From f0d0ffe11ee6425e5c798b92898dfc99ca8b3bf1 Mon Sep 17 00:00:00 2001 From: Daniel Tomcej Date: Wed, 11 Mar 2020 07:48:04 -0500 Subject: [PATCH] Add CoreDNS Readiness check and Update Traefik Version --- integration/coredns_test.go | 48 ++++- integration/helm_test.go | 4 +- integration/integration_test.go | 4 +- integration/kubedns_test.go | 4 +- integration/kubernetes_test.go | 4 +- integration/resources/coredns/coredns.yaml | 14 +- .../resources/coredns/corednssafe.yaml | 181 ++++++++++++++++++ integration/resources/values.yaml | 2 +- integration/smi_test.go | 4 +- 9 files changed, 242 insertions(+), 23 deletions(-) create mode 100644 integration/resources/coredns/corednssafe.yaml diff --git a/integration/coredns_test.go b/integration/coredns_test.go index 7a0f856fe..0cf725545 100644 --- a/integration/coredns_test.go +++ b/integration/coredns_test.go @@ -21,7 +21,6 @@ func (s *CoreDNSSuite) SetUpSuite(c *check.C) { "giantswarm/tiny-tools:3.9", } s.startk3s(c, requiredImages) - s.startAndWaitForCoreDNS(c) s.startWhoami(c) s.installTinyToolsMaesh(c) s.createResources(c, "resources/tcp-state-table/") @@ -31,7 +30,7 @@ func (s *CoreDNSSuite) TearDownSuite(c *check.C) { s.stopK3s() } -func (s *CoreDNSSuite) TestCoreDNSVersion(c *check.C) { +func (s *CoreDNSSuite) TestCoreDNSVersionSafe(c *check.C) { testCases := []struct { desc string version string @@ -52,13 +51,11 @@ func (s *CoreDNSSuite) TestCoreDNSVersion(c *check.C) { version: "1.4.0", expectedError: false, }, - { - desc: "CoreDNS 1.6.3", - version: "1.6.3", - expectedError: false, - }, } + s.createResources(c, "resources/coredns/corednssafe.yaml") + defer s.deleteResources(c, "resources/coredns/corednssafe.yaml", true) + for _, test := range testCases { s.WaitForCoreDNS(c) c.Log("Testing compatibility with " + test.desc) @@ -78,9 +75,42 @@ func (s *CoreDNSSuite) TestCoreDNSVersion(c *check.C) { } } -func (s *CoreDNSSuite) TestCoreDNS(c *check.C) { +func (s *CoreDNSSuite) TestCoreDNSVersion(c *check.C) { + testCases := []struct { + desc string + version string + }{ + { + desc: "CoreDNS 1.5.2", + version: "1.5.2", + }, + { + desc: "CoreDNS 1.6.3", + version: "1.6.3", + }, + } + + s.createResources(c, "resources/coredns/coredns.yaml") + defer s.deleteResources(c, "resources/coredns/coredns.yaml", true) + + for _, test := range testCases { + s.WaitForCoreDNS(c) + c.Log("Testing compatibility with " + test.desc) + s.setCoreDNSVersion(c, test.version) + + cmd := s.maeshPrepareWithArgs() + cmd.Env = os.Environ() + output, err := cmd.CombinedOutput() + + c.Log(string(output)) + c.Assert(err, checker.IsNil) + } +} + +func (s *CoreDNSSuite) TestCoreDNSDig(c *check.C) { + s.createResources(c, "resources/coredns/coredns.yaml") + defer s.deleteResources(c, "resources/coredns/coredns.yaml", true) s.WaitForCoreDNS(c) - s.setCoreDNSVersion(c, "1.3.1") cmd := s.startMaeshBinaryCmd(c, false) err := cmd.Start() diff --git a/integration/helm_test.go b/integration/helm_test.go index dee6c309b..d972a26f7 100644 --- a/integration/helm_test.go +++ b/integration/helm_test.go @@ -11,8 +11,8 @@ type HelmSuite struct{ BaseSuite } func (s *HelmSuite) SetUpSuite(c *check.C) { requiredImages := []string{ "containous/maesh:latest", - "coredns/coredns:1.3.1", - "traefik:v2.1.1", + "coredns/coredns:1.6.3", + "traefik:v2.1.6", } s.startk3s(c, requiredImages) s.startAndWaitForCoreDNS(c) diff --git a/integration/integration_test.go b/integration/integration_test.go index 1b85b4939..c38953d9a 100644 --- a/integration/integration_test.go +++ b/integration/integration_test.go @@ -69,7 +69,7 @@ func Test(t *testing.T) { images = append(images, image{"gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.7", true}) images = append(images, image{"gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.7", true}) images = append(images, image{"gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.7", true}) - images = append(images, image{"traefik:v2.1.1", true}) + images = append(images, image{"traefik:v2.1.6", true}) for _, image := range images { if image.pull { @@ -268,7 +268,7 @@ func (s *BaseSuite) deleteResources(c *check.C, dirPath string, force bool) { } func (s *BaseSuite) startAndWaitForCoreDNS(c *check.C) { - s.createResources(c, "resources/coredns") + s.createResources(c, "resources/coredns/coredns.yaml") s.WaitForCoreDNS(c) } diff --git a/integration/kubedns_test.go b/integration/kubedns_test.go index 79891ce90..e56dade79 100644 --- a/integration/kubedns_test.go +++ b/integration/kubedns_test.go @@ -12,8 +12,8 @@ func (s *KubeDNSSuite) SetUpSuite(c *check.C) { requiredImages := []string{ "containous/maesh:latest", "containous/whoami:v1.0.1", - "coredns/coredns:1.3.1", - "traefik:v2.1.1", + "coredns/coredns:1.6.3", + "traefik:v2.1.6", "gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.7", "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.7", "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.7", diff --git a/integration/kubernetes_test.go