From 1430a36d27d46529bd25de5b39681cf7f7cca5e4 Mon Sep 17 00:00:00 2001 From: Seth Levine Date: Tue, 9 Apr 2024 11:55:21 -0400 Subject: [PATCH] Add Hop Limit Test For EKS metric_value_benchmark Test --- .../resources/eks_daemon_test_matrix.json | 13 +++- generator/test_case_generator.go | 76 +++++++++++-------- terraform/ecs_ec2/daemon/main.tf | 2 +- terraform/ecs_ec2/daemon/variables.tf | 5 ++ terraform/eks/daemon/app_signals/variables.tf | 7 +- terraform/eks/daemon/emf/variables.tf | 7 +- terraform/eks/daemon/fluent/bit/variables.tf | 7 +- .../eks/daemon/fluent/common/variables.tf | 7 +- terraform/eks/daemon/fluent/d/variables.tf | 7 +- .../daemon/fluent/windows/2019/variables.tf | 7 +- .../daemon/fluent/windows/2022/variables.tf | 7 +- .../eks/daemon/fluent/windows/variables.tf | 6 ++ terraform/eks/daemon/gpu/variables.tf | 5 ++ terraform/eks/daemon/main.tf | 18 ++++- .../modify_hop_limit/modify_hop_limit.go | 55 ++++++++++++++ terraform/eks/daemon/statsd/variables.tf | 5 ++ terraform/eks/daemon/variables.tf | 5 ++ .../eks/daemon/windows/2019/variables.tf | 5 ++ .../eks/daemon/windows/2022/variables.tf | 5 ++ terraform/eks/daemon/windows/variables.tf | 5 ++ 20 files changed, 209 insertions(+), 45 deletions(-) create mode 100644 terraform/eks/daemon/modify_hop_limit/modify_hop_limit.go diff --git a/generator/resources/eks_daemon_test_matrix.json b/generator/resources/eks_daemon_test_matrix.json index 046603dfc..2413a51ea 100644 --- a/generator/resources/eks_daemon_test_matrix.json +++ b/generator/resources/eks_daemon_test_matrix.json @@ -1,12 +1,19 @@ [ { - "k8s_version": "1.24", + "k8sVersion": "1.24", "ami": "AL2_x86_64", - "instanceType":"t3a.medium", + "instanceType":"t3.medium", "arc": "amd64" }, { - "k8s_version": "1.24", + "k8sVersion": "1.24", + "ami": "AL2_x86_64", + "instanceType":"t3.medium", + "arc": "amd64", + "hopLimit": 1 + }, + { + "k8sVersion": "1.24", "ami": "AL2_ARM_64", "instanceType":"m6g.large", "arc": "arm64" diff --git a/generator/test_case_generator.go b/generator/test_case_generator.go index 056670d43..62e5277dc 100644 --- a/generator/test_case_generator.go +++ b/generator/test_case_generator.go @@ -29,6 +29,7 @@ type matrixRow struct { CaCertPath string `json:"caCertPath"` ValuesPerMinute int `json:"values_per_minute"` // Number of metrics to be sent or number of log lines to write K8sVersion string `json:"k8s_version"` + HopLimit int `json:"hop_limit"` TerraformDir string `json:"terraform_dir"` UseSSM bool `json:"useSSM"` ExcludedTests string `json:"excludedTests"` @@ -44,13 +45,14 @@ type testConfig struct { runMockServer bool // define target matrix field as set(s) // empty map means a testConfig will be created with a test entry for each entry from *_test_matrix.json - targets map[string]map[string]struct{} + targets map[string]map[any]struct{} // maxAttempts limits the number of times a test will be run. maxAttempts int } const ( testTypeKeyEc2Linux = "ec2_linux" + defaultHopLimit = 2 ) // you can't have a const map in golang @@ -63,11 +65,11 @@ var testTypeToTestConfig = map[string][]testConfig{ {testDir: "./test/cloudwatchlogs"}, { testDir: "./test/metrics_number_dimension", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, }, { testDir: "./test/emf_concurrent", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, maxAttempts: 1, }, {testDir: "./test/metric_value_benchmark"}, @@ -79,39 +81,39 @@ var testTypeToTestConfig = map[string][]testConfig{ {testDir: "./test/otlp"}, { testDir: "./test/acceptance", - targets: map[string]map[string]struct{}{"os": {"ubuntu-20.04": {}}}, + targets: