Merge pull request #89032 from tanjunchen/move-GetPodSecretUpdateTimeout
move GetPodSecretUpdateTimeout from framework/utils to test/e2e/framework/pod/
This commit is contained in:
		| @@ -119,7 +119,7 @@ var _ = ginkgo.Describe("[sig-storage] ConfigMap", func() { | ||||
| 		Description: The ConfigMap that is created MUST be accessible to read from the newly created Pod using the volume mount that is mapped to custom path in the Pod. When the ConfigMap is updated the change to the config map MUST be verified by reading the content from the mounted file in the Pod. | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("updates should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
|  | ||||
| 		name := "configmap-test-upd-" + string(uuid.NewUUID()) | ||||
| @@ -202,7 +202,7 @@ var _ = ginkgo.Describe("[sig-storage] ConfigMap", func() { | ||||
| 		Description: The ConfigMap that is created with text data and binary data MUST be accessible to read from the newly created Pod using the volume mount that is mapped to custom path in the Pod. ConfigMap's text data and binary data MUST be verified by reading the content from the mounted files in the Pod. | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("binary data should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
|  | ||||
| 		name := "configmap-test-upd-" + string(uuid.NewUUID()) | ||||
| @@ -298,7 +298,7 @@ var _ = ginkgo.Describe("[sig-storage] ConfigMap", func() { | ||||
| 		Description: The ConfigMap that is created MUST be accessible to read from the newly created Pod using the volume mount that is mapped to custom path in the Pod. When the config map is updated the change to the config map MUST be verified by reading the content from the mounted file in the Pod. Also when the item(file) is deleted from the map that MUST result in a error reading that item(file). | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("optional updates should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 		trueVal := true | ||||
| 		volumeMountPath := "/etc/configmap-volumes" | ||||
| @@ -795,7 +795,7 @@ func doConfigMapE2EWithMappings(f *framework.Framework, asUser bool, fsGroup int | ||||
| } | ||||
|  | ||||
| func createNonOptionalConfigMapPod(f *framework.Framework, volumeMountPath, podName string) error { | ||||
| 	podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 	falseValue := false | ||||
|  | ||||
| @@ -845,7 +845,7 @@ func createNonOptionalConfigMapPod(f *framework.Framework, volumeMountPath, podN | ||||
| } | ||||
|  | ||||
| func createNonOptionalConfigMapPodWithConfig(f *framework.Framework, volumeMountPath, podName string) error { | ||||
| 	podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 	falseValue := false | ||||
|  | ||||
|   | ||||
| @@ -119,7 +119,7 @@ var _ = ginkgo.Describe("[sig-storage] Projected configMap", func() { | ||||
| 	   Description: A Pod is created with projected volume source 'ConfigMap' to store a configMap and performs a create and update to new value. Pod MUST be able to create the configMap with value-1. Pod MUST be able to update the value in the confgiMap to value-2. | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("updates should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
|  | ||||
| 		name := "projected-configmap-test-upd-" + string(uuid.NewUUID()) | ||||
| @@ -207,7 +207,7 @@ var _ = ginkgo.Describe("[sig-storage] Projected configMap", func() { | ||||
| 	   Description: Create a Pod with three containers with ConfigMaps namely a create, update and delete container. Create Container when started MUST not have configMap, update and delete containers MUST be created with a ConfigMap value as 'value-1'. Create a configMap in the create container, the Pod MUST be able to read the configMap from the create container. Update the configMap in the update container, Pod MUST be able to read the updated configMap value. Delete the configMap in the delete container. Pod MUST fail to read the configMap from the delete container. | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("optional updates should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 		trueVal := true | ||||
