From 16344bf4416139367432155640e63fe6405262cd Mon Sep 17 00:00:00 2001 From: viktor-kurchenko Date: Thu, 21 Dec 2023 13:29:53 +0200 Subject: [PATCH 1/2] DisableEndpointCRD feature implemented to Cilium endpoint checks if it's disabled. Signed-off-by: viktor-kurchenko --- connectivity/check/deployment.go | 21 +++++++++++++++------ utils/features/features.go | 6 ++++++ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/connectivity/check/deployment.go b/connectivity/check/deployment.go index 91b186346d..fbcce4e004 100644 --- a/connectivity/check/deployment.go +++ b/connectivity/check/deployment.go @@ -1099,9 +1099,14 @@ func (ct *ConnectivityTest) DeleteConnDisruptTestDeployment(ctx context.Context, // validateDeployment checks if the Deployments we created have the expected Pods in them. func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { - ct.Debug("Validating Deployments...") + disableEndpointCRD := false + if status, ok := ct.Feature(features.DisableEndpointCRD); ok && status.Enabled { + disableEndpointCRD = true + ct.Info("CiliumEndpoint CRD check disabled") + } + srcDeployments, dstDeployments := ct.deploymentList() for _, name := range srcDeployments { if err := WaitForDeployment(ctx, ct, ct.clients.src, ct.Params().TestNamespace, name); err != nil { @@ -1122,7 +1127,7 @@ func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { } for _, perfPod := range perfPods.Items { // Individual endpoints will not be created for pods using node's network stack - if !perfPod.Spec.HostNetwork { + if !perfPod.Spec.HostNetwork && !disableEndpointCRD { if err := WaitForCiliumEndpoint(ctx, ct, ct.clients.src, ct.Params().TestNamespace, perfPod.Name); err != nil { return err } @@ -1157,8 +1162,10 @@ func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { } for _, pod := range clientPods.Items { - if err := WaitForCiliumEndpoint(ctx, ct, ct.clients.src, ct.Params().TestNamespace, pod.Name); err != nil { - return err + if !disableEndpointCRD { + if err := WaitForCiliumEndpoint(ctx, ct, ct.clients.src, ct.Params().TestNamespace, pod.Name); err != nil { + return err + } } if strings.Contains(pod.Name, clientCPDeployment) { @@ -1244,8 +1251,10 @@ func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { return fmt.Errorf("unable to list echo pods: %w", err) } for _, echoPod := range echoPods.Items { - if err := WaitForCiliumEndpoint(ctx, ct, client, echoPod.GetNamespace(), echoPod.GetName()); err != nil { - return err + if !disableEndpointCRD { + if err := WaitForCiliumEndpoint(ctx, ct, client, echoPod.GetNamespace(), echoPod.GetName()); err != nil { + return err + } } ct.echoPods[echoPod.Name] = Pod{ diff --git a/utils/features/features.go b/utils/features/features.go index 7e5d55931a..74d2fa4c5f 100644 --- a/utils/features/features.go +++ b/utils/features/features.go @@ -63,6 +63,8 @@ const ( EnableEnvoyConfig Feature = "enable-envoy-config" WireguardEncapsulate Feature = "wireguard-encapsulate" + + DisableEndpointCRD Feature = "disable-endpoint-crd" ) // Feature is the name of a Cilium Feature (e.g. l7-proxy, cni chaining mode etc) @@ -267,6 +269,10 @@ func (fs Set) ExtractFromConfigMap(cm *v1.ConfigMap) { fs[WireguardEncapsulate] = Status{ Enabled: cm.Data[string(WireguardEncapsulate)] == "true", } + + fs[DisableEndpointCRD] = Status{ + Enabled: cm.Data[string(DisableEndpointCRD)] == "true", + } } func (fs Set) ExtractFromNodes(nodesWithoutCilium map[string]struct{}) { From f5e7c58dd37975fa58d9c43b0d65c81268401e4b Mon Sep 17 00:00:00 2001 From: viktor-kurchenko Date: Mon, 8 Jan 2024 21:15:58 +0200 Subject: [PATCH 2/2] WaitForCiliumEndpoint function removed as unneeded. Signed-off-by: viktor-kurchenko --- connectivity/check/deployment.go | 25 +------------------------ connectivity/check/wait.go | 24 ------------------------ utils/features/features.go | 6 ------ 3 files changed, 1 insertion(+), 54 deletions(-) diff --git a/connectivity/check/deployment.go b/connectivity/check/deployment.go index fbcce4e004..219247d00c 100644 --- a/connectivity/check/deployment.go +++ b/connectivity/check/deployment.go @@ -1099,13 +1099,8 @@ func (ct *ConnectivityTest) DeleteConnDisruptTestDeployment(ctx context.Context, // validateDeployment