From f98aa32c5a67a73e5debcef40343eb5dbeea2e52 Mon Sep 17 00:00:00 2001 From: Rafael Fonseca Date: Thu, 10 Nov 2022 00:23:09 +0100 Subject: [PATCH] tests: network: Prefer internal IPs first Many clusters block direct requests from internal resources to the nodes external IPs as best practice. All accesses from internal resources that want to access resources running on nodes go through load balancers, nodes being on private or public subnets. Let's prefer internal IPs first, so the tests can work even when there are security group rules present blocking requests to the external IPs. We should not require ExternalIP for Conformance, but should keep testing ExternalIPs in sig network. Signed-off-by: Rafael Fonseca --- test/e2e/framework/network/utils.go | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/test/e2e/framework/network/utils.go b/test/e2e/framework/network/utils.go index 29eaad29d68..c027925bb26 100644 --- a/test/e2e/framework/network/utils.go +++ b/test/e2e/framework/network/utils.go @@ -117,6 +117,11 @@ func EndpointsUseHostNetwork(config *NetworkingTestConfig) { config.EndpointsHostNetwork = true } +// PreferExternalAddresses prefer node External Addresses for the tests +func PreferExternalAddresses(config *NetworkingTestConfig) { + config.PreferExternalAddresses = true +} + // NewNetworkingTestConfig creates and sets up a new test config helper. func NewNetworkingTestConfig(f *framework.Framework, setters ...Option) *NetworkingTestConfig { // default options @@ -205,6 +210,8 @@ type NetworkingTestConfig struct { // The kubernetes namespace within which all resources for this // config are created Namespace string + // Whether to prefer node External Addresses for the tests + PreferExternalAddresses bool } // NetexecDialResponse represents the response returned by the `netexec` subcommand of `agnhost` @@ -817,13 +824,17 @@ func (config *NetworkingTestConfig) setup(selector map[string]string) { family = v1.IPv6Protocol secondaryFamily = v1.IPv4Protocol } - // Get Node IPs from the cluster, ExternalIPs take precedence - config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, family) + if config.PreferExternalAddresses { + // Get Node IPs from the cluster, ExternalIPs take precedence + config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, family) + } if config.NodeIP == "" { config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeInternalIP, family) } if config.DualStackEnabled { - config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, secondaryFamily) + if config.PreferExternalAddresses { + config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, secondaryFamily) + } if config.SecondaryNodeIP == "" { config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeInternalIP, secondaryFamily) }