We've added the WindowsRunAsUserName feature some time ago, and it was
promoted to Beta for v1.17. We can now remove the [LinuxOnly] tag for
a few tests.
Depends On: #83058
Depends On: #84882
Since we've added support for RunAsUserName, we can now run some new
tests. However, the [LinuxOnly] tag will have to remain until the
WindowsRunAsUserName feature becomes enabled by default.
Additionally, Containerd supports file mounting on Windows, and some
tests will be able to pass on Windows with Containerd instead of Docker.
Skips IPv6 tests on Windows.
Skips sysctl tests on Windows.
Skips network policy tests on Windows.
Skips RunAsUser / FSGroup / file permissions related tests, as those are
not supported on Windows.
Skips the test "should preserve source pod IP for traffic thru service cluster IP"
on Windows, as it creates a Pod with HostNetwork=true, which is unsupported.
What works and what doesn't work on Windows has been documented here:
https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/conformance-tests.md#windows--linux-considerations
Some of the tests cannot pass using Windows nodes due to various reasons:
- seLinuxOptions are not supported on Windows.
- Running as an UID / GID is not supported on Windows.
- file permissions work differently on Windows, and they cannot be set in
the same manner as on Linux.
- individual files cannot be mounted in Windows Containers.
- Cannot create container using Linux image (e.g.: alpine) on Windows.
Because of this, it has been decided to use the "[LinuxOnly]" tag for the
tests which cannot run on Windows because of the mentioned reasons. This way,
when running tests using Windows nodes, those tests can simply be skipped by
adding the "[LinuxOnly]" tag to the ginkgo.skip argument.
Some mounttest related tests are checking the file permissions set on the
container files, but the default file permissions on Windows is 775 instead of
644, causing some tests to fail.
Keep in mind that file permissions work differently on Windows, and setting file
permissions via Kubernetes is not currently supported on Windows.
Automatic merge from submit-queue (batch tested with PRs 67347, 67307, 67358, 67364, 67385). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
delete the busyboxImage and mountTest var and change use imageutils
**What this PR does / why we need it**:
delete the ```busyboxImage```,```mountTest``` variable and change everything to use ```imageutils.GetE2EImage(imageutils.BusyBox)```, ```imageutils.GetE2EImage(imageutils.MountTest)```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#67237
**Special notes for your reviewer**:
/cc @mikedanese
/assign @mikedanese
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61212, 66369, 66446, 66895, 66969). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Promoting configmap binarydata support [NodeConformance] test to conformance
**What this PR does / why we need it**:
**e2e:** _[sig-storage] ConfigMap binary data should be reflected in volume [NodeConformance]_
Promotes mentioned e2e to conformance as it -
1. Validates ConfigMap's binarydata support effectively
2. Improves API Coverage for prioritized api lists. (https://github.com/cncf/k8s-conformance/issues/220#issuecomment-393344061)
> GET /api/v1/namespaces/{namespace}/pods
GET /api/v1/namespaces/{namespace}/pods/{name}
GET /api/v1/namespaces/{namespace}/pods/{name}/log
POST /api/v1/namespaces/{namespace}/pods
PUT /api/v1/namespaces/{namespace}/pods/{name}/status
DELETE /api/v1/namespaces/{namespace}/pods
DELETE /api/v1/namespaces/{namespace}/pods/{name}
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
No Flakes found.
**Release note**:
```release-note
NONE
```
/area conformance
@kubernetes/sig-node-pr-reviews
Use the same pattern everywhere in the e2e test
harness, use busybox (from dockerhub) instead
of using the one from k8s.gcr.io registry.
Change-Id: I57c3b867408c1f9478a8909c26744ea0368ff003
The following tests are not tagged because they are not really run in
node e2e suites:
* A subset of host path tests that required SSH access
- should evaluate whether the tests should be moved to test/e2e_node
* GCP volume tests
- should evaluate whether these tests should be moved out of the
common directly since they are not shared with the node e2e suite.
