treewide: Introduce OVN overlay port mirroring support. #3894
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ovn-kubernetes | |
on: | |
push: | |
pull_request: | |
workflow_dispatch: | |
schedule: | |
# Run Sunday at midnight | |
- cron: '0 0 * * 0' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} | |
cancel-in-progress: true | |
env: | |
OVNKUBE_COMMIT: "release-1.0" | |
KIND_CLUSTER_NAME: ovn | |
KIND_INSTALL_INGRESS: true | |
KIND_ALLOW_SYSTEM_WRITES: true | |
# This skips tests tagged as Serial | |
# Current Serial tests are not relevant for OVN | |
PARALLEL: true | |
jobs: | |
build: | |
name: Build | |
if: github.repository_owner == 'ovn-org' || github.event_name != 'schedule' | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Enable Docker experimental features | |
run: | | |
echo $'{"experimental": true}' | sudo tee /etc/docker/daemon.json | |
sudo service docker restart | |
- name: Check out ovn | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Check out ovn-kubernetes | |
uses: actions/checkout@v4 | |
with: | |
path: src/github.com/ovn-org/ovn-kubernetes | |
repository: ovn-org/ovn-kubernetes | |
ref: ${{ env.OVNKUBE_COMMIT }} | |
- name: Prepare | |
run: | | |
.ci/ovn-kubernetes/prepare.sh src/github.com/ovn-org/ovn-kubernetes $GITHUB_ENV | |
- name: Build ovn-kubernetes container | |
run: | | |
docker build --build-arg OVNKUBE_COMMIT=${{ env.OVNKUBE_COMMIT }} \ | |
--build-arg GO_VERSION=${{ env.GO_VERSION }} \ | |
--squash -t ovn-daemonset-f:dev -f .ci/ovn-kubernetes/Dockerfile . | |
mkdir /tmp/_output | |
docker save ovn-daemonset-f:dev > /tmp/_output/image.tar | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: test-image | |
path: /tmp/_output/image.tar | |
e2e: | |
name: e2e | |
if: github.event_name != 'schedule' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 220 | |
strategy: | |
fail-fast: false | |
matrix: | |
# Valid options are: | |
# target: ["shard-conformance", "control-plane" ] | |
# shard-conformance: hybrid-overlay = multicast-enable = emptylb-enable = false | |
# control-plane: hybrid-overlay = multicast-enable = emptylb-enable = true | |
# gateway-mode: ["local", "shared"] | |
# ipfamily: ["ipv4", "ipv6", "dualstack"] | |
# disable-snat-multiple-gws: ["noSnatGW", "snatGW"] | |
include: | |
- {"target": "shard-conformance", "ha": "HA", "gateway-mode": "local", "ipfamily": "ipv6", "disable-snat-multiple-gws": "snatGW"} | |
- {"target": "shard-conformance", "ha": "HA", "gateway-mode": "local", "ipfamily": "dualstack", "disable-snat-multiple-gws": "snatGW"} | |
- {"target": "shard-conformance", "ha": "HA", "gateway-mode": "shared", "ipfamily": "ipv4", "disable-snat-multiple-gws": "snatGW"} | |
- {"target": "shard-conformance", "ha": "HA", "gateway-mode": "shared", "ipfamily": "ipv6", "disable-snat-multiple-gws": "snatGW"} | |
- {"target": "control-plane", "ha": "HA", "gateway-mode": "shared", "ipfamily": "ipv4", "disable-snat-multiple-gws": "noSnatGW"} | |
- {"target": "control-plane", "ha": "HA", "gateway-mode": "shared", "ipfamily": "ipv4", "disable-snat-multiple-gws": "snatGW"} | |
needs: [build] | |
env: | |
JOB_NAME: "${{ matrix.target }}-${{ matrix.ha }}-${{ matrix.gateway-mode }}-${{ matrix.ipfamily }}-${{ matrix.disable-snat-multiple-gws }}-${{ matrix.second-bridge }}" | |
OVN_HYBRID_OVERLAY_ENABLE: "${{ matrix.target == 'control-plane' }}" | |
KIND_INSTALL_METALLB: "${{ matrix.target == 'control-plane' }}" | |
OVN_MULTICAST_ENABLE: "${{ matrix.target == 'control-plane' }}" | |
OVN_EMPTY_LB_EVENTS: "${{ matrix.target == 'control-plane' }}" | |
OVN_HA: "true" | |
OVN_DISABLE_SNAT_MULTIPLE_GWS: "${{ matrix.disable-snat-multiple-gws == 'noSnatGW' }}" | |
OVN_GATEWAY_MODE: "${{ matrix.gateway-mode }}" | |
KIND_IPV4_SUPPORT: "${{ matrix.ipfamily == 'IPv4' || matrix.ipfamily == 'dualstack' }}" | |
KIND_IPV6_SUPPORT: "${{ matrix.ipfamily == 'IPv6' || matrix.ipfamily == 'dualstack' }}" | |
steps: | |
- name: Check out ovn | |
uses: actions/checkout@v4 | |
- name: Free up disk space | |
run: | | |
. .ci/linux-util.sh | |
free_up_disk_space_ubuntu | |
- name: Check out ovn-kubernetes | |
uses: actions/checkout@v4 | |
with: | |
path: src/github.com/ovn-org/ovn-kubernetes | |
repository: ovn-org/ovn-kubernetes | |
ref: ${{ env.OVNKUBE_COMMIT }} | |
- name: Prepare | |
run: | | |
.ci/ovn-kubernetes/prepare.sh src/github.com/ovn-org/ovn-kubernetes $GITHUB_ENV | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache-dependency-path: "**/*.sum" | |
id: go | |
- name: Set up GOPATH | |
run: | | |
export GOPATH=$(go env GOPATH) | |
echo "GOPATH=$GOPATH" >> $GITHUB_ENV | |
echo "$GOPATH/bin" >> $GITHUB_PATH | |
- name: Disable ufw | |
# For IPv6 and Dualstack, ufw (Uncomplicated Firewall) should be disabled. | |
# Not needed for KIND deployments, so just disable all the time. | |
run: | | |
sudo ufw disable | |
- uses: actions/download-artifact@v4 | |
with: | |
name: test-image | |
- name: Load docker image | |
run: | | |
docker load --input image.tar && rm -rf image.tar | |
- name: kind setup | |
run: | | |
export OVN_IMAGE="ovn-daemonset-f:dev" | |
make -C test install-kind | |
working-directory: src/github.com/ovn-org/ovn-kubernetes | |
- name: Run Tests | |
# e2e tests take ~60 minutes normally, 120 should be more than enough | |
# set 180 for control-plane tests as these might take a while | |
timeout-minutes: ${{ matrix.target == 'control-plane' && 180 || 120 }} | |
run: | | |
make -C test ${{ matrix.target }} | |
working-directory: src/github.com/ovn-org/ovn-kubernetes | |
- name: Upload Junit Reports | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: kind-junit-${{ env.JOB_NAME }}-${{ github.run_id }} | |
path: 'src/github.com/ovn-org/ovn-kubernetes/test/_artifacts/*.xml' | |
- name: Export logs | |
if: always() | |
run: | | |
mkdir -p /tmp/kind/logs | |
kind export logs --name ${KIND_CLUSTER_NAME} --loglevel=debug /tmp/kind/logs | |
working-directory: src/github.com/ovn-org/ovn-kubernetes | |
- name: Upload logs | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: kind-logs-${{ env.JOB_NAME }}-${{ github.run_id }} | |
path: /tmp/kind/logs |