github.com/cilium/cilium@v1.16.2/Documentation/contributing/testing/e2e.rst (about) 1 .. only:: not (epub or latex or html) 2 3 WARNING: You are looking at unreleased Cilium documentation. 4 Please use the official rendered version released here: 5 https://docs.cilium.io 6 7 .. _testsuite: 8 9 End-To-End Connectivity Testing 10 =============================== 11 12 Introduction 13 ~~~~~~~~~~~~ 14 15 Cilium uses `cilium-cli connectivity tests 16 <https://github.com/cilium/cilium-cli/#connectivity-check>`_ 17 for implementing and running end-to-end tests which test Cilium all the way 18 from the API level (for example, importing policies, CLI) to the datapath (in order words, whether 19 policy that is imported is enforced accordingly in the datapath). 20 21 Running End-To-End Connectivity Tests 22 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 23 24 The connectivity tests are implemented in such a way that they can be run against 25 any K8s cluster running Cilium. The built-in feature detection allows the testing 26 framework to automatically skip tests when a required test condition cannot be met 27 (for example, skip the Egress Gateway tests if the Egress Gateway feature is disabled). 28 29 Running tests locally 30 ^^^^^^^^^^^^^^^^^^^^^ 31 32 .. include:: /installation/cli-download.rst 33 34 Alternatively, ``Cilium CLI`` can be manually built and installed by fetching 35 ``https://github.com/cilium/cilium-cli``, and then running ``make install``. 36 37 Next, you need a Kubernetes cluster to run Cilium. The easiest way to create one 38 is to use `kind <https://github.com/kubernetes-sigs/kind>`_. Cilium provides 39 a wrapper script which simplifies creating K8s cluster with ``kind``. For example, 40 to create a cluster consisting of 1 control-plane node, 3 worker nodes, without 41 kube-proxy, and with ``DualStack`` enabled: 42 43 .. code-block:: shell-session 44 45 $ cd cilium/ 46 $ ./contrib/scripts/kind.sh "" 3 "" "" "none" "dual" 47 ... 48 Kind is up! Time to install cilium: 49 make kind-image 50 make kind-install-cilium 51 52 Afterwards, you need to install Cilium. The preferred way is to use 53 `cilium-cli install <https://github.com/cilium/cilium-cli/#install-cilium>`_, 54 as it is able to automate some steps (e.g., detecting ``kube-apiserver`` endpoint 55 address which otherwise needs to be specified when running w/o ``kube-proxy``, or 56 set an annotation to a K8s worker node to prevent Cilium from being scheduled on it). 57 58 Assuming that Cilium was built with: 59 60 .. code-block:: shell-session 61 62 $ cd cilium/ 63 $ make kind-image 64 ... 65 ^^^ Images pushed, multi-arch manifest should be above. ^^^ 66 67 You can install Cilium with the following command: 68 69 .. code-block:: shell-session 70 71 $ cilium install --wait \ 72 --chart-directory=$GOPATH/src/github.com/cilium/cilium/install/kubernetes/cilium \ 73 --set image.override=localhost:5000/cilium/cilium-dev:local \ 74 --set image.pullPolicy=Never \ 75 --set operator.image.override=localhost:5000/cilium/operator-generic:local \ 76 --set operator.image.pullPolicy=Never \ 77 --set routingMode=tunnel \ 78 --set tunnelProtocol=vxlan \ 79 --nodes-without-cilium 80 ... 81 ⌛ Waiting for Cilium to be installed and ready... 82 ✅ Cilium was successfully installed! Run 'cilium status' to view installation health 83 84 Finally, to run tests: 85 86 .. code-block:: shell-session 87 88 $ cilium connectivity test 89 ... 90 ✅ All 32 tests (263 actions) successful, 2 tests skipped, 1 scenarios skipped. 91 92 Alternatively, you can select which tests to run: 93 94 .. code-block:: shell-session 95 96 $ cilium connectivity test --test north-south-loadbalancing 97 ... 98 [=] Test [north-south-loadbalancing] 99 100 Or, you can exclude specific test cases to run: 101 102 .. code-block:: shell-session 103 104 $ cilium connectivity test --test '!pod-to-world' 105 ... 106 107 Running tests in VM 108 ^^^^^^^^^^^^^^^^^^^ 109 110 To run Cilium and the connectivity tests in a virtual machine, one can use 111 `little-vm-helper (LVH) <https://github.com/cilium/little-vm-helper>`_. The 112 project provides a runner of qemu-based VMs, a builder of VM images, 113 and a registry containing pre-built VM images. 114 115 First, install the LVH cli tool: 116 117 .. code-block:: shell-session 118 119 $ go install github.com/cilium/little-vm-helper/cmd/lvh@latest 120 $ lvh --help 121 ... 