map[string]map[any]struct{}{"os": {"ubuntu-20.04": {}}}, }, // skipping FIPS test as the test cannot be verified // neither ssh nor SSM works after a reboot once FIPS is enabled //{ // testDir: "./test/fips", - // targets: map[string]map[string]struct{}{"os": {"rhel8": {}}}, + // targets: map[string]map[any]struct{}{"os": {"rhel8": {}}}, //}, { testDir: "./test/lvm", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, }, { testDir: "./test/proxy", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, }, { testDir: "./test/ssl_cert", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, }, { testDir: "./test/userdata", terraformDir: "terraform/ec2/userdata", - targets: map[string]map[string]struct{}{"os": {"ol9": {}}}, + targets: map[string]map[any]struct{}{"os": {"ol9": {}}}, }, { testDir: "./test/assume_role", terraformDir: "terraform/ec2/creds", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, }, { testDir: "./test/app_signals", - targets: map[string]map[string]struct{}{"os": {"al2": {}}, "arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}, "arc": {"amd64": {}}}, }, }, /* @@ -129,11 +131,11 @@ var testTypeToTestConfig = map[string][]testConfig{ {testDir: "../../../test/feature/windows/event_logs"}, { testDir: "../../../test/feature/windows/custom_start/userdata", - targets: map[string]map[string]struct{}{"os": {"win-2019": {}}}, + targets: map[string]map[any]struct{}{"os": {"win-2019": {}}}, }, { testDir: "../../../test/feature/windows/custom_start/ssm_start", - targets: map[string]map[string]struct{}{"os": {"win-2019": {}}}, + targets: map[string]map[any]struct{}{"os": {"win-2019": {}}}, }, // assume role test doesn't add much value, and it already being tested with linux //{testDir: "../../../test/assume_role"}, @@ -167,56 +169,65 @@ var testTypeToTestConfig = map[string][]testConfig{ "ecs_ec2_daemon": { { testDir: "./test/metric_value_benchmark", - targets: map[string]map[string]struct{}{"metadataEnabled": {"enabled": {}}}, + targets: map[string]map[any]struct{}{"metadataEnabled": {"enabled": {}}}, }, { testDir: "./test/statsd", - targets: map[string]map[string]struct{}{"metadataEnabled": {"enabled": {}}}, + targets: map[string]map[any]struct{}{"metadataEnabled": {"enabled": {}}}, }, { testDir: "./test/emf", - targets: map[string]map[string]struct{}{"metadataEnabled": {"disabled": {}}}, + targets: map[string]map[any]struct{}{"metadataEnabled": {"disabled": {}}}, }, { testDir: "./test/emf", - targets: map[string]map[string]struct{}{"metadataEnabled": {"enabled": {}}}, + targets: map[string]map[any]struct{}{"metadataEnabled": {"enabled": {}}}, }, }, "eks_daemon": { { testDir: "./test/metric_value_benchmark", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}}, }, { testDir: "./test/metric_value_benchmark", terraformDir: "terraform/eks/daemon/windows/2019", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, { testDir: "./test/metric_value_benchmark", terraformDir: "terraform/eks/daemon/windows/2022", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, { testDir: "./test/statsd", terraformDir: "terraform/eks/daemon/statsd", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, { testDir: "./test/emf", terraformDir: "terraform/eks/daemon/emf", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, { testDir: "./test/fluent", terraformDir: "terraform/eks/daemon/fluent/d", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, - {testDir: "./test/fluent", terraformDir: "terraform/eks/daemon/fluent/bit"}, - {testDir: "./test/app_signals", terraformDir: "terraform/eks/daemon/app_signals", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + { + testDir: "./test/fluent", + terraformDir: "terraform/eks/daemon/fluent/bit", + targets: map[string]map[any]struct{}{"hopLimit": {2: {}}}, + }, + { + testDir: "./test/app_signals", terraformDir: "terraform/eks/daemon/app_signals", + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, + }, + { + testDir: "./test/fluent", + terraformDir: "terraform/eks/daemon/fluent/windows/2022", + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, - {testDir: "./test/fluent", terraformDir: "terraform/eks/daemon/fluent/windows/2022"}, { testDir: "./test/gpu", terraformDir: "terraform/eks/daemon/gpu", - targets: map[string]map[string]struct{}{"arc": {"amd64": {}}}, + targets: map[string]map[any]struct{}{"arc": {"amd64": {}}, "hopLimit": {2: {}}}, }, }, "eks_deployment": { @@ -254,7 +265,7 @@ func copyAllEC2LinuxTestForOnpremTesting() { testTypeToTestConfig["ec2_linux_onprem"] = []testConfig{ { testDir: "./test/lvm", - targets: map[string]map[string]struct{}{"os": {"al2": {}}}, + targets: map[string]map[any]struct{}{"os": {"al2": {}}}, }, } } @@ -298,6 +309,7 @@ func genMatrix(testType string, testConfigs []testConfig, ami []string) []matrix TestType: testType, TerraformDir: testConfig.terraformDir, MaxAttempts: testConfig.maxAttempts, + HopLimit: defaultHopLimit, } err = mapstructure.Decode(test, &row) if err != nil { @@ -318,15 +330,17 @@ func genMatrix(testType string, testConfigs []testConfig, ami []string) []matrix // not so robust way to determine a matrix entry should be included to complete test matrix, but it serves the purpose // struct (matrixRow) field should be added as elif to support more. could use reflection with some tradeoffs -func shouldAddTest(row *matrixRow, targets map[string]map[string]struct{}) bool { +func shouldAddTest(row *matrixRow, targets map[string]map[any]struct{}) bool { for key, set := range targets { - var rowVal string + var rowVal any if key == "arc" { rowVal = row.Arc } else if key == "os" { rowVal = row.Os } else if key == "metadataEnabled" { rowVal = row.MetadataEnabled + } else if key == "hopLimit" { + rowVal = row.HopLimit } if rowVal == "" { diff --git a/terraform/ecs_ec2/daemon/main.tf b/terraform/ecs_ec2/daemon/main.tf index 11a888834..01294ded0 100644 --- a/terraform/ecs_ec2/daemon/main.tf +++ b/terraform/ecs_ec2/daemon/main.tf @@ -39,7 +39,7 @@ resource "aws_launch_configuration" "cluster" { metadata_options { http_endpoint = "enabled" http_tokens = "required" - http_put_response_hop_limit = 2 + http_put_response_hop_limit = var.hop_limit } } diff --git a/terraform/ecs_ec2/daemon/variables.tf b/terraform/ecs_ec2/daemon/variables.tf index 1ce33ad61..40afc58f7 100644 --- a/terraform/ecs_ec2/daemon/variables.tf +++ b/terraform/ecs_ec2/daemon/variables.tf @@ -31,4 +31,9 @@ variable "cwagent_image_tag" { variable "metadataEnabled" { type = string default = "enabled" +} + +variable "hop_limit" { + type = number + default = 2 } \ No newline at end of file diff --git a/terraform/eks/daemon/app_signals/variables.tf b/terraform/eks/daemon/app_signals/variables.tf index a0434630e..6afabb737 100644 --- a/terraform/eks/daemon/app_signals/variables.tf +++ b/terraform/eks/daemon/app_signals/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/emf/variables.tf b/terraform/eks/daemon/emf/variables.tf index 41afe484a..b54e68074 100644 --- a/terraform/eks/daemon/emf/variables.tf +++ b/terraform/eks/daemon/emf/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/fluent/bit/variables.tf