// NewCLI initialize the upstream E2E framework and set the namespace to match
// with the project name. Note that this function does not initialize the project
// role bindings for the namespace.
func NewCLI(project, adminConfigPath string) *CLI {
// Avoid every caller needing to provide a unique project name
// SetupProject already treats this as a baseName
uniqueProject := kapi.SimpleNameGenerator.GenerateName(fmt.Sprintf("%s-", project))
client := &CLI{}
client.kubeFramework = e2e.NewDefaultFramework(uniqueProject)
client.outputDir = os.TempDir()
client.username = "******"
client.execPath = "oc"
if len(adminConfigPath) == 0 {
FatalErr(fmt.Errorf("You must set the KUBECONFIG variable to admin kubeconfig."))
}
client.adminConfigPath = adminConfigPath
// Register custom ns setup func
setCreateTestingNSFunc(uniqueProject, client.SetupProject)
return client
}
package networking
import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/test/e2e"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("[networking] network isolation", func() {
InSingleTenantContext(func() {
f1 := e2e.NewDefaultFramework("net-isolation1")
f2 := e2e.NewDefaultFramework("net-isolation2")
It("should allow communication between pods in different namespaces on the same node", func() {
Expect(checkPodIsolation(f1, f2, 1)).To(Succeed())
})
It("should allow communication between pods in different namespaces on different nodes", func() {
Expect(checkPodIsolation(f1, f2, 2)).To(Succeed())
})
})
InMultiTenantContext(func() {
f1 := e2e.NewDefaultFramework("net-isolation1")
f2 := e2e.NewDefaultFramework("net-isolation2")
It("should prevent communication between pods in different namespaces on the same node", func() {
err := checkPodIsolation(f1, f2, 1)
Expect(err).To(HaveOccurred())
package networking
import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/test/e2e"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("[networking] services", func() {
f1 := e2e.NewDefaultFramework("net-services2")
f2 := e2e.NewDefaultFramework("net-services2")
It("should allow connections to another pod on the same node via a service IP", func() {
Expect(checkServiceConnectivity(f1, f1, 1)).To(Succeed())
})
It("should allow connections to another pod on a different node via a service IP", func() {
Expect(checkServiceConnectivity(f1, f1, 2)).To(Succeed())
})
Specify("single-tenant plugins should allow connections to pods in different namespaces on the same node via service IPs", func() {
skipIfMultiTenant()
Expect(checkServiceConnectivity(f1, f2, 1)).To(Succeed())
})
Specify("single-tenant plugins should allow connections to pods in different namespaces on different nodes via service IPs", func() {
skipIfMultiTenant()
Expect(checkServiceConnectivity(f1, f2, 2)).To(Succeed())
})
package networking
import (
"k8s.io/kubernetes/test/e2e"
. "github.com/onsi/ginkgo"
)
var _ = Describe("[networking] basic openshift networking", func() {
svcname := "net-sanity"
timeout := 10
f := e2e.NewDefaultFramework(svcname)
It("should function for pod communication on a single node", func() {
By("Picking a node")
nodes, err := e2e.GetReadyNodes(f)
if err != nil {
e2e.Failf("Failed to list nodes: %v", err)
}
node := nodes.Items[0]
By("Creating a webserver pod")
podName := "same-node-webserver"
defer f.Client.Pods(f.Namespace.Name).Delete(podName, nil)
ip := e2e.LaunchWebserverPod(f, podName, node.Name)
By("Checking that the webserver is accessible from a pod on the same node")
expectNoError(checkConnectivityToHost(f, node.Name, "same-node-wget", ip, timeout))
})
"github.com/fsouza/go-dockerclient"
g "github.com/onsi/ginkgo"
o "github.com/onsi/gomega"
kapi "k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/test/e2e"
testutil "github.com/openshift/origin/test/util"
)
var _ = g.Describe("[security] supplemental groups", func() {
defer g.GinkgoRecover()
var (
f = e2e.NewDefaultFramework("security-supgroups")
)
g.Describe("Ensure supplemental groups propagate to docker", func() {
g.It("should propagate requested groups to the docker host config", func() {
// Before running any of this test we need to first check that
// the docker version being used supports the supplemental groups feature
g.By("ensuring the feature is supported")
dockerCli, err := testutil.NewDockerClient()
o.Expect(err).NotTo(o.HaveOccurred())
env, err := dockerCli.Version()
o.Expect(err).NotTo(o.HaveOccurred(), "error getting docker environment")
version := env.Get("Version")
supports, err, requiredVersion := supportsSupplementalGroups(version)
},
}
}
func ipsForEndpoints(ep *api.Endpoints) []string {
ips := sets.NewString()
for _, sub := range ep.Subsets {
for _, addr := range sub.Addresses {
ips.Insert(addr.IP)
}
}
return ips.List()
}
var _ = Describe("DNS", func() {
f := e2e.NewDefaultFramework("dns")
It("should answer endpoint and wildcard queries for the cluster [Conformance]", func() {
e2e.ClusterDNSVerifier(f)
if _, err := f.Client.Services(f.Namespace.Name).Create(createServiceSpec("headless", true, nil)); err != nil {
e2e.Failf("unable to create headless service: %v", err)
}
if _, err := f.Client.Endpoints(f.Namespace.Name).Create(createEndpointSpec("headless")); err != nil {
e2e.Failf("unable to create clusterip endpoints: %v", err)
}
if _, err := f.Client.Services(f.Namespace.Name).Create(createServiceSpec("clusterip", false, nil)); err != nil {
e2e.Failf("unable to create clusterip service: %v", err)
}
if _, err := f.Client.Endpoints(f.Namespace.Name).Create(createEndpointSpec("clusterip")); err != nil {
e2e.Failf("unable to create clusterip endpoints: %v", err)