| 		volumeMountPath := "/etc/projected-configmap-volumes" | ||||
|   | ||||
| @@ -209,7 +209,7 @@ var _ = ginkgo.Describe("[sig-storage] Projected secret", func() { | ||||
| 	   Description: Create a Pod with three containers with secrets namely a create, update and delete container. Create Container when started MUST no have a secret, update and delete containers MUST be created with a secret value. Create a secret in the create container, the Pod MUST be able to read the secret from the create container. Update the secret in the update container, Pod MUST be able to read the updated secret value. Delete the secret in the delete container. Pod MUST fail to read the secret from the delete container. | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("optional updates should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 		trueVal := true | ||||
| 		volumeMountPath := "/etc/projected-secret-volumes" | ||||
|   | ||||
| @@ -199,7 +199,7 @@ var _ = ginkgo.Describe("[sig-storage] Secrets", func() { | ||||
| 		Description: Create a Pod with three containers with secrets volume sources namely a create, update and delete container. Create Container when started MUST not have secret, update and delete containers MUST be created with a secret value. Create a secret in the create container, the Pod MUST be able to read the secret from the create container. Update the secret in the update container, Pod MUST be able to read the updated secret value. Delete the secret in the delete container. Pod MUST fail to read the secret from the delete container. | ||||
| 	*/ | ||||
| 	framework.ConformanceIt("optional updates should be reflected in volume [NodeConformance]", func() { | ||||
| 		podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 		containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 		trueVal := true | ||||
| 		volumeMountPath := "/etc/secret-volumes" | ||||
| @@ -588,7 +588,7 @@ func doSecretE2EWithMapping(f *framework.Framework, mode *int32) { | ||||
| } | ||||
|  | ||||
| func createNonOptionalSecretPod(f *framework.Framework, volumeMountPath, podName string) error { | ||||
| 	podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 	falseValue := false | ||||
|  | ||||
| @@ -636,7 +636,7 @@ func createNonOptionalSecretPod(f *framework.Framework, volumeMountPath, podName | ||||
| } | ||||
|  | ||||
| func createNonOptionalSecretPodWithSecret(f *framework.Framework, volumeMountPath, podName string) error { | ||||
| 	podLogTimeout := framework.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	podLogTimeout := e2epod.GetPodSecretUpdateTimeout(f.ClientSet) | ||||
| 	containerTimeoutArg := fmt.Sprintf("--retry_time=%v", int(podLogTimeout.Seconds())) | ||||
| 	falseValue := false | ||||
|  | ||||
|   | ||||
| @@ -543,3 +543,40 @@ func GetPodsInNamespace(c clientset.Interface, ns string, ignoreLabels map[strin | ||||
| 	} | ||||
| 	return filtered, nil | ||||
| } | ||||
|  | ||||
| // GetPodSecretUpdateTimeout returns the timeout duration for updating pod secret. | ||||
| func GetPodSecretUpdateTimeout(c clientset.Interface) time.Duration { | ||||
| 	// With SecretManager(ConfigMapManager), we may have to wait up to full sync period + | ||||
| 	// TTL of secret(configmap) to elapse before the Kubelet projects the update into the | ||||
| 	// volume and the container picks it up. | ||||
| 	// So this timeout is based on default Kubelet sync period (1 minute) + maximum TTL for | ||||
| 	// secret(configmap) that's based on cluster size + additional time as a fudge factor. | ||||
| 	secretTTL, err := getNodeTTLAnnotationValue(c) | ||||
| 	if err != nil { | ||||
| 		e2elog.Logf("Couldn't get node TTL annotation (using default value of 0): %v", err) | ||||
| 	} | ||||
| 	podLogTimeout := 240*time.Second + secretTTL | ||||
| 	return podLogTimeout | ||||
| } | ||||
|  | ||||
| func getNodeTTLAnnotationValue(c clientset.Interface) (time.Duration, error) { | ||||
| 	nodes, err := c.CoreV1().Nodes().List(context.TODO(), metav1.ListOptions{}) | ||||
| 	if err != nil || len(nodes.Items) == 0 { | ||||
| 		return time.Duration(0), fmt.Errorf("Couldn't list any nodes to get TTL annotation: %v", err) | ||||
| 	} | ||||
| 	// Since TTL the kubelet is using is stored in node object, for the timeout | ||||
| 	// purpose we take it from the first node (all of them should be the same). | ||||
| 	node := &nodes.Items[0] | ||||
| 	if node.Annotations == nil { | ||||
| 		return time.Duration(0), fmt.Errorf("No annotations found on the node") | ||||
| 	} | ||||
| 	value, ok := node.Annotations[v1.ObjectTTLAnnotationKey] | ||||
| 	if !ok { | ||||
| 		return time.Duration(0), fmt.Errorf("No TTL annotation found on the node") | ||||
| 	} | ||||
| 	intValue, err := strconv.Atoi(value) | ||||
| 	if err != nil { | ||||
| 		return time.Duration(0), fmt.Errorf("Cannot convert TTL annotation from %#v to int", *node) | ||||
| 	} | ||||
| 	return time.Duration(intValue) * time.Second, nil | ||||
| } | ||||
|   | ||||
| @@ -1020,43 +1020,6 @@ func WaitForAllNodesSchedulable(c clientset.Interface, timeout time.Duration) er | ||||
| 	) | ||||
| } | ||||
|  | ||||
| // GetPodSecretUpdateTimeout reuturns the timeout duration for updating pod secret. | ||||
| func GetPodSecretUpdateTimeout(c clientset.Interface) time.Duration { | ||||
| 	// With SecretManager(ConfigMapManager), we may have to wait up to full sync period + | ||||
| 	// TTL of secret(configmap) to elapse before the Kubelet projects the update into the | ||||
| 	// volume and the container picks it up. | ||||
| 	// So this timeout is based on default Kubelet sync period (1 minute) + maximum TTL for | ||||
| 	// secret(configmap) that's based on cluster size + additional time as a fudge factor. | ||||
| 	secretTTL, err := getNodeTTLAnnotationValue(c) | ||||
| 	if err != nil { | ||||
| 		Logf("Couldn't get node TTL annotation (using default value of 0): %v", err) | ||||
| 	} | ||||
| 	podLogTimeout := 240*time.Second + secretTTL | ||||
| 	return podLogTimeout | ||||
| } | ||||
|  | ||||
| func getNodeTTLAnnotationValue(c clientset.Interface) (time.Duration, error) { | ||||
| 	nodes, err := c.CoreV1().Nodes().List(context.TODO(), metav1.ListOptions{}) | ||||
| 	if err != nil || len(nodes.Items) == 0 { | ||||
| 		return time.Duration(0), fmt.Errorf("Couldn't list any nodes to get TTL annotation: %v", err) | ||||
| 	} | ||||
| 	// Since TTL the kubelet is using is stored in node object, for the timeout | ||||
| 	// purpose we take it from the first node (all of them should be the same). | ||||
| 	node := &nodes.Items[0] | ||||
| 	if node.Annotations == nil { | ||||
| 		return time.Duration(0), fmt.Errorf("No annotations found on the node") | ||||
| 	} | ||||
| 	value, ok := node.Annotations[v1.ObjectTTLAnnotationKey] | ||||
| 	if !ok { | ||||
| 		return time.Duration(0), fmt.Errorf("No TTL annotation found on the node") | ||||
| 	} | ||||
| 	intValue, err := strconv.Atoi(value) | ||||
| 	if err != nil { | ||||
| 		return time.Duration(0), fmt.Errorf("Cannot convert TTL annotation from %#v to int", *node) | ||||
| 	} | ||||
| 	return time.Duration(intValue) * time.Second, nil | ||||
| } | ||||
|  | ||||
| // AddOrUpdateLabelOnNode adds the given label key and value to the given node or updates value. | ||||
| func AddOrUpdateLabelOnNode(c clientset.Interface, nodeName string, labelKey, labelValue string) { | ||||
| 	ExpectNoError(testutils.AddLabelsToNode(c, nodeName, map[string]string{labelKey: labelValue})) | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Kubernetes Prow Robot
					Kubernetes Prow Robot