Add script for running k8s conformance E2E

Makefile

@@ -303,6 +303,7 @@ create-management-cluster: $(ENVSUBST)
 	kubectl apply -f https://github.com/kubernetes-sigs/cluster-api/releases/download/v0.3.3/cluster-api-components.yaml
 
 	# Deploy CAPZ
+	kind load docker-image $(CONTROLLER_IMG)-$(ARCH):$(TAG) --name=clusterapi
 	kustomize build config | $(ENVSUBST) | kubectl apply -f -
 
 	# Wait for CAPI pods
@@ -326,7 +327,7 @@ create-workload-cluster: $(ENVSUBST)
 	timeout 300 bash -c "while ! kubectl get secrets | grep $(CLUSTER_NAME)-kubeconfig; do sleep 1; done"
 	# Get kubeconfig and store it locally.
 	kubectl get secrets $(CLUSTER_NAME)-kubeconfig -o json | jq -r .data.value | base64 --decode > ./kubeconfig
-	timeout 300 bash -c "while ! kubectl --kubeconfig=./kubeconfig get nodes | grep master; do sleep 1; done"
+	timeout 600 bash -c "while ! kubectl --kubeconfig=./kubeconfig get nodes | grep master; do sleep 1; done"
 
 	# Deploy calico
 	kubectl --kubeconfig=./kubeconfig apply -f https://docs.projectcalico.org/v3.13/manifests/calico.yaml

docs/development.md

@@ -17,9 +17,11 @@
   - [Modules and dependencies](#modules-and-dependencies)
   - [Manual Testing](#manual-testing)
     - [Setting up the environment](#setting-up-the-environment)
-    - [Building and pushing dev images](#building-and-pushing-dev-images)
-    - [Customizing the cluster deployment](#customizing-the-cluster-deployment)
-    - [Creating a test cluster](#creating-a-test-cluster)
+    - [Creating a dev cluster](#creating-a-dev-cluster)
+      - [Building and pushing dev images](#building-and-pushing-dev-images)
+      - [Customizing the cluster deployment](#customizing-the-cluster-deployment)
+      - [Creating the cluster](#creating-the-cluster)
+    - [Debugging cluster creation](#debugging-cluster-creation)
   - [Submitting PRs and testing](#submitting-prs-and-testing)
     - [Executing unit tests](#executing-unit-tests)
   - [Automated Testing](#automated-testing)
@@ -138,7 +140,7 @@ make create-workload-cluster
 
 To delete the cluster:
 
-```
+```bash
 make delete-workload-cluster
 ```
 
@@ -149,27 +151,42 @@ make delete-workload-cluster
 Your environment must have the Azure credentials as outlined in the [getting
 started prerequisites section](./getting-started.md#Prerequisites)
 
-#### Building and pushing dev images
+#### Creating a dev cluster
 
-1. Login to your container registry using `docker login`.
+The steps below are provided in a convenient script in [hack/create-dev-cluster.sh](hack/create-dev-cluster.sh). Be sure to set `REGISTRY="<container-registry>"`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, `AZURE_SUBSCRIPTION_ID`, and `AZURE_TENANT_ID` before running. Optionally, you can override the different cluster configuration variables. For example, to override the workload cluster name:
 
-   e.g., `docker login quay.io`
+```bash
+CLUSTER_NAME=<my-capz-cluster-name> ./hack/create-dev-cluster.sh
+```
+
+##### Building and pushing dev images
 
-2. To build images with custom tags and push to your custom image registry,
+1. To build images with custom tags,
    run the `make docker-build` as follows:
 
    ```bash
-   REGISTRY="<container-registry>" MANAGER_IMAGE_TAG="<image-tag>" make docker-build
+   export REGISTRY="<container-registry>"
+   export MANAGER_IMAGE_TAG="<image-tag>" # optional - defaults to `dev`.
+   PULL_POLICY=IfNotPresent make docker-build
    ```
 
-3. Push your docker images:
+2. (optional) Push your docker images:
+
+   2.1. Login to your container registry using `docker login`.
+
+   e.g., `docker login quay.io`
+
+   2.2. Push to your custom image registry:
+
    ```bash
    REGISTRY="<container-registry>" MANAGER_IMAGE_TAG="<image-tag>" make docker-push
    ```
 
-#### Customizing the cluster deployment
+   NOTE: `make create-cluster` will fetch the manager image locally and load it onto the kind cluster if it is present.
 
