Commit Graph

318 Commits

Author SHA1 Message Date
Lucas Servén Marín
2c74a560c4
pkg/wireguard: allow configuring MTU (#215)
This commit makes it possible to configure the MTU for the WireGuard
interface created by Kilo.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-16 14:23:11 +02:00
leonnicolas
daecc2a0bc
Merge pull request #212 from stv0g/k3s-kubeconfig
k3s: Dynamically generate kubeconfig
2021-07-15 16:18:18 +02:00
Steffen Vogel
7c8905f10d k3s: add missing ServiceAccountName to nkml DaemonSet 2021-07-15 15:24:00 +02:00
leonnicolas
3a7e0908bd
Merge pull request #213 from squat/update_docusaurus
website: update docusaurus
2021-07-15 15:01:19 +02:00
Steffen Vogel
d1f7c32760 k3s: generate kubeconfig based on token from ServiceAccount and master address & cacert from kubelet kubeconfig (closes #49) 2021-07-15 14:01:38 +02:00
Lucas Servén Marín
8306d92c79
website: update docusaurus
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-14 16:33:45 +02:00
Lucas Servén Marín
abecadf707
manifests,e2e: reduce cluster role permissions (#211)
Since Kilo now uses the `kilo.squat.ai/discovered-endpoints` annotation
for Peer discovery, Kilo no longer needs to update Peer resources, so we
can remove this permission from the ClusterRole. Note, the RBAC in the
manifests is not used today, but we eventually want to migrate to this.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-14 13:20:05 +02:00
Lucas Servén Marín
e9d1ba88a8 e2e: update adjacency tool
This commit updates the reference to the adjacency tool used in the e2e
tests.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-13 13:16:34 +02:00
Lucas Servén Marín
ad62f90e54
Merge pull request #205 from squat/test_multi_cluster
Test multi cluster
2021-07-08 14:41:02 +02:00
leonnicolas
6de6b37406
Merge pull request #206 from squat/consistent_notes
docs: use consistent notes
2021-07-08 12:44:31 +02:00
Lucas Servén Marín
7756b5ce04
docs: use consistent notes
This commit standardizes how we display a `note` in our docs.
Previously, we used a mix of `_Note_:`, `__Note:__`, `> Note`, and `>
**Note**:` among others. Now, all notes appear as `> **Note**:`.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-08 12:15:17 +02:00
Lucas Servén Marín
19b0797ae2
e2e: test multi-cluster connectivity
This commit adds a new test suite to the e2e tests that validates
multi-cluster connectivity in Kilo. This is really just an extension of
the testing of the Peers CRD and related tooling that also exercises the
`--allowed-ips` flag of the `kgctl` tool.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-08 11:59:32 +02:00
Lucas Servén Marín
8c7e58a231
Makefile: allow filtering e2e tests
This commit enables the filtering of e2e tests that should be run when
using the Makefile's `e2e` target through the specification of the
`BASH_UNIT_FLAGS` environment variable. The value of this variable will
be passed as arguments to the `bash_unit` command, enabling filtering of
tests.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-08 11:50:49 +02:00
leonnicolas
6b5001bf0e
Merge pull request #202 from squat/e2e_improvements
e2e test suite improvements
2021-07-07 11:11:31 +02:00
Julien Viard de Galbert
e12b5029d7
Use LatestHandshake to validate endpoint (#149)
* wireguard: `wg show iface dump` reader and parser

