Merge pull request #70681 from justinsb/block_master_all_ips
e2e: block all master addresses
This commit is contained in:
k8s-ci-robot
@@ -952,7 +952,7 @@ func TestUnderTemporaryNetworkFailure(c clientset.Interface, ns string, node *v1
|
||||
if err != nil {
|
||||
Failf("Error getting node external ip : %v", err)
|
||||
}
|
||||
master := GetMasterAddress(c)
|
||||
masterAddresses := GetAllMasterAddresses(c)
|
||||
By(fmt.Sprintf("block network traffic from node %s to the master", node.Name))
|
||||
defer func() {
|
||||
// This code will execute even if setting the iptables rule failed.
|
||||
@@ -960,14 +960,18 @@ func TestUnderTemporaryNetworkFailure(c clientset.Interface, ns string, node *v1
|
||||
// had been inserted. (yes, we could look at the error code and ssh error
|
||||
// separately, but I prefer to stay on the safe side).
|
||||
By(fmt.Sprintf("Unblock network traffic from node %s to the master", node.Name))
|
||||
UnblockNetwork(host, master)
|
||||
for _, masterAddress := range masterAddresses {
|
||||
UnblockNetwork(host, masterAddress)
|
||||
}
|
||||
}()
|
||||
|
||||
Logf("Waiting %v to ensure node %s is ready before beginning test...", resizeNodeReadyTimeout, node.Name)
|
||||
if !WaitForNodeToBe(c, node.Name, v1.NodeReady, true, resizeNodeReadyTimeout) {
|
||||
Failf("Node %s did not become ready within %v", node.Name, resizeNodeReadyTimeout)
|
||||
}
|
||||
BlockNetwork(host, master)
|
||||
for _, masterAddress := range masterAddresses {
|
||||
BlockNetwork(host, masterAddress)
|
||||
}
|
||||
|
||||
Logf("Waiting %v for node %s to be not ready after simulated network failure", resizeNodeNotReadyTimeout, node.Name)
|
||||
if !WaitForNodeToBe(c, node.Name, v1.NodeReady, false, resizeNodeNotReadyTimeout) {
|
||||
|
||||
@@ -4960,19 +4960,28 @@ func getMaster(c clientset.Interface) Address {
|
||||
return master
|
||||
}
|
||||
|
||||
// GetMasterAddress returns the hostname/external IP/internal IP as appropriate for e2e tests on a particular provider
|
||||
// which is the address of the interface used for communication with the kubelet.
|
||||
func GetMasterAddress(c clientset.Interface) string {
|
||||
// GetAllMasterAddresses returns all IP addresses on which the kubelet can reach the master.
|
||||
// It may return internal and external IPs, even if we expect for
|
||||
// e.g. internal IPs to be used (issue #56787), so that we can be
|
||||
// sure to block the master fully during tests.
|
||||
func GetAllMasterAddresses(c clientset.Interface) []string {
|
||||
master := getMaster(c)
|
||||
|
||||
ips := sets.NewString()
|
||||
switch TestContext.Provider {
|
||||
case "gce", "gke":
|
||||
return master.externalIP
|
||||
if master.externalIP != "" {
|
||||
ips.Insert(master.externalIP)
|
||||
}
|
||||
if master.internalIP != "" {
|
||||
ips.Insert(master.internalIP)
|
||||
}
|
||||
case "aws":
|
||||
return awsMasterIP
|
||||
ips.Insert(awsMasterIP)
|
||||
default:
|
||||
Failf("This test is not supported for provider %s and should be disabled", TestContext.Provider)
|
||||
}
|
||||
return ""
|
||||
return ips.List()
|
||||
}
|
||||
|
||||
// GetNodeExternalIP returns node external IP concatenated with port 22 for ssh
|
||||
|
||||
Reference in New Issue
Block a user