From 8c76845b0389e67c5d2d51343d4122d110d279aa Mon Sep 17 00:00:00 2001 From: Anton Protopopov Date: Fri, 17 Jun 2022 12:46:50 +0000 Subject: [PATCH] test/e2e/network: fix a bug in the hostport e2e test The hostport e2e test (sonobuoy run --e2e-focus 'validates that there is no conflict between pods with same hostPort but different hostIP and protocol') checks, in particular, that two pods with the same hostPort, the same hostIP, but different L4 protocols can coexist on one node. In order to do this, the test creates two pods with the same hostIP:hostPort, one TCP-based, another UDP-based. However, both pods listen on both protocols: netexec --http-port=8080 --udp-port=8080 This can happen that a CNI which doesn't distinguish between TCP and UDP hostPorts forwards all traffic, TCP or UDP, to the same pod. As this pod listens on both protocols it will reply to both requests, and the test will think that everything works properly while the second pod is indeed disconnected. Fix this by executing different commands in different pods: TCP: netexec --http-port=8080 --udp-port=-1 UDP: netexec --http-port=8008 --udp-port=8080 The TCP pod now doesn't listen on UDP, and the UDP pod doesn't listen on TCP on the target hostPort. The UDP pod still needs to listen on TCP on another port so that a pod readiness check can be made. --- test/e2e/network/hostport.go | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/test/e2e/network/hostport.go b/test/e2e/network/hostport.go index dec0d359949..4b177f3cc1d 100644 --- a/test/e2e/network/hostport.go +++ b/test/e2e/network/hostport.go @@ -157,6 +157,18 @@ var _ = common.SIGDescribe("HostPort", func() { // create pod which using hostport on the specified node according to the nodeSelector // it starts an http server on the exposed port func createHostPortPodOnNode(f *framework.Framework, podName, ns, hostIP string, port int32, protocol v1.Protocol, nodeName string) { + + var netexecArgs []string + var readinessProbePort int32 + + if protocol == v1.ProtocolTCP { + readinessProbePort = 8080 + netexecArgs = []string{"--http-port=8080", "--udp-port=-1"} + } else { + readinessProbePort = 8008 + netexecArgs = []string{"--http-port=8008", "--udp-port=8080"} + } + hostPortPod := &v1.Pod{ ObjectMeta: metav1.ObjectMeta{ Name: podName, @@ -166,7 +178,7 @@ func createHostPortPodOnNode(f *framework.Framework, podName, ns, hostIP string, { Name: "agnhost", Image: imageutils.GetE2EImage(imageutils.Agnhost), - Args: []string{"netexec", "--http-port=8080", "--udp-port=8080"}, + Args: append([]string{"netexec"}, netexecArgs...), Ports: []v1.ContainerPort{ { HostPort: port, @@ -180,7 +192,7 @@ func createHostPortPodOnNode(f *framework.Framework, podName, ns, hostIP string, HTTPGet: &v1.HTTPGetAction{ Path: "/hostname", Port: intstr.IntOrString{ - IntVal: int32(8080), + IntVal: readinessProbePort, }, Scheme: v1.URISchemeHTTP, },