* mesh: use LatestHandshake to validate NAT Endpoints

* add skip on error

* switch to loop parsing

So the stop on error pattern can be used

* Add error handling to ParseDump
2021-07-06 14:14:59 +02:00
leonnicolas
86eea326db
e2e/lib.sh: print to stderr in retry
This way callers of retry can check against the returned value and not
the logged strings.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-07-06 10:59:50 +02:00
Lucas Servén Marín
f251ddda98
e2e: simplify check_adjacency helper
This commit simplifies the check_adjacency helper to us the curl_pod
helper rather than a re-written version of it. It also simplifies the
curl_pod helper slightly to avoid the need for an additional shell.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-06 10:59:49 +02:00
Lucas Servén Marín
f81d19e692
e2e: allow parameterizing kind config
This commit allows the kind cluster configuration to be parameterized at
call time. This enables the test suite to build multiple clusters with
different configurations, e.g. different CIDRs, different numbers of
nodes, etc.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-06 10:59:44 +02:00
Lucas Servén Marín
c728870b49
e2e: check_adjacent accept node number
This commit modifies the logic of the check_adjacent helper so that
rather than expecting the argument to be n^2+n it expects simply n. This
makes it easier to update the caller when the number of nodes in the
cluster changes.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-06 10:58:14 +02:00
Lucas Servén Marín
1e1f8819bf
e2e: don't export KUBECONFIG
This commit modifies the e2e shell scripts so that the KUBECONFIG
variable does not need to be exported. This will become important once
we allow the e2e test suite to launch multiple clusters, e.g. to test
multi-cluster connectivity.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-06 10:58:13 +02:00
leonnicolas
0733c83a0a
Merge pull request #201 from squat/reuse_kind_clusters
e2e: reuse kind cluster across suites
2021-07-05 22:03:56 +02:00
Lucas Servén Marín
c9e4786893
e2e: reuse kind cluster across suites
Currently, each test suite spins up its own kind cluster, which results
in longer e2e test times as each test suite needs to wait for the
cluster to be ready and for images to download. This commit creates two
new virtual test suites that are run before and after the actual e2e
tests and are responsible for creating and destroying a kind cluster
respectively. Any test suite that needs a fresh cluster can still spin
up its own using the `create_cluster` helper in the lib.sh file.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-05 19:43:18 +02:00
leonnicolas
8c4cb7238c
Merge pull request #204 from squat/fix_e2e
Makefile: fix e2e tests
2021-07-05 19:35:38 +02:00
Lucas Servén Marín
821180bdf1
Makefile: fix e2e tests
We seem to be running into
https://github.com/kubernetes-sigs/kind/issues/2240: kube-proxy is
crashlooping, which in turn causes CoreDNS to fail to connect to the API
server over the Service CIDR, which in turn cases DNS resolution to fail
in the cluster, which in turn causes the e2e tests to fail.
To address this,
this commit bumps the kind version to 0.11.1.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-07-05 19:16:30 +02:00
Lucas Servén Marín
d2fa4cc0b8
Merge pull request #199 from Ehco1996/ci
ci: add docker push in release ci
2021-06-29 15:00:54 +02:00
ehco1996
046e018c80 ci: add docker push in release ci 2021-06-29 20:29:35 +08:00
Lucas Servén Marín
9f23e39fca
Merge pull request #197 from squat/autodetect_granularity
pkg/ cmd/: kgctl autodetect mesh granularity
2021-06-18 16:45:49 +02:00
leonnicolas
088578b055
pkg/ cmd/: kgctl autodetect mesh granularity
Addes granularity annotation to auto detect the mesh granularity when
using kubectl

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-06-18 15:59:25 +02:00
Lucas Servén Marín
0d1d4fa052
Merge pull request #196 from squat/e2e_split
e2e: split e2e tests into different suites
2021-06-17 16:53:52 +02:00
dependabot[bot]
ac0574a377
Merge pull request #185 from squat/dependabot/npm_and_yarn/website/normalize-url-4.5.1 2021-06-17 12:17:56 +00:00
dependabot[bot]
35ce0c5049
build(deps): bump normalize-url from 4.5.0 to 4.5.1 in /website
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases)
- [Commits](https://github.com/sindresorhus/normalize-url/commits)

