From 55561506b8afdb2327eba2b9022620db52e8cdbe Mon Sep 17 00:00:00 2001 From: Larry Safran Date: Mon, 12 Aug 2024 18:11:38 -0700 Subject: [PATCH 1/2] Add a thread to recreate the IPv6 firewall rule every 30 seconds to counteract the enforcer deleting it. --- tests/dualstack_test.py | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/tests/dualstack_test.py b/tests/dualstack_test.py index 28e0cde0..90a4e398 100644 --- a/tests/dualstack_test.py +++ b/tests/dualstack_test.py @@ -11,13 +11,15 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +import threading import datetime as dt import logging +import time from typing import Final from absl import flags from absl.testing import absltest -from typing_extensions import TypeAlias, override +from typing_extensions import override from framework import xds_k8s_flags from framework import xds_k8s_testcase @@ -39,6 +41,8 @@ class DualStackTest(xds_k8s_testcase.RegularXdsKubernetesTestCase): v4_server_runner: _KubernetesServerRunner = None v6_server_runner: _KubernetesServerRunner = None + fr_recreater: threading.Thread = None + firewall_rule_creation_should_stop: bool = False @staticmethod @override @@ -95,6 +99,8 @@ def setUp(self): ) def cleanup(self): + self.firewall_rule_creation_should_stop = True + self.td.cleanup(force=self.force_cleanup) self.client_runner.cleanup( force=self.force_cleanup, force_namespace=self.force_cleanup @@ -128,6 +134,22 @@ def test_dualstack(self) -> None: self.server_xds_host, self.server_xds_port ) + with self.subTest("_start_firewall_rule_creation_thread"): + + def recreate_firewall_rule(): + time.sleep(30) + while self.firewall_rule_creation_should_stop is False: + self.td.create_firewall_rules( + allowed_ports=self.firewall_allowed_ports, + source_range=self.firewall_source_range, + source_range_ipv6=self.firewall_source_range_ipv6, + ) + time.sleep(30) + + self.fr_recreater = threading.Thread( + target=recreate_firewall_rule, args=(self,), daemon=True + ) + test_servers: list[_XdsTestServer] = [] with self.subTest("03_start_test_server-dualstack"): test_servers.append( @@ -155,6 +177,7 @@ def test_dualstack(self) -> None: logger.info("Test servers: %s", test_servers) + # Start recreating the firewall rule every 15 seconds with self.subTest("04_add_server_backends_to_backend_services"): ( neg_name, From 6ed2abad88c071ae5480d8f2897571028dea4374 Mon Sep 17 00:00:00 2001 From: Larry Safran Date: Mon, 12 Aug 2024 18:26:50 -0700 Subject: [PATCH 2/2] Cleanup --- tests/dualstack_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/dualstack_test.py b/tests/dualstack_test.py index 90a4e398..9d7f79ef 100644 --- a/tests/dualstack_test.py +++ b/tests/dualstack_test.py @@ -11,9 +11,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -import threading import datetime as dt import logging +import threading import time from typing import Final