diff --git a/pkg/cmd/roachtest/cluster_test.go b/pkg/cmd/roachtest/cluster_test.go index 1a7878160694..e1862bddc2f6 100644 --- a/pkg/cmd/roachtest/cluster_test.go +++ b/pkg/cmd/roachtest/cluster_test.go @@ -332,9 +332,6 @@ func TestAWSMachineTypeNew(t *testing.T) { _, _, err2 := spec.SelectAWSMachineTypeNew(16, spec.Low, false, vm.ArchAMD64) require.Error(t, err2) - - _, err3 := spec.SelectAzureMachineType(4, spec.High) - require.Error(t, err3) } // TODO(srosenberg): restore the change in https://github.com/cockroachdb/cockroach/pull/111140 after 23.2 branch cut. @@ -429,6 +426,19 @@ func TestGCEMachineTypeNew(t *testing.T) { } } +func TestAzureMachineType(t *testing.T) { + m, err := spec.SelectAzureMachineType(8, spec.Auto, true) + require.NoError(t, err) + require.Equal(t, "Standard_D8_v3", m) + + m, err2 := spec.SelectAzureMachineType(96, spec.Auto, false) + require.NoError(t, err2) + require.Equal(t, "Standard_D96s_v5", m) + + _, err3 := spec.SelectAzureMachineType(4, spec.High, true) + require.Error(t, err3) +} + func TestCmdLogFileName(t *testing.T) { ts := time.Date(2000, 1, 1, 15, 4, 12, 0, time.Local) diff --git a/pkg/cmd/roachtest/spec/cluster_spec.go b/pkg/cmd/roachtest/spec/cluster_spec.go index cd12d7fdaf47..683120d6a300 100644 --- a/pkg/cmd/roachtest/spec/cluster_spec.go +++ b/pkg/cmd/roachtest/spec/cluster_spec.go @@ -296,7 +296,7 @@ func (s *ClusterSpec) RoachprodOpts( case GCE: machineType, selectedArch = SelectGCEMachineType(s.CPUs, s.Mem, arch) case Azure: - machineType, err = SelectAzureMachineType(s.CPUs, s.Mem) + machineType, err = SelectAzureMachineType(s.CPUs, s.Mem, s.PreferLocalSSD) } if err != nil { diff --git a/pkg/cmd/roachtest/spec/machine_type.go b/pkg/cmd/roachtest/spec/machine_type.go index 307629ba8ced..53998c756634 100644 --- a/pkg/cmd/roachtest/spec/machine_type.go +++ b/pkg/cmd/roachtest/spec/machine_type.go @@ -293,25 +293,32 @@ func SelectGCEMachineTypeNew(cpus int, mem MemPerCPU, arch vm.CPUArch) (string, // SelectAzureMachineType selects a machine type given the desired number of CPUs and // memory per CPU ratio. -func SelectAzureMachineType(cpus int, mem MemPerCPU) (string, error) { +func SelectAzureMachineType(cpus int, mem MemPerCPU, ssd bool) (string, error) { if mem != Auto && mem != Standard { return "", errors.Newf("custom memory per CPU not implemented for Azure, memory ratio requested: %d", mem) } + var premiumStorage string + // If not using Local SSD, the machine type must support premium/ultra storage. + if !ssd { + premiumStorage = "s" + } switch { case cpus <= 2: - return "Standard_D2_v3", nil + return fmt.Sprintf("Standard_D2%s_v3", premiumStorage), nil case cpus <= 4: - return "Standard_D4_v3", nil + return fmt.Sprintf("Standard_D4%s_v3", premiumStorage), nil case cpus <= 8: - return "Standard_D8_v3", nil + return fmt.Sprintf("Standard_D8%s_v3", premiumStorage), nil case cpus <= 16: - return "Standard_D16_v3", nil + return fmt.Sprintf("Standard_D16%s_v3", premiumStorage), nil case cpus <= 36: - return "Standard_D32_v3", nil + return fmt.Sprintf("Standard_D32%s_v3", premiumStorage), nil case cpus <= 48: - return "Standard_D48_v3", nil + return fmt.Sprintf("Standard_D48%s_v3", premiumStorage), nil case cpus <= 64: - return "Standard_D64_v3", nil + return fmt.Sprintf("Standard_D64%s_v3", premiumStorage), nil + case cpus <= 96: + return fmt.Sprintf("Standard_D96%s_v5", premiumStorage), nil default: return "", errors.Newf("no azure machine type with %d cpus", cpus) } diff --git a/pkg/cmd/roachtest/tests/asyncpg.go b/pkg/cmd/roachtest/tests/asyncpg.go index def30e267360..21c176398ac6 100644 --- a/pkg/cmd/roachtest/tests/asyncpg.go +++ b/pkg/cmd/roachtest/tests/asyncpg.go @@ -79,6 +79,12 @@ func registerAsyncpg(r registry.Registry) { t.Fatal(err) } + if err := repeatRunE( + ctx, t, c, node, "update apt-get", `sudo apt-get update`, + ); err != nil { + t.Fatal(err) + } + if err := repeatRunE( ctx, t, diff --git a/pkg/roachprod/vm/azure/azure.go b/pkg/roachprod/vm/azure/azure.go index e14fab26fd11..eb5e83567838 100644 --- a/pkg/roachprod/vm/azure/azure.go +++ b/pkg/roachprod/vm/azure/azure.go @@ -854,6 +854,79 @@ func (p *Provider) createNIC( return } +// securityRules returns an array of TCP security rules and contains +// a list of well-known, and roachtest specific ports. +func securityRules() *[]network.SecurityRule { + allowTCP := func(name string, priority int32, direction network.SecurityRuleDirection, destPortRange string) network.SecurityRule { + suffix := "" + switch direction { + case network.SecurityRuleDirectionInbound: + suffix = "_Inbound" + case network.SecurityRuleDirectionOutbound: + suffix = "_Outbound" + default: + } + res := network.SecurityRule{ + Name: to.StringPtr(name + suffix), + SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ + Priority: to.Int32Ptr(priority), + Protocol: network.SecurityRuleProtocolTCP, + Access: network.SecurityRuleAccessAllow, + Direction: direction, + SourceAddressPrefix: to.StringPtr("*"), + SourcePortRange: to.StringPtr("*"), + DestinationAddressPrefix: to.StringPtr("*"), + DestinationPortRange: to.StringPtr(destPortRange), + }, + } + return res + } + + namedInbound := map[string]string{ + "SSH": "22", + "HTTP": "80", + "HTTPS": "43", + "CockroachPG": "26257", + "CockroachAdmin": "26258", + "Grafana": "3000", + "Prometheus": "9090", + "Kafka": "9092", + "WorkloadPPROF": "33333", + "WorkloadPrometheus": "2112-2120", + } + + // The names for these are generated in the form Roachtest__Inbound. + // The mapped roachtests are not exhaustive, and at some point will be + // cumbersome to keep adding exceptions for. + // TODO: (miral) Consider removing all rules if this keeps tripping roachtests. + genericInbound := []string{ + "8011", // multitenant + "8081", // backup/* + "9011", // smoketest/secure/multitenan + "9081-9102", // smoketest/secure/multitenant + "20011-20016", //multitenant/upgrade + "27257", //acceptance/gossip/restart-node-one + "27259-27280", // various multitenant tenant SQL ports + "30258", //acceptance/multitenant + } + + // The extra 1 is for the single allow all TCP outbound allowTCP. + firewallRules := make([]network.SecurityRule, 1+len(namedInbound)+len(genericInbound)) + firewallRules[0] = allowTCP("TCP_All", 300, network.SecurityRuleDirectionOutbound, "*") + r := 1 + priority := 300 + for ruleName, port := range namedInbound { + firewallRules[r] = allowTCP(ruleName, int32(priority+r), network.SecurityRuleDirectionInbound, port) + r++ + } + + for i, port := range genericInbound { + firewallRules[r] = allowTCP(fmt.Sprintf("Roachtest_%d", i), int32(priority+r), network.SecurityRuleDirectionInbound, port) + r++ + } + return &firewallRules +} + func (p *Provider) getOrCreateNetworkSecurityGroup( ctx context.Context, name string, resourceGroup resources.Group, ) (network.SecurityGroup, error) { @@ -888,151 +961,7 @@ func (p *Provider) getOrCreateNetworkSecurityGroup( future, err := client.CreateOrUpdate(ctx, *resourceGroup.Name, name, network.SecurityGroup{ SecurityGroupPropertiesFormat: &network.SecurityGroupPropertiesFormat{ - SecurityRules: &[]network.SecurityRule{ - { - Name: to.StringPtr("SSH_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(300), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("22"), - }, - }, - { - Name: to.StringPtr("SSH_Outbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(301), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionOutbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("*"), - }, - }, - { - Name: to.StringPtr("HTTP_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(320), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("80"), - }, - }, - { - Name: to.StringPtr("HTTP_Outbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(321), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionOutbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("*"), - }, - }, - { - Name: to.StringPtr("HTTPS_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(340), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("443"), - }, - }, - { - Name: to.StringPtr("HTTPS_Outbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(341), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionOutbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("*"), - }, - }, - { - Name: to.StringPtr("CockroachPG_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(342), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("26257"), - }, - }, - { - Name: to.StringPtr("CockroachAdmin_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(343), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("26258"), - }, - }, - { - Name: to.StringPtr("Grafana_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(344), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("3000"), - }, - }, - { - Name: to.StringPtr("Prometheus_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(345), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("9090"), - }, - }, - { - Name: to.StringPtr("Kafka_Inbound"), - SecurityRulePropertiesFormat: &network.SecurityRulePropertiesFormat{ - Priority: to.Int32Ptr(346), - Protocol: network.SecurityRuleProtocolTCP, - Access: network.SecurityRuleAccessAllow, - Direction: network.SecurityRuleDirectionInbound, - SourceAddressPrefix: to.StringPtr("*"), - SourcePortRange: to.StringPtr("*"), - DestinationAddressPrefix: to.StringPtr("*"), - DestinationPortRange: to.StringPtr("9092"), - }, - }, - }, + SecurityRules: securityRules(), }, Location: resourceGroup.Location, }) diff --git a/pkg/roachprod/vm/azure/flags.go b/pkg/roachprod/vm/azure/flags.go index 29f6ed4b04a6..bfb691d25f9c 100644 --- a/pkg/roachprod/vm/azure/flags.go +++ b/pkg/roachprod/vm/azure/flags.go @@ -31,9 +31,11 @@ type ProviderOpts struct { DiskCaching string } +// These default locations support availability zones. At the time of +// this comment, `westus` did not. var defaultLocations = []string{ "eastus", - "westus", + "westus2", "westeurope", }