From 122f97d29b2dba58e3495ea797b9c9fe8c7e4321 Mon Sep 17 00:00:00 2001 From: Wojciech Tyczynski Date: Tue, 5 Jul 2016 11:26:12 +0200 Subject: [PATCH] Migrate remaining integration tests --- test/integration/framework/master_utils.go | 17 +++--- test/integration/master_benchmark_test.go | 17 ++++-- test/integration/quota_test.go | 17 ++++-- test/integration/rbac_test.go | 67 ++++++++++++---------- test/integration/service_account_test.go | 2 - 5 files changed, 69 insertions(+), 51 deletions(-) diff --git a/test/integration/framework/master_utils.go b/test/integration/framework/master_utils.go index bac6f01f39..cdcd6aea8d 100644 --- a/test/integration/framework/master_utils.go +++ b/test/integration/framework/master_utils.go @@ -64,9 +64,6 @@ const ( // Rc manifest used to create pods for benchmarks. // TODO: Convert this to a full path? TestRCManifest = "benchmark-controller.json" - - // Test Namspace, for pods and rcs. - TestNS = "test" ) // MasterComponents is a control struct for all master components started via NewMasterComponents. @@ -326,23 +323,27 @@ func StartRC(controller *api.ReplicationController, restClient *client.Client) ( return ScaleRC(created.Name, created.Namespace, controller.Spec.Replicas, restClient) } -// StartPods check for numPods in TestNS. If they exist, it no-ops, otherwise it starts up +// StartPods check for numPods in namespace. If they exist, it no-ops, otherwise it starts up // a temp rc, scales it to match numPods, then deletes the rc leaving behind the pods. -func StartPods(numPods int, host string, restClient *client.Client) error { +func StartPods(namespace string, numPods int, host string, restClient *client.Client) error { start := time.Now() defer func() { glog.Infof("StartPods took %v with numPods %d", time.Since(start), numPods) }() hostField := fields.OneTermEqualSelector(api.PodHostField, host) options := api.ListOptions{FieldSelector: hostField} - pods, err := restClient.Pods(TestNS).List(options) + pods, err := restClient.Pods(namespace).List(options) if err != nil || len(pods.Items) == numPods { return err } glog.Infof("Found %d pods that match host %v, require %d", len(pods.Items), hostField, numPods) - // For the sake of simplicity, assume all pods in TestNS have selectors matching TestRCManifest. + // For the sake of simplicity, assume all pods in namespace have selectors matching TestRCManifest. controller := RCFromManifest(TestRCManifest) + // Overwrite namespace + controller.ObjectMeta.Namespace = namespace + controller.Spec.Template.ObjectMeta.Namespace = namespace + // Make the rc unique to the given host. controller.Spec.Replicas = int32(numPods) controller.Spec.Template.Spec.NodeName = host @@ -355,7 +356,7 @@ func StartPods(numPods int, host string, restClient *client.Client) error { } else { // Delete the rc, otherwise when we restart master components for the next benchmark // the rc controller will race with the pods controller in the rc manager. - return restClient.ReplicationControllers(TestNS).Delete(rc.Name) + return restClient.ReplicationControllers(namespace).Delete(rc.Name) } } diff --git a/test/integration/master_benchmark_test.go b/test/integration/master_benchmark_test.go index 5309925266..75627dc15f 100644 --- a/test/integration/master_benchmark_test.go +++ b/test/integration/master_benchmark_test.go @@ -64,7 +64,6 @@ func init() { Pods = *pods Workers = *workers Tasks = *tasks - framework.DeleteAllEtcdKeys() } // getPods returns the cmd line -pods or b.N if -pods wasn't