Page History

...

This Blueprint currently does not has have jobs in the public or private Jenkins clusters.

...

Note: virtualization must already be enabled on the worker nodes that will be part of the Kubernetes cluster.

Test Framework

All components are tested with end-to-end testing.

Test description

The 'Multitenant Secure Cloud Native Platform' provides the possibility to launch pods using Kata Containers. To use Kata Containers, Containerd is used in Kubernetes instead of the default docker-shim. 

...

KUD_ENABLE_TESTS: "true"

ENABLE_KATA_WEBHOOK: "truefalse"

KATA_WEBHOOK_RUNTIMECLASS: "kata-clh"

...

If ENABLE_KATA_WEBHOOK is set to true, then every pod that could run as a Kata container (e.g. infrastructure pods) will mutate to run as a Kata container. This could lead to some pods to be stuck in pending. If KUD_ENABLE_TESTS is set to true, then the webhook will be started before the verification tests are run to force Kata eligible pods to run as a Kata container. The webhook will be uninstalled after the tests run if ENABLE_KATA_WEBHOOK is set to false.

Notes:

We recommend to only enable the webhook provided by the Kata project for testing purposes as it may not meet production needs. 

For this blueprint, we are only running bare-metal testing as we have hit timeouts when double-nesting Kata Containers.

Testing

CI Testing:

Bashate:

...

• The BPA operator has unit tests using the go framework. The unit tests check the following;:
  • Job is created with the right job name for KUD installation.
  • The job metadata has the right cluster name
  • Expected error is produced when a host with the specified MAC address is not found
  • Expected error is produced when no dhcp lease is found for the specified host

...

CD Verifier(end-to-end testing):

All the test case cases are tested as follows:

Metal3:

...

• The bpa_verifier.sh script get the MAC addresses and IP addresses of the 2 VMs provisioned by metal3, then creates a fake DHCP lease file using the IP address and MAC address information. It also creates a provisioning CR using the MAC address information
• The script the creates an ssh secret key using the ssh keys of the test host, applies the the provisioning CR.
• The script busy loops till the KUD installation job completes or fails. If it completes successfully, it does a curl command using the authentication info of the new cluster to confirm if it was successful or not. On completing all the steps, it does a teardown where it deletes everything it created.

...

• Test script, e2e_test.sh, creates dummy image file, creates test JSON file, checks bpa rest agent status, issues POST, GET, and PATCH requests sequentially.
• Next, e2e_test.sh checks uploaded MinIO image object size, and calls DELETE.
• If the script fails at any point, then verification was unsuccessful.

...

• OVN4NFV provide Provider networks using VLAN networking and Service Function Chaining.
• After the pod is up and running, we will be able to attach to the pod and check for multiple interfaces created inside the container. 
• OVN4NFV networking is setup and created along the EMCO composite vFW testing

...

• CPU Manager for Kubernetes provides cpu pinning for K8s workloads. In KUD, there are two test cases for the exclusive and shared cpu pools testing.

EMCO:

• EMCO Sanity testing check checks the health connectivity EMCO Micro service , once it is installed.

BluVal Testing

Status as of June 25th, 2021:

Release 4 5 Blueprint Scanning Status

...