Skip to content

Commit

Permalink
DO NOT MERGE
Browse files Browse the repository at this point in the history 
Signed-off-by: Nicolas Busseneau <[email protected]>
  • Loading branch information
@nbusseneau
nbusseneau committed Jul 21, 2021
1 parent 7c336c3 commit a70f75e
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 616 deletions.
117 changes: 1 addition & 116 deletions .github/workflows/aks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ on:
# will disappear from the PR checks: please provide a direct link to the
# successful workflow run (can be found from Actions tab) in a comment.
#
# pull_request: {}
pull_request: {}
###
pull_request: {}
# Run every 6 hours
Expand Down Expand Up @@ -80,118 +80,3 @@ jobs:
echo ::set-output name=sha::${SHA}
echo ::set-output name=owner::${OWNER}
- name: Create AKS cluster
id: cluster-creation
run: |
# Create group
az group create \
--name ${{ env.name }} \
--location ${{ env.location }} \
--tags usage=${{ github.repository_owner }}-${{ github.event.repository.name }} owner=${{ steps.vars.outputs.owner }}
# Create cluster with a 1 node-count (we will remove this node pool
# afterwards)
# Details: Basic load balancers are not supported with multiple node
# pools. Create a cluster with standard load balancer selected to use
# multiple node pools, learn more at https://aka.ms/aks/nodepools.
az aks create \
--resource-group ${{ env.name }} \
--name ${{ env.name }} \
--location ${{ env.location }} \
--network-plugin azure \
--node-count 1 \
--load-balancer-sku standard \
--node-vm-size Standard_B2s \
--node-osdisk-size 30 \
--generate-ssh-keys
# Get the name of the node pool that we will delete afterwards
echo ::set-output name=nodepool_to_delete::$(az aks nodepool list --cluster-name ${{ env.name }} -g ${{ env.name }} -o json | jq -r '.[0].name')
# Create a node pool with the taint 'node.cilium.io/agent-not-ready=true:NoSchedule'
# and with 'mode=system' as it it the same mode used for the nodepool
# created with the cluster.
az aks nodepool add \
--name nodepool2 \
--cluster-name ${{ env.name }} \
--resource-group ${{ env.name }} \
--node-count 2 \
--node-vm-size Standard_B2s \
--node-osdisk-size 30 \
--mode system \
--node-taints node.cilium.io/agent-not-ready=true:NoSchedule
- name: Get cluster credentials
run: |
az aks get-credentials \
--resource-group ${{ env.name }} \
--name ${{ env.name }}
- name: Install Cilium
run: |
cilium install \
--cluster-name=${{ env.name }} \
--azure-resource-group ${{ env.name }} \
--wait=false \
--config monitor-aggregation=none
- name: Delete the first node pool
run: |
# We can only delete the first node pool after Cilium is installed
# because some pods have Pod Disruption Budgets set. If we try to
# delete the first node pool without the second node pool being ready,
# AKS will not succeed with the pool deletion because some Deployments
# can't cease to exist in the cluster.
az aks nodepool delete --name ${{ steps.cluster-creation.outputs.nodepool_to_delete }} \
--cluster-name ${{ env.name }} \
--resource-group ${{ env.name }}
- name: Enable Relay
run: |
cilium hubble enable
- name: Wait for Cilium status to be ready
run: |
cilium status --wait
- name: Port forward Relay
run: |
cilium hubble port-forward&
sleep 10s
[[ $(pgrep -f "cilium.*hubble.*port-forward|kubectl.*port-forward.*hubble-relay" | wc -l) == 2 ]]
- name: Run connectivity test
run: |
cilium connectivity test --debug --all-flows
- name: Post-test information gathering
if: ${{ !success() }}
run: |
cilium status
kubectl get pods --all-namespaces -o wide
cilium sysdump --output-filename cilium-sysdump-out
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently

- name: Clean up AKS
if: ${{ always() }}
run: |
az group delete --name ${{ env.name }} --yes --no-wait
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently

