kubernetes · k8s-ci-robot · Apr 21, 2024 · Apr 19, 2024 · Apr 19, 2024 · Apr 19, 2024
diff --git a/config/jobs/kubernetes/sig-network/sig-network-kind.yaml b/config/jobs/kubernetes/sig-network/sig-network-kind.yaml
@@ -49,7 +49,7 @@ presubmits:
       testgrid-tab-name: pr-sig-network-kind, dual
       description: Runs tests against a Dual Stack Kubernetes in Docker cluster
       testgrid-alert-email: [email protected]
-  - name: pull-kubernetes-e2e-kind-ipvs-dual-canary
+  - name: pull-kubernetes-e2e-kind-nftables-dual-canary
     cluster: k8s-infra-prow-build
     optional: true
     always_run: false
@@ -84,7 +84,7 @@ presubmits:
         - name: "IP_FAMILY"
           value: "dual"
         - name: KUBE_PROXY_MODE
-          value: "ipvs"
+          value: "nftables"
         # we need privileged mode in order to do docker in docker
         securityContext:
           privileged: true
@@ -97,7 +97,7 @@ presubmits:
             memory: 9Gi
     annotations:
       testgrid-dashboards: sig-network-kind
-      testgrid-tab-name: pr-sig-network-kind, ipvs, dual
+      testgrid-tab-name: pr-sig-network-kind, nftables, dual
       description: Runs tests against a Dual Stack Kubernetes in Docker cluster
       testgrid-alert-email: [email protected]
   - name: pull-kubernetes-e2e-kind-cloud-provider-loadbalancer
@@ -162,7 +162,7 @@ presubmits:
     optional: true
     always_run: false
     skip_report: false
-    run_if_changed: '^(pkg\/proxy\/nftables)'
+    run_if_changed: '^(test/e2e/network/|pkg/apis/networking|pkg/proxy/nftables/)'
     decorate: true
     labels:
       preset-dind-enabled: "true"
@@ -183,7 +183,7 @@ presubmits:
         - wrapper.sh
         - bash
         - -c
-        - curl -sSL https://kind.sigs.k8s.io/dl/latest/linux-amd64.tgz | tar xvfz - -C "${PATH%%:*}/" && $GOPATH/src/k8s.io/test-infra/experiment/kind-nftables-e2e.sh
+        - curl -sSL https://kind.sigs.k8s.io/dl/latest/linux-amd64.tgz | tar xvfz - -C "${PATH%%:*}/" && e2e-k8s.sh
         env:
         - name: PARALLEL
           value: "true"
@@ -416,7 +416,7 @@ periodics:
     testgrid-alert-email: [email protected], [email protected]
     testgrid-num-columns-recent: '3'
 # network test against kubernetes master branch with `kind`
-- interval: 6h
+- interval: 24h
   name: ci-kubernetes-kind-network-ipvs
   cluster: k8s-infra-prow-build
   labels:
@@ -466,7 +466,7 @@ periodics:
     testgrid-alert-email: [email protected], [email protected]
     testgrid-num-columns-recent: '3'
 # network test against kubernetes master branch with `kind` ipv6
-- interval: 6h
+- interval: 24h
   name: ci-kubernetes-kind-network-ipvs-ipv6
   cluster: k8s-infra-prow-build
   labels:
@@ -522,7 +522,7 @@ periodics:
     testgrid-alert-email: [email protected], [email protected]
     testgrid-num-columns-recent: '3'
 # network test against kubernetes master branch with `kind` dual stack
-- interval: 6h
+- interval: 24h
   name: ci-kubernetes-kind-network-ipvs-dual
   cluster: k8s-infra-prow-build
   labels:
@@ -579,6 +579,167 @@ periodics:
     description: Runs network tests using KIND against latest kubernetes master with a DualStack kubernetes-in-docker cluster
     testgrid-alert-email: [email protected], [email protected]
     testgrid-num-columns-recent: '3'
+- interval: 24h
+  name: ci-kubernetes-kind-network-nftables
+  cluster: k8s-infra-prow-build
+  labels:
+    preset-service-account: "true"
+    preset-dind-enabled: "true"
+    preset-kind-volume-mounts: "true"
+  decorate: true
+  decoration_config:
+    timeout: 200m
+  extra_refs:
+  - org: kubernetes
+    repo: kubernetes
+    base_ref: master
+    path_alias: k8s.io/kubernetes
+  spec:
+    containers:
+    - image: gcr.io/k8s-staging-test-infra/krte:v20240405-14b8bc2f76-master
+      command:
+        - wrapper.sh
+        - bash
+        - -c
+        - curl -sSL https://kind.sigs.k8s.io/dl/latest/linux-amd64.tgz | tar xvfz - -C "${PATH%%:*}/" && e2e-k8s.sh
