aboutsummaryrefslogtreecommitdiffstats
path: root/functest_kubernetes
AgeCommit message (Collapse)AuthorFilesLines
2021-03-24Provide support for air gapped env for securitySylvain Desbureaux4-4/+10
Sometimes, tested Kubernetes doesn't have direct access to Internet but access through repository mirrors. This patch handles this case for security test cases. Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I699d065ee691596c4a5ccf06c22ea76ef00fe497
2021-03-19Provide support for air gapped env for rallySylvain Desbureaux4-79/+82
Sometimes, tested Kubernetes doesn't have direct access to Internet but access through repository mirrors. This patch handles this case for rally test case. There's two ways for providing the repository mirrors: - Give an environment variable (`MIRROR_REPO`) which gives a repository mirro with all needed images. - Gives an environment variable per needed repo: - `DOCKERHUB_REPO` for DockerHub repository (`docker.io`) - `GCR_REPO` for Google Cloud repository (`gcr.io`) - `K8S_GCR_REPO` for Kubernetes repository (`k8s.gcr.io`) Needed images list has also been extracted so Kubernetes administrator can easily upload these images to the mirror if the mirror also doesn't have access to Internet. Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2ea6622b79f7e3c3c63c1441c4dab48e9bc4fb1a
2021-03-15Fix k8s.gcr.io/etcd tag (3.4.13-0)Cédric Ollivier1-1/+1
Change-Id: Idbc520f1b196fd9d66dc57d32a543a6af7b73598 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2021-01-25Export GINKGO_PARALLEL=yCédric Ollivier1-1/+3
It would speedup the testing. Change-Id: I084bcf0d44a060f65eb9549eab8dcbbf5a4cc9d5 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2021-01-10Update cnf-conformance to v0.9.19Cédric Ollivier1-0/+6
It also adds configs needed by resilience. https://github.com/cncf/cnf-conformance/releases/tag/v0.9.19 Change-Id: I94b1efc47c5ceef96bc8879a6c71f92db1f63bd2 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-11-22Allow offline testing via xrally_kubernetesCédric Ollivier1-0/+1
It locally patches xrally_kubernetes before [1] is merged upstream. It adds docker.io/appropriate/curl:edge in download_images.sh too. [1] https://github.com/xrally/xrally-kubernetes/pull/51 Co-Authored-By: Tamas Lendvay <tamas.lendvay@nokia.com> Change-Id: I82ea2c777cd4d8f24c38dbf32d66081846e3e9af Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-11-21Update cnf_conformance to v0.9.4Cédric Ollivier1-25/+19
It removes all hacks bypassing a few former bugs (e.g. [1]) and adapts to the new cnf-conformance result output logic. It runs all workload tests as it's now proposed (k8s conformance is already part of smoke) and select the latest coredns cnf-conformance.yml taking latest helm repo changes into account. It sets criteria 95 as all steps are considered as passed and a overall result 100/105. [1] https://github.com/cncf/cnf-conformance/issues/388 Change-Id: I95b7889b21b86961e7a1d0c84b13e0ae367cae44 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-22Stop hardcoding ims- as generate_nameCédric Ollivier2-2/+10
Change-Id: I3ea22a4050ff1eb609cffb61edc41c49fab44366 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-20Redirect helm false warnings to logsCédric Ollivier1-2/+2
Helm fails when detecting arch if qemu. time="2020-09-17T16:25:15Z" level=error msg="failure getting variant" error="getCPUInfo for pattern: Cpu architecture: not found" https://build.opnfv.org/ci/job/functest-kubernetes-opnfv-functest-kubernetes-cnf-arm64-latest-helm_vims-run/1/console Change-Id: Ida37062a780f9e2acf60035bf2d41fb8fbb61173 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-15Publish helm_vims also based on clearwater-dockerCédric Ollivier26-37/+859
It leverages helm rather than kubectl as proposed by k8s_vims. A new abstract class Vims is added to factorize code between both testcases. Change-Id: Ie5de8d62e25e74f73f8e32167228a08e82989abd Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-15Increase timeout in vIMSCédric Ollivier1-1/+1
It depends on bandwidth. 30 minutes should be enough in all scenarios Change-Id: Ieaad053c8f8a270e5da08275de217b15fdf17f44 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-14Don't run disruptive hunter checksCédric Ollivier1-1/+1
Change-Id: I52cb8303950269946774546cf8e413166c70a33c Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-13Split kube-bench master and nodeCédric Ollivier3-16/+45
The former deployment asked for all-in-one. Change-Id: I12e470cec9e82b82c6f3ea5ff2431087f5deb9be Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-13self.details must be a dictCédric Ollivier1-2/+2
Change-Id: I4f65a9eeb7eda471371668db9abfa49e2875c5b0 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-12Improve kube_bench outputCédric Ollivier2-0/+20
It also fills self.details. Change-Id: Ie73215ebcbd34de9d457fd364de4ab9cbdf64319 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-12Enhance kube-hunter result postprocessingCédric Ollivier2-4/+64
It fills self.details and checks if the test case passes according to criteria (severity = high by default) Change-Id: Ib20779b4b5dca078c65b546c8703bc99856c6f41 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-12Avoid running VNF testing if deployment failedCédric Ollivier1-3/+7
Change-Id: Id7642e47ec2cc438c5fe3a0ec9447f72b358adab Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-12Add clusterIP: None in ims svc.yamlCédric Ollivier11-0/+11
Change-Id: I0709e83f32261af232c20f94c1edef7423e05527 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-10Remove clusterIP: None in ims svc.yamlCédric Ollivier11-11/+0
It now works on minikube in addition to Functest gates. Change-Id: I314989516f81dcddb3e615fe23480135f1d8cf9a Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-10Allow setting e2e non blocking taints via env varsCédric Ollivier1-0/+3
Change-Id: I8132769ea23a376b2cae8b93beed27f5e66b9207 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-10Add quay.io/coreos/etcd:v2.2.5 in download_images.shCédric Ollivier1-0/+1
Change-Id: I4b5da162dcb1efff810514498a20250c05afb3ba Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-08Add helper to download all imagesCédric Ollivier1-0/+65
It eases offline testing. The default command leverages kind as in-use in Functest. Change-Id: I66a20ede5e857f80cf49b9b708843034bc3b9904 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-08Set all image tagsCédric Ollivier14-37/+37
It allows offline testing via xrally_kubernetes, k8s_vims, kube_bench and kube_hunter. Change-Id: I3084abec19f06a894d0083ecb3ed61882eddd785 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-08Remove latest in all imagesCédric Ollivier12-12/+12
The Kubernetes default pull policy is IfNotPresent unless the image tag is :latest in which case the default policy is Always. IfNotPresent causes the Kubelet to skip pulling an image if it already exists [1] [1] https://kind.sigs.k8s.io/docs/user/quick-start/ Change-Id: I83dac6165d2bbef165ca852dd03e5b76a5356f2f Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-08Remove all imagePullPolicy: Always in ims depl yamlCédric Ollivier10-10/+0
It forbids offline testing. Change-Id: I6790f64fd1382671300374b339ae038ef015cfab Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-07Override default Xtesting logs in cnf-conformanceCédric Ollivier1-0/+5
https://build.opnfv.org/ci/job/functest-kubernetes-opnfv-functest-kubernetes-cnf-latest-cnf_conformance-run/7/console Change-Id: Ia6845525e62274f7792b4cb1909f36204fb51418 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-06Slightly generalize ginkgo paramsCédric Ollivier1-4/+2
Change-Id: I51b013056bb5b88ef2e1de31e9171129e8ce4475 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-04Allow skipping arm and arm64 if cnf-conformanceCédric Ollivier1-3/+16
cnf-conformance doesn't support this architectures. It also improve cleaning to publish artifacts [1]. [1] https://build.opnfv.org/ci/job/functest-kubernetes-opnfv-functest-kubernetes-cnf-latest-cnf_conformance-run/2/console Change-Id: Ie64e4a1b8b496a050a1798eaf4e5ef6397c011d0 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-04Add cnf-conformance in functest-kubernetes-cnfCédric Ollivier2-0/+104
It selects cnf-conformance v0.7.2-beta1 (current latest release) and the default CNF as proposed by [1]. The end user is free to override the default yml files on purpose (e.g. docker volumes). Tag (default: all) could be modified too via testcases.yaml [1] https://hackmd.io/@vulk/SkY54QnsU Change-Id: Iec2a830c441e523e067f6eb114ecb205c49c6b93 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-30Increase cassandra timeoutsCédric Ollivier2-2/+2
homestead-prov sometimes fails reaching cassandra 30-08-2020 10:33:44.064 UTC ERROR base.py:327: Translating internal <class 'telephus.cassandra.ttypes.TimedOutException'> error into a 503 status code 30-08-2020 10:34:32.257 UTC ERROR base.py:327: Translating internal <class 'telephus.cassandra.ttypes.TimedOutException'> error into a 503 status code Change-Id: I48566e39dca3dc9644733a76140a76300bbfd84e Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-23Stop pushing all details in Test DBCédric Ollivier1-1/+1
It raises 413 Client Error: Request Entity Too Large for url [1] [1] https://build.opnfv.org/ci/job/functest-kubernetes-pi-ollivier-functest-kubernetes-benchmarking-latest-xrally_kubernetes_full-run/1/console Change-Id: I165f7aec53d8ce1e567491a5b5559f00b1fe4a4c Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-23Set output logs in Rally testcasesCédric Ollivier1-0/+3
