| commit adf8c8ad610f925ee424002326a68e0cca97df66 (HEAD -> test_integration_1.22) | |
| Author: Antonio Ojea <[email protected]> | |
| Date: Fri Oct 8 01:04:38 2021 +0200 | |
| don't get available port from the ephemeral range | |
| diff --git a/test/integration/framework/etcd.go b/test/integration/framework/etcd.go | |
| index aa1d36a86ab..7d2020be4e8 100644 | |
| --- a/test/integration/framework/etcd.go | |
| +++ b/test/integration/framework/etcd.go |
There are some special cases that you only want to create a container without network interfaces, so you can handle the network directly.
Podman networking uses CNI to configure the networking of the containers, so we can leverage that to create containers without network interfaces, however, we always need the special loopback interface to be UP, so the networking working inside of the namespace.
cat swagger.json | jq '.definitions' | gron | grep -E "(IP|CIDR)"
json["io.k8s.api.admissionregistration.v1.WebhookClientConfig"].properties.url.description = "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string per
| import ( | |
| "fmt" | |
| "log" | |
| "net/http" | |
| "net/http/httptrace" | |
| ) | |
| // transport is an http.RoundTripper that keeps track of the in-flight | |
| // request and implements hooks to report HTTP tracing events. | |
| type transport struct { |
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
- role: worker
- role: worker
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: netkat | |
| spec: | |
| hostNetwork: true | |
| containers: | |
| - name: netkat | |
| image: aojea/netkat:0.1.1 | |
| command: ["/bin/sh", "-ec", "sleep 10000"] |
References:
Kube-proxy iptables consider affinity per Service:ServicePort, each ServicePort in the same Service has a different affinity.
There is no distributed consistency between nodes to keep track of the Services sessions, when using LoadBalancer type Services,
Conformance test are a subset of the e2e test Kubernetes test.
The e2e tests are based on Ginkgo https://onsi.github.io/ginkgo/ and live in the Kubernetes repository https://github.com/kubernetes/kubernetes/tree/master/test/e2e.
There is no guarantee of compatibility for the e2e binaries, hence the e2e binary version MUST match your kubernetes cluster version.
Benchmark_Key-4 32955 36670 ns/op 109 B/op 0 allocs/op
Benchmark_Value-4 25776 47899 ns/op 140 B/op 0 allocs/op
It seems that by key requires is much better.
Also, it seems that the larger the size of the pod matters, I've tried with larger pods size and the results are worse for Value.
Most of the time is spent in runtime.duffcopy when iterating by value
| # Create test namespaces | |
| sudo ip netns add testNS | |
| # Connect the namespace to the host using a veth pair | |
| sudo ip link add name vethHost type veth peer name vethNS | |
| sudo ip link set netns testNS dev vethNS | |
| # Configure the namespaces network so they can reach each other | |
| sudo ip netns exec testNS ip link set up dev lo | |
| sudo ip netns exec testNS ip link set up dev vethNS |