diff --git a/.zuul.d/base.yaml b/.zuul.d/base.yaml index 6f2099d62..002564905 100644 --- a/.zuul.d/base.yaml +++ b/.zuul.d/base.yaml @@ -86,3 +86,68 @@ - ^doc/.*$ - ^releasenotes/.*$ - ^contrib/.*$ + +- job: + name: kuryr-kubernetes-k8s-base + parent: devstack + description: Base kuryr-kubernetes-job without tempest + required-projects: + - openstack/devstack-plugin-container + - openstack/kuryr-kubernetes + post-run: playbooks/copy-k8s-logs.yaml + host-vars: + controller: + devstack_plugins: + kuryr-kubernetes: https://opendev.org/openstack/kuryr-kubernetes + devstack-plugin-container: https://opendev.org/openstack/devstack-plugin-container + vars: + devstack_localrc: + KURYR_K8S_API_PORT: 8080 + Q_BUILD_OVS_FROM_GIT: true + KURYR_K8S_CLOUD_PROVIDER: false + ETCD_USE_RAMDISK: true + devstack_services: + # TODO(dmellado):Temporary workaround until proper fix + base: false + s-account: false + s-container: false + s-object: false + s-proxy: false + c-api: false + c-bak: false + c-sch: false + c-vol: false + cinder: false + neutron: true + q-agt: true + q-dhcp: true + q-l3: true + q-svc: true + q-meta: true + key: true + mysql: true + rabbit: true + n-api: true + n-api-meta: true + n-cpu: true + n-cond: true + n-sch: true + placement-api: true + placement-client: true + g-api: true + g-reg: true + etcd3: true + kubernetes-api: true + kubernetes-controller-manager: true + kubernetes-scheduler: true + kubelet: true + kuryr-kubernetes: true + kuryr-daemon: true + coredns: true + zuul_copy_output: + '{{ devstack_log_dir }}/kubernetes': 'logs' + irrelevant-files: + - ^.*\.rst$ + - ^doc/.*$ + - ^releasenotes/.*$ + - ^contrib/.*$ diff --git a/.zuul.d/project.yaml b/.zuul.d/project.yaml index 7f8fe5218..5f7623e23 100644 --- a/.zuul.d/project.yaml +++ b/.zuul.d/project.yaml @@ -24,6 +24,8 @@ - kuryr-kubernetes-tempest-multinode-containerized - kuryr-kubernetes-tempest-containerized-ipv6 - kuryr-kubernetes-tempest-containerized-ovn-ipv6 + - kuryr-kubernetes-tempest-containerized-ovn-provider-ovn + - kuryr-kubernetes-e2e-np-containerized-ovn-provider-ovn gate: jobs: - kuryr-kubernetes-tempest @@ -38,7 +40,6 @@ - kuryr-kubernetes-tempest-containerized-openshift-serial - kuryr-kubernetes-tempest-ovn - kuryr-kubernetes-tempest-openshift - - kuryr-kubernetes-tempest-containerized-ovn-provider-ovn - kuryr-kubernetes-tempest-openshift-multi-vif - kuryr-kubernetes-tempest-multinode-ha - kuryr-kubernetes-tempest-containerized-crio diff --git a/.zuul.d/sdn.yaml b/.zuul.d/sdn.yaml index 569b67817..d38bb589e 100644 --- a/.zuul.d/sdn.yaml +++ b/.zuul.d/sdn.yaml @@ -99,3 +99,82 @@ KURYR_SUBNET_DRIVER: namespace KURYR_SG_DRIVER: policy KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,namespace,pod_label,policy,kuryrnetpolicy,kuryrnetwork + voting: false + +- job: + name: kuryr-kubernetes-e2e-np-containerized-ovn-provider-ovn + parent: kuryr-kubernetes-k8s-base + description: | + Kuryr-Kubernetes job with OVN and Octavia provider OVN running k8s network policy e2e tests + required-projects: + - openstack/neutron + - openstack/barbican + - openstack/octavia + - openstack/python-barbicanclient + - openstack/python-octaviaclient + - openstack/ovn-octavia-provider + pre-run: playbooks/get_amphora_tarball.yaml + post-run: playbooks/run_k8s_e2e_tests.yaml + post-timeout: 7200 + host-vars: + controller: + devstack_plugins: + neutron: https://opendev.org/openstack/neutron + octavia: https://opendev.org/openstack/octavia + barbican: https://opendev.org/openstack/barbican + ovn-octavia-provider: https://opendev.org/openstack/ovn-octavia-provider + vars: + devstack_localrc: + OCTAVIA_AMP_IMAGE_FILE: "/tmp/test-only-amphora-x64-haproxy-ubuntu-bionic.qcow2" + OCTAVIA_AMP_IMAGE_SIZE: 3 + OCTAVIA_AMP_IMAGE_NAME: "test-only-amphora-x64-haproxy-ubuntu-bionic" + Q_AGENT: ovn + Q_ML2_PLUGIN_MECHANISM_DRIVERS: ovn,logger + Q_ML2_PLUGIN_TYPE_DRIVERS: local,flat,vlan,geneve + Q_ML2_TENANT_NETWORK_TYPE: geneve + VAR_RUN_PATH: /usr/local/var/run + Q_USE_PROVIDERNET_FOR_PUBLIC: true + PHYSICAL_NETWORK: public + OVN_L3_CREATE_PUBLIC_NETWORK: true + ENABLE_CHASSIS_AS_GW: true + OVN_BRANCH: branch-20.03 + KURYR_NEUTRON_DEFAULT_ROUTER: kuryr-router + KURYR_EP_DRIVER_OCTAVIA_PROVIDER: ovn + KURYR_K8S_OCTAVIA_MEMBER_MODE: L2 + KURYR_ENFORCE_SG_RULES: false + KURYR_LB_ALGORITHM: SOURCE_IP_PORT + KURYR_HYPERKUBE_VERSION: v1.16.0 + KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,namespace,pod_label,policy,kuryrnetpolicy,kuryrnetwork + KURYR_SG_DRIVER: policy + KURYR_SUBNET_DRIVER: namespace + KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true + devstack_services: + octavia: true + o-api: true + o-cw: true + o-hk: true + o-hm: true + o-da: true + ovn-northd: true + ovn-controller: true + q-ovn-metadata-agent: true + q-svc: true + q-agt: false + q-l3: false + q-dhcp: false + q-meta: false + q-trunk: true + devstack_local_conf: + post-config: + $OCTAVIA_CONF: + controller_worker: + amp_active_retries: 9999 + api_settings: + enabled_provider_drivers: amphora:'Octavia Amphora driver',ovn:'Octavia OVN driver' + kubetest_version: v1.17.3 + np_parallel_number: 2 + gopkg: go1.13.5.linux-amd64.tar.gz + np_sleep: 30 + zuul_copy_output: + '/home/zuul/np_kubetest.log': 'logs' + voting: false diff --git a/playbooks/run_k8s_e2e_tests.yaml b/playbooks/run_k8s_e2e_tests.yaml new file mode 100644 index 000000000..9329b8a4e --- /dev/null +++ b/playbooks/run_k8s_e2e_tests.yaml @@ -0,0 +1,93 @@ +- hosts: all + tasks: + # NOTE(maysams): Revisit this package removal step + # once other operating systems are supported on the gates + - name: Remove old installation of Go + shell: | + apt remove -y --purge golang + apt autoremove -y + become: yes + ignore_errors: yes + + - name: Download GO {{ gopkg }} + get_url: + url: https://dl.google.com/go/{{ gopkg }} + dest: /tmp/{{ gopkg }} + force: yes + + - name: Unarchive GO + unarchive: + src: /tmp/{{ gopkg }} + dest: /usr/local + remote_src: yes + become: true + + - name: Clone K8s test-infra repository + git: + repo: https://github.com/kubernetes/test-infra + dest: ~/test-infra + force: yes + + - name: Install kubetest + shell: go install ./kubetest + args: + chdir: ~/test-infra + environment: + GO111MODULE: "on" + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin:{{ ansible_env.HOME }}/go/bin" + + - name: Clone kubernetes repository + git: + repo: https://github.com/kubernetes/kubernetes.git + version: "{{ kubetest_version }}" + dest: ~/kubernetes + force: yes + + - name: Patch e2e tests + shell: | + sed -i 's/podStartTimeout = .*/podStartTimeout = 2 * time.Minute/' test/e2e/framework/pod/wait.go + sed -i 's/for i in $(seq 1 5)/sleep {{ np_sleep }};for i in $(seq 1 200)/' test/e2e/network/network_policy.go + args: + chdir: ~/kubernetes + + - name: Build e2e tests + block: + - name: Install make package + become: true + package: + name: "make" + state: present + - name: Build e2e tests + shell: | + make WHAT=cmd/kubectl + make WHAT=vendor/github.com/onsi/ginkgo/ginkgo + make WHAT=test/e2e/e2e.test + args: + chdir: ~/kubernetes + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin:{{ ansible_env.HOME }}/go/bin" + + - name: Create .kube folder within BASE + file: + path: "{{ ansible_env.HOME }}/.kube" + state: directory + become: yes + + - name: Copy kubeconfig file + shell: "cp /opt/stack/.kube/config {{ ansible_env.HOME }}/.kube/" + become: yes + + - name: Change kubeconfig file permission + file: + path: "{{ ansible_env.HOME }}/.kube/config" + owner: zuul + group: zuul + become: yes + + - name: Run Network Policy tests + shell: kubetest --provider=local --check-version-skew=false --test --ginkgo-parallel={{ np_parallel_number }} --test_args="--ginkgo.focus=\[Feature:NetworkPolicy --ginkgo.skip=should.enforce.policies.to.check.ingress.and.egress.policies.can.be.controlled.independently.based.on.PodSelector --host=http://127.0.0.1:8080" --dump=/tmp > ~/np_kubetest.log + args: + chdir: ~/kubernetes + environment: + KUBECONFIG: "{{ ansible_env.HOME }}/.kube/config" + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin:{{ ansible_env.HOME }}/go/bin" diff --git a/tools/gate/copy_k8s_logs.sh b/tools/gate/copy_k8s_logs.sh index 2c49278ab..3f9ac9830 100755 --- a/tools/gate/copy_k8s_logs.sh +++ b/tools/gate/copy_k8s_logs.sh @@ -36,6 +36,7 @@ sudo chown ${USER}:${USER} ${HOME}/.kube/config /usr/local/bin/kubectl --kubeconfig=${HOME}/.kube/config get kuryrnets -o yaml --all-namespaces >> ${K8S_LOG_DIR}/kuryrnets_crds.txt /usr/local/bin/kubectl --kubeconfig=${HOME}/.kube/config get kuryrnetworks -o yaml --all-namespaces >> ${K8S_LOG_DIR}/kuryrnetworks_crds.txt /usr/local/bin/kubectl --kubeconfig=${HOME}/.kube/config get endpoints -o yaml --all-namespaces >> ${K8S_LOG_DIR}/endpoints.txt +/usr/local/bin/kubectl --kubeconfig=${HOME}/.kube/config get kuryrnetpolicy -o yaml --all-namespaces >> ${K8S_LOG_DIR}/kuryrnetpolicy_crds.txt # Kubernetes pods logs mkdir -p ${K8S_LOG_DIR}/pod_logs while read -r line