github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-22 11:21:47 +00:00
Code Issues Projects Releases Wiki Activity

tests: network: Prefer internal IPs first

Browse Source 
Many clusters block direct requests from internal resources to the nodes
external IPs as best practice. All accesses from internal resources that
want to access resources running on nodes go through load balancers,
nodes being on private or public subnets. Let's prefer internal IPs
first, so the tests can work even when there are security group rules
present blocking requests to the external IPs.

We should not require ExternalIP for Conformance, but should keep
testing ExternalIPs in sig network.

Signed-off-by: Rafael Fonseca <r4f4rfs@gmail.com>
This commit is contained in:
Rafael Fonseca 2022-11-10 00:23:09 +01:00
parent e4d46148de
commit f98aa32c5a
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
test/e2e/framework/network/utils.go
View File

@ -117,6 +117,11 @@ func EndpointsUseHostNetwork(config *NetworkingTestConfig) {
config.EndpointsHostNetwork = true config.EndpointsHostNetwork = true
} }
// PreferExternalAddresses prefer node External Addresses for the tests
func PreferExternalAddresses(config *NetworkingTestConfig) {
config.PreferExternalAddresses = true
}
// NewNetworkingTestConfig creates and sets up a new test config helper. // NewNetworkingTestConfig creates and sets up a new test config helper.
func NewNetworkingTestConfig(f *framework.Framework, setters ...Option) *NetworkingTestConfig { func NewNetworkingTestConfig(f *framework.Framework, setters ...Option) *NetworkingTestConfig {
// default options // default options
@ -205,6 +210,8 @@ type NetworkingTestConfig struct {
// The kubernetes namespace within which all resources for this // The kubernetes namespace within which all resources for this
// config are created // config are created
Namespace string Namespace string
// Whether to prefer node External Addresses for the tests
PreferExternalAddresses bool
} }
// NetexecDialResponse represents the response returned by the `netexec` subcommand of `agnhost` // NetexecDialResponse represents the response returned by the `netexec` subcommand of `agnhost`
@ -817,13 +824,17 @@ func (config *NetworkingTestConfig) setup(selector map[string]string) {
family = v1.IPv6Protocol family = v1.IPv6Protocol
secondaryFamily = v1.IPv4Protocol secondaryFamily = v1.IPv4Protocol
} }
// Get Node IPs from the cluster, ExternalIPs take precedence if config.PreferExternalAddresses {
config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, family) // Get Node IPs from the cluster, ExternalIPs take precedence
config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, family)
}
if config.NodeIP == "" { if config.NodeIP == "" {
config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeInternalIP, family) config.NodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeInternalIP, family)
} }
if config.DualStackEnabled { if config.DualStackEnabled {
config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, secondaryFamily) if config.PreferExternalAddresses {
config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeExternalIP, secondaryFamily)
}
if config.SecondaryNodeIP == "" { if config.SecondaryNodeIP == "" {
config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeInternalIP, secondaryFamily) config.SecondaryNodeIP = e2enode.FirstAddressByTypeAndFamily(nodeList, v1.NodeInternalIP, secondaryFamily)
} }