https://build.opnfv.org/ci/job/functest-kubernetes-pi-ollivier-functest-kubernetes-benchmarking-latest-xrally_kubernetes_full-run/1/console Change-Id: I13685d74ce9e286520af6f1e5cd6ce9dafc3d5ea Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-23Fix kube-hunter commandCédric Ollivier1-1/+1
https://github.com/aquasecurity/kube-hunter/commit/3e06647b4c09257cb994bbdd174ee621e2af5406 Change-Id: Idf470f0161aaeb7a326a3e2a4e680445d9f00eac Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-22Fix last hardcoded concurrenciesCédric Ollivier1-8/+8
Change-Id: Ib2b7bb6de8cd6524fcc52baf48ebf5c4835c396b Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-22Add xrally_kubernetes_fullCédric Ollivier2-60/+69
It iterates 10 times all operations run by xrally_kubernetes. Now times, concurrenty and count can be set via testcases.yaml. It creates a new containers functest-kubernetes-benchamrking as Functest. Change-Id: Ibfd493b987a359a3f16c2d8db0aef6b8e90b7e92 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-18Merge "Add tempo waiting for ellis account"Cedric Ollivier1-0/+1
2020-08-17Add tempo waiting for ellis accountCédric Ollivier1-0/+1
Change-Id: I63c6af9d0e20aab426e7f875cdb4f86d206f49aa Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-17Safely decode e2e.test outputCédric Ollivier1-2/+4
https://build.opnfv.org/ci/job/functest-kubernetes-pi-ollivier-functest-kubernetes-healthcheck-arm-latest-k8s_smoke-run/2/console Change-Id: I57f3ae0051fb55c8c80de81e79168e61c06d85bb Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-13Merge "Make K8s security tests namespace aware"Cedric Ollivier1-15/+28
2020-08-13Ease modifying the test list in E2E testingCédric Ollivier2-39/+14
It eases creating specific CNTT test cases based on K8s E2E testing. Change-Id: I304960fda760ffc47d763d53511898699f63e356 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-13Make K8s security tests namespace awareCédric Ollivier1-15/+28
It now creates a namespace to allow running the test cases twice in parallel. It also overprotects clean operations to force a full delete. Change-Id: Ie0becd8ea9126328e7280591bacc0d88e14dd031 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-08-13Make K8s_vims namespace awareCédric Ollivier1-6/+21
It now creates a namespace to allow running the test case twice in parallel (see DNS requests). Change-Id: Ib47b3fb2d753f8259d9224cb79168cde68d8e854 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-07-09Boot Ellis once homestead-depl is readyCédric Ollivier5-10/+22
Change-Id: If61a36020f3dfa5ba0a9858df769138257f9ec94 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-07-07Improve vIMS service orderCédric Ollivier4-12/+6
It seems fixing the last side effects. Change-Id: Iee8506c2f0048f7c2619b772aea815288a40145e Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-07-06Manage Ims service dependenciesCédric Ollivier11-0/+48
Change-Id: I6647d9acfabd2ce2d12ff2f30393c2de8f6165ff Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-04-29Improve Ims codingCédric Ollivier1-1/+1
Change-Id: Id8b042fd38399f0cf1868f67b5a3f4f1b4f2ef0d Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-03-15Fix phase conditionsCédric Ollivier1-3/+5
Else it waits 20 minutes for nothing [1] [1] https://build.opnfv.org/ci/job/functest-kubernetes-opnfv-functest-kubernetes-cnf-latest-k8s_vims-run/5/console Change-Id: I6427f28975b465ef503f9a3f2868b878fa92b55e Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-03-14Override the right log filesCédric Ollivier2-0/+5
Else Xtesting publishes the default xtesting.log [1] [1] https://build.opnfv.org/ci/job/functest-kubernetes-opnfv-functest-kubernetes-security-latest-kube_hunter-run/2/console Change-Id: I0b9b9eda04762771d4e10f0d124b4d5f2975a4da Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-03-13Add security docker for functest-kubernetesmrichomme4-0/+186
run kube-hunter and kube-bench cases dealing with security in kubernetes (check vulnerabilities) [1][2] It's the first step only printing the output. [1]: https://github.com/aquasecurity/kube-bench [2]: https://github.com/aquasecurity/kube-hunter Co-Authored-By: Cédric Ollivier <cedric.ollivier@orange.com> Change-Id: I3bd9bda80046ef7a0c494d51dfb0b8cbfea02bb0 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-03-13Deploy Clearwater IMS using KubernetesCédric Ollivier24-0/+887
The new testcase "k8s_vims" deploys and tests Clearwater IMS using Kubernetes. It follows the procedures proposed by clearwater-docker [1]. [1] https://github.com/Metaswitch/clearwater-docker Change-Id: I2fe3cd03a5dedfc61fbab294c53b4bc0b0fa70be Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>