b/terraform/eks/daemon/fluent/bit/variables.tf index b0574487d..9538e3a9d 100644 --- a/terraform/eks/daemon/fluent/bit/variables.tf +++ b/terraform/eks/daemon/fluent/bit/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/fluent/common/variables.tf b/terraform/eks/daemon/fluent/common/variables.tf index e542ae8bd..cceb9221b 100644 --- a/terraform/eks/daemon/fluent/common/variables.tf +++ b/terraform/eks/daemon/fluent/common/variables.tf @@ -35,4 +35,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/fluent/d/variables.tf b/terraform/eks/daemon/fluent/d/variables.tf index b0574487d..9538e3a9d 100644 --- a/terraform/eks/daemon/fluent/d/variables.tf +++ b/terraform/eks/daemon/fluent/d/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/fluent/windows/2019/variables.tf b/terraform/eks/daemon/fluent/windows/2019/variables.tf index e4625b7aa..5d7e709e8 100644 --- a/terraform/eks/daemon/fluent/windows/2019/variables.tf +++ b/terraform/eks/daemon/fluent/windows/2019/variables.tf @@ -44,4 +44,9 @@ variable "windows_ami_type" { variable "windows_os_version" { type = string default = "2019" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/fluent/windows/2022/variables.tf b/terraform/eks/daemon/fluent/windows/2022/variables.tf index 46ecb09b4..bc7525bb2 100644 --- a/terraform/eks/daemon/fluent/windows/2022/variables.tf +++ b/terraform/eks/daemon/fluent/windows/2022/variables.tf @@ -44,4 +44,9 @@ variable "windows_ami_type" { variable "windows_os_version" { type = string default = "2022" -} \ No newline at end of file +} + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/fluent/windows/variables.tf b/terraform/eks/daemon/fluent/windows/variables.tf index f5d2d1cfc..5388ce766 100644 --- a/terraform/eks/daemon/fluent/windows/variables.tf +++ b/terraform/eks/daemon/fluent/windows/variables.tf @@ -45,3 +45,9 @@ variable "windows_os_version" { type = string default = "2022" } + +variable "hop_limit" { + type = number + default = 2 +} + diff --git a/terraform/eks/daemon/gpu/variables.tf b/terraform/eks/daemon/gpu/variables.tf index 26a0e6cd0..26072b699 100644 --- a/terraform/eks/daemon/gpu/variables.tf +++ b/terraform/eks/daemon/gpu/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "g4dn.xlarge" +} + +variable "hop_limit" { + type = number + default = 2 } \ No newline at end of file diff --git a/terraform/eks/daemon/main.tf b/terraform/eks/daemon/main.tf index 2ca2f063f..652c0fecb 100644 --- a/terraform/eks/daemon/main.tf +++ b/terraform/eks/daemon/main.tf @@ -47,10 +47,10 @@ resource "aws_eks_node_group" "this" { min_size = 1 } - ami_type = "AL2_x86_64" + ami_type = var.ami_type capacity_type = "ON_DEMAND" disk_size = 20 - instance_types = ["t3.medium"] + instance_types = [var.instance_type] depends_on = [ aws_iam_role_policy_attachment.node_AmazonEC2ContainerRegistryReadOnly, @@ -174,7 +174,8 @@ resource "kubernetes_daemonset" "service" { kubernetes_namespace.namespace, kubernetes_config_map.cwagentconfig, kubernetes_service_account.cwagentservice, - aws_eks_node_group.this + aws_eks_node_group.this, + null_resource.modify_hop_limit ] metadata { name = "cloudwatch-agent" @@ -423,3 +424,14 @@ resource "null_resource" "validator" { EOT } } + +resource "null_resource" "modify_hop_limit" { + depends_on = [ + aws_eks_node_group.this, + ] + provisioner "local-exec" { + command = <<-EOT + go run ./modify_hop_limit ${aws_eks_cluster.this.name} ${var.hop_limit} + EOT + } +} diff --git a/terraform/eks/daemon/modify_hop_limit/modify_hop_limit.go b/terraform/eks/daemon/modify_hop_limit/modify_hop_limit.go new file mode 