test integration eni-subnet-discovery: extend tests for IPv6 mode

Author: dshehbaj

test/integration/eni-subnet-discovery/eni_subnet_discovery_enhanced_test.go

@@ -15,6 +15,8 @@ package eni_subnet_discovery
 
 import (
 	"context"
+	"fmt"
+	"net"
 	"os"
 	"time"
 
@@ -320,8 +322,21 @@ var _ = Describe("ENI Subnet Discovery Enhanced Tests", func() {
 
 				// Create another subnet that has a different cluster tag
 				By("Creating a subnet for a different cluster")
-				subnetCidr, err := cidr.Subnet(cidrRange, 2, 1) // Use a different subnet
-				Expect(err).ToNot(HaveOccurred())
+				var subnetCidr *net.IPNet
+				if useIPv6 {
+					// For IPv6, calculate the appropriate number of bits to get a /64 subnet
+					prefixLen, _ := cidrRange.Mask.Size()
+					if prefixLen > 64 {
+						Fail(fmt.Sprintf("IPv6 parent CIDR prefix length must be <= 64, got /%d", prefixLen))
+					}
+					// Calculate how many bits we need to extend to reach /64
+					bitsToExtend := 64 - prefixLen
+					subnetCidr, err = cidr.Subnet(cidrRange, bitsToExtend, 1) // Use index 1 for different subnet
+					Expect(err).ToNot(HaveOccurred())
+				} else {
+					subnetCidr, err = cidr.Subnet(cidrRange, 2, 1) // Use a different subnet
+					Expect(err).ToNot(HaveOccurred())
+				}
 
 				otherSubnetOutput, err := f.CloudServices.EC2().
 					CreateSubnet(context.TODO(), subnetCidr.String(), f.Options.AWSVPCID, *primaryInstance.Placement.AvailabilityZone)

test/integration/eni-subnet-discovery/eni_subnet_discovery_suite_test.go

@@ -47,11 +47,13 @@ var (
 	cidrBlockAssociationID string
 	createdSubnet          string
 	primaryInstance        ec2types.Instance
+	useIPv6                bool
 )
 
 // Parse test specific variable from flag
 func init() {
 	flag.StringVar(&cidrRangeString, "secondary-cidr-range", "100.64.0.0/16", "second cidr range to be associated with the VPC")
+	flag.BoolVar(&useIPv6, "use-ipv6", false, "Use IPv6 for subnet discovery tests")
 }
 
 var _ = BeforeSuite(func() {
@@ -79,9 +81,21 @@ var _ = BeforeSuite(func() {
 	primaryInstance, err = f.CloudServices.EC2().DescribeInstance(context.TODO(), instanceID)
 	Expect(err).ToNot(HaveOccurred())
 
+	// Adjust default CIDR if IPv6 is enabled and no custom CIDR provided
+	if useIPv6 && cidrRangeString == "100.64.0.0/16" {
+		cidrRangeString = "2600:1f13:000::/56" // AWS IPv6 example range
+	}
+
 	_, cidrRange, err = net.ParseCIDR(cidrRangeString)
 	Expect(err).ToNot(HaveOccurred())
 
+	// Validate CIDR matches IP version
+	if useIPv6 {
+		Expect(cidrRange.IP.To4()).To(BeNil(), "IPv6 mode requires IPv6 CIDR")
+	} else {
+		Expect(cidrRange.IP.To4()).ToNot(BeNil(), "IPv4 mode requires IPv4 CIDR")
+	}
+
 	By("creating test namespace")
 	_ = f.K8sResourceManagers.NamespaceManager().CreateNamespace(utils.DefaultTestNamespace)
 
@@ -90,15 +104,54 @@ var _ = BeforeSuite(func() {
 	Expect(err).ToNot(HaveOccurred())
 
 	By("associating cidr range to the VPC")
-	association, err := f.CloudServices.EC2().AssociateVPCCIDRBlock(context.TODO(), f.Options.AWSVPCID, cidrRange.String())
-	Expect(err).ToNot(HaveOccurred())
-	cidrBlockAssociationID = *association.CidrBlockAssociation.AssociationId
+	if useIPv6 {
+		// The current framework only supports IPv4 CIDR association
+		// For IPv6, we assume the VPC already has IPv6 enabled
+		// In a production environment, you would extend the framework to support IPv6 association
+		By("IPv6 mode: assuming VPC already has IPv6 enabled")
+
+		// Verify VPC has IPv6 and get an existing association ID for cleanup
+		vpcInfo, err := f.CloudServices.EC2().DescribeVPC(context.TODO(), f.Options.AWSVPCID)
+		Expect(err).ToNot(HaveOccurred())
+
+		hasIPv6 := false
+		for _, assoc := range vpcInfo.Vpcs[0].Ipv6CidrBlockAssociationSet {
+			if assoc.Ipv6CidrBlockState != nil && assoc.Ipv6CidrBlockState.State == "associated" {
+				hasIPv6 = true
+				// We won't disassociate existing IPv6, so set empty ID
+				cidrBlockAssociationID = ""
+				break
+			}
+		}
+
+		if !hasIPv6 {
+			Skip("IPv6 tests require a VPC with IPv6 already enabled")
+		}
+	} else {
+		// IPv4 association works with current framework
+		association, err := f.CloudServices.EC2().AssociateVPCCIDRBlock(context.TODO(), f.Options.AWSVPCID, cidrRange.String())
+		Expect(err).ToNot(HaveOccurred())
+		cidrBlockAssociationID = *association.CidrBlockAssociation.AssociationId
+	}
 
