forked from Azure/AgentBaker
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathvalidation.go
More file actions
91 lines (80 loc) · 2.66 KB
/
validation.go
File metadata and controls
91 lines (80 loc) · 2.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package e2e_test
import (
"context"
"fmt"
"log"
"strings"
"testing"
"github.com/Azure/agentbakere2e/scenario"
)
func runLiveVMValidators(ctx context.Context, t *testing.T, vmssName, sshPrivateKey string, opts *scenarioRunOpts) error {
privateIP, err := getVMPrivateIPAddress(ctx, opts.cloud, opts.suiteConfig.subscription, *opts.chosenCluster.Properties.NodeResourceGroup, vmssName)
if err != nil {
return fmt.Errorf("unable to get private IP address of VM on VMSS %q: %w", vmssName, err)
}
podName, err := getDebugPodName(opts.kube)
if err != nil {
return fmt.Errorf("unable to get debug pod name: %w", err)
}
validators := commonLiveVMValidators()
if opts.scenario.LiveVMValidators != nil {
validators = append(validators, opts.scenario.LiveVMValidators...)
}
for _, validator := range validators {
desc := validator.Description
command := validator.Command
log.Printf("running live VM validator: %q", desc)
execResult, err := pollExecOnVM(ctx, opts.kube, privateIP, podName, sshPrivateKey, command)
if err != nil {
return fmt.Errorf("unable to execute validator command %q: %w", command, err)
}
if execResult.exitCode != "0" {
execResult.dumpAll()
return fmt.Errorf("validator command %q terminated with exit code %s", command, execResult.exitCode)
}
if validator.Asserter != nil {
err := validator.Asserter(execResult.stdout.String(), execResult.stderr.String())
if err != nil {
execResult.dumpAll()
return fmt.Errorf("failed validator assertion: %w", err)
}
}
}
return nil
}
func commonLiveVMValidators() []*scenario.LiveVMValidator {
return []*scenario.LiveVMValidator{
{
Description: "assert /etc/default/kubelet should not contain dynamic config dir flag",
Command: "cat /etc/default/kubelet",
Asserter: func(stdout, stderr string) error {
if strings.Contains(stdout, "--dynamic-config-dir") {
return fmt.Errorf("/etc/default/kubelet should not contain kubelet flag '--dynamic-config-dir', but does")
}
return nil
},
},
scenario.SysctlConfigValidator(
map[string]int{
"net.ipv4.tcp_retries2": 8,
"net.core.message_burst": 80,
"net.core.message_cost": 40,
"net.core.somaxconn": 16384,
"net.ipv4.tcp_max_syn_backlog": 16384,
"net.ipv4.neigh.default.gc_thresh1": 4096,
"net.ipv4.neigh.default.gc_thresh2": 8192,
"net.ipv4.neigh.default.gc_thresh3": 16384,
},
),
scenario.DirectoryValidator(
"/var/log/azure/aks",
[]string{
"cluster-provision.log",
"cluster-provision-cse-output.log",
"cloud-init-files.paved",
"vhd-install.complete",
"cloud-config.txt",
},
),
}
}