+      env:
+      # don't retry network tests
+      - name: GINKGO_TOLERATE_FLAKES
+        value: "n"
+      - name: KUBE_PROXY_MODE
+        value: "nftables"
+      - name: FOCUS
+        value: \[sig-network\]|\[Conformance\]
+      - name: SKIP
+        value: \[Feature:(Networking-IPv6|Example|Federation|PerformanceDNS|ServiceCIDRs)\]|LB.health.check|LoadBalancer|load.balancer|GCE|NetworkPolicy|DualStack
+      # we need privileged mode in order to do docker in docker
+      securityContext:
+        privileged: true
+      resources:
+        limits:
+          cpu: 4
+          memory: 9Gi
+        requests:
+          cpu: 4
+          memory: 9Gi
+  annotations:
+    testgrid-dashboards: sig-network-kind, sig-testing-kind
+    testgrid-tab-name: sig-network-kind, nftables, master
+    description: Runs network tests using KIND against latest kubernetes master with a kubernetes-in-docker cluster using kube-proxy nftables
+    testgrid-alert-email: [email protected], [email protected]
+    testgrid-num-columns-recent: '3'
+- interval: 24h
+  name: ci-kubernetes-kind-network-nftables-ipv6
+  cluster: k8s-infra-prow-build
+  labels:
+    preset-service-account: "true"
+    preset-dind-enabled: "true"
+    preset-kind-volume-mounts: "true"
+  decorate: true
+  decoration_config:
+    timeout: 200m
+  extra_refs:
+  - org: kubernetes
+    repo: kubernetes
+    base_ref: master
+    path_alias: k8s.io/kubernetes
+  spec:
+    containers:
+    - image: gcr.io/k8s-staging-test-infra/krte:v20240405-14b8bc2f76-master
+      command:
+        - wrapper.sh
+        - bash
+        - -c
+        - curl -sSL https://kind.sigs.k8s.io/dl/latest/linux-amd64.tgz | tar xvfz - -C "${PATH%%:*}/" && e2e-k8s.sh
+      env:
+      # enable IPV6 in bootstrap image
+      - name: "DOCKER_IN_DOCKER_IPV6_ENABLED"
+        value: "true"
+      # tell kind CI script to use ipv6
+      - name: "IP_FAMILY"
+        value: "ipv6"
+      # don't retry network tests
+      - name: GINKGO_TOLERATE_FLAKES
+        value: "n"
+      - name: KUBE_PROXY_MODE
+        value: "nftables"
+      - name: FOCUS
+        value: \[sig-network\]|\[Conformance\]
+      - name: SKIP
+        value: \[Feature:(Networking-IPv4|Example|Federation|PerformanceDNS|ServiceCIDRs)\]|Internet.connection|upstream.nameserver|LB.health.check|LoadBalancer|load.balancer|GCE|NetworkPolicy|DualStack
+      # we need privileged mode in order to do docker in docker
+      securityContext:
+        privileged: true
+      resources:
+        limits:
+          cpu: 4
+          memory: 9Gi
+        requests:
+          cpu: 4
+          memory: 9Gi
+  annotations:
+    testgrid-dashboards: sig-network-kind, sig-testing-kind
+    testgrid-tab-name: sig-network-kind, nftables, IPv6, master
+    description: Runs network tests using KIND against latest kubernetes master with an IPv6 kubernetes-in-docker cluster using kube-proxy nftables
+    testgrid-alert-email: [email protected], [email protected]
+    testgrid-num-columns-recent: '3'
+- interval: 24h
+  name: ci-kubernetes-kind-network-nftables-dual
+  cluster: k8s-infra-prow-build
+  labels:
+    preset-service-account: "true"
+    preset-dind-enabled: "true"
+    preset-kind-volume-mounts: "true"
+  decorate: true
+  decoration_config:
+    timeout: 200m
+  extra_refs:
+  - org: kubernetes
+    repo: kubernetes
+    base_ref: master
+    path_alias: k8s.io/kubernetes
+  spec:
+    containers:
+    - image: gcr.io/k8s-staging-test-infra/krte:v20240405-14b8bc2f76-master
+      command:
+        - wrapper.sh
+        - bash
+        - -c
+        - curl -sSL https://kind.sigs.k8s.io/dl/latest/linux-amd64.tgz | tar xvfz - -C "${PATH%%:*}/" && e2e-k8s.sh
+      env:
+      - name: BUILD_TYPE
+        value: docker
+      # enable IPV6 in bootstrap image
+      - name: "DOCKER_IN_DOCKER_IPV6_ENABLED"
+        value: "true"
+      # tell kind CI script to use ipv6
+      - name: "IP_FAMILY"
