network policy workload #117
Conversation
|
lint errors are related kube-burner dependeny. So ignore them for now. |
venkataanil
force-pushed
the
netpol
branch
2 times, most recently
from
ebf281c
to
89f1807
Compare
| } | ||
|
|
||
| // create proxy pod with route | ||
| func deployAssets(uuid string, clientSet kubernetes.Interface, restConfig *rest.Config) error { |
There was a problem hiding this comment.
Can we move all these assets to the config as well? If we intent to run them at start only once we can do that by either of the options below
There was a problem hiding this comment.
Thanks Vishnu. Initially I was doing the same
https://github.com/venkataanil/files/blob/master/kube-burrner-netpol/network-policy.yml#L11
However, the route will be used inside core kube-burner measurement code, so earlier I was manually adding it in the core kube-burner measurement code
https://github.com/venkataanil/files/blob/master/kube-burrner-netpol/netpol_latency.go#L65
Now kube-burner-ocp creates it and passes it as environment variable https://github.com/kube-burner/kube-burner-ocp/pull/117/files#diff-43d885d93cbe44660401e7017fb54c6cfe09507946b9374ad7d7b0a0485e5143R172
This env variable is consumed in the template
https://github.com/kube-burner/kube-burner-ocp/pull/117/files#diff-22fffda545f823bb596360df5ac5fffdbd6b233b9b662a67ddd506d48162d677R11
Finally core kube-burner measurement code reads from the config file https://github.com/kube-burner/kube-burner/pull/679/files#diff-a6045e2aa0d1b86a2c266acf164b4102c828a73863f6212d7eff79a34be53e04R496
I was following similar approach of service_latency.go https://github.com/kube-burner/kube-burner/blob/main/pkg/measurements/service_latency.go#L73
However I couldn't directly define deploy_assets() which creates this proxy route in
pkg/measurements/netpol_latency.go (https://github.com/kube-burner/kube-burner/pull/679/files#diff-a6045e2aa0d1b86a2c266acf164b4102c828a73863f6212d7eff79a34be53e04) as "route" resource belongs to ocp and not k8s. So I needed to move it to kube-burner-ocp.
I can move it to template if there is a way measurement code pkg/measurements/netplo_latency.go get this route information.
There was a problem hiding this comment.
Thanks for the detailed explanation. My concern was to just move these assets creation to the top of the workload config file in a desired order but not to kube-burner core repo.
venkataanil
force-pushed
the
netpol
branch
2 times, most recently
from
b8c32d7
to
3e6c3e4
Compare
Network policy testing touches 3 key areas 1. Template to include all network policy configuration options 2. Latency measurement through connection testing 3. Flow tracking through Convergence tracker This PR is adding templates which proposed unified approach to add namespace and pod selectors, CIDRs, single ports and port ranges. Legacy network policy templates will be retired and removed once this new approach gets stabilized. This PR depends on following kube-burner and images PRs for connection testing cloud-bulldozer/images#13 cloud-bulldozer/images#12 kube-burner/kube-burner#679 A follow up PR will be submitted for adding Converagnce tracker tool support. More details are added in README.md Signed-off-by: venkataanil <[email protected]>
Nadia's convergence tracker[1] is added. It creates pods on each worker node which moniots OVS flows. It measures when OVS flows gets stabilized and report this as a metric. [1] https://github.com/npinaeva/k8s-netpol-scale/tree/main/kube-burner-workload/openshift/openflow-tracker
Network policy testing touches 3 key areas
This PR is adding templates which proposed unified approach to add namespace and pod selectors, CIDRs, single ports and port ranges. CIDRs and egress will be added in next patch.
Legacy network policy templates will be retired and removed once this new approach gets stabilized.
This PR depends on following kube-burner and images PRs for connection testing
cloud-bulldozer/images#13
cloud-bulldozer/images#12
kube-burner/kube-burner#679
A follow up PR will be submitted for adding Converagnce tracker
tool support.
More details are added in README.md