specified. @@ -98,7 +97,7 @@ func getIterations(bN int) int { } // startPodsOnNodes creates numPods sharded across numNodes -func startPodsOnNodes(numPods, numNodes int, restClient *client.Client) { +func startPodsOnNodes(ns string, numPods, numNodes int, restClient *client.Client) { podsPerNode := numPods / numNodes if podsPerNode < 1 { podsPerNode = 1 @@ -114,6 +113,9 @@ func BenchmarkPodList(b *testing.B) { m := framework.NewMasterComponents(&framework.Config{nil, true, false, 250.0, 500}) defer m.Stop(true, true) + ns := framework.CreateTestingNamespace("benchmark-pod-list", s, t) + defer framework.DeleteTestingNamespace(ns, s, t) + numPods, numTasks, iter := getPods(b.N), getTasks(b.N), getIterations(b.N) podsPerNode := numPods / numTasks if podsPerNode < 1 { @@ -122,7 +124,7 @@ func BenchmarkPodList(b *testing.B) { glog.Infof("Starting benchmark: b.N %d, pods %d, workers %d, podsPerNode %d", b.N, numPods, numTasks, podsPerNode) - startPodsOnNodes(numPods, numTasks, m.RestClient) + startPodsOnNodes(ns.Name, numPods, numTasks, m.RestClient) // Stop the rc manager so it doesn't steal resources m.Stop(false, true) @@ -134,7 +136,7 @@ func BenchmarkPodList(b *testing.B) { defer func() { glog.V(3).Infof("Worker %d: Node %v listing pods took %v", id, host, time.Since(now)) }() - if pods, err := m.RestClient.Pods(framework.TestNS).List( + if pods, err := m.RestClient.Pods(ns.Name).List( labels.Everything(), fields.OneTermEqualSelector(client.PodHost, host)); err != nil { return err @@ -153,13 +155,16 @@ func BenchmarkPodListEtcd(b *testing.B) { m := framework.NewMasterComponents(&framework.Config{nil, true, false, 250.0, 500}) defer m.Stop(true, true) + ns := framework.CreateTestingNamespace("benchmark-pod-list-etcd", s, t) + defer framework.DeleteTestingNamespace(ns, s, t) + numPods, numTasks, iter := getPods(b.N), getTasks(b.N), getIterations(b.N) podsPerNode := numPods / numTasks if podsPerNode < 1 { podsPerNode = 1 } - startPodsOnNodes(numPods, numTasks, m.RestClient) + startPodsOnNodes(ns.Name, numPods, numTasks, m.RestClient) // Stop the rc manager so it doesn't steal resources m.Stop(false, true) @@ -173,7 +178,7 @@ func BenchmarkPodListEtcd(b *testing.B) { defer func() { glog.V(3).Infof("Worker %d: listing pods took %v", id, time.Since(now)) }() - pods, err := m.RestClient.Pods(framework.TestNS).List(labels.Everything(), fields.Everything()) + pods, err := m.RestClient.Pods(ns.Name).List(labels.Everything(), fields.Everything()) if err != nil { return err } diff --git a/test/integration/quota_test.go b/test/integration/quota_test.go index 3bcf133de4..8fd9a547e4 100644 --- a/test/integration/quota_test.go +++ b/test/integration/quota_test.go @@ -54,9 +54,6 @@ func init() { // quota_test.go:100: Took 4.196205966s to scale up without quota // quota_test.go:115: Took 12.021640372s to scale up with quota func TestQuota(t *testing.T) { - // TODO: Limit the test to a single non-default namespace and clean this up at the end. - framework.DeleteAllEtcdKeys() - initializationCh := make(chan struct{}) // Set up a master var m *master.Master @@ -81,6 +78,11 @@ func TestQuota(t *testing.T) { } close(initializationCh) + ns := framework.CreateTestingNamespace("quotaed", s, t) + defer framework.DeleteTestingNamespace(ns, s, t) + ns2 := framework.CreateTestingNamespace("non-quotaed", s, t) + defer framework.DeleteTestingNamespace(ns2, s, t) + controllerCh := make(chan struct{}) defer close(controllerCh) @@ -102,12 +104,15 @@ func TestQuota(t *testing.T) { go