+        value: "dual"
+      # don't retry network tests
+      - name: GINKGO_TOLERATE_FLAKES
+        value: "n"
+      - name: KUBE_PROXY_MODE
+        value: "nftables"
+      - name: FOCUS
+        value: \[sig-network\]|\[Conformance\]
+      - name: SKIP
+        value: \[Feature:(Networking-IPv4|PodHostIPs|Example|Federation|PerformanceDNS|ServiceCIDRs)\]|Internet.connection|upstream.nameserver|LB.health.check|LoadBalancer|load.balancer|GCE|NetworkPolicy
+      # we need privileged mode in order to do docker in docker
+      securityContext:
+        privileged: true
+      resources:
+        limits:
+          cpu: 4
+          memory: 9Gi
+        requests:
+          cpu: 4
+          memory: 9Gi
+  annotations:
+    testgrid-dashboards: sig-network-kind, sig-testing-kind
+    testgrid-tab-name: sig-network-kind, nftables, dual, master
+    description: Runs network tests using KIND against latest kubernetes master with a DualStack kubernetes-in-docker cluster using kube-proxy nftables
+    testgrid-alert-email: [email protected], [email protected]
+    testgrid-num-columns-recent: '3'
 # network test against kubernetes master branch with `kind`, skipping
 # serial tests so it runs in ~20m
 - interval: 6h
@@ -837,51 +998,3 @@ periodics:
     testgrid-tab-name: sig-network-kind, detect-local-interface-name-prefix
     description: Runs network tests using KIND against latest kubernetes master with a kubernetes-in-docker cluster and kube-proxy detectLocalMode=InterfaceNamePrefix
     testgrid-alert-email: [email protected], [email protected]
-- interval: 12h
-  name: ci-kubernetes-kind-network-nftables
-  cluster: k8s-infra-prow-build
-  labels:
-    preset-service-account: "true"
-    preset-dind-enabled: "true"
-    preset-kind-volume-mounts: "true"
-  decorate: true
-  decoration_config:
-    timeout: 200m
-  extra_refs:
-  - org: kubernetes
-    repo: kubernetes
-    base_ref: master
-    path_alias: k8s.io/kubernetes
-  - org: kubernetes
-    repo: test-infra
-    base_ref: master
-    path_alias: "k8s.io/test-infra"
-  spec:
-    containers:
-    - image: gcr.io/k8s-staging-test-infra/krte:v20240405-14b8bc2f76-master
-      command:
-        - wrapper.sh
-        - bash
-        - -c
-        - curl -sSL https://kind.sigs.k8s.io/dl/latest/linux-amd64.tgz | tar xvfz - -C "${PATH%%:*}/" && $GOPATH/src/k8s.io/test-infra/experiment/kind-nftables-e2e.sh
-      env:
-      - name: FOCUS
-        value: \[sig-network\]|\[Conformance\]
-      - name: SKIP
-        value: \[Feature:(Networking-IPv6|Example|Federation|PerformanceDNS|ServiceCIDRs)\]|LB.health.check|LoadBalancer|load.balancer|GCE|NetworkPolicy|DualStack
-      # we need privileged mode in order to do docker in docker
-      securityContext:
-        privileged: true
-      resources:
-        limits:
-          cpu: 4
-          memory: 9Gi
-        requests:
-          cpu: 4
-          memory: 9Gi
-  annotations:
-    testgrid-dashboards: sig-network-kind, sig-testing-kind
-    testgrid-tab-name: sig-network-kind, nftables, master
-    description: Runs network tests using KIND against latest kubernetes master with a kubernetes-in-docker cluster and the nftables proxy mode
-    testgrid-alert-email: [email protected], [email protected]
-    testgrid-num-columns-recent: '3'
diff --git a/config/testgrids/kubernetes/presubmits/config.yaml b/config/testgrids/kubernetes/presubmits/config.yaml
@@ -107,8 +107,8 @@ dashboards:
   - name: pull-kubernetes-e2e-kind-dual-canary
     test_group_name: pull-kubernetes-e2e-kind-dual-canary
     base_options: width=10
-  - name: pull-kubernetes-e2e-kind-ipvs-dual-canary
-    test_group_name: pull-kubernetes-e2e-kind-ipvs-dual-canary
+  - name: pull-kubernetes-e2e-kind-nftables-dual-canary
+    test_group_name: pull-kubernetes-e2e-kind-nftables-dual-canary
     base_options: width=10
   - name: pull-kubernetes-e2e-kind-alpha-features
     test_group_name: pull-kubernetes-e2e-kind-alpha-features