Add netpol tests for windows

Co-authored-by: Jay Vyas <jvyas@vmware.com>
2025-07-23 11:50:44 +00:00 · 2021-05-21 16:13:32 +01:00 · 2021-05-21 16:13:32 +01:00 · 69019a03d3
commit 69019a03d3
parent 1d38084930
5 changed files with 39 additions and 15 deletions
--- a/staging/src/k8s.io/client-go/tools/auth/clientauth.go
+++ b/staging/src/k8s.io/client-go/tools/auth/clientauth.go
@ -66,9 +66,8 @@ package auth
 import (
 	"encoding/json"
 	"io/ioutil"
-	"os"
-
 	restclient "k8s.io/client-go/rest"
+	"os"
 )

 // Info holds Kubernetes API authorization config.  It is intended
--- a/test/e2e/framework/exec_util.go
+++ b/test/e2e/framework/exec_util.go
@ -58,6 +58,7 @@ func (f *Framework) ExecWithOptions(options ExecOptions) (string, string, error)

 	const tty = false

+	Logf("ExecWithOptions: Clientset creation ")
 	req := f.ClientSet.CoreV1().RESTClient().Post().
 		Resource("pods").
 		Name(options.PodName).
@ -74,8 +75,9 @@ func (f *Framework) ExecWithOptions(options ExecOptions) (string, string, error)
 	}, scheme.ParameterCodec)

 	var stdout, stderr bytes.Buffer
-	err = execute("POST", req.URL(), config, options.Stdin, &stdout, &stderr, tty)

+	Logf("ExecWithOptions: execute(POST %s %s)", req.URL())
+	err = execute("POST", req.URL(), config, options.Stdin, &stdout, &stderr, tty)
 	if options.PreserveWhitespace {
 		return stdout.String(), stderr.String(), err
 	}
--- a/test/e2e/network/netpol/kubemanager.go
+++ b/test/e2e/network/netpol/kubemanager.go
@ -63,12 +63,20 @@ func (k *kubeManager) initializeCluster(model *Model) error {
 		for _, pod := range ns.Pods {
 			framework.Logf("creating/updating pod %s/%s", ns.Name, pod.Name)

-			kubePod, err := k.createPod(pod.KubePod())
+			thePod := pod.KubePod()
+			if framework.NodeOSDistroIs("windows") {
+				thePod.Spec.NodeSelector = map[string]string{
+					"kubernetes.io/os": "windows",
+				}
+			} else {
+				framework.Logf("node distro is NOT WINDOWS !!!!!!!!!!!")
+			}
+			kubePod, err := k.createPod(thePod)
 			if err != nil {
 				return err
 			}
-			createdPods = append(createdPods, kubePod)

+			createdPods = append(createdPods, kubePod)
 			_, err = k.createService(pod.Service())
 			if err != nil {
 				return err
@ -78,6 +86,7 @@ func (k *kubeManager) initializeCluster(model *Model) error {

 	for _, podString := range model.AllPodStrings() {
 		k8sPod, err := k.getPod(podString.Namespace(), podString.PodName())
+
 		if err != nil {
 			return err
 		}
@ -115,11 +124,14 @@ func (k *kubeManager) probeConnectivity(nsFrom string, podFrom string, container
 	var cmd []string
 	switch protocol {
 	case v1.ProtocolSCTP:
-		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=1s", "--protocol=sctp"}
+		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=3s", "--protocol=sctp"}
 	case v1.ProtocolTCP:
-		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=1s", "--protocol=tcp"}
+		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=3s", "--protocol=tcp"}
 	case v1.ProtocolUDP:
-		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=1s", "--protocol=udp"}
+		cmd = []string{"/agnhost", "connect", net.JoinHostPort(addrTo, port), "--timeout=3s", "--protocol=udp"}
+		if framework.NodeOSDistroIs("windows") {
+			framework.Logf("probing UDP for windows may result in cluster instability for certain windows nodes with low CPU/Memory, depending on CRI version")
+		}
 	default:
 		framework.Failf("protocol %s not supported", protocol)
 	}
@ -252,14 +264,15 @@ func (k *kubeManager) deleteNamespaces(namespaces []string) error {
 	return nil
 }

-// waitForHTTPServers waits for all webservers to be up, on all protocols, and then validates them using the same probe logic as the rest of the suite.
-func (k *kubeManager) waitForHTTPServers(model *Model) error {
+// waitForHTTPServers waits for all webservers to be up, on all protocols sent in the input,  and then validates them using the same probe logic as the rest of the suite.
+func (k *kubeManager) waitForHTTPServers(model *Model, protocols []v1.Protocol) error {
 	const maxTries = 10
 	framework.Logf("waiting for HTTP servers (ports 80 and 81) to become ready")

 	testCases := map[string]*TestCase{}
 	for _, port := range model.Ports {
-		for _, protocol := range model.Protocols {
+		// Protocols is provided as input so that we can skip udp polling for windows
+		for _, protocol := range protocols {
 			fromPort := 81
 			desc := fmt.Sprintf("%d->%d,%s", fromPort, port, protocol)
 			testCases[desc] = &TestCase{ToPort: int(port), Protocol: protocol}
--- a/test/e2e/network/netpol/network_policy.go
+++ b/test/e2e/network/netpol/network_policy.go
@ -117,7 +117,7 @@ and what is happening in practice:
 		z/c	.	.	.	.	.	.	.	.	.
 */

-var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
+var _ = common.SIGDescribe("Netpol", func() {
 	f := framework.NewDefaultFramework("netpol")

 	ginkgo.Context("NetworkPolicy between server and client", func() {
@ -1312,6 +1312,7 @@ func initializeResourcesByFixedNS(f *framework.Framework) {
 // model derived from the framework.  It then waits for the resources described by the model to be up and running
 // (i.e. all pods are ready and running in their namespaces).
 func initializeResources(f *framework.Framework) error {
+	var protocols []v1.Protocol
 	_, _, _, model, k8s := getK8SModel(f)

 	framework.Logf("initializing cluster: ensuring namespaces, deployments, and pods exist and are ready")
@ -1322,6 +1323,10 @@ func initializeResources(f *framework.Framework) error {
 	}

 	framework.Logf("finished initializing cluster state")
-
-	return k8s.waitForHTTPServers(model)
+	if framework.NodeOSDistroIs("windows") {
+		protocols = append(protocols, v1.ProtocolTCP)
+	} else {
+		protocols = model.Protocols
+	}
+	return k8s.waitForHTTPServers(model, protocols)
 }
--- a/test/e2e/network/netpol/probe.go
+++ b/test/e2e/network/netpol/probe.go
@ -41,7 +41,12 @@ type ProbeJobResults struct {

 // ProbePodToPodConnectivity runs a series of probes in kube, and records the results in `testCase.Reachability`
 func ProbePodToPodConnectivity(k8s *kubeManager, model *Model, testCase *TestCase) {
-	numberOfWorkers := 3 // See https://github.com/kubernetes/kubernetes/pull/97690
+	var numberOfWorkers int
+	if framework.NodeOSDistroIs("windows") {
+		numberOfWorkers = 1 // See https://github.com/kubernetes/kubernetes/pull/97690
+	} else {
+		numberOfWorkers = 3
+	}
 	allPods := model.AllPods()
 	size := len(allPods) * len(allPods)
 	jobs := make(chan *ProbeJob, size)