[deployments-k8s#1174] Heal tests

examples/heal/README.md

@@ -1,11 +1,18 @@
 # Heal examples
 
-This document contain links for heal examples of NSM. 
+This document contains links for heal examples of NSM.
 
 ## Requires
 
 To run any heal example follow steps for [Basic NSM setup](../basic)
 
 ## Includes
 
-- [Local Forwarder restart](./local-forwarder-healing)
+- [Local Forwarder death](./local-forwarder-death)
+- [Remote Forwarder death](./remote-forwarder-death)
+- [Local NSMgr restart](./local-nsmgr-restart)
+- [Remote NSMgr restart](./remote-nsmgr-restart)
+- [Remote NSMgr death](./remote-nsmgr-death)
+- [Local NSE death](./local-nse-death)
+- [Remote NSE death](./remote-nse-death)
+- [Registry restart](./registry-restart)

examples/heal/local-forwarder-healing/README.md → examples/heal/local-forwarder-death/README.md

@@ -1,6 +1,6 @@
-# Test local forwarder restart
+# Test local Forwarder death
 
-This example shows that NSM keeps working after the local Forwarder restart.
+This example shows that NSM keeps working after the local Forwarder death.
 
 NSC and NSE are using the `kernel` mechanism to connect to its local forwarder.
 
@@ -123,30 +123,26 @@ Ping from NSE to NSC:
 kubectl exec ${NSE} -n ${NAMESPACE} -- ping -c 4 172.16.1.101
 ```
 
-Find local forwarder
+Find local Forwarder:
 ```bash
 FORWARDER=$(kubectl get pods -l app=forwarder-vpp --field-selector spec.nodeName==${NODE} -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
 ```
 
-Remove local forwarder
+Remove local Forwarder and wait for a new one to start:
 ```bash
-kubectl delete pod -n=nsm-system ${FORWARDER}
+kubectl delete pod -n nsm-system ${FORWARDER}
 ```
-
-Ping from NSC to NSE again after forwarder restored:
 ```bash
-sleep 70
-kubectl exec ${NSC} -n ${NAMESPACE} -- ping -c 4 172.16.1.100
+kubectl wait --for=condition=ready --timeout=1m pod -l app=forwarder-vpp --field-selector spec.nodeName==${NODE} -n nsm-system
 ```
+
+Ping from NSC to NSE:
 ```bash
 kubectl exec ${NSC} -n ${NAMESPACE} -- ping -c 4 172.16.1.102
 ```
 
 Ping from NSE to NSC:
 ```bash
-kubectl exec ${NSE} -n ${NAMESPACE} -- ping -c 4 172.16.1.101
-```
-```bash
 kubectl exec ${NSE} -n ${NAMESPACE} -- ping -c 4 172.16.1.103
 ```
 

examples/heal/local-nse-death/README.md

@@ -0,0 +1,181 @@
+# Local NSE death
+
+This example shows that NSM keeps working after the local NSE death.
+
+NSC and NSE are using the `kernel` mechanism to connect with each other.
+
+## Requires
+
+Make sure that you have completed steps from [basic](../../basic) or [memory](../../memory) setup.
+
+## Run
+
+Create test namespace:
+```bash
+NAMESPACE=($(kubectl create -f ../namespace.yaml)[0])
+NAMESPACE=${NAMESPACE:10}
+```
+
+Register namespace in `spire` server:
+```bash
+kubectl exec -n spire spire-server-0 -- \
+/opt/spire/bin/spire-server entry create \
+-spiffeID spiffe://example.org/ns/${NAMESPACE}/sa/default \
+-parentID spiffe://example.org/ns/spire/sa/spire-agent \
+-selector k8s:ns:${NAMESPACE} \
+-selector k8s:sa:default
+```
+
+Get nodes exclude control-plane:
+```bash
+NODE=($(kubectl get nodes -o go-template='{{range .items}}{{ if not .spec.taints  }}{{index .metadata.labels "kubernetes.io/hostname"}} {{end}}{{end}}')[0])
+```
+
+Create customization file:
+```bash
+cat > kustomization.yaml <<EOF
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: ${NAMESPACE}
+
+bases:
+- ../../../apps/nsc-kernel
+- ../../../apps/nse-kernel
+
+patchesStrategicMerge:
+- patch-nsc.yaml
+- patch-nse.yaml
+EOF
+```
+
+Create NSC patch:
+```bash
+cat > patch-nsc.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nsc-kernel
+spec:
+  template:
+    spec:
+      containers:
+        - name: nsc
+          env:
+            - name: NSM_NETWORK_SERVICES
+              value: kernel://icmp-responder/nsm-1
+
+      nodeSelector:
+        kubernetes.io/hostname: ${NODE}
+EOF
+
+```
+Create NSE patch:
+```bash
+cat > patch-nse.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nse-kernel
+spec:
+  template:
+    spec:
+      containers:
+        - name: nse
+          env:
+            - name: NSE_CIDR_PREFIX
+              value: 172.16.1.100/31
+      nodeSelector:
+        kubernetes.io/hostname: ${NODE}
+EOF
+```
+
+Deploy NSC and NSE:
+```bash
+kubectl apply -k .
+```
+
+Wait for applications ready:
+```bash
+kubectl wait --for=condition=ready --timeout=1m pod -l app=nsc-kernel -n ${NAMESPACE}
+```
+```bash
+kubectl wait --for=condition=ready --timeout=1m pod -l app=nse-kernel -n ${NAMESPACE}
+```
+
+Find NSC and NSE pods by labels:
+```bash
+NSC=$(kubectl get pods -l app=nsc-kernel -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+```
+```bash
+NSE=$(kubectl get pods -l app=nse-kernel -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+```
+
+Ping from NSC to NSE:
+```bash
+kubectl exec ${NSC} -n ${NAMESPACE} -- ping -c 4 172.16.1.100
+```
+
+Ping from NSE to NSC:
+```bash
+kubectl exec ${NSE} -n ${NAMESPACE} -- ping -c 4 172.16.1.101
+```
+
+Create a new NSE patch:
+```bash
+cat > patch-nse.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nse-kernel
+spec:
+  template:
+    metadata:
+      labels:
+        version: new
+    spec:
+      containers:
+        - name: nse
+          env:
+            - name: NSE_CIDR_PREFIX
+              value: 172.16.1.102/31
+      nodeSelector:
+        kubernetes.io/hostname: ${NODE}
+EOF
+```
+
+Apply patch:
+```bash
+kubectl apply -k .
+```
+
+Wait for new NSE to start:
+```bash
+kubectl wait --for=condition=ready --timeout=1m pod -l app=nse-kernel -l version=new -n ${NAMESPACE}
+```
+
+Find new NSE pod:
+```bash
+NEW_NSE=$(kubectl get pods -l app=nse-kernel -l version=new -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+```
+
+Ping from NSC to new NSE:
+```bash
+kubectl exec ${NSC} -n ${NAMESPACE} -- ping -c 4 172.16.1.102
+```
+
+Ping from new NSE to NSC:
+```bash
+kubectl exec ${NEW_NSE} -n ${NAMESPACE} -- ping -c 4 172.16.1.103
+```
+
+## Cleanup
+
+Delete ns:
+```bash
+kubectl delete ns ${NAMESPACE}
+```