github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-23 05:04:12 +00:00
Code Issues Projects Releases Wiki Activity
97,152 Commits 42 Branches 8,639 Tags
96ea28aa772be21ddc277972add0b45ea7102b53
Commit Graph

811 Commits

Author SHA1 Message Date
Amim Knabben
92066e9e28 Copying Netpol API tests from networkpolicy folder 2021-01-24 10:48:10 -05:00
Kubernetes Prow Robot
3dbd7498f2 Merge pull request #95503 from ii/pod-service-proxy-with-path 
Write PodProxyWithPath & ServiceProxyWithPath test - + 12 endpoint coverage
 2021-01-20 15:33:00 -08:00
Kubernetes Prow Robot
e99f60f59b Merge pull request #95351 from aojea/conntrack_invalid2 
Support IPv6 on the e2e test ""should resolve connection reset issue #74839 "
 2021-01-20 02:17:59 -08:00
Kubernetes Prow Robot
1e21a2eb35 Merge pull request #98181 from wojtek-t/deflake_network_tests 
Attempt to deflake networking tests in large clusters
 2021-01-20 01:19:59 -08:00
wojtekt
fa0b7dee9e Attempt to deflake networking tests in large clusters 2021-01-20 09:32:39 +01:00
Matt Fenwick
1786cd9867 add knabben to test/e2e/network/netpol/OWNERS 2021-01-19 15:46:30 -05:00
Stephen Heywood
6c1f3b7d5d Use json response to validate method sent via proxy 2021-01-18 12:55:30 +13:00
Stephen Heywood
e29a3f21bc Remove obsolete log message 2021-01-18 12:55:30 +13:00
Stephen Heywood
226f7c28e0 Response body checked for all requests other than http HEAD 2021-01-18 12:55:29 +13:00
Stephen Heywood
e9e74aa98b Create e2e test for pod & service ProxyWithPath endpoints 2021-01-18 12:55:29 +13:00
jay vyas
4d757f1c52 remove weird pause args from this networking.go, that break the periodic sig-network tests 2021-01-17 13:42:41 -05:00
Kubernetes Prow Robot
97cf67b329 Merge pull request #97897 from knabben/sctp-netpol-test 
Copying SCTP tests to Netpol e2e framework
 2021-01-17 07:27:43 -08:00
Kubernetes Prow Robot
e1369ecfb4 Merge pull request #97878 from justinsb/e2e_split_network_test 
e2e: split test into kubeup & generic tests
 2021-01-13 13:27:03 -08:00
Amim Knabben
425e544a66 Copying SCTP netpol tests to new e2e framework 2021-01-13 13:34:11 -05:00
Kubernetes Prow Robot
f6e04cd3ad Merge pull request #97638 from knabben/netpol-egress-func 
Moving egress deny with DNS to a policy function
 2021-01-13 04:18:35 -08:00
Antonio Ojea
7d699b3037 e2e test for invalid conntrack entry 
This test is testing a bad conntrack behaviour, it doesn´t apply
only to kube-proxy.
 2021-01-13 11:02:58 +01:00
Justin Santa Barbara
ae26042e1a e2e: split test into kubeup & generic tests 
The "should have correct firewall rules for e2e cluster" test is GCE
specific, and likely specific to the kube-up configuration.

However, the second half of the test is a generic behaviour based test
that verifies that ports are not reachable.

We can split this into two tests, with an eye to running the generic
test in more places.
 2021-01-09 09:15:47 -05:00
Kubernetes Prow Robot
cc09a6df58 Merge pull request #97844 from aojea/essip 
don´t panic on e2e ESIPP tests
 2021-01-08 03:36:53 -08:00
Antonio Ojea
6bedf4a98b don´t panic on e2e ESIPP tests 
The ESIPP tests are using a function to poll an HTTP endpoint.
This function failed the framework if the request to the http endpoint
timed out, causing a panic that ginkgo couldn´t recover.

Also, this function was used inside a pollImmediate loop, so it should
return the error instead of fail.
 2021-01-08 10:52:49 +01:00
Antonio Ojea
2548fa1112 Revert "dump conntrack table on e2e conntrack failures" 
This reverts commit 0ef7f27fc1.

The info is not enough to debug the problems, there are simply no
conntrack entries but there is no clue about it.

Another problem is that it dumps the conntrack entries from all
nodes, that is more than 40 mins in a scale test job with 5000 nodes.
 2021-01-08 10:04:40 +01:00
jay vyas
ba0a87015a set numberOfWorkers for netpol suite to the ideal value (3) that is non-disruptive 2021-01-07 12:36:19 -05:00
Kubernetes Prow Robot
d5e8aa2d03 Merge pull request #97524 from NillsF/master 
Add e2e networkPolicy test to validate egress deny precedence over ingress allow
 2021-01-06 19:57:45 -08:00
Kubernetes Prow Robot
ab8dda3c88 Merge pull request #97736 from knabben/default-deny-egress 
Default deny egress with pod label selector
 2021-01-06 16:41:50 -08:00
Kubernetes Prow Robot
24f4fe7c8c Merge pull request #97571 from mattfenwick/issue-97425 
97425: improve netpol comments
 2021-01-06 13:05:52 -08:00
Matt Fenwick
5f80d7b3cf add OWNERS file to kubernetes/test/e2e/network/netpol 2021-01-06 11:17:24 -05:00
Amim Knabben
fc46c0a75a Default deny egress with pod label selector 2021-01-05 15:31:09 -05:00
Nills Franssens
eaad78c8fe adding egress ingress test case 2021-01-05 08:47:37 -08:00
Matthew Fenwick
19dd785870 97425: improve netpol comments 2021-01-02 16:03:34 -05:00
Amim Knabben
d378fca35a Moving egress deny with DNS to policy function 2020-12-31 08:10:36 -05:00
Kubernetes Prow Robot
fec1a366c3 Merge pull request #91592 from jayunit100/netpol-impl2 
new NetworkPolicy Validation suite
 2020-12-23 05:56:27 -08:00
jay vyas
36ae8fd91a import the netpol testing package so that ownership is attributed correctly in the network policy testing suit 2020-12-23 07:40:47 -05:00
Antonio Ojea
bbfed8a7db fix sctp hostPort test 
The test create a pod with a hostPort to expose an SCTP port, then
it checks if the iptables rules were installed correctly in the host.

The iptables rules MUST be checked in the same host where the pod
is running :)
 2020-12-17 18:31:35 +01:00
Mateusz Matejczyk
3affac239e Remove the 'DisabledForLargeClusters' tags from non-session-affinity LB network tests 
Ref. https://github.com/kubernetes/kubernetes/issues/90047
 2020-12-16 13:26:42 +01:00
Kubernetes Prow Robot
52bf6641f7 Merge pull request #95019 from aojea/sliceFalke 
Fix e2e endpoint slice flake test
 2020-12-14 18:33:48 -08:00
jay vyas
debbe9dce9 New NetworkPolicy tests: Part 2, all truth table validation scenario definitions 
Co-authored-by: Matt Fenwick <mfenwick100@gmail.com>
Co-authored-by: Jay Vyas <jvyas@vmware.com>
Co-authored-by: Abhishek Raut <rauta@vmware.com>
 2020-12-14 17:14:25 -05:00
Matthew Fenwick
65632b8677 NetworkPolicy Validation suite 
Co-authored-by: Matt Fenwick <mfenwick100@gmail.com>
Co-authored-by: Jay Vyas <jvyas@vmware.com>
Co-authored-by: Rich Renner <renner@sunder.io>
Co-authored-by: Sedef Savas <ssavas@vmware.com>
Co-authored-by: Guangyang Wang <wguangyuan@vmware.com>
Co-authored-by: Akash Sarda <akashsarda3@gmail.com>
Co-authored-by: Abhishek Raut <rauta@vmware.com>
Co-authored-by: Antonin Bas <abas@vmware.com>
Co-authored-by: Antonio Ojea <aojea@redhat.com>

addressed remaining minor comments

initial netpol-framework
 2020-12-14 16:47:39 -05:00
Dan Winship
46470008a3 Improve error message on "CLOSE_WAIT" test failure 2020-12-10 11:00:13 -05:00
Kubernetes Prow Robot
77d150ae11 Merge pull request #96856 from aojea/netpolipv6 
e2e network policy enclose IPv6 destinations
 2020-12-09 03:26:50 -08:00
Kubernetes Prow Robot
83b2c7a1bf Merge pull request #96311 from thockin/kep-1659-topology-labels 
Convert users of old failure-domain labels to new
 2020-12-08 17:28:27 -08:00
Kubernetes Prow Robot
9d81c4ebfa Merge pull request #96296 from aojea/extip 
kube-proxy treat ExternalIPs as ClusterIPs
 2020-12-08 17:28:18 -08:00
Spencer Hance
47ea73bfb9 Update ingress conformance test for finalizers 2020-11-25 11:24:21 -08:00
Antonio Ojea
60f739ac17 e2e network policy enclose IPv6 destinations 
We moved to DNS destination to IP:Port, so we need to be sure
that IPv6 addresses are enclosed in square brackets with that
format.
 2020-11-25 10:56:24 +01:00
DP19
9e4642211a add e2e test for Service ExternalIPs 2020-11-22 00:57:29 +01:00
Kubernetes Prow Robot
379ed6644d Merge pull request #96484 from aojea/e2etest 
add e2e test for dual-stack secondary service IPs
 2020-11-18 15:28:51 -08:00
Antonio Ojea
59674755eb e2e SCTP test not depend on kubenet 
e2e test should be platform and component independent.
Consumers can filter using tags or regex.
 2020-11-17 16:34:48 +01:00
Antonio Ojea
ad043f2bdd e2e dualstack test fixes 
remove unused variables and fix comments
 2020-11-16 23:18:30 +01:00
Antonio Ojea
19cf272b37 add more e2e sctp tests 
Add more e2e SCTP tests for Services and intra-pod communication.
 2020-11-13 17:07:00 +01:00
Antonio Ojea
3a6b4366a7 remove wrong test for SCTP connectivity 
the test tries to test the connectivity between two pods, but it
acually test the connectivity against itself.
 2020-11-13 17:03:03 +01:00
Tim Hockin
3bd337baf4 Make tests deal with old and new topology labels 2020-11-12 11:22:47 -08:00
Antonio Ojea
ed694a1bf6 add e2e test for dual-stack secondary service IPs 
Dual stack services can have two ClusterIPs, we already have tests that
exercise the connectivity from different scenarios to the first
ClusterIP of the service.

This PR adds a new functionality to the e2e network utils to enable
DualStack services, and replicate the same tests but using the
secondary ClusterIP, so we cover the connectivity to both cluster IPs.
 2020-11-12 10:07:04 +01:00