resourcequotacontroller.NewResourceQuotaController(resourceQuotaControllerOptions).Run(2, controllerCh) startTime := time.Now() - scale(t, api.NamespaceDefault, clientset) + scale(t, ns2.Name, clientset) endTime := time.Now() t.Logf("Took %v to scale up without quota", endTime.Sub(startTime)) quota := &api.ResourceQuota{ - ObjectMeta: api.ObjectMeta{Name: "quota"}, + ObjectMeta: api.ObjectMeta{ + Name: "quota", + Namespace: ns.Name, + }, Spec: api.ResourceQuotaSpec{ Hard: api.ResourceList{ api.ResourcePods: resource.MustParse("1000"), @@ -128,7 +133,7 @@ func waitForQuota(t *testing.T, quota *api.ResourceQuota, clientset *clientset.C t.Fatalf("unexpected error: %v", err) } - if _, err := clientset.Core().ResourceQuotas("quotaed").Create(quota); err != nil { + if _, err := clientset.Core().ResourceQuotas(quota.Namespace).Create(quota); err != nil { t.Fatalf("unexpected error: %v", err) } diff --git a/test/integration/rbac_test.go b/test/integration/rbac_test.go index 7e14c0aeb0..0f52cd0cff 100644 --- a/test/integration/rbac_test.go +++ b/test/integration/rbac_test.go @@ -26,14 +26,12 @@ import ( "io" "io/ioutil" "net/http" - "net/http/httptest" "net/http/httputil" "strings" "testing" "github.com/golang/glog" - "k8s.io/kubernetes/pkg/api" "k8s.io/kubernetes/pkg/api/testapi" "k8s.io/kubernetes/pkg/api/unversioned" "k8s.io/kubernetes/pkg/api/v1" @@ -228,6 +226,15 @@ var ( } } } +` + podNamespace = ` +{ + "apiVersion": "` + testapi.Default.GroupVersion().String() + `", + "kind": "Namespace", + "metadata": { + "name": "pod-namespace"%s + } +} ` jobNamespace = ` { @@ -237,6 +244,15 @@ var ( "name": "job-namespace"%s } } +` + forbiddenNamespace = ` +{ + "apiVersion": "` + testapi.Default.GroupVersion().String() + `", + "kind": "Namespace", + "metadata": { + "name": "forbidden-namespace"%s + } +} ` ) @@ -292,16 +308,19 @@ func TestRBAC(t *testing.T) { }, }, requests: []request{ + // Create the namespace used later in the test + {superUser, "POST", "", "namespaces", "", "", podNamespace, http.StatusCreated}, + {superUser, "GET", "", "pods", "", "", "", http.StatusOK}, - {superUser, "GET", "", "pods", api.NamespaceDefault, "a", "", http.StatusNotFound}, - {superUser, "POST", "", "pods", api.NamespaceDefault, "", aPod, http.StatusCreated}, - {superUser, "GET", "", "pods", api.NamespaceDefault, "a", "", http.StatusOK}, + {superUser, "GET", "", "pods", "pod-namespace", "a", "", http.StatusNotFound}, + {superUser, "POST", "", "pods", "pod-namespace", "", aPod, http.StatusCreated}, + {superUser, "GET", "", "pods", "pod-namespace", "a", "", http.StatusOK}, {"bob", "GET", "", "pods", "", "", "", http.StatusForbidden}, - {"bob", "GET", "", "pods", api.NamespaceDefault, "a", "", http.StatusForbidden}, + {"bob", "GET", "", "pods", "pod-namespace", "a", "", http.StatusForbidden}, {"pod-reader", "GET", "", "pods", "", "", "", http.StatusOK}, - {"pod-reader", "POST", "", "pods", api.NamespaceDefault, "", aPod, http.StatusForbidden}, + {"pod-reader", "POST", "", "pods", "pod-namespace", "", aPod, http.StatusForbidden}, }, }, { @@ -330,21 +349,22 @@ func TestRBAC(t *testing.T) { requests: []request{ // Create the namespace used later in the test {superUser, "POST", "", "namespaces", "", "", jobNamespace, http.StatusCreated}, + {superUser, "POST", "", "namespaces", "", "", forbiddenNamespace, http.StatusCreated}, {"user-with-no-permissions", "POST", "batch", "jobs", "job-namespace", "", aJob, http.StatusForbidden}, {"user-with-no-permissions", "GET", "batch", "jobs", "job-namespace", "pi", "", http.StatusForbidden}, - // job-writer-namespace