 	By(fmt.Sprintf("creating the subnet in %s", *primaryInstance.Placement.AvailabilityZone))
 
-	// Subnet must be greater than /19
-	subnetCidr, err := cidr.Subnet(cidrRange, 2, 0)
-	Expect(err).ToNot(HaveOccurred())
+	var subnetCidr *net.IPNet
+	if useIPv6 {
+		// For IPv6, calculate the appropriate number of bits to get a /64 subnet
+		prefixLen, _ := cidrRange.Mask.Size()
+		if prefixLen > 64 {
+			Fail(fmt.Sprintf("IPv6 parent CIDR prefix length must be <= 64, got /%d", prefixLen))
+		}
+		// Calculate how many bits we need to extend to reach /64
+		bitsToExtend := 64 - prefixLen
+		subnetCidr, err = cidr.Subnet(cidrRange, bitsToExtend, 0)
+		Expect(err).ToNot(HaveOccurred())
+	} else {
+		// IPv4: Subnet must be greater than /19
+		subnetCidr, err = cidr.Subnet(cidrRange, 2, 0)
+		Expect(err).ToNot(HaveOccurred())
+	}
 
 	createSubnetOutput, err := f.CloudServices.EC2().
 		CreateSubnet(context.TODO(), subnetCidr.String(), f.Options.AWSVPCID, *primaryInstance.Placement.AvailabilityZone)
@@ -134,7 +187,9 @@ var _ = AfterSuite(func() {
 	errs.Append(f.CloudServices.EC2().DeleteSubnet(context.TODO(), createdSubnet))
 
 	By("disassociating the CIDR range to the VPC")
-	errs.Append(f.CloudServices.EC2().DisAssociateVPCCIDRBlock(context.TODO(), cidrBlockAssociationID))
+	if cidrBlockAssociationID != "" {
+		errs.Append(f.CloudServices.EC2().DisAssociateVPCCIDRBlock(context.TODO(), cidrBlockAssociationID))
+	}
 
 	Expect(errs.MaybeUnwrap()).ToNot(HaveOccurred())
 

test/integration/eni-subnet-discovery/eni_subnet_discovery_test.go

@@ -305,16 +305,37 @@ func checkSecondaryENISubnets(expectNewCidr bool) {
 	vpcOutput, err := f.CloudServices.EC2().DescribeVPC(context.TODO(), *primaryInstance.VpcId)
 	Expect(err).ToNot(HaveOccurred())
 
-	expectedCidrRangeString := *vpcOutput.Vpcs[0].CidrBlock
-	expectedCidrSplit := strings.Split(*vpcOutput.Vpcs[0].CidrBlock, "/")
-	expectedSuffix, _ := strconv.Atoi(expectedCidrSplit[1])
-	_, expectedCIDR, _ := net.ParseCIDR(*vpcOutput.Vpcs[0].CidrBlock)
-
-	if expectNewCidr {
-		expectedCidrRangeString = cidrRangeString
-		expectedCidrSplit = strings.Split(cidrRangeString, "/")
+	var expectedCidrRangeString string
+	var expectedCIDR *net.IPNet
+	var expectedSuffix int
+
+	if useIPv6 {
+		// For IPv6, look for associated IPv6 CIDR blocks
+		if len(vpcOutput.Vpcs[0].Ipv6CidrBlockAssociationSet) > 0 {
+			for _, assoc := range vpcOutput.Vpcs[0].Ipv6CidrBlockAssociationSet {
+				if assoc.Ipv6CidrBlockState != nil && assoc.Ipv6CidrBlockState.State == "associated" {
+					expectedCidrRangeString = *assoc.Ipv6CidrBlock
+					break
+				}
+			}
+		}
+		Expect(expectedCidrRangeString).ToNot(BeEmpty(), "No associated IPv6 CIDR found in VPC")
+		_, expectedCIDR, _ = net.ParseCIDR(expectedCidrRangeString)
+		expectedCidrSplit := strings.Split(expectedCidrRangeString, "/")
+		expectedSuffix, _ = strconv.Atoi(expectedCidrSplit[1])
+	} else {
+		// IPv4 logic
+		expectedCidrRangeString = *vpcOutput.Vpcs[0].CidrBlock
+		expectedCidrSplit := strings.Split(*vpcOutput.Vpcs[0].CidrBlock, "/")
 		expectedSuffix, _ = strconv.Atoi(expectedCidrSplit[1])
-		_, expectedCIDR, _ = net.ParseCIDR(cidrRangeString)
+		_, expectedCIDR, _ = net.ParseCIDR(*vpcOutput.Vpcs[0].CidrBlock)
+
+		if expectNewCidr {
+			expectedCidrRangeString = cidrRangeString
+			expectedCidrSplit = strings.Split(cidrRangeString, "/")
+			expectedSuffix, _ = strconv.Atoi(expectedCidrSplit[1])
+			_, expectedCIDR, _ = net.ParseCIDR(cidrRangeString)
+		}
 	}
 
 	By(fmt.Sprintf("checking the secondary ENI subnets are in the CIDR %s", expectedCidrRangeString))