A previous commit created a few agnhost related functions that creates agnhost
pods / containers for general purposes.
Refactors tests to use those functions.
WaitForPod*() are just wrapper functions for e2epod package, and they
made an invalid dependency to sub e2e framework from the core framework.
So this replaces WaitForPodRunning() with the e2epod function.
This is gross but because NewDeleteOptions is used by various parts of
storage that still pass around pointers, the return type can't be
changed without significant refactoring within the apiserver. I think
this would be good to cleanup, but I want to minimize apiserver side
changes as much as possible in the client signature refactor.
Quite a few images are only used a few times in a few tests. Thus,
the images are being centralized into the agnhost image, reducing
the number of images that have to be pulled and used.
This PR replaces the usage of the following images with agnhost:
- dnsutils
dnsmasq is a Linux specific binary. In order for the tests to also
pass on Windows, CoreDNS should be used instead.
Quite a few images are only used a few times in a few tests. Thus,
the images are being centralized into the agnhost image, reducing
the number of images that have to be pulled and used.
This PR replaces the usage of the following images with agnhost:
- resource-consumer-controller
- test-webserver
The kubelet test here is using a one minute timeout, instead of the
normal framework.PodStartTimeout.
The DNS results validation functions pull several images including
the jessie-dnsutils which is a bit bigger than usual.
A previous commit replaced the usage of hostname -i with getent hosts
in DNS probe commands (for testing IPv6), which breaks the Windows tests
(getent hosts is a Linux-specific command that looks into the /etc/hosts
file, which, on Windows, is not managed by Kubelet).
This commit addresses this issue by executing getent hosts on IPv6 clusters
and hostname -i on IPv4 clusters (Windows does not support IPv6 at this
moment).
Current DNS e2e test are only looking for A records, thus all IPv6
tests fail because we should look for AAAA records.
We can ask for both records in the same query, that allows us to
have the same tests for both scenarios.
` dig <name> A <name> AAAA`
In addition, the logic to find the hostname address has to be changed
because the command `hostname -i` fails in an IPv6 environemnt.
However, using `getent hosts $(hostname | ...)` give us the IPv6 adddress
of the current host.
Reference: https://github.com/kubernetes/kubernetes/issues/70248
Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
This is part of the transition to using framework/log instead
of the Logf inside the framework package. This will help with
import size/cycles when importing the framework or subpackages.
The network connection might not yet be established by the time the
container starts, causing the dig command to fail.
Retrying the dig command will solve this issue. This approach is similar
to the other DNS Conformance tests.
dnsmasq 2.79 introduced a change to respond to all norecurse queries with ServFail.
This is to prevent cache snooping where an adversary can figure out if a particular hostname has been looked up or not.
These tests do not need the norecurse flag, hence removing it.
If dig fails to reach the DNS, it will output errors to stdout, which
can cause the test -n to falsely pass:
ubuntu@ubuntu:~$ dig +notcp +noall +answer +search kubernetes.default A
;; connection timed out; no servers could be reached
command terminated with exit code 9
ubuntu@ubuntu:~$ test -n "$(dig +notcp +noall +answer +search kubernetes.default A)" && echo OK
OK
This patch solves this issue by making sure the dig command actually succeeds
before checking its output.
Automatic merge from submit-queue (batch tested with PRs 64174, 64187, 64216, 63265, 64223). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Extend dns configmap tests to include CoreDNS
**What this PR does / why we need it**:
This PR extends the DNS configmap e2e tests to include testing the CoreDNS ConfigMap.
The tests now test the equivalent `stubdomain`, `federation` and `upstreamnameserver` configuration of kube-dns for CoreDNS, when CoreDNS is the installed DNS server.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62865
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
utils/image/manifest has an additional `arch` parameter, which determines
whether an image ends in `-$ARCH` (like `-amd64`).
All locations that previously had gcr.io urls referenced in costants or inline
have been updated to refere test/utils/image.
