From 69019a03d3ac43823e7a739c01d3eeac86d699c0 Mon Sep 17 00:00:00 2001
From: Peri Thompson <perit@vmware.com>
Date: Fri, 21 May 2021 16:13:32 +0100
Subject: [PATCH] Add netpol tests for windows

Co-authored-by: Jay Vyas <jvyas@vmware.com>
---
 .../k8s.io/client-go/tools/auth/clientauth.go |  3 +-
 test/e2e/framework/exec_util.go               |  4 ++-
 test/e2e/network/netpol/kubemanager.go        | 29 ++++++++++++++-----
 test/e2e/network/netpol/network_policy.go     | 11 +++++--
 test/e2e/network/netpol/probe.go              |  7 ++++-
 5 files changed, 39 insertions(+), 15 deletions(-)

diff --git a/staging/src/k8s.io/client-go/tools/auth/clientauth.go b/staging/src/k8s.io/client-go/tools/auth/clientauth.go
index 4c24f79977f..8526b50c565 100644
--- a/staging/src/k8s.io/client-go/tools/auth/clientauth.go
+++ b/staging/src/k8s.io/client-go/tools/auth/clientauth.go
@@ -66,9 +66,8 @@ package auth
 import (
 	"encoding/json"
 	"io/ioutil"
-	"os"
-
 	restclient "k8s.io/client-go/rest"
+	"os"
 )
 
 // Info holds Kubernetes API authorization config.  It is intended
diff --git a/test/e2e/framework/exec_util.go b/test/e2e/framework/exec_util.go
index 4d96fb37b72..3b8157771cd 100644
--- a/test/e2e/framework/exec_util.go
+++ b/test/e2e/framework/exec_util.go
@@ -58,6 +58,7 @@ func (f *Framework) ExecWithOptions(options ExecOptions) (string, string, error)
 
 	const tty = false
 
+	Logf("ExecWithOptions: Clientset creation ")
 	req := f.ClientSet.CoreV1().RESTClient().Post().
 		Resource("pods").
 		Name(options.PodName).
@@ -74,8 +75,9 @@ func (f *Framework) ExecWithOptions(options ExecOptions) (string, string, error)
 	}, scheme.ParameterCodec)
 
 	var stdout, stderr bytes.Buffer
-	err = execute("POST", req.URL(), config, options.Stdin, &stdout, &stderr, tty)
 
+	Logf("ExecWithOptions: execute(POST %s %s)", req.URL())
+	err = execute("POST", req.URL(), config, options.Stdin, &stdout, &stderr, tty)
 	if options.PreserveWhitespace {
 		return stdout.String(), stderr.String(), err
 	}
diff --git a/test/e2e/network/netpol/kubemanager.go b/test/e2e/network/netpol/kubemanager.go
index da60aebff18..834eabfafd4 100644
--- a/test/e2e/network/netpol/kubemanager.go
+++ b/test/e2e/network/netpol/kubemanager.go
@@ -63,12 +63,20 @@ func (k *kubeManager) initializeCluster(model *Model) error {
 		for _, pod := range ns.Pods {
 			framework.Logf("creating/updating pod %s/%s", ns.Name, pod.Name)
 
-			kubePod, err := k.createPod(pod.KubePod())
+			thePod := pod.KubePod()
+			if framework.NodeOSDistroIs("windows") {
+				thePod.Spec.NodeSelector = map[string]string{
+					"kubernetes.io/os": "windows",
+				}
+			} else {
+				framework.Logf("node distro is NOT WINDOWS !!!!!!!!!!!")
+			}
+			kubePod, err := k.createPod(thePod)
 			if err != nil {
 				return err
 			}
-			createdPods = append(createdPods, kubePod)
 
+			createdPods = append(createdPods, kubePod)
 			_, err = k.createService(pod.Service())
 			if err != nil {
 				return err
@@ -78,6 +86,7 @@ func (k *kubeManager) initializeCluster(model *Model) error {
 
