From 055a76f005fc1a597420b2401927df60ee6c90fd Mon Sep 17 00:00:00 2001 From: Zihong Zheng Date: Tue, 6 Dec 2016 16:56:20 -0800 Subject: [PATCH] Guarantees drop packets commands succeed in reboot test --- test/e2e/reboot.go | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/test/e2e/reboot.go b/test/e2e/reboot.go index c9c98c7f5bf..3868a194f41 100644 --- a/test/e2e/reboot.go +++ b/test/e2e/reboot.go @@ -18,6 +18,7 @@ package e2e import ( "fmt" + "strings" "sync" "time" @@ -116,9 +117,7 @@ var _ = framework.KubeDescribe("Reboot [Disruptive] [Feature:Reboot]", func() { // We sleep 10 seconds to give some time for ssh command to cleanly finish before starting dropping inbound packets. // We still accept packages send from localhost to prevent monit from restarting kubelet. tmpLogPath := "/tmp/drop-inbound.log" - testReboot(f.ClientSet, fmt.Sprintf("nohup sh -c 'set -x && sleep 10 && sudo iptables -I INPUT 1 -s 127.0.0.1 -j ACCEPT"+ - " && sudo iptables -I INPUT 2 -j DROP && sudo iptables -t filter -nL INPUT && date && sleep 120 && sudo iptables -t filter -nL INPUT"+ - " && sudo iptables -D INPUT -j DROP && sudo iptables -D INPUT -s 127.0.0.1 -j ACCEPT' >%v 2>&1 &", tmpLogPath), catLogHook(tmpLogPath)) + testReboot(f.ClientSet, dropPacketsScript("INPUT", tmpLogPath), catLogHook(tmpLogPath)) }) It("each node by dropping all outbound packets for a while and ensure they function afterwards", func() { @@ -126,9 +125,7 @@ var _ = framework.KubeDescribe("Reboot [Disruptive] [Feature:Reboot]", func() { // We sleep 10 seconds to give some time for ssh command to cleanly finish before starting dropping outbound packets. // We still accept packages send to localhost to prevent monit from restarting kubelet. tmpLogPath := "/tmp/drop-outbound.log" - testReboot(f.ClientSet, fmt.Sprintf("nohup sh -c 'set -x && sleep 10 && sudo iptables -I OUTPUT 1 -s 127.0.0.1 -j ACCEPT"+ - " && sudo iptables -I OUTPUT 2 -j DROP && sudo iptables -t filter -nL OUTPUT && date && sleep 120 && sudo iptables -t filter -nL OUTPUT"+ - " && sudo iptables -D OUTPUT -j DROP && sudo iptables -D OUTPUT -s 127.0.0.1 -j ACCEPT' >%v 2>&1 &", tmpLogPath), catLogHook(tmpLogPath)) + testReboot(f.ClientSet, dropPacketsScript("OUTPUT", tmpLogPath), catLogHook(tmpLogPath)) }) }) @@ -303,3 +300,18 @@ func catLogHook(logPath string) terminationHook { } } + +func dropPacketsScript(chainName, logPath string) string { + return strings.Replace(fmt.Sprintf(` + nohup sh -c ' + set -x + sleep 10 + while true; do sudo iptables -I ${CHAIN} 1 -s 127.0.0.1 -j ACCEPT && break; done + while true; do sudo iptables -I ${CHAIN} 2 -j DROP && break; done + date + sleep 120 + while true; do sudo iptables -D ${CHAIN} -j DROP && break; done + while true; do sudo iptables -D ${CHAIN} -s 127.0.0.1 -j ACCEPT && break; done + ' >%v 2>&1 & + `, logPath), "${CHAIN}", chainName, -1) +}