From 8deceedb9dbcf212bebb0853c1c6d6e62be4a67c Mon Sep 17 00:00:00 2001 From: Paul Chaignon Date: Tue, 13 Aug 2024 19:57:21 +0200 Subject: [PATCH] test/runtime: Remove test for agent restart We already have several tests covering the agent restarts in the k8s test suite, with policies applied. Although they don't check exactly the same things, they would fail all the same in case of endpoint restoration or connectivity bug. Signed-off-by: Paul Chaignon --- .github/workflows/conformance-runtime.yaml | 2 - CODEOWNERS | 1 - test/runtime/chaos.go | 4 -- test/runtime/chaos_endpoint.go | 74 ---------------------- test/runtime/connectivity.go | 71 --------------------- 5 files changed, 152 deletions(-) delete mode 100644 test/runtime/chaos_endpoint.go diff --git a/.github/workflows/conformance-runtime.yaml b/.github/workflows/conformance-runtime.yaml index 51015b803587d..b8512dac14bd5 100644 --- a/.github/workflows/conformance-runtime.yaml +++ b/.github/workflows/conformance-runtime.yaml @@ -186,8 +186,6 @@ jobs: ### # RuntimeAgentChaos Cilium agent Checking for file-descriptor leak # RuntimeAgentChaos Cilium agent removing leftover Cilium interfaces - # RuntimeAgentChaos Connectivity over restarts Checking that during restart no traffic is dropped using Egress + Ingress Traffic - # RuntimeAgentChaos Endpoint Endpoint recovery on restart # RuntimeAgentChaos KVStore Delete event on KVStore with CIDR identities # RuntimeAgentChaos KVStore Validate that delete events on KVStore do not release in use identities # RuntimeAgentFQDNPolicies Can update L7 DNS policy rules diff --git a/CODEOWNERS b/CODEOWNERS index d05b3889330ad..9a493db2d923d 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -589,7 +589,6 @@ Makefile* @cilium/build /test/k8s/updates.go @cilium/sig-agent @cilium/ci-structure /test/runtime/kvstore.go @cilium/kvstore @cilium/ci-structure /test/runtime/chaos_agent.go @cilium/sig-agent @cilium/ci-structure -/test/runtime/chaos_endpoint.go @cilium/endpoint @cilium/ci-structure /tools/ @cilium/contributing /USERS.md @cilium/community Vagrantfile @cilium/ci-structure diff --git a/test/runtime/chaos.go b/test/runtime/chaos.go index bfd8dd523452f..fe831bfd57179 100644 --- a/test/runtime/chaos.go +++ b/test/runtime/chaos.go @@ -57,11 +57,7 @@ var _ = Describe("RuntimeAgentChaos", func() { vm.ReportFailed() }) - Context("Endpoint", endpointChaosTest) - Context("Cilium agent", agentChaosTests) - Context("Connectivity over restarts", restartChaosTest) - Context("KVStore", kvstoreChaosTests) }) diff --git a/test/runtime/chaos_endpoint.go b/test/runtime/chaos_endpoint.go deleted file mode 100644 index 6efdb4bd6c960..0000000000000 --- a/test/runtime/chaos_endpoint.go +++ /dev/null @@ -1,74 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// Copyright Authors of Cilium - -package RuntimeTest - -import ( - "crypto/md5" - "fmt" - "strings" - - . "github.com/onsi/gomega" - - . "github.com/cilium/cilium/test/ginkgo-ext" - "github.com/cilium/cilium/test/helpers" -) - -var endpointChaosTest = func() { - var vm *helpers.SSHMeta - - BeforeAll(func() { - vm = helpers.InitRuntimeHelper(helpers.Runtime, logger) - }) - - AfterAll(func() { - vm.CloseSSHClient() - }) - - It("Endpoint recovery on restart", func() { - hasher := md5.New() - - originalIps := vm.Exec(` - curl -s --unix-socket /var/run/cilium/cilium.sock \ - http://localhost/v1beta/healthz/ | jq ".ipam.ipv4|length"`) - - // List the endpoints, but skip the reserved:health endpoint - // (4) because it doesn't matter if that endpoint is different. - // Remove fields that are expected to change across restart. - // - // We don't use -o jsonpath... here due to GH-2395. - // - // jq 'map(select(.status.identity.id != 4), del(.status.controllers, ..., (.status.identity.labels | sort)))' - filterHealthEP := fmt.Sprintf("select(.status.identity.id != %d)", helpers.ReservedIdentityHealth) - nonPersistentEndpointFields := strings.Join([]string{ - ".status.controllers", // Timestamps, UUIDs - ".status.labels", // Slice ordering - ".status.log", // Timestamp - ".status.identity.labels", // Slice ordering - ".status.policy", // Allowed identities order - }, ", ") - // Delete fields we're not interested in - filterFields := fmt.Sprintf("del(%s)", nonPersistentEndpointFields) - // Go back and add the identity labels back into the output - getSortedLabels := "(.status.identity.labels | sort)" - jqCmd := fmt.Sprintf("jq 'map(%s) | map(%s, %s)'", filterHealthEP, filterFields, getSortedLabels) - endpointListCmd := fmt.Sprintf("cilium-dbg endpoint list -o json | %s", jqCmd) - originalEndpointList := vm.Exec(endpointListCmd) - - err := vm.RestartCilium() - Expect(err).Should(BeNil(), "restarting Cilium failed") - - ips := vm.Exec(` - curl -s --unix-socket /var/run/cilium/cilium.sock \ - http://localhost/v1beta/healthz/ | jq ".ipam.ipv4|length"`) - Expect(originalIps.Stdout()).To(Equal(ips.Stdout())) - - EndpointList := vm.Exec(endpointListCmd) - By("original: %s", originalEndpointList.Stdout()) - By("new: %s", EndpointList.Stdout()) - Expect(EndpointList.Stdout()).To(Equal(originalEndpointList.Stdout())) - Expect(hasher.Sum(EndpointList.GetStdOut().Bytes())).To( - Equal(hasher.Sum(originalEndpointList.GetStdOut().Bytes()))) - - }, 300) -} diff --git a/test/runtime/connectivity.go b/test/runtime/connectivity.go index 0369aa88aad15..eef651cbe09b5 100644 --- a/test/runtime/connectivity.go +++ b/test/runtime/connectivity.go @@ -4,8 +4,6 @@ package RuntimeTest import ( - "context" - "sync" "time" . "github.com/onsi/gomega" @@ -290,72 +288,3 @@ var runtimeConntrackTest = func(datapathMode string) func() { }) } } - -var restartChaosTest = func() { - var vm *helpers.SSHMeta - - BeforeAll(func() { - vm = helpers.InitRuntimeHelper(helpers.Runtime, logger) - }) - - AfterAll(func() { - vm.CloseSSHClient() - }) - - It("Checking that during restart no traffic is dropped using Egress + Ingress Traffic", func() { - By("Installing sample containers") - vm.SampleContainersActions(helpers.Create, helpers.CiliumDockerNetwork) - vm.PolicyDelAll().ExpectSuccess("Cannot deleted all policies") - - _, err := vm.PolicyImportAndWait(vm.GetFullPath(policiesL4Json), helpers.HelperTimeout) - Expect(err).Should(BeNil(), "Cannot install L4 policy") - - Expect(vm.WaitEndpointsReady()).Should(BeTrue(), "Endpoints are not ready after timeout") - - By("Starting background connection from app2 to httpd1 container") - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - srvIP, err := vm.ContainerInspectNet(helpers.Httpd1) - Expect(err).Should(BeNil(), "Cannot get httpd1 server address") - type BackgroundTestAsserts struct { - res *helpers.CmdRes - time time.Time - } - backgroundChecks := []*BackgroundTestAsserts{} - var wg sync.WaitGroup - wg.Add(1) - go func() { - for { - select { - default: - res := vm.ContainerExec( - helpers.App1, - helpers.CurlFail("http://%s/", srvIP[helpers.IPv4])) - assert := &BackgroundTestAsserts{ - res: res, - time: time.Now(), - } - backgroundChecks = append(backgroundChecks, assert) - case <-ctx.Done(): - wg.Done() - return - } - } - }() - // Sleep a bit to make sure that the goroutine starts. - time.Sleep(50 * time.Millisecond) - - err = vm.RestartCilium() - Expect(err).Should(BeNil(), "restarting Cilium failed") - - By("Stopping background connections") - cancel() - wg.Wait() - - GinkgoPrint("Made %d connections in total", len(backgroundChecks)) - Expect(backgroundChecks).ShouldNot(BeEmpty(), "No background connections were made") - for _, check := range backgroundChecks { - check.res.ExpectSuccess("Curl from app2 to httpd1 should work but it failed at %s", check.time) - } - }) -}