---
updated-dependencies:
- dependency-name: normalize-url
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-17 09:51:32 +00:00
leonnicolas
489f322514
Merge pull request #184 from squat/dependabot/npm_and_yarn/website/ws-6.2.2
build(deps): bump ws from 6.2.1 to 6.2.2 in /website
2021-06-17 11:49:49 +02:00
Lucas Servén Marín
f3eac80675
e2e: split e2e tests into different suites
This commit splits the e2e tests into different suites that all reuse
helper functions from the lib.sh file. This split ensures that the tests
within a suite can all have the same setup, e.g. all tests depending on
a full-mesh will be set up with a full-mesh, and is resilient against
changes in test ordering.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-17 11:48:35 +02:00
dependabot[bot]
f21fd951ef
build(deps): bump ws from 6.2.1 to 6.2.2 in /website
Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/commits)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-17 09:38:25 +00:00
dependabot[bot]
99b3b40342
Merge pull request #180 from squat/dependabot/npm_and_yarn/website/dns-packet-1.3.4 2021-06-17 09:37:15 +00:00
dependabot[bot]
24fcef14ef
build(deps): bump dns-packet from 1.3.1 to 1.3.4 in /website
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-17 09:16:52 +00:00
Lucas Servén Marín
f7d4658cf1
Merge pull request #195 from squat/e2e_test_allowed_location_ips
e2e: add test for allowed location IPs
2021-06-16 20:47:29 +02:00
Lucas Servén Marín
6ab338cf58
e2e: add test for allowed location IPs
This commit adds a new e2e test fot the recently introduced
allowed-location-ips annotation. This test annotates the control-plane
node with an allowed IP and then ensures this IPs is reachable from
the curl helper Pod, which is now guaranteed to be scheduled on a
worker node.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-16 17:01:58 +02:00
Lucas Servén Marín
9a75468a32
Merge pull request #194 from squat/fix_adjacency_retries
e2e test improvements
2021-06-16 12:27:56 +02:00
Lucas Servén Marín
6193210d85
e2e: test Peer validation
This commit adds an e2e test that ensures that invalid Kilo Peers are
rejected thanks to the improved OpenAPI v3 validation.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-16 10:46:22 +02:00
Lucas Servén Marín
941eabb605
e2e: correctly retry failed adjacency checks
The recent test refactor wrapped the adjacency check in a `retry`,
however, the `check_adjacent` function had an `assert` in it, which
meant that the test would fail immediately and not be retried. This
commit moves the assertion out of the check, which also allows for
improved code reuse.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-16 10:37:17 +02:00
Lucas Servén Marín
311414e63a
Merge pull request #179 from squat/location_allowed_ips
pkg/: FEATURE: support allowed IPs outside a cluster
2021-06-15 23:07:22 +02:00
Lucas Servén Marín
3ca08c4f12
Merge pull request #192 from squat/kgctl_kubeconfig_default
cmd/kgctl: improve default kubeconfig
2021-06-15 22:34:15 +02:00
Lucas Servén Marín
ab19e7258f
Merge pull request #191 from squat/test_peers
e2e: test VPN in e2e tests
2021-06-15 22:33:53 +02:00
leonnicolas
0255214d97
docs/annotations.md: docs for allowed-location-ips
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-06-15 22:17:36 +02:00
leonnicolas
31ffaa0e71
pkg/: FEATURE: support allowed IPs outside a cluster
Users can specify IPs with the annotation "allowed-location-ips".
It makes no difference which node of a location is annotated.
The IP should be routable from the particular location, e.g. a printer in
the same LAN.
This way these IPs become routable from other location.

Signed-off-by: leonnicolas <leonloechner@gmx.de>

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-15 22:17:35 +02:00
Lucas Servén Marín
61b52ce4ae
cmd/kgctl: improve default kubeconfig
This commit adds better handling of the default kubeconfig location in
the kgctl binary for cases where the `$KUBECONFIG` environment variable
is not set. In these cases, kgctl will default to
`$HOME/.kube/config`, putting it in line with tools like `kubectl` and
`kind`.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-15 20:53:02 +02:00
Lucas Servén Marín
d10b40acb0
e2e: test VPN in e2e tests
This commit adds testing of the VPN feature of Kilo to the e2e tests.
Also, in order to make the tests less flaky, this commit ensures that
the Kilo Pods use the "root" kubeconfig to connect to the API rather
than the Kubernetes API's cluster IP, which can become unavailable when
networking is reconfigured.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-15 20:41:25 +02:00
Lucas Servén Marín
6542c2ee94
Merge pull request #190 from squat/refactor_e2e
e2e: refactor the end to end tests
2021-06-15 16:58:37 +02:00
Lucas Servén Marín
9f088b87ee
e2e: refactor the end to end tests
This commit refactors the e2e tests in the following ways:
* bump the version of `bash_unit` to 1.7.2: the previous version was
from 2018;
* remove the unused `block` function;
* fix the order of `block_unitil_ready_by_name` and `check_ping`: we
should not attempt to interact with pods before they are considered
ready;
* extract the retry logic into a reusable function called `retry`; and
* retry the `check_adjacent` function for robustness.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-15 13:09:20 +02:00