checks if the Deployments we created have the expected Pods in them. func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { - ct.Debug("Validating Deployments...") - disableEndpointCRD := false - if status, ok := ct.Feature(features.DisableEndpointCRD); ok && status.Enabled { - disableEndpointCRD = true - ct.Info("CiliumEndpoint CRD check disabled") - } + ct.Debug("Validating Deployments...") srcDeployments, dstDeployments := ct.deploymentList() for _, name := range srcDeployments { @@ -1126,12 +1121,6 @@ func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { return fmt.Errorf("unable to list perf pods: %w", err) } for _, perfPod := range perfPods.Items { - // Individual endpoints will not be created for pods using node's network stack - if !perfPod.Spec.HostNetwork && !disableEndpointCRD { - if err := WaitForCiliumEndpoint(ctx, ct, ct.clients.src, ct.Params().TestNamespace, perfPod.Name); err != nil { - return err - } - } _, hasLabel := perfPod.GetLabels()["server"] if hasLabel { ct.perfServerPod = append(ct.perfServerPod, Pod{ @@ -1162,12 +1151,6 @@ func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { } for _, pod := range clientPods.Items { - if !disableEndpointCRD { - if err := WaitForCiliumEndpoint(ctx, ct, ct.clients.src, ct.Params().TestNamespace, pod.Name); err != nil { - return err - } - } - if strings.Contains(pod.Name, clientCPDeployment) { ct.clientCPPods[pod.Name] = Pod{ K8sClient: ct.client, @@ -1251,12 +1234,6 @@ func (ct *ConnectivityTest) validateDeployment(ctx context.Context) error { return fmt.Errorf("unable to list echo pods: %w", err) } for _, echoPod := range echoPods.Items { - if !disableEndpointCRD { - if err := WaitForCiliumEndpoint(ctx, ct, client, echoPod.GetNamespace(), echoPod.GetName()); err != nil { - return err - } - } - ct.echoPods[echoPod.Name] = Pod{ K8sClient: client, Pod: echoPod.DeepCopy(), diff --git a/connectivity/check/wait.go b/connectivity/check/wait.go index e1f0c905b2..b2774b3f68 100644 --- a/connectivity/check/wait.go +++ b/connectivity/check/wait.go @@ -15,7 +15,6 @@ import ( "github.com/cilium/cilium/api/v1/models" "golang.org/x/exp/slices" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/cilium/cilium-cli/defaults" "github.com/cilium/cilium-cli/k8s" @@ -52,29 +51,6 @@ func WaitForDeployment(ctx context.Context, log Logger, client *k8s.Client, name } } -// WaitForCiliumEndpoint waits until the specified cilium endpoint gets created. -func WaitForCiliumEndpoint(ctx context.Context, log Logger, client *k8s.Client, namespace, name string) error { - log.Logf("⌛ [%s] Waiting for CiliumEndpoint for pod %s/%s to appear...", client.ClusterName(), namespace, name) - - ctx, cancel := context.WithTimeout(ctx, ShortTimeout) - defer cancel() - for { - _, err := client.GetCiliumEndpoint(ctx, namespace, name, metav1.GetOptions{}) - if err == nil { - return nil - } - - log.Debugf("[%s] Error retrieving CiliumEndpoint for pod %s/%s: %s", client.ClusterName(), namespace, name, err) - - select { - case <-time.After(PollInterval): - case <-ctx.Done(): - return fmt.Errorf("timeout reached waiting for CiliumEndpoint %s/%s to appear (last error: %w)", - namespace, name, err) - } - } -} - // WaitForPodDNS waits until src can query the DNS server on dst successfully. func WaitForPodDNS(ctx context.Context, log Logger, src, dst Pod) error { log.Logf("⌛ [%s] Waiting for pod %s to reach DNS server on %s pod...", diff --git a/utils/features/features.go b/utils/features/features.go index 74d2fa4c5f..7e5d55931a 100644 --- a/utils/features/features.go +++ b/utils/features/features.go @@ -63,8 +63,6 @@ const ( EnableEnvoyConfig Feature = "enable-envoy-config" WireguardEncapsulate Feature = "wireguard-encapsulate" - - DisableEndpointCRD Feature = "disable-endpoint-crd" ) // Feature is the name of a Cilium Feature (e.g. l7-proxy, cni chaining mode etc) @@ -269,10 +267,6 @@ func (fs Set) ExtractFromConfigMap(cm *v1.ConfigMap) { fs[WireguardEncapsulate] = Status{ Enabled: cm.Data[string(WireguardEncapsulate)] == "true", } - - fs[DisableEndpointCRD] = Status{ - Enabled: cm.Data[string(DisableEndpointCRD)] == "true", - } } func (fs Set) ExtractFromNodes(nodesWithoutCilium map[string]struct{}) {