Uploaded image for project: 'OpenShift Virtualization'
  1. OpenShift Virtualization
  2. CNV-21954

Hypershift+KubeVirt Load Balancer Connectivity special case conformance Tests

XMLWordPrintable

    • Product / Portfolio Work
    • 8
    • False
    • Hide

      None

      Show
      None
    • False
    • CNV I/U Operators Sprint 236
    • None

      This is a follow up to https://issues.redhat.com/browse/CNV-21721 which handled the NodePort and Pod to Pod connectivity tests only. This Issue tracks adding the LB test cases.

       

      Goal

      Ensure that the OCP conformance tests cover the kubevirt/hypershift cluster's unique nested OVN use case.

      Overview 

      We've seen connectivity between the infra clusters, guest clusters, and guest cluster pod networks fail in multiple ways. Issues have been related to conflicting default cidr ranges, conflicting vxlan ports, conflicting OVN geneve ports, ingress operator bugs, newly introduced network policies in the infra cluster, etc.

       

      What we've learned from sorting through all these issues is...

      1. Many problems go hidden without detailed analysis of connectivity. For example, we've seen ingress work when the infra's router pod node is the same node hosting the guest cluster's VMI pod with the guest router pod... but then fail when the the VMI and router exist on separate infra nodes.
      2. When something goes wrong, it can be incredibly difficult to debug the source of the issue due to nested networks and overlays

      To aid in both debugging (finding exactly what connections don't work) and giving us confidence network connectivity continues to work as expected, we need a set of functional tests to simulate various connection scenarios.

      Network Connectivity Test Cases

       

      Goal, verify connectivity from every possible endpoint in infra and guest cluster to a pod and service in guest cluster

       

      Connectivity test 1: Guest pod network access across all guest nodes

      Setup:

      • Create a http echo pod in guest cluster

      Test Conditions

      • Echo pod IP:Port must be reachable from a pod in pod network living on every guest cluster node
      • Echo pod IP:Port must be reachable from a pod in host network living on every guest cluster node

       

      Connectivity Test 2: NodePort Access using every Guest Node IP

      Setup

      • Create http echo pod in guest cluster
      • Create nodeport service for echo pod

      Test Conditions

      • Every guest node IP:NodePort much be reachable from every guest node
      • Every guest node IP:NodePort must be reachable from every infra node

       

      Connectivity Test 3: LoadBalancer External IP Access

      Setup

      • Create http echo pod in guest cluster
      • Create loadbalancer service for echo pod

      Test Conditions

      • The loadbalancer External-IP:NodePort must be reachable across all guest cluster nodes.
      • The loadbalancer External-IP:NodePort must be reachable across all infra cluster nodes.

       

       

              ocohen@redhat.com Oren Cohen
              rhn-engineering-dvossel David Vossel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: