diff --git a/api/v1beta2/foundationdbcluster_types.go b/api/v1beta2/foundationdbcluster_types.go index 5cdf9b9ff..8fec16610 100644 --- a/api/v1beta2/foundationdbcluster_types.go +++ b/api/v1beta2/foundationdbcluster_types.go @@ -2174,6 +2174,11 @@ func (cluster *FoundationDBCluster) DefineDNSLocalityFields() bool { return pointer.BoolDeref(cluster.Spec.Routing.DefineDNSLocalityFields, false) || cluster.UseDNSInClusterFile() } +// GetPodIPFamily return the podIpFamily of the cluster +func (cluster *FoundationDBCluster) GetPodIPFamily() *int { + return cluster.Spec.Routing.PodIPFamily +} + // GetDNSDomain gets the domain used when forming DNS names generated for a // service. func (cluster *FoundationDBCluster) GetDNSDomain() string { diff --git a/e2e/Makefile b/e2e/Makefile index bfd5c9a6e..1e80ae077 100644 --- a/e2e/Makefile +++ b/e2e/Makefile @@ -32,6 +32,7 @@ UPGRADE_VERSIONS?="$(PREVIOUS_FDB_VERSION):$(FDB_VERSION)" FEATURE_UNIFIED_IMAGE?=false FEATURE_DNS?=false FEATURE_LOCALITIES?=false +FEATURE_POD_IP_FAMILY_V6?=false # Make bash pickier about errors. SHELL=/bin/bash -euo pipefail @@ -126,4 +127,5 @@ nightly-tests: run --feature-localities=$(FEATURE_LOCALITIES) \ --feature-dns=$(FEATURE_DNS) \ --cloud-provider=$(CLOUD_PROVIDER) \ + --feature-pod-ip-family-v6=$(FEATURE_POD_IP_FAMILY_V6) \ | grep -v 'constructing many client instances from the same exec auth config can cause performance problems during cert rotation' &> $(BASE_DIR)/../logs/$<.log diff --git a/e2e/fixtures/cluster_config.go b/e2e/fixtures/cluster_config.go index bba85595b..c58689799 100644 --- a/e2e/fixtures/cluster_config.go +++ b/e2e/fixtures/cluster_config.go @@ -438,7 +438,7 @@ func (config *ClusterConfig) CalculateRoleCounts() fdbv1beta2.RoleCounts { roleCounts := fdbv1beta2.RoleCounts{ // One disk is used by the log process the rest of those is used by storage processes. - Storage: max(machineCount*(disksPerMachine-1), 5), + Storage: max(machineCount*(disksPerMachine-1), 3), // We run one log process per disk Logs: max(machineCount-desiredFaultTolerance, 3), Proxies: grv + commit, diff --git a/e2e/fixtures/factory.go b/e2e/fixtures/factory.go index 5b64b39ac..a36466f45 100644 --- a/e2e/fixtures/factory.go +++ b/e2e/fixtures/factory.go @@ -772,6 +772,10 @@ func (factory *Factory) GetClusterOptions(options ...ClusterOption) []ClusterOpt options = append(options, WithDNSEnabled) } + if factory.options.featureOperatorPodIPFamilyV6 { + options = append(options, WithPodIPFamily) + } + return options } diff --git a/e2e/fixtures/fdb_cluster_specs.go b/e2e/fixtures/fdb_cluster_specs.go index 52c837be1..f74560581 100644 --- a/e2e/fixtures/fdb_cluster_specs.go +++ b/e2e/fixtures/fdb_cluster_specs.go @@ -178,7 +178,6 @@ func (factory *Factory) createPodTemplate( ImagePullPolicy: factory.getImagePullPolicy(), Resources: fdbPodResources, SecurityContext: &corev1.SecurityContext{ - Privileged: pointer.Bool(true), AllowPrivilegeEscalation: pointer.Bool(true), // for performance profiling ReadOnlyRootFilesystem: pointer.Bool( false, diff --git a/e2e/fixtures/fdb_operator_client.go b/e2e/fixtures/fdb_operator_client.go index 8cfff20c3..3440d9e89 100644 --- a/e2e/fixtures/fdb_operator_client.go +++ b/e2e/fixtures/fdb_operator_client.go @@ -165,33 +165,6 @@ subjects: - kind: ServiceAccount name: fdb-kubernetes-operator-controller-manager --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Namespace }}-operator-manager-clusterrole -rules: -- apiGroups: - - "" - resources: - - nodes - verbs: - - get - - watch - - list ---- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: {{ .Namespace }}-operator-manager-clusterrolebinding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Namespace }}-operator-manager-clusterrole - subjects: - - kind: ServiceAccount - name: fdb-kubernetes-operator-controller-manager - namespace: {{ .Namespace }} ---- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/e2e/fixtures/fdb_operator_fixtures.go b/e2e/fixtures/fdb_operator_fixtures.go index 26260087d..0b7adcb94 100644 --- a/e2e/fixtures/fdb_operator_fixtures.go +++ b/e2e/fixtures/fdb_operator_fixtures.go @@ -288,3 +288,8 @@ func WithLocalitiesForExclusion(_ *Factory, cluster *fdbv1beta2.FoundationDBClus func WithUnifiedImage(_ *Factory, cluster *fdbv1beta2.FoundationDBCluster) { cluster.Spec.UseUnifiedImage = pointer.Bool(true) } + +// WithPodIPFamily is an option that sets the Pod IP Family for a cluster. +func WithPodIPFamily(_ *Factory, cluster *fdbv1beta2.FoundationDBCluster) { + cluster.Spec.Routing.PodIPFamily = pointer.Int(6) +} diff --git a/e2e/fixtures/options.go b/e2e/fixtures/options.go index f96635d9c..dcf16881c 100644 --- a/e2e/fixtures/options.go +++ b/e2e/fixtures/options.go @@ -31,24 +31,25 @@ import ( // FactoryOptions defines the (command line) options that are support for the e2e test cases. type FactoryOptions struct { - namespace string - chaosNamespace string - prefix string - context string - fdbImage string // TODO (johscheuer): Make this optional if we use the default - sidecarImage string // TODO (johscheuer): Make this optional if we use the default - operatorImage string - registry string - fdbVersion string - username string - storageClass string - upgradeString string - cloudProvider string - enableChaosTests bool - cleanup bool - featureOperatorDNS bool - featureOperatorLocalities bool - featureOperatorUnifiedImage bool + namespace string + chaosNamespace string + prefix string + context string + fdbImage string // TODO (johscheuer): Make this optional if we use the default + sidecarImage string // TODO (johscheuer): Make this optional if we use the default + operatorImage string + registry string + fdbVersion string + username string + storageClass string + upgradeString string + cloudProvider string + enableChaosTests bool + cleanup bool + featureOperatorDNS bool + featureOperatorLocalities bool + featureOperatorUnifiedImage bool + featureOperatorPodIPFamilyV6 bool } // BindFlags binds the FactoryOptions flags to the provided FlagSet. This can be used to extend the current test setup @@ -162,6 +163,12 @@ func (options *FactoryOptions) BindFlags(fs *flag.FlagSet) { false, "defines if the operator tests should make use of DNS in cluster files.", ) + fs.BoolVar( + &options.featureOperatorPodIPFamilyV6, + "feature-pod-ip-family-v6", + false, + "defines if operator tests should set the Pod IP Family feature to 6 (skipped if fdb version is below 7.0.0)", + ) } func (options *FactoryOptions) validateFlags() error { @@ -219,6 +226,9 @@ func (options *FactoryOptions) validateFlags() error { if err != nil { return err } + + fdbVersion, _ := fdbv1beta2.ParseFdbVersion(options.fdbVersion) + options.featureOperatorPodIPFamilyV6 = options.featureOperatorPodIPFamilyV6 && fdbVersion.IsAtLeast(fdbv1beta2.Version{Major: 7, Minor: 0, Patch: 0}) } // Make sure we handle the cloud provider string internally as lower cases. diff --git a/internal/pod_models.go b/internal/pod_models.go index 4519e33a7..23bd4dd07 100644 --- a/internal/pod_models.go +++ b/internal/pod_models.go @@ -548,6 +548,7 @@ func configureSidecarContainer(container *corev1.Container, initMode bool, proce if cluster.Spec.Routing.PodIPFamily != nil { sidecarArgs = append(sidecarArgs, "--public-ip-family") sidecarArgs = append(sidecarArgs, fmt.Sprint(*cluster.Spec.Routing.PodIPFamily)) + sidecarArgs = append(sidecarArgs, "--bind-address", "'[::]:8080'") } if cluster.NeedsExplicitListenAddress() {