add ut for antreaNsx enabled

vmware-tanzu · Nov 14, 2022 · f5601d4 · f5601d4
1 parent 212fa3b
commit f5601d4
Show file tree

Hide file tree

Showing 2 changed files with 202 additions and 0 deletions.
diff --git a/addons/controllers/antreaconfig_controller_test.go b/addons/controllers/antreaconfig_controller_test.go
@@ -43,6 +43,7 @@ var _ = Describe("AntreaConfig Reconciler and Webhooks", func() {
 	const (
 		waitTimeout                            = waitTimeout //use this to change test speed when debugging
 		antreaManifestsTestFile1               = "testdata/antrea-test-1.yaml"
+		antreamanifestsTestFile2               = "testdata/antrea-test-2.yaml"
 		antreaTemplateConfigManifestsTestFile1 = "testdata/antrea-test-template-config-1.yaml"
 		antreaTestCluster1                     = "test-cluster-4"
 	)
@@ -204,6 +205,125 @@ var _ = Describe("AntreaConfig Reconciler and Webhooks", func() {
 
 	})
 
+	Context("Reconcile AntreaConfig with antreaNsx enabled for management cluster", func() {
+
+		BeforeEach(func() {
+			clusterName = antreaTestCluster1
+			clusterNamespace = defaultString
+			configCRName = util.GeneratePackageSecretName(clusterName, constants.AntreaDefaultRefName)
+			clusterResourceFilePath = antreamanifestsTestFile2
+		})
+
+		It("Should reconcile AntreaConfig and create data value secret on management cluster", func() {
+
+			clusterKey := client.ObjectKey{
+				Namespace: clusterNamespace,
+				Name:      clusterName,
+			}
+			configKey := client.ObjectKey{
+				Namespace: clusterNamespace,
+				Name:      configCRName,
+			}
+
+			cluster := &clusterapiv1beta1.Cluster{}
+			Eventually(func() bool {
+				err := k8sClient.Get(ctx, clusterKey, cluster)
+				return err == nil
+			}, waitTimeout, pollingInterval).Should(BeTrue())
+
+			config := &cniv1alpha1.AntreaConfig{}
+			Eventually(func() bool {
+				err := k8sClient.Get(ctx, configKey, config)
+				if err != nil {
+					return false
+				}
+
+				// Check owner reference
+				if len(config.OwnerReferences) == 0 {
+					return false
+				}
+
+				Expect(len(config.OwnerReferences)).Should(Equal(1))
+				Expect(config.OwnerReferences[0].Name).Should(Equal(clusterName))
+
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.TrafficEncapMode).Should(Equal("encap"))
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.FeatureGates.AntreaTraceflow).Should(Equal(false))
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.FeatureGates.AntreaPolicy).Should(Equal(true))
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.FeatureGates.FlowExporter).Should(Equal(false))
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.FeatureGates.AntreaIPAM).Should(Equal(false))
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.FeatureGates.ServiceExternalIP).Should(Equal(false))
+				Expect(config.Spec.Antrea.AntreaConfigDataValue.FeatureGates.Multicast).Should(Equal(false))
+				Expect(config.Spec.AntreaNsx.Enable).Should(Equal(true))
+				return true
+			}, waitTimeout, pollingInterval).Should(BeTrue())
+
+			Eventually(func() bool {
+				cluster := &clusterapiv1beta1.Cluster{}
+				err := k8sClient.Get(ctx, clusterKey, cluster)
+				if err != nil {
+					return false
+				}
+
+				serviceCIDR, serviceCIDRv6, err := util.GetServiceCIDRs(cluster)
+				if err != nil {
+					return false
+				}
+
+				infraProvider, err := util.GetInfraProvider(cluster)
+				if err != nil {
+					return false
+				}
+
+				// Check infraProvider values
+				Expect(infraProvider).Should(Equal("docker"))
+
+				// Check ServiceCIDR and ServiceCIDRv6 values
+				Expect(serviceCIDR).Should(Equal("192.168.0.0/16"))
+				Expect(serviceCIDRv6).Should(Equal("fd00:100:96::/48"))
+				return true
+			}, waitTimeout, pollingInterval).Should(BeTrue())
+
+			Eventually(func() bool {
+				secretKey := client.ObjectKey{
+					Namespace: clusterNamespace,
+					Name:      util.GenerateDataValueSecretName(clusterName, constants.AntreaAddonName),
+				}
+				secret := &v1.Secret{}
+				err := k8sClient.Get(ctx, secretKey, secret)
+				if err != nil {
+					return false
+				}
+				Expect(secret.Type).Should(Equal(v1.SecretTypeOpaque))
+
+				// check data value secret contents
+				secretData := string(secret.Data["values.yaml"])
+
+				Expect(strings.Contains(secretData, "serviceCIDR: 192.168.0.0/16")).Should(BeTrue())
+				Expect(strings.Contains(secretData, "serviceCIDRv6: fd00:100:96::/48")).Should(BeTrue())
+				Expect(strings.Contains(secretData, "infraProvider: docker")).Should(BeTrue())
+
+				Expect(strings.Contains(secretData, "trafficEncapMode: encap")).Should(BeTrue())
+				Expect(strings.Contains(secretData, "tlsCipherSuites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384")).Should(BeTrue())
+				Expect(strings.Contains(secretData, "AntreaProxy: true")).Should(BeTrue())
+				Expect(strings.Contains(secretData, "AntreaPolicy: true")).Should(BeTrue())
+
+				return true
+			}, waitTimeout, pollingInterval).Should(BeTrue())
+
+			Eventually(func() bool {
+				// Check status.secretRef after reconciliation
+				config := &cniv1alpha1.AntreaConfig{}
+				err := k8sClient.Get(ctx, configKey, config)
+				if err != nil {
+					return false
+				}
+				return config.Status.SecretRef == util.GenerateDataValueSecretName(clusterName, constants.AntreaAddonName)
+			}, waitTimeout, pollingInterval).Should(BeTrue())
+
+		})
+
+	})
+
 	Context("Reconcile AntreaConfig used as template", func() {
 