122 Use "lvh [command] --help" for more information about a command. 123 124 Second, fetch a VM image: 125 126 .. code-block:: shell-session 127 128 $ lvh images pull quay.io/lvh-images/kind:6.1-main --dir . 129 130 See `<https://quay.io/repository/lvh-images/kind?tab=tags>`_ for all available 131 images. To build a new VM image (or to update any existing) please refer to 132 `little-vm-helper-images <https://github.com/cilium/little-vm-helper-images>`_. 133 134 Next, start a VM: 135 136 .. code-block:: shell-session 137 138 $ lvh run --image ./images/kind_6.1.qcow2 --host-mount $GOPATH/src/github.com/cilium/ --daemonize -p 2222:22 --cpu=3 --mem=6G 139 140 .. _test_cilium_on_lvh: 141 142 Finally, you can SSH into the VM to start a K8s cluster, install Cilium, and finally run the connectivity tests: 143 144 .. code-block:: shell-session 145 146 $ ssh -p 2222 -o "StrictHostKeyChecking=no" root@localhost 147 # cd /host/cilium 148 # git config --global --add safe.directory /host/cilium 149 # ./contrib/scripts/kind.sh "" 3 "" "" "none" "dual" 150 # cd /host/cilium-cli 151 # ./cilium install --wait \ 152 --chart-directory=../cilium/install/kubernetes/cilium \ 153 --version=v1.13.2 \ 154 --set routingMode=tunnel \ 155 --set tunnelProtocol=vxlan \ 156 --nodes-without-cilium 157 # ./cilium connectivity test 158 ... 159 ✅ All 32 tests (263 actions) successful, 2 tests skipped, 1 scenarios skipped. 160 161 To stop the VM, run from the host: 162 163 .. code-block:: shell-session 164 165 $ pkill qemu-system-x86 166 167 Running tests in a VM with a custom kernel 168 """""""""""""""""""""""""""""""""""""""""" 169 170 It is possible to test Cilium on an LVH VM with a custom built Linux kernel (for example, 171 for fast testing iterations when doing kernel development work for Cilium features). 172 173 First, to configure and to build the kernel: 174 175 .. code-block:: shell-session 176 177 $ git clone --depth=1 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git 178 $ cd bpf-next/ 179 180 # configure kernel, so that it can be run in LVH VM: 181 $ git clone https://github.com/cilium/little-vm-helper-images 182 $ cat ../little-vm-helper-images/_data/kernels.json | \ 183 jq -r '.common_opts.[] | (.[0])+" "+(.[1])' | \ 184 xargs ./scripts/config 185 186 $ make -j$(nproc) 187 188 Second, start the LVH VM with the custom kernel: 189 190 .. code-block:: shell-session 191 192 $ lvh run --image ./images/kind_bpf-next.qcow2 \ 193 --host-mount $(pwd) \ 194 --kernel ./bpf-next/arch/x86_64/boot/bzImage \ 195 --daemonize -p 2222:22 --cpu=3 --mem=6G \ 196 197 Third, SSH into the VM, and install the custom kernel modules (this step is no longer 198 required once `little-vm-helper#117 <https://github.com/cilium/little-vm-helper/issues/117>`_ 199 has been resolved): 200 201 .. code-block:: shell-session 202 203 $ ssh -p 2222 -o "StrictHostKeyChecking=no" root@localhost 204 # cd /host/bpf-next 205 # make modules_install 206 207 Finally, you can use the instructions from :ref:`the previous chapter<test_cilium_on_lvh>` to run and to test Cilium. 208 209 Network performance test 210 ^^^^^^^^^^^^^^^^^^^^^^^^ 211 212 Cilium also provides `cilium-cli connectivity perf <https://github.com/cilium/cilium-cli/blob/756ae5072a7281e2b6b33b10da3ab890cb2fa240/README.md#network-performance-test>`__ to test the network performance of pod-to-pod communication in the same node and different nodes. 213 214 To run performance test: 215 216 .. code-block:: shell-session 217 218 $ cilium connectivity perf 219 ... 220 [=] Test [network-perf] [1/1] 221 ... 222 223 If you want to test the network performance between specific nodes, you can label the nodes to run test: 224 225 .. code-block:: shell-session 226 227 $ kubectl label nodes worker1 perf-test=true 228 node/worker1 labeled 229 $ kubectl label nodes worker2 perf-test=true 230 node/worker2 labeled 231 $ cilium connectivity perf --node-selector perf-test=true 232 ... 233 [=] Test [network-perf] [1/1] 234 ... 235 236 Cleaning up tests 237 ^^^^^^^^^^^^^^^^^ 238 239 If the connectivity tests are interrupted or timeout, that will leave the test pods deployed. 240 To clean this up, simply delete the connectivity tests namespace: 241 242 .. code-block:: shell-session 243 244 $ kubectl delete ns cilium-test 245 246 If you specified the test namespace with ``--test-namespace``, make sure to replace ``cilium-test`` (default).