Fix e2e test RejectServiceTraffic #3892
Conversation
Codecov Report
@@ Coverage Diff @@
## main #3892 +/- ##
==========================================
+ Coverage 63.63% 66.31% +2.67%
==========================================
Files 293 556 +263
Lines 43224 87863 +44639
==========================================
+ Hits 27504 58262 +30758
- Misses 13484 25908 +12424
- Partials 2236 3693 +1457
Flags with carried forward coverage won't be shown. Click here to find out more. |
tnqn
force-pushed
the
fix-testRejectServiceTraffic
branch
from
6c93ac0
to
f44b79d
Compare
createAgnhostServiceAndBackendPods should create the service with the selector that can only selects the Pod created together with it. Previous selector selected all Pods using agnhost image, causing traffic destined for service to be forwarded to unexpected Pod. This patch also changed to use same Pod selector for Service and ClusterNetworkPolicy to avoid redundancy and inconsistency. Signed-off-by: Quan Tian <qtian@vmware.com>
tnqn
force-pushed
the
fix-testRejectServiceTraffic
branch
from
f44b79d
to
f294668
Compare
tnqn
changed the title
| @@ -194,7 +194,7 @@ func (data *TestData) createAgnhostServiceAndBackendPods(t *testing.T, name, nam | |||
| ipProtocol = corev1.IPv6Protocol | |||
| } | |||
| require.NoError(t, data.podWaitForRunning(defaultTimeout, name, namespace)) | |||
| svc, err := data.CreateService(name, namespace, 80, 80, map[string]string{"app": "agnhost"}, false, false, svcType, &ipProtocol) | |||
| svc, err := data.CreateService(name, namespace, 80, 80, map[string]string{"app": "agnhost", "antrea-e2e": name}, false, false, svcType, &ipProtocol) | |||
There was a problem hiding this comment.
I doubt if this change really works. Lable "antrea-e2e":$podName is also added on all Pods automaticallly which are created by function createPodOnNode. If "app": "agnhost" is matching other Pods created not in this case, it should be the same.
If the target of this change is to use a different Service selector to get accurate Pods, we should introduce a different label/selector key in the created object from the default settings?
There was a problem hiding this comment.
Lable "antrea-e2e":$podName is also added on all Pods automaticallly which are created by function
createPodOnNode
That's the purpose of the change, podName is different, right? createPodOnNode(pod1) and createPodOnNode(pod2) will get two Pods with different labels: {"app": "agnhost", "antrea-e2e": "pod1"}, {"app": "agnhost", "antrea-e2e": "pod2"}, and service1 only selects the former and service2 only selects the latter, anything wrong?
There was a problem hiding this comment.
@wenyingd does the explanation address your question?
There was a problem hiding this comment.
Yes, thanks for the explanation.
|
This PR is stale because it has been open 90 days with no activity. Remove stale label or comment, or this will be closed in 90 days |
github-actions
bot
added
lifecycle/stale
|
This PR is stale because it has been open 90 days with no activity. Remove stale label or comment, or this will be closed in 90 days |
github-actions
bot
added
the
lifecycle/stale
|
@GraysonWu @wenyingd ping for review. |
github-actions
bot
removed
the
lifecycle/stale
|
/test-e2e |
|
/skip-e2e |
createAgnhostServiceAndBackendPods should create the service with the selector that can only selects the Pod created together with it. Previous selector selected all Pods using agnhost image, causing traffic destined for service to be forwarded to unexpected Pod. This patch also changed to use same Pod selector for Service and ClusterNetworkPolicy to avoid redundancy and inconsistency. Signed-off-by: Quan Tian <qtian@vmware.com>
createAgnhostServiceAndBackendPods should create the service with the
selector that can only selects the Pod created together with it.
Previous selector selected all Pods using agnhost image, causing
traffic destined for service to be forwarded to unexpected Pod.
This patch also changed to use same Pod selector for Service and
ClusterNetworkPolicy to avoid redundancy and inconsistency.
Signed-off-by: Quan Tian qtian@vmware.com