[IPv6] Merge IPv6 branch to master #1518
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thanks for your PR. The following commands are available:
|
|
/test-all |
Codecov Report
@@ Coverage Diff @@
## master #1518 +/- ##
==========================================
- Coverage 67.79% 62.55% -5.24%
==========================================
Files 169 167 -2
Lines 13503 13969 +466
==========================================
- Hits 9154 8739 -415
- Misses 3407 4320 +913
+ Partials 942 910 -32
Flags with carried forward coverage won't be shown. Click here to find out more.
|
lzhecheng
force-pushed
the
ipv6
branch
3 times, most recently
from
289f5ee
to
9a48548
Compare
|
/test-e2e |
|
/test-all |
|
/test-windows-conformance |
7 similar comments
|
/test-windows-conformance |
|
/test-windows-conformance |
|
/test-windows-conformance |
|
/test-windows-conformance |
|
/test-windows-conformance |
|
/test-windows-conformance |
|
/test-windows-conformance |
jianjuns
previously approved these changes
Nov 10, 2020
|
There is a typo in the commit message:
|
|
/test-windows-conformance |
1 similar comment
|
/test-windows-conformance |
lzhecheng
force-pushed
the
ipv6
branch
2 times, most recently
from
568e2aa
to
2485929
Compare
…1200) 1. Add a config item for IPv6 Serivce CIDR if using kube-proxy to provide Service functions. 2. Output IPv6 traffic from host gateway if its destination is a Service address. 3. Use ct_mark to identify Service traffic and output the reply packet to the host gateway to ensure the DNAT processing in iptables.
1. Extend generic functions "podWaitForIP" to return all assigned IPs of a given Pod. 2. Validate each IP address in the cluster's network CIDR 3. Use each valid IP to check connectivity. 4. Use each valid IP to execute tests.
1. No -6 option in busybox nc So, no need to distinguish if it is an IPv6 environment for runNetcatCommandFromTestPod() nc BusyBox v1.31.1 (2019-10-28 18:40:01 UTC) multi-call binary. Usage: nc [OPTIONS] HOST PORT - connect nc [OPTIONS] -l -p PORT [HOST] [PORT] - listen -e PROG Run PROG after connect (must be last) -l Listen mode, for inbound connects -lk With -e, provides persistent server -p PORT Local port -s ADDR Local address -w SEC Timeout for connects and final net reads -i SEC Delay interval for lines sent -n Don't do DNS resolution -u UDP mode -v Verbose -o FILE Hex dump traffic -z Zero-I/O mode (scanning) 2. testCert * IPv6 address should be in "[]"
Use "ip -6 route" for IPv6 network.
If Antrea MTU is too large in IPv6 environment, large packet with overhead exceeds node MTU cannot be transmitted successfully across nodes. IPv6ExtraOverhead, 20 is from observation of IPv4 and IPv6 packets under same situation.
Use Node's internal address to decide if extra IPv6 overhead is needed.
* With OVS v2.14.0, IPsec in IPv6 envinronment is not supported. * More user-friendly output for PodIPs. From: Retrieved all Pod IPs: map[test-pod-0-upgp1ung:0xc000708960 test-pod-1-pbva9007:0xc0006ec8a0] To: Retrieved all Pod IPs: map[test-pod-0-mudzj847:IPv6: fd74:ca9b:172:16::4, IP strings: fd74:ca9b:172:16::4 test-pod-1-apcmyd30:IPv6: fd74:ca9b:172:16:1::3c, IP strings: fd74:ca9b:172:16:1::3c]
2 upstream Network Policy tests didn't consider netmask for IPv6, this patch is to add correct tests. When bug is fixed in latest release, these 2 tests can be deleted. Kubernetes PR: kubernetes/kubernetes#93583 2 testcases: https://github.com/kubernetes/kubernetes/blob/v1.20.0-alpha.0/test/e2e/network/network_policy.go#L1365 https://github.com/kubernetes/kubernetes/blob/v1.20.0-alpha.0/test/e2e/network/network_policy.go#L1444
* format code * fix TestPodTrafficShaping * fix TestIPv6RoutesAndNeighbors
* unit test * manifest
1. Add enhancement in Antrea Controller and Agent to support NetworkPolicy in IPv6. 2. Optimize test cases to support IPv6 3. Use regex in CRD to validate IPv4 or IPv6 string 4. Add TestEgressToServerInCIDRBlock and TestEgressToServerInCIDRBlockWithException 5. networkpolicy_controller.go: PodIPs includes PodIP
lzhecheng
force-pushed
the
ipv6
branch
4 times, most recently
from
eeebe41
to
dd85a9e
Compare
* remove Github Actions integration test, Jenkins: jenkins-integration -> Integration tests * go fmt * add FlowProtocl() to interface Flow * remove extra lines when rebasing for an octant commit * TestIPv6RoutesAndNeighbors: routeClient.Initialize
|
/test-all |
|
/test-windows-conformance |
3 similar comments
|
/test-windows-conformance |
|
/test-windows-conformance |
|
/test-windows-conformance |
tnqn
approved these changes
Nov 11, 2020
| @@ -124,7 +124,8 @@ func TestControllerWithDuplicatePodCIDR(t *testing.T) { | |||
| defer close(finishCh) | |||
|
|
|||
| c.clientset.CoreV1().Nodes().Create(context.TODO(), node1, metav1.CreateOptions{}) | |||
| c.ofClient.EXPECT().InstallNodeFlows("node1", gatewayMAC, *podCIDR, podCIDRGateway, nodeIP1, uint32(config.DefaultTunOFPort), uint32(0)).Times(1) | |||
| // The 2nd argument is Any() because it is not safe to use pointer as key in a map. peerConfigs map[*net.IPNet]net.IP | |||
There was a problem hiding this comment.
Suggested change
| // The 2nd argument is Any() because it is not safe to use pointer as key in a map. peerConfigs map[*net.IPNet]net.IP | |
| // The 2nd argument is Any() because the argument is unpredictable when it uses pointer as the key of map. The argument type is map[*net.IPNet]net.IP. |
But we could improve it later.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview of IPv6 support:
The last commit is to solve some issues after rebasing.
24c6c70
FlowProtocl()to interfaceFlowto solve traceflow test failure