From 0570f611a2c71dbdd4cd76fbef5522d8e04c708b Mon Sep 17 00:00:00 2001 From: Claudiu Belu Date: Wed, 17 Nov 2021 02:25:35 -0800 Subject: [PATCH] tests: Enables a few Conformance tests for Windows Some of these tests could not be run previously, especially on Windows Docker containers. But now, by using Windows Containerd, we can finally run them: - HostNetwork=true tests: This can now be enabled on Windows Privileged Containers. - /etc/hosts related tests: These were not supported because it required single file mappings, which is possible in Containerd. - termination message as non-root user: Requires RunAsUsername, and single file mappings. --- test/conformance/testdata/conformance.yaml | 18 +++---- test/e2e/common/node/kubelet.go | 63 +++++++++------------- 2 files changed, 32 insertions(+), 49 deletions(-) diff --git a/test/conformance/testdata/conformance.yaml b/test/conformance/testdata/conformance.yaml index 0771b39397f..bf4c16fe7c4 100755 --- a/test/conformance/testdata/conformance.yaml +++ b/test/conformance/testdata/conformance.yaml @@ -1852,16 +1852,6 @@ as RestartAlways. release: v1.12 file: test/e2e/common/node/init_container.go -- testname: Kubelet, hostAliases - codename: '[sig-node] Kubelet when scheduling a busybox Pod with hostAliases should - write entries to /etc/hosts [LinuxOnly] [NodeConformance] [Conformance]' - description: Create a Pod with hostAliases and a container with command to output - /etc/hosts entries. Pod's logs MUST have matching entries of specified hostAliases - to the output of /etc/hosts entries. Kubernetes mounts the /etc/hosts file into - its containers, however, mounting individual files is not supported on Windows - Containers. For this reason, this test is marked LinuxOnly. - release: v1.13 - file: test/e2e/common/node/kubelet.go - testname: Kubelet, log output, default codename: '[sig-node] Kubelet when scheduling a busybox command in a pod should print the output to logs [NodeConformance] [Conformance]' @@ -1892,6 +1882,14 @@ Windows does not support creating containers with read-only access. release: v1.13 file: test/e2e/common/node/kubelet.go +- testname: Kubelet, hostAliases + codename: '[sig-node] Kubelet when scheduling an agnhost Pod with hostAliases should + write entries to /etc/hosts [NodeConformance] [Conformance]' + description: Create a Pod with hostAliases and a container with command to output + /etc/hosts entries. Pod's logs MUST have matching entries of specified hostAliases + to the output of /etc/hosts entries. + release: v1.13 + file: test/e2e/common/node/kubelet.go - testname: Kubelet, managed etc hosts codename: '[sig-node] KubeletManagedEtcHosts should test kubelet managed /etc/hosts file [LinuxOnly] [NodeConformance] [Conformance]' diff --git a/test/e2e/common/node/kubelet.go b/test/e2e/common/node/kubelet.go index c3a16ea67c0..3b456a3d003 100644 --- a/test/e2e/common/node/kubelet.go +++ b/test/e2e/common/node/kubelet.go @@ -27,6 +27,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" "k8s.io/kubernetes/test/e2e/framework" + e2epod "k8s.io/kubernetes/test/e2e/framework/pod" admissionapi "k8s.io/pod-security-admission/api" "github.com/onsi/ginkgo" @@ -136,55 +137,39 @@ var _ = SIGDescribe("Kubelet", func() { gomega.Expect(err).To(gomega.BeNil(), fmt.Sprintf("Error deleting Pod %v", err)) }) }) - ginkgo.Context("when scheduling a busybox Pod with hostAliases", func() { - podName := "busybox-host-aliases" + string(uuid.NewUUID()) + ginkgo.Context("when scheduling an agnhost Pod with hostAliases", func() { + podName := "agnhost-host-aliases" + string(uuid.NewUUID()) /* Release: v1.13 Testname: Kubelet, hostAliases Description: Create a Pod with hostAliases and a container with command to output /etc/hosts entries. Pod's logs MUST have matching entries of specified hostAliases to the output of /etc/hosts entries. - Kubernetes mounts the /etc/hosts file into its containers, however, mounting individual files is not supported on Windows Containers. For this reason, this test is marked LinuxOnly. */ - framework.ConformanceIt("should write entries to /etc/hosts [LinuxOnly] [NodeConformance]", func() { - podClient.CreateSync(&v1.Pod{ - ObjectMeta: metav1.ObjectMeta{ - Name: podName, + framework.ConformanceIt("should write entries to /etc/hosts [NodeConformance]", func() { + pod := e2epod.NewAgnhostPod(f.Namespace.Name, podName, nil, nil, nil, "etc-hosts") + // Don't restart the Pod since it is expected to exit + pod.Spec.RestartPolicy = v1.RestartPolicyNever + pod.Spec.HostAliases = []v1.HostAlias{ + { + IP: "123.45.67.89", + Hostnames: []string{"foo", "bar"}, }, - Spec: v1.PodSpec{ - // Don't restart the Pod since it is expected to exit - RestartPolicy: v1.RestartPolicyNever, - Containers: []v1.Container{ - { - Image: framework.BusyBoxImage, - Name: podName, - Command: []string{"/bin/sh", "-c", "cat /etc/hosts; sleep 6000"}, - }, - }, - HostAliases: []v1.HostAlias{ - { - IP: "123.45.67.89", - Hostnames: []string{"foo", "bar"}, - }, - }, - }, - }) + } - gomega.Eventually(func() error { - rc, err := podClient.GetLogs(podName, &v1.PodLogOptions{}).Stream(context.TODO()) - if err != nil { - return err - } - defer rc.Close() - buf := new(bytes.Buffer) - buf.ReadFrom(rc) - hostsFileContent := buf.String() + pod = podClient.Create(pod) + ginkgo.By("Waiting for pod completion") + err := e2epod.WaitForPodNoLongerRunningInNamespace(f.ClientSet, pod.Name, f.Namespace.Name) + framework.ExpectNoError(err) - if !strings.Contains(hostsFileContent, "123.45.67.89\tfoo\tbar") { - return fmt.Errorf("expected hosts file to contain entries from HostAliases. Got:\n%+v", hostsFileContent) - } + rc, err := podClient.GetLogs(podName, &v1.PodLogOptions{}).Stream(context.TODO()) + framework.ExpectNoError(err) + defer rc.Close() + buf := new(bytes.Buffer) + buf.ReadFrom(rc) + hostsFileContent := buf.String() - return nil - }, time.Minute, time.Second*4).Should(gomega.BeNil()) + errMsg := fmt.Sprintf("expected hosts file to contain entries from HostAliases. Got:\n%+v", hostsFileContent) + framework.ExpectEqual(true, strings.Contains(hostsFileContent, "123.45.67.89\tfoo\tbar"), errMsg) }) }) ginkgo.Context("when scheduling a read only busybox container", func() {