 	for _, podString := range model.AllPodStrings() {
 		k8sPod, err := k.getPod(podString.Namespace(), podString.PodName())
+
 		if err != nil {
 			return err
 		}
@@ -115,11 +124,14 @@ func (k *kubeManager) probeConnectivity(nsFrom string, podFrom string, container
 	var cmd []string
 	switch protocol {
 	case v1.ProtocolSCTP:
-		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=1s", "--protocol=sctp"}
+		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=3s", "--protocol=sctp"}
 	case v1.ProtocolTCP:
-		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=1s", "--protocol=tcp"}
+		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=3s", "--protocol=tcp"}
 	case v1.ProtocolUDP:
-		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=1s", "--protocol=udp"}
+		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=3s", "--protocol=udp"}
+		if framework.NodeOSDistroIs("windows") {
+			framework.Logf("probing UDP for windows may result in cluster instability for certain windows nodes with low CPU/Memory, depending on CRI version")
+		}
 	default:
 		framework.Failf("protocol %s not supported", protocol)
 	}
@@ -252,14 +264,15 @@ func (k *kubeManager) deleteNamespaces(namespaces []string) error {
 	return nil
 }
 
-// waitForHTTPServers waits for all webservers to be up, on all protocols, and then validates them using the same probe logic as the rest of the suite.
-func (k *kubeManager) waitForHTTPServers(model *Model) error {
+// waitForHTTPServers waits for all webservers to be up, on all protocols sent in the input,  and then validates them using the same probe logic as the rest of the suite.
+func (k *kubeManager) waitForHTTPServers(model *Model, protocols []v1.Protocol) error {
 	const maxTries = 10
 	framework.Logf("waiting for HTTP servers (ports 80 and 81) to become ready")
 
 	testCases := map[string]*TestCase{}
 	for _, port := range model.Ports {
-		for _, protocol := range model.Protocols {
+		// Protocols is provided as input so that we can skip udp polling for windows
+		for _, protocol := range protocols {
 			fromPort := 81
 			desc := fmt.Sprintf("%d->%d,%s", fromPort, port, protocol)
 			testCases[desc] = &TestCase{ToPort: int(port), Protocol: protocol}
diff --git a/test/e2e/network/netpol/network_policy.go b/test/e2e/network/netpol/network_policy.go
index 256f88f2c11..722b2b0c9dc 100644
--- a/test/e2e/network/netpol/network_policy.go
+++ b/test/e2e/network/netpol/network_policy.go
@@ -117,7 +117,7 @@ and what is happening in practice:
 		z/c	.	.	.	.	.	.	.	.	.
 */
 
-var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
+var _ = common.SIGDescribe("Netpol", func() {
 	f := framework.NewDefaultFramework("netpol")
 
 	ginkgo.Context("NetworkPolicy between server and client", func() {
@@ -1312,6 +1312,7 @@ func initializeResourcesByFixedNS(f *framework.Framework) {
 // model derived from the framework.  It then waits for the resources described by the model to be up and running
 // (i.e. all pods are ready and running in their namespaces).
 func initializeResources(f *framework.Framework) error {
+	var protocols []v1.Protocol
 	_, _, _, model, k8s := getK8SModel(f)
 
 	framework.Logf("initializing cluster: ensuring namespaces, deployments, and pods exist and are ready")
@@ -1322,6 +1323,10 @@ func initializeResources(f *framework.Framework) error {
 	}
 
 	framework.Logf("finished initializing cluster state")
-
-	return k8s.waitForHTTPServers(model)
+	if framework.NodeOSDistroIs("windows") {
+		protocols = append(protocols, v1.ProtocolTCP)
+	} else {
+		protocols = model.Protocols
+	}
+	return k8s.waitForHTTPServers(model, protocols)
 }
diff --git a/test/e2e/network/netpol/probe.go b/test/e2e/network/netpol/probe.go
index 479980c83fb..b406bf9be7d 100644
--- a/test/e2e/network/netpol/probe.go
+++ b/test/e2e/network/netpol/probe.go
@@ -41,7 +41,12 @@ type ProbeJobResults struct {
 
 // ProbePodToPodConnectivity runs a series of probes in kube, and records the results in `testCase.Reachability`
 func ProbePodToPodConnectivity(k8s *kubeManager, model *Model, testCase *TestCase) {
-	numberOfWorkers := 3 // See https://github.com/kubernetes/kubernetes/pull/97690
+	var numberOfWorkers int
+	if framework.NodeOSDistroIs("windows") {
+		numberOfWorkers = 1 // See https://github.com/kubernetes/kubernetes/pull/97690
+	} else {
+		numberOfWorkers = 3
+	}
 	allPods := model.AllPods()
 	size := len(allPods) * len(allPods)
 	jobs := make(chan *ProbeJob, size)