UDN stands for "User Defined Networks" and is a subset of the ovn-kubernetes functionalities. It's relevant for us to also run some of the UDN tests because the internal UDN implementation relies on some core OVN features that are not used by the other ovn-kubernetes tests we run today. For example, "conditional NAT" and "transit router".
In order to do that we also need to: - load the VRF kernel module in the ovn-kubernetes workflow - add some missing env/workflow variables needed by the new E2E jobs - bump E2E job timeouts to match what OVN-k uses Reported-at: https://issues.redhat.com/browse/FDP-3032 Signed-off-by: Dumitru Ceara <[email protected]> --- .github/workflows/ovn-kubernetes.yml | 38 +++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ovn-kubernetes.yml b/.github/workflows/ovn-kubernetes.yml index 140bc68d1f..857d12adae 100644 --- a/.github/workflows/ovn-kubernetes.yml +++ b/.github/workflows/ovn-kubernetes.yml @@ -85,6 +85,8 @@ jobs: # disable-snat-multiple-gws: ["noSnatGW", "snatGW"] # second-bridge: ["2br", "1br"] # ic: ["ic-disabled", "ic-single-node-zones", "ic-multi-node-zones"] + # forwarding : ["", "disable-forwarding"] + # network-segmentation : ["", "enable-network-segmentation"] include: - {"target": "shard-conformance", "ha": "HA", "gateway-mode": "local", "ipfamily": "ipv6", "disable-snat-multiple-gws": "snatGW", "ic": "ic-disabled"} - {"target": "shard-conformance", "ha": "HA", "gateway-mode": "local", "ipfamily": "dualstack", "disable-snat-multiple-gws": "snatGW", "ic": "ic-disabled"} @@ -94,25 +96,36 @@ jobs: - {"target": "control-plane", "ha": "HA", "gateway-mode": "shared", "ipfamily": "ipv4", "disable-snat-multiple-gws": "snatGW", "ic": "ic-disabled"} - {"target": "external-gateway", "ha": "noHA", "gateway-mode": "shared", "ipfamily": "ipv4", "disable-snat-multiple-gws": "noSnatGW", "second-bridge": "2br", "ic": "ic-single-node-zones"} - {"target": "external-gateway", "ha": "noHA", "gateway-mode": "local", "ipfamily": "ipv6", "disable-snat-multiple-gws": "noSnatGW", "second-bridge": "1br", "ic": "ic-single-node-zones"} + - {"target": "network-segmentation", "ha": "noHA", "gateway-mode": "shared", "ipfamily": "dualstack", "disable-snat-multiple-gws": "noSnatGW", "second-bridge": "1br", "ic": "ic-single-node-zones", "forwarding": "disable-forwarding"} + - {"target": "network-segmentation", "ha": "noHA", "gateway-mode": "local", "ipfamily": "dualstack", "disable-snat-multiple-gws": "noSnatGW", "second-bridge": "1br", "ic": "ic-single-node-zones"} + - {"target": "network-segmentation", "ha": "noHA", "gateway-mode": "shared", "ipfamily": "ipv4", "disable-snat-multiple-gws": "noSnatGW", "second-bridge": "1br", "ic": "ic-single-node-zones", "cni-mode": "unprivileged"} + - {"target": "network-segmentation", "ha": "noHA", "gateway-mode": "shared", "ipfamily": "ipv6", "disable-snat-multiple-gws": "noSnatGW", "second-bridge": "1br", "ic": "ic-single-node-zones"} needs: [build] env: JOB_NAME: "${{ matrix.target }}-${{ matrix.ha }}-${{ matrix.gateway-mode }}-${{ matrix.ipfamily }}-${{ matrix.disable-snat-multiple-gws }}-${{ matrix.second-bridge }}" OVN_HYBRID_OVERLAY_ENABLE: "${{ matrix.target == 'control-plane' }}" - KIND_INSTALL_METALLB: "${{ matrix.target == 'control-plane' }}" - OVN_MULTICAST_ENABLE: "${{ matrix.target == 'control-plane' }}" + KIND_INSTALL_METALLB: "${{ matrix.target == 'control-plane' || matrix.target == 'network-segmentation' }}" + OVN_MULTICAST_ENABLE: "${{ matrix.target == 'control-plane' || matrix.target == 'network-segmentation'}}" OVN_EMPTY_LB_EVENTS: "${{ matrix.target == 'control-plane' }}" # TODO: We have been testing only non-interconnect ovn-k8s jobs until - # now. We only enable interconnect mode for the external-gateway jobs. - # However, both modes should be tested in the future, similar to what - # upstream ovn-k8s does. + # now. We only enable interconnect mode for the external-gateway and + # network-segmentation jobs. However, both modes should be tested in + # the future, similar to what upstream ovn-k8s does. OVN_ENABLE_INTERCONNECT: "${{ matrix.ic == 'ic-single-node-zones' || matrix.ic == 'ic-multi-node-zones'}}" + ENABLE_NETWORK_SEGMENTATION: "${{ matrix.target == 'network-segmentation' || matrix.network-segmentation == 'enable-network-segmentation' }}" OVN_HA: "${{ matrix.ha == 'HA' }}" OVN_DISABLE_SNAT_MULTIPLE_GWS: "${{ matrix.disable-snat-multiple-gws == 'noSnatGW' }}" OVN_GATEWAY_MODE: "${{ matrix.gateway-mode }}" OVN_SECOND_BRIDGE: "${{ matrix.second-bridge == '2br' }}" + ENABLE_MULTI_NET: "${{ matrix.target == 'network-segmentation' }}" + OVN_DISABLE_FORWARDING: "${{ matrix.forwarding == 'disable-forwarding' }}" PLATFORM_IPV4_SUPPORT: "${{ matrix.ipfamily == 'IPv4' || matrix.ipfamily == 'dualstack' }}" PLATFORM_IPV6_SUPPORT: "${{ matrix.ipfamily == 'IPv6' || matrix.ipfamily == 'dualstack' }}" + ENABLE_PRE_CONF_UDN_ADDR: "${{ matrix.ic == 'ic-single-node-zones' && (matrix.target == 'network-segmentation' || matrix.network-segmentation == 'enable-network-segmentation') }}" + ENABLE_NETWORK_CONNECT: "${{ matrix.target == 'network-segmentation' }}" + OVN_UNPRIVILEGED_MODE: "${{ matrix.cni-mode == 'unprivileged' }}" + MULTI_POD_SUBNET: true steps: - name: Check out ovn @@ -123,6 +136,13 @@ jobs: . .ci/linux-util.sh fix_etc_hosts + - name: Install VRF kernel module + run: | + set -x + sudo apt update + sudo apt-get install linux-modules-extra-$(uname -r) -y + sudo modprobe vrf + - name: Free up disk space run: | . .ci/linux-util.sh @@ -174,11 +194,15 @@ jobs: - name: Run Tests # e2e tests take ~60 minutes normally, 120 should be more than enough - # set 180 for control-plane tests as these might take a while - timeout-minutes: ${{ matrix.target == 'control-plane' && 180 || 120 }} + # set 3 hours for control-plane tests as these might take a while + # give 10m extra to give ginkgo chance to timeout before github so that + # we get its output. + timeout-minutes: ${{ matrix.target == 'control-plane' && 190 || 130 }} run: | if [ "${{ matrix.target }}" == "external-gateway" ]; then make -C test control-plane WHAT="External Gateway" + elif [ "${{ matrix.target }}" == "network-segmentation" ]; then + make -C test control-plane WHAT="Network Segmentation" else make -C test ${{ matrix.target }} fi -- 2.52.0 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