100644 index 000000000..d0aa0cfdd --- /dev/null +++ b/terraform/eks/daemon/modify_hop_limit/modify_hop_limit.go @@ -0,0 +1,55 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: MIT + +package main + +import ( + "context" + "log" + "os" + "strconv" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/service/ec2" + "github.com/aws/aws-sdk-go-v2/service/ec2/types" +) + +func main() { + args := os.Args + cluster := args[1] + hopLimit, err := strconv.Atoi(args[2]) + if err != nil { + log.Fatalf("could not parse hop limit %s", args[2]) + } + cxt := context.Background() + defaultConfig, err := config.LoadDefaultConfig(cxt) + if err != nil { + log.Fatal("could not create aws sdk v2 config") + } + ec2client := ec2.NewFromConfig(defaultConfig) + clusterNameFilter := types.Filter{Name: aws.String("tag:eks:cluster-name"), Values: []string{ + cluster, + }} + instanceInput := ec2.DescribeInstancesInput{ + Filters: []types.Filter{ + clusterNameFilter, + {Name: aws.String("instance-state-name"), + Values: []string{"running"}}}} + instanceOutput, err := ec2client.DescribeInstances(cxt, &instanceInput) + if err != nil { + log.Fatalf("could not get instances for input %v %v", instanceInput, err) + } + for _, reservation := range instanceOutput.Reservations { + for _, instance := range reservation.Instances { + modifyInstanceMetadataOptionsInput := ec2.ModifyInstanceMetadataOptionsInput{ + InstanceId: instance.InstanceId, + HttpPutResponseHopLimit: aws.Int32(int32(hopLimit)), + } + _, err := ec2client.ModifyInstanceMetadataOptions(cxt, &modifyInstanceMetadataOptionsInput) + if err != nil { + log.Fatalf("could not modify hop limit for instance %v %v", *instance.InstanceId, err) + } + } + } +} diff --git a/terraform/eks/daemon/statsd/variables.tf b/terraform/eks/daemon/statsd/variables.tf index d68d55f77..a2c10bb56 100644 --- a/terraform/eks/daemon/statsd/variables.tf +++ b/terraform/eks/daemon/statsd/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" +} + +variable "hop_limit" { + type = number + default = 2 } \ No newline at end of file diff --git a/terraform/eks/daemon/variables.tf b/terraform/eks/daemon/variables.tf index b0574487d..b7b560832 100644 --- a/terraform/eks/daemon/variables.tf +++ b/terraform/eks/daemon/variables.tf @@ -34,4 +34,9 @@ variable "ami_type" { variable "instance_type" { type = string default = "t3a.medium" +} + +variable "hop_limit" { + type = number + default = 2 } \ No newline at end of file diff --git a/terraform/eks/daemon/windows/2019/variables.tf b/terraform/eks/daemon/windows/2019/variables.tf index 87bbf9349..5d7e709e8 100644 --- a/terraform/eks/daemon/windows/2019/variables.tf +++ b/terraform/eks/daemon/windows/2019/variables.tf @@ -45,3 +45,8 @@ variable "windows_os_version" { type = string default = "2019" } + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/windows/2022/variables.tf b/terraform/eks/daemon/windows/2022/variables.tf index f5d2d1cfc..bc7525bb2 100644 --- a/terraform/eks/daemon/windows/2022/variables.tf +++ b/terraform/eks/daemon/windows/2022/variables.tf @@ -45,3 +45,8 @@ variable "windows_os_version" { type = string default = "2022" } + +variable "hop_limit" { + type = number + default = 2 +} diff --git a/terraform/eks/daemon/windows/variables.tf b/terraform/eks/daemon/windows/variables.tf index f5d2d1cfc..bc7525bb2 100644 --- a/terraform/eks/daemon/windows/variables.tf +++ b/terraform/eks/daemon/windows/variables.tf @@ -45,3 +45,8 @@ variable "windows_os_version" { type = string default = "2022" } + +variable "hop_limit" { + type = number + default = 2 +}