilder1 := &e2euttils.AntreaNetworkPolicySpecBuilder{}
anpBuilder1 = anpBuilder1.SetName(multiClusterTestNamespace, "block-west-exported-service").
SetPriority(1.0).
SetAppliedToGroup([]e2euttils.ANPAppliedToSpec{{PodSelector: map[string]string{"app": "client"}}}).
AddToServicesRule([]crdv1alpha1.PeerService{{
Name: mcWestClusterTestService,
Namespace: multiClusterTestNamespace},
}, "", nil, crdv1alpha1.RuleActionDrop)
if _, err := data.createOrUpdateANP(eastCluster, anpBuilder.Get()); err != nil {
t.Fatalf("Error creating ANP %s: %v", anpBuilder.Name, err)
if _, err := data.createOrUpdateANP(eastCluster, anpBuilder1.Get()); err != nil {
t.Fatalf("Error creating ANP %s: %v", anpBuilder1.Name, err)
}
defer data.deleteANP(eastCluster, multiClusterTestNamespace, anpBuilder.Name)

connectivity := data.probeFromPodInCluster(eastCluster, multiClusterTestNamespace, eastGwClientName, "client", eastIP, mcWestClusterTestService, 80, corev1.ProtocolTCP)
assert.Equal(t, antreae2e.Dropped, connectivity, "Failure -- wrong result from probing exported Service from gateway clientPod after applying toServices AntreaNetworkPolicy")

connectivity = data.probeFromPodInCluster(eastCluster, multiClusterTestNamespace, eastRegularClientName, "client", eastIP, mcWestClusterTestService, 80, corev1.ProtocolTCP)
assert.Equal(t, antreae2e.Dropped, connectivity, "Failure -- wrong result from probing exported Service from regular clientPod after applying toServices AntreaNetworkPolicy")

data.deleteANP(eastCluster, multiClusterTestNamespace, anpBuilder1.Name)

// Verify that ANP ToServices with scope works fine.
anpBuilder2 := &e2euttils.AntreaNetworkPolicySpecBuilder{}
anpBuilder2 = anpBuilder2.SetName(multiClusterTestNamespace, "block-west-service-clusterset-scope").
SetPriority(1.0).
SetAppliedToGroup([]e2euttils.ANPAppliedToSpec{{PodSelector: map[string]string{"app": "client"}}}).
AddToServicesRule([]crdv1alpha1.PeerService{{
Name: westClusterTestService,
Namespace: multiClusterTestNamespace,
Scope: "ClusterSet",
}}, "", nil, crdv1alpha1.RuleActionDrop)
if _, err := data.createOrUpdateANP(eastCluster, anpBuilder2.Get()); err != nil {
t.Fatalf("Error creating ANP %s: %v", anpBuilder2.Name, err)
}
defer data.deleteANP(eastCluster, multiClusterTestNamespace, anpBuilder2.Name)

connectivity = data.probeFromPodInCluster(eastCluster, multiClusterTestNamespace, eastGwClientName, "client", eastIP, mcWestClusterTestService, 80, corev1.ProtocolTCP)
assert.Equal(t, antreae2e.Dropped, connectivity, "Failure -- wrong result from probing exported Service from gateway clientPod after applying toServices AntreaNetworkPolicy")

connectivity = data.probeFromPodInCluster(eastCluster, multiClusterTestNamespace, eastRegularClientName, "client", eastIP, mcWestClusterTestService, 80, corev1.ProtocolTCP)
assert.Equal(t, antreae2e.Dropped, connectivity, "Failure -- wrong result from probing exported Service from regular clientPod after applying toServices AntreaNetworkPolicy")

}

func (data *MCTestData) testStretchedNetworkPolicy(t *testing.T) {
Expand Down

0 comments on commit 7f2ce95

Please sign in to comment.