-Here is a list of commonly overridden configuration parameters (the full list is available in `templates/cluster-template.yaml`):
+##### Customizing the cluster deployment
+
+Here is a list of required configuration parameters (the full list is available in `templates/cluster-template.yaml`):
 
 ```bash
 # Cluster settings.
@@ -200,11 +217,14 @@ echo "Machine SSH key generated in ${SSH_KEY_FILE}"
 export AZURE_SSH_PUBLIC_KEY=$(cat "${SSH_KEY_FILE}.pub" | base64 | tr -d '\r\n')
 ```
 
-#### Creating a test cluster
+##### Creating the cluster
+
+⚠️ Make sure you followed the previous two steps to build the dev image and set the required environment variables before proceding.
 
-Ensure kind has been reset:
+Ensure dev environment has been reset:
 
 ```bash
+make clean
 make kind-reset
 ```
 
@@ -214,9 +234,7 @@ Create the cluster:
 make create-cluster
 ```
 
-These steps above are provided in a convient script in [hack/manual-testing.sh](hack/manual-testing.sh).  Be sure to set `REGISTRY="<container-registry>"` and  `MANAGER_IMAGE_TAG="<image-tag>"` before running.
-
-#### debugging cluster creation
+#### Debugging cluster creation
 
 While cluster build out is running, you can optionally follow the controller logs in a separate window as follows:
 

hack/create-dev-cluster.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+# Copyright 2020 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Verify the required Environment Variables are present.
+: "${AZURE_SUBSCRIPTION_ID:?Environment variable empty or not defined.}"
+: "${AZURE_TENANT_ID:?Environment variable empty or not defined.}"
+: "${AZURE_CLIENT_ID:?Environment variable empty or not defined.}"
+: "${AZURE_CLIENT_SECRET:?Environment variable empty or not defined.}"
+: "${REGISTRY:?Environment variable empty or not defined.}"
+
+# Cluster settings.
+export CLUSTER_NAME="${CLUSTER_NAME:-capz-test}"
+export AZURE_VNET_NAME=${CLUSTER_NAME}-vnet
+
+# Azure settings.
+export AZURE_LOCATION="${AZURE_LOCATION:-southcentralus}"
+export AZURE_RESOURCE_GROUP=${CLUSTER_NAME}
+export AZURE_SUBSCRIPTION_ID_B64="$(echo -n "$AZURE_SUBSCRIPTION_ID" | base64 | tr -d '\n')"
+export AZURE_TENANT_ID_B64="$(echo -n "$AZURE_TENANT_ID" | base64 | tr -d '\n')"
+export AZURE_CLIENT_ID_B64="$(echo -n "$AZURE_CLIENT_ID" | base64 | tr -d '\n')"
+export AZURE_CLIENT_SECRET_B64="$(echo -n "$AZURE_CLIENT_SECRET" | base64 | tr -d '\n')"
+
+# Machine settings.
+export CONTROL_PLANE_MACHINE_COUNT=${CONTROL_PLANE_MACHINE_COUNT:-3}
+export AZURE_CONTROL_PLANE_MACHINE_TYPE="${CONTROL_PLANE_MACHINE_TYPE:-Standard_D2s_v3}"
+export AZURE_NODE_MACHINE_TYPE="${NODE_MACHINE_TYPE:-Standard_D2s_v3}"
+export WORKER_MACHINE_COUNT=${WORKER_MACHINE_COUNT:-2}
+export KUBERNETES_VERSION="${KUBERNETES_VERSION:-v1.17.3}"
+
+# Generate SSH key.
+SSH_KEY_FILE=${SSH_KEY_FILE:-""}
