Backport E2E fixes #4742
Open
Backport E2E fixes #4742
+513
−468
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes: ovn-org#4733 Signed-off-by: Patryk Diak <[email protected]> (cherry picked from commit d6f145e)
kyrtapz
requested review from
flavio-fernandes
and removed request for
a team
github-actions
bot
added
area/e2e-testing
feature/services&endpoints
dceara
approved these changes
Sep 19, 2024
|
I will hold merge till we figure out the new flakes that are appearing: the only known flakes I am aware of in release-1.0 are: #4714 (comment) |
shard-conformance fails with (we see this often in ovn-org/ovn CI too): The control-plane failures are: The last one seems to be because of: Which is what the original fix was trying to fix but for egress_firewall.. It seems to me we're just missing this commit on release-1.0: Should we cherry pick that one too? |
Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit ab00a4b)
Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit ba8766a)
Update connectivity timeout to 3 seconds and allow 2 retries both for positive and negative cases Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 09b08ec)
work with ipv6, since github runners don't have any routes for IPv6. Split current test that checks allow IP and allow CIDR+port into 2 tests to limit the amount of required external containers. Bonus: the only test that used external containers doesn't need to create them anymore, as they are created in beforeEach Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 2372a08)
avoid unneeded container creation. No extra changes Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 82b2bf1)
affected by deny all. Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit ded63dd)
To verify no deadlock, we need an intensive follow up workload. Node-selector testing work the best, as node events handling includes iterating over all egress firewalls internally. Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit e2f4c74)
that needs it. Use defer to cleanup instead of afterEach, as afterEach should cleanup resources created by beforeEach. Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 217ec65)
Remove unneeded external IPs from the deadlock test, as multiple unresolvable ds names is the main ingredient. Fix ip:port formatting for ipv6. Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 3fac0f3)
Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 243c48d)
Signed-off-by: Nadia Pinaeva <[email protected]> (cherry picked from commit 8c1e9ed)
github-actions
bot
added
the
feature/egress-firewall
Test opens a TCP connection that simulates a GCP LB environment where the packet is redirected via iptables to a local server on a node. Note, in GCP the LB does not DNAT the VIP, so the packet arrives to the node with the GCP VIP on it. In OCP, we then redirect that packet to the local kapi server running on the node. Once the test opens the TCP connection, it leaves it open for 2 minutes while ovnkube-node is then deleted. Post ovn-controller starting it should not flush the conntrack in zone 0, and the test ensures that the conntrack entry still exists. Recent OVN regression that prompted this E2E: https://issues.redhat.com/browse/FDP-773 NOTE: The release-1.0 backport generated conflicts because on that branch the test didn't check IPv6. Signed-off-by: Tim Rozet <[email protected]> (cherry picked from commit 45abadb) Signed-off-by: Dumitru Ceara <[email protected]>
kyrtapz
changed the title
The previous mask was invalid and docker was failing with: invalid subnet 2001:db8:abcd:1234:c000::/64: it should be 2001:db8:abcd:1234::/64 Signed-off-by: Patryk Diak <[email protected]> (cherry picked from commit 511e9c6)
github-actions
bot
added
the
feature/egress-ip
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #4733
Fixes: #4719
cherry picked from commit d6f145e
clean backport of #4385
cherry picked from commit 45abadb with slight changes, see commit message.
cherry picked from commit 511e9c6