 		BeforeEach(func() {

diff --git a/addons/controllers/testdata/antrea-test-2.yaml b/addons/controllers/testdata/antrea-test-2.yaml
@@ -0,0 +1,82 @@
+---
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: Cluster
+metadata:
+  name: test-cluster-4
+  namespace: default
+spec:
+  clusterNetwork:
+    pods:
+      cidrBlocks: [ "192.168.0.0/16" ]
+    services:
+      cidrBlocks: [ "192.168.0.0/16","fd00:100:96::/48" ]
+  infrastructureRef:
+    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+    kind: DockerCluster
+    name: test-cluster-4
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: DockerCluster
+metadata:
+  name: test-cluster-4
+---
+apiVersion: cni.tanzu.vmware.com/v1alpha1
+kind: AntreaConfig
+metadata:
+  name: test-cluster-4-antrea-package
+  namespace: default
+  ownerReferences:
+    - apiVersion: cluster.x-k8s.io/v1beta1
+      blockOwnerDeletion: true
+      controller: true
+      kind: Cluster
+      name: test-cluster-4
+      uid: cbd29b10-c190-422e-86f1-a0321d1aab7d
+spec:
+  antrea:
+    config:
+      egress:
+        exceptCIDRs: []
+      nodePortLocal:
+        enabled: true
+        portRange: 61000-62000
+      antreaProxy:
+        proxyAll: false
+        nodePortAddresses: []
+        skipServices: []
+        proxyLoadBalancerIPs: false
+      flowExporter:
+        collectorAddress: "flow-aggregator.flow-aggregator.svc:4739:tls"
+        pollInterval: "5s"
+        activeFlowTimeout: "30s"
+        idleFlowTimeout: "15s"
+      kubeAPIServerOverride: null
+      transportInterface: null
+      transportInterfaceCIDRs: []
+      multicastInterfaces: []
+      tunnelType: geneve
+      trafficEncryptionMode: none
+      wireGuard:
+        port: 51820
+      serviceCIDR: 10.96.0.0/12
+      serviceCIDRv6: null
+      enableUsageReporting: false
+      trafficEncapMode: encap
+      noSNAT: false
+      disableUdpTunnelOffload: false
+      defaultMTU: ""
+      tlsCipherSuites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384
+      featureGates:
+        AntreaProxy: true
+        EndpointSlice: false
+        AntreaPolicy: true
+        FlowExporter: false
+        Egress: false
+        NodePortLocal: true
+        AntreaTraceflow: false
+        NetworkPolicyStats: false
+        AntreaIPAM: false
+        ServiceExternalIP: false
+        Multicast: false
+  antreaNsx:
+    enable: true