+if ! [ -n "$SSH_KEY_FILE" ]; then
+    SSH_KEY_FILE=.sshkey
+    rm -f "${SSH_KEY_FILE}" 2>/dev/null
+    ssh-keygen -t rsa -b 2048 -f "${SSH_KEY_FILE}" -N '' 1>/dev/null
+    echo "Machine SSH key generated in ${SSH_KEY_FILE}"
+fi
+export AZURE_SSH_PUBLIC_KEY=$(cat "${SSH_KEY_FILE}.pub" | base64 | tr -d '\r\n')
+
+echo "================ DOCKER BUILD ==============="
+PULL_POLICY=IfNotPresent make modules docker-build
+
+echo "================ MAKE CLEAN ==============="
+make clean
+
+echo "================ KIND RESET ==============="
+make kind-reset
+
+echo "================ CREATE CLUSTER ==============="
+make create-cluster

scripts/ci-conformance.sh

@@ -0,0 +1,152 @@
+#!/bin/bash
+
+# Copyright 2020 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+###############################################################################
+
+# To run locally, set AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_SUBSCRIPTION_ID, AZURE_TENANT_ID
+
+set -o nounset
+set -o pipefail
+
+REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
+cd "${REPO_ROOT}" || exit 1
+
+# shellcheck source=../hack/ensure-go.sh
+source "${REPO_ROOT}/hack/ensure-go.sh"
+# shellcheck source=../hack/ensure-kind.sh
+source "${REPO_ROOT}/hack/ensure-kind.sh"
+# shellcheck source=../hack/ensure-kubectl.sh
+source "${REPO_ROOT}/hack/ensure-kubectl.sh"
+# shellcheck source=../hack/ensure-kustomize.sh
+source "${REPO_ROOT}/hack/ensure-kustomize.sh"  
+
+random-string() {
+    cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1
+}
+
+# generate manifests needed for creating the Azure cluster to run the tests
+add_kustomize_patch() {
+    # Enable the bits to inject a script that can pull newer versions of kubernetes
+    if ! grep -i -wq "patchesStrategicMerge" "templates/kustomization.yaml"; then
+        echo "patchesStrategicMerge:" >> "templates/kustomization.yaml"
+    fi
+    if ! grep -i -wq "kustomizeversions" "templates/kustomization.yaml"; then
+        echo "- kustomizeversions.yaml" >> "templates/kustomization.yaml"
+    fi
+}
+
+# build Kubernetes E2E binaries
+build_k8s() {
+    # possibly enable bazel build caching before building kubernetes
+    if [[ "${BAZEL_REMOTE_CACHE_ENABLED:-false}" == "true" ]]; then
+    create_bazel_cache_rcs.sh || true
+    fi
+
+    pushd "$(go env GOPATH)/src/k8s.io/kubernetes"
+
+    # make sure we have e2e requirements
+    bazel build //cmd/kubectl //test/e2e:e2e.test //vendor/github.com/onsi/ginkgo/ginkgo
+
+    # ensure the e2e script will find our binaries ...
+    mkdir -p "${PWD}/_output/bin/"
+    cp -f "${PWD}/bazel-bin/test/e2e/e2e.test" "${PWD}/_output/bin/e2e.test"
+    cp -f "${PWD}/bazel-bin/vendor/github.com/onsi/ginkgo/ginkgo/darwin_amd64_stripped/ginkgo" "${PWD}/_output/bin/ginkgo"
+    export KUBECTL_PATH="$(dirname "$(find "${PWD}/bazel-bin/" -name kubectl -type f)")/kubectl"
+    PATH="${KUBECTL_PATH}:${PATH}"
+    export PATH
+
+    # attempt to release some memory after building
+    sync || true
+    echo 1 > /proc/sys/vm/drop_caches || true
+
+    popd
+}
+
+create_cluster() {
+    export CLUSTER_NAME="capz-conformance-$(head /dev/urandom | LC_ALL=C tr -dc a-z0-9 | head -c 6 ; echo '')"
+    export CI_VERSION=${CI_VERSION:-$(curl -sSL https://dl.k8s.io/ci/k8s-master.txt)}
+    export REGISTRY=conformance
+    ${REPO_ROOT}/hack/create-dev-cluster.sh
+}
+
+run_tests() {
+    # export the target cluster KUBECONFIG if not already set
+    export KUBECONFIG="${KUBECONFIG:-${PWD}/kubeconfig}"
+    # ginkgo regexes
+    SKIP="${SKIP:-}"
+    FOCUS="${FOCUS:-"\\[Conformance\\]"}"
+    # if we set PARALLEL=true, skip serial tests set --ginkgo-parallel
+    if [[ "${PARALLEL:-false}" == "true" ]]; then
+    export GINKGO_PARALLEL=y
+    if [[ -z "${SKIP}" ]]; then
+        SKIP="\\[Serial\\]"
+    else
+        SKIP="\\[Serial\\]|${SKIP}"
+    fi
+    fi
+
+    # get the number of worker nodes
+    NUM_NODES="$(kubectl get nodes --kubeconfig="$KUBECONFIG" \
+    -o=jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.spec.taints}{"\n"}{end}' \
+    | grep -cv "node-role.kubernetes.io/master" )"
+
+    # wait for all the nodes to be ready
+    kubectl wait --for=condition=Ready node --kubeconfig="$KUBECONFIG" --all || true
+
+    ARTIFACTS="${ARTIFACTS:-${PWD}/_artifacts}"
+
+    # setting this env prevents ginkg e2e from trying to run provider setup
+    export KUBERNETES_CONFORMANCE_TEST="y"
+    # run the tests
+    (cd "$(go env GOPATH)/src/k8s.io/kubernetes" && ./hack/ginkgo-e2e.sh \
+    '--provider=skeleton' "--num-nodes=${NUM_NODES}" \
+    "--ginkgo.focus=${FOCUS}" "--ginkgo.skip=${SKIP}" \
+    "--report-dir=${ARTIFACTS}" '--disable-log-dump=true')
+
+    unset KUBECONFIG
+    unset KUBERNETES_CONFORMANCE_TEST
+}
+
+# cleanup all resources we use
+cleanup() {
+    timeout 600 kubectl \
+        delete cluster "${CLUSTER_NAME}" || true
+        timeout 600 kubectl \
+        wait --for=delete cluster/"${CLUSTER_NAME}" || true
+    make kind-reset || true
+    # clean up e2e.test symlink
+    (cd "$(go env GOPATH)/src/k8s.io/kubernetes" && rm -f _output/bin/e2e.test) || true
+}
+
+# create cluster
+SKIP_CREATE_CLUSTER=${SKIP_CREATE_CLUSTER:-""}
+if [[ -z "${SKIP_CREATE_CLUSTER}" ]]; then
+    add_kustomize_patch
+    create_cluster
+fi
+
+# build k8s binaries and run conformance tests
+SKIP_TESTS=${SKIP_TESTS:-""}
+if [[ -z "${SKIP_TESTS}" ]]; then
+    build_k8s
+    run_tests
+fi
+
+# cleanup
+SKIP_CLEANUP=${SKIP_CLEANUP:-""}
+if [[ -z "${SKIP_CLEANUP}" ]]; then
+    cleanup
+fi

templates/kustomization.yaml

@@ -3,4 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: default
 resources:
-  - cluster-template.yaml
+  - cluster-template.yaml