b/integration/kubernetes_test.go index 1fb1193e2..d0ed7257f 100644 --- a/integration/kubernetes_test.go +++ b/integration/kubernetes_test.go @@ -12,8 +12,8 @@ func (s *KubernetesSuite) SetUpSuite(c *check.C) { requiredImages := []string{ "containous/maesh:latest", "containous/whoami:v1.0.1", - "coredns/coredns:1.3.1", - "traefik:v2.1.1", + "coredns/coredns:1.6.3", + "traefik:v2.1.6", } s.startk3s(c, requiredImages) s.startAndWaitForCoreDNS(c) diff --git a/integration/resources/coredns/coredns.yaml b/integration/resources/coredns/coredns.yaml index 8bcc08440..625dd660f 100644 --- a/integration/resources/coredns/coredns.yaml +++ b/integration/resources/coredns/coredns.yaml @@ -55,6 +55,7 @@ data: .:53 { errors health + ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure upstream @@ -71,7 +72,6 @@ data: reload loadbalance } - --- apiVersion: apps/v1 kind: Deployment @@ -103,7 +103,7 @@ spec: beta.kubernetes.io/os: linux containers: - name: coredns - image: coredns/coredns:1.3.1 + image: coredns/coredns:1.6.3 imagePullPolicy: IfNotPresent resources: limits: @@ -143,6 +143,15 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 + readinessProbe: + httpGet: + path: /ready + port: 8181 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 5 dnsPolicy: Default volumes: - name: config-volume @@ -153,7 +162,6 @@ spec: path: Corefile - key: NodeHosts path: NodeHosts - --- apiVersion: v1 kind: Service diff --git a/integration/resources/coredns/corednssafe.yaml b/integration/resources/coredns/corednssafe.yaml new file mode 100644 index 000000000..1df7192b3 --- /dev/null +++ b/integration/resources/coredns/corednssafe.yaml @@ -0,0 +1,181 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: coredns + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + kubernetes.io/bootstrapping: rbac-defaults + name: system:coredns +rules: + - apiGroups: + - "" + resources: + - endpoints + - services + - pods + - namespaces + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + labels: + kubernetes.io/bootstrapping: rbac-defaults + name: system:coredns +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:coredns +subjects: + - kind: ServiceAccount + name: coredns + namespace: kube-system +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: coredns + namespace: kube-system +data: + Corefile: | + .:53 { + errors + health + kubernetes cluster.local in-addr.arpa ip6.arpa { + pods insecure + upstream + fallthrough in-addr.arpa ip6.arpa + } + hosts /etc/coredns/NodeHosts { + reload 1s + fallthrough + } + prometheus :9153 + forward . /etc/resolv.conf + cache 30 + loop + reload + loadbalance + } +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: coredns + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/name: "CoreDNS" +spec: + #replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + selector: + matchLabels: + k8s-app: kube-dns + template: + metadata: + labels: + k8s-app: kube-dns + spec: + serviceAccountName: coredns + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + nodeSelector: + beta.kubernetes.io/os: linux + containers: + - name: coredns + image: coredns/coredns:1.6.3 + imagePullPolicy: IfNotPresent + resources: + limits: + memory: 170Mi + requests: + cpu: 100m + memory: 70Mi + args: [ "-conf", "/etc/coredns/Corefile" ] + volumeMounts: + - name: config-volume + mountPath: /etc/coredns + readOnly: true + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9153 + name: metrics + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - all + readOnlyRootFilesystem: true + livenessProbe: + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 5 + dnsPolicy: Default + volumes: + - name: config-volume + configMap: + name: coredns + items: + - key: Corefile + path: Corefile + - key: NodeHosts + path: NodeHosts +--- +apiVersion: v1 +kind: Service +metadata: + name: kube-dns + namespace: kube-system + annotations: + prometheus.io/port: "9153" + prometheus.io/scrape: "true" + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "CoreDNS" +spec: + selector: + k8s-app: kube-dns + clusterIP: 10.43.0.10 + ports: + - name: dns + port: 53 + protocol: UDP + - name: dns-tcp + port: 53 + protocol: TCP + - name: metrics + port: 9153 + protocol: TCP diff --git a/integration/resources/values.yaml b/integration/resources/values.yaml index 294c015ee..10b4fb53f 100644 --- a/integration/resources/values.yaml +++ b/integration/resources/values.yaml @@ -25,7 +25,7 @@ mesh: # (Optional) # pullPolicy: IfNotPresent # (Optional) - tag: v2.0.2 + tag: v2.1.6 # (Optional) # pullSecret: xxx resources: diff --git a/integration/smi_test.go b/integration/smi_test.go index a5edcf80a..99ee7fedc 100644 --- a/integration/smi_test.go +++ b/integration/smi_test.go @@ -18,8 +18,8 @@ func (s *SMISuite) SetUpSuite(c *check.C) { requiredImages := []string{ "containous/maesh:latest", "containous/whoami:v1.0.1", - "coredns/coredns:1.3.1", - "traefik:v2.1.1", + "coredns/coredns:1.6.3", + "traefik:v2.1.6", } s.startk3s(c, requiredImages) s.startAndWaitForCoreDNS(c)