- name: Upload artifacts
if: ${{ !success() }}
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700
with:
name: cilium-sysdump-out.zip
path: cilium-sysdump-out.zip
retention-days: 5

- name: Send slack notification
if: ${{ !success() && (github.event_name == 'schedule' || github.event_name == 'push') }}
uses: 8398a7/action-slack@dcc8c8e9dd8802e21a712dc0c003db97b42efe43
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
110 changes: 1 addition & 109 deletions .github/workflows/eks-tunnel.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ on:
# will disappear from the PR checks: please provide a direct link to the
# successful workflow run (can be found from Actions tab) in a comment.
#
# pull_request: {}
pull_request: {}
###
pull_request_target: {}
# Run every 6 hours
Expand Down Expand Up @@ -68,111 +68,3 @@ jobs:
echo ::set-output name=sha::${SHA}
echo ::set-output name=owner::${OWNER}
- name: Create EKS cluster
run: |
cat <<EOF > eks-config.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: ${{ env.clusterName }}
region: ${{ env.region }}
tags:
usage: "${{ github.repository_owner }}-${{ github.event.repository.name }}"
owner: "${{ steps.vars.outputs.owner }}"
managedNodeGroups:
- name: ng-1
instanceTypes:
- t3.medium
- t3a.medium
desiredCapacity: 2
spot: true
privateNetworking: true
volumeType: "gp3"
volumeSize: 10
taints:
- key: "node.cilium.io/agent-not-ready"
value: "true"
effect: "NoSchedule"
EOF
eksctl create cluster -f ./eks-config.yaml
- name: Create kubeconfig and load it in configmap
run: |
.github/get-kubeconfig.sh
kubectl create configmap cilium-cli-kubeconfig -n kube-system --from-file kubeconfig
- name: Load cilium cli script in configmap
run: |
kubectl create configmap cilium-cli-test-script -n kube-system --from-file=in-cluster-test-script.sh=.github/in-cluster-test-scripts/eks-tunnel.sh
- name: Create cilium-cli test job
run: |
helm install .github/cilium-cli-test-job-chart \
--generate-name \
--set tag=${{ steps.vars.outputs.sha }} \
--set cluster_name=${{ env.clusterName }}
- name: Wait for test job
run: |
kubectl -n kube-system wait job/cilium-cli --for=condition=complete --timeout=20m
- name: Post-test information gathering
if: ${{ !success() }}
run: |
echo "=== Retrieve in-cluster jobs logs ==="
kubectl logs --timestamps -n kube-system job/cilium-cli
echo "=== Install latest stable CLI ==="
curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/bin
rm cilium-linux-amd64.tar.gz{,.sha256sum}
cilium version
echo "=== Retrieve cluster state ==="
kubectl get pods --all-namespaces -o wide
cilium status
cilium sysdump --output-filename cilium-sysdump-out
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently

- name: Uninstall and make sure the 'aws-node' DaemonSet blocking nodeSelector was removed
if: ${{ success() }}
run: |
kubectl create configmap cilium-cli-test-script-uninstall -n kube-system --from-file=in-cluster-test-script.sh=.github/in-cluster-test-scripts/eks-uninstall.sh
helm install .github/cilium-cli-test-job-chart \
--generate-name \
--set tag=${{ steps.vars.outputs.sha }} \
--set cluster_name=${{ env.clusterName }} \
--set job_name=cilium-cli-uninstall \
--set test_script_cm=cilium-cli-test-script-uninstall
kubectl -n kube-system wait job/cilium-cli-uninstall --for=condition=complete --timeout=2m
echo "=== Retrieve in-cluster jobs logs ==="
kubectl logs --timestamps -n kube-system job/cilium-cli-uninstall
- name: Clean up EKS
if: ${{ always() }}
run: |
eksctl delete cluster --name ${{ env.clusterName }}
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently

- name: Upload artifacts
if: ${{ !success() }}
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700
with:
name: cilium-sysdump-out.zip
path: cilium-sysdump-out.zip
retention-days: 5

- name: Send slack notification
if: ${{ !success() && (github.event_name == 'schedule' || github.event_name == 'push') }}
uses: 8398a7/action-slack@dcc8c8e9dd8802e21a712dc0c003db97b42efe43
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
110 changes: 1 addition & 109 deletions .github/workflows/eks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ on:
# will disappear from the PR checks: please provide a direct link to the
# successful workflow run (can be found from Actions tab) in a comment.
#
# pull_request: {}
pull_request: {}
###
pull_request_target: {}
# Run every 6 hours
Expand Down Expand Up @@ -68,111 +68,3 @@ jobs:
echo ::set-output name=sha::${SHA}
echo ::set-output name=owner::${OWNER}
- name: Create EKS cluster
run: |
cat <<EOF > eks-config.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: ${{ env.clusterName }}
region: ${{ env.region }}
tags:
usage: "${{ github.repository_owner }}-${{ github.event.repository.name }}"
owner: "${{ steps.vars.outputs.owner }}"
managedNodeGroups:
- name: ng-1
instanceTypes:
- t3.medium
- t3a.medium
desiredCapacity: 2
spot: true
privateNetworking: true
volumeType: "gp3"
volumeSize: 10
taints:
- key: "node.cilium.io/agent-not-ready"
value: "true"
effect: "NoSchedule"
EOF
eksctl create cluster -f ./eks-config.yaml
- name: Create kubeconfig and load it in configmap
run: |
.github/get-kubeconfig.sh
kubectl create configmap cilium-cli-kubeconfig -n kube-system --from-file kubeconfig
- name: Load cilium cli script in configmap
run: |
kubectl create configmap cilium-cli-test-script -n kube-system --from-file=in-cluster-test-script.sh=.github/in-cluster-test-scripts/eks.sh
- name: Create cilium-cli test job
run: |
helm install .github/cilium-cli-test-job-chart \
--generate-name \
--set tag=${{ steps.vars.outputs.sha }} \
--set cluster_name=${{ env.clusterName }}
- name: Wait for test job
run: |
kubectl -n kube-system wait job/cilium-cli --for=condition=complete --timeout=20m
- name: Post-test information gathering
if: ${{ !success() }}
run: |
echo "=== Retrieve in-cluster jobs logs ==="
kubectl logs --timestamps -n kube-system job/cilium-cli
echo "=== Install latest stable CLI ==="
curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/bin
rm cilium-linux-amd64.tar.gz{,.sha256sum}
cilium version
echo "=== Retrieve cluster state ==="
kubectl get pods --all-namespaces -o wide
cilium status
cilium sysdump --output-filename cilium-sysdump-out
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently

- name: Uninstall and make sure the 'aws-node' DaemonSet blocking nodeSelector was removed
if: ${{ success() }}
run: |
kubectl create configmap cilium-cli-test-script-uninstall -n kube-system --from-file=in-cluster-test-script.sh=.github/in-cluster-test-scripts/eks-uninstall.sh
helm install .github/cilium-cli-test-job-chart \
--generate-name \
--set tag=${{ steps.vars.outputs.sha }} \
--set cluster_name=${{ env.clusterName }} \
--set job_name=cilium-cli-uninstall \
--set test_script_cm=cilium-cli-test-script-uninstall
kubectl -n kube-system wait job/cilium-cli-uninstall --for=condition=complete --timeout=2m
echo "=== Retrieve in-cluster jobs logs ==="
kubectl logs --timestamps -n kube-system job/cilium-cli-uninstall
- name: Clean up EKS
if: ${{ always() }}
run: |
eksctl delete cluster --name ${{ env.clusterName }}
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently

- name: Upload artifacts
if: ${{ !success() }}
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700
with:
name: cilium-sysdump-out.zip
path: cilium-sysdump-out.zip
retention-days: 5

- name: Send slack notification
if: ${{ !success() && (github.event_name == 'schedule' || github.event_name == 'push') }}
uses: 8398a7/action-slack@dcc8c8e9dd8802e21a712dc0c003db97b42efe43
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
Loading

0 comments on commit a70f75e

Please sign in to comment.