cannot write to the "default" namespace - {"job-writer-namespace", "GET", "batch", "jobs", "default", "", "", http.StatusForbidden}, - {"job-writer-namespace", "GET", "batch", "jobs", "default", "pi", "", http.StatusForbidden}, - {"job-writer-namespace", "POST", "batch", "jobs", "default", "", aJob, http.StatusForbidden}, - {"job-writer-namespace", "GET", "batch", "jobs", "default", "pi", "", http.StatusForbidden}, + // job-writer-namespace cannot write to the "forbidden-namespace" + {"job-writer-namespace", "GET", "batch", "jobs", "forbidden-namespace", "", "", http.StatusForbidden}, + {"job-writer-namespace", "GET", "batch", "jobs", "forbidden-namespace", "pi", "", http.StatusForbidden}, + {"job-writer-namespace", "POST", "batch", "jobs", "forbidden-namespace", "", aJob, http.StatusForbidden}, + {"job-writer-namespace", "GET", "batch", "jobs", "forbidden-namespace", "pi", "", http.StatusForbidden}, // job-writer can write to any namespace - {"job-writer", "GET", "batch", "jobs", "default", "", "", http.StatusOK}, - {"job-writer", "GET", "batch", "jobs", "default", "pi", "", http.StatusNotFound}, - {"job-writer", "POST", "batch", "jobs", "default", "", aJob, http.StatusCreated}, - {"job-writer", "GET", "batch", "jobs", "default", "pi", "", http.StatusOK}, + {"job-writer", "GET", "batch", "jobs", "forbidden-namespace", "", "", http.StatusOK}, + {"job-writer", "GET", "batch", "jobs", "forbidden-namespace", "pi", "", http.StatusNotFound}, + {"job-writer", "POST", "batch", "jobs", "forbidden-namespace", "", aJob, http.StatusCreated}, + {"job-writer", "GET", "batch", "jobs", "forbidden-namespace", "pi", "", http.StatusOK}, {"job-writer-namespace", "GET", "batch", "jobs", "job-namespace", "", "", http.StatusOK}, {"job-writer-namespace", "GET", "batch", "jobs", "job-namespace", "pi", "", http.StatusNotFound}, @@ -355,24 +375,13 @@ func TestRBAC(t *testing.T) { } for i, tc := range tests { - // TODO: Limit the test to a single non-default namespace and clean this up at the end. - framework.DeleteAllEtcdKeys() - - var m *master.Master - s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - m.Handler.ServeHTTP(w, r) - })) - defer s.Close() - // Create an API Server. masterConfig := framework.NewIntegrationTestMasterConfig() masterConfig.Authorizer = newRBACAuthorizer(t, superUser, masterConfig) masterConfig.Authenticator = newFakeAuthenticator() masterConfig.AuthorizerRBACSuperUser = superUser - m, err := master.New(masterConfig) - if err != nil { - t.Fatalf("case %d: error bringing up master: %v", i, err) - } + _, s := framework.RunAMaster(masterConfig) + defer s.Close() // Bootstrap the API Server with the test case's initial roles. if err := tc.bootstrapRoles.bootstrap(clientForUser(superUser), s.URL); err != nil { diff --git a/test/integration/service_account_test.go b/test/integration/service_account_test.go index d4569d6a84..9df0b0744c 100644 --- a/test/integration/service_account_test.go +++ b/test/integration/service_account_test.go @@ -336,8 +336,6 @@ func TestServiceAccountTokenAuthentication(t *testing.T) { // startServiceAccountTestServer returns a started server // It is the responsibility of the caller to ensure the returned stopFunc is called func startServiceAccountTestServer(t *testing.T) (*clientset.Clientset, restclient.Config, func()) { - framework.DeleteAllEtcdKeys() - // Listener var m *master.Master apiServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {