Add e2e tests for kube-vip and OVN network load balancer (#36)

* configure OVN in setup-lxd.sh and setup-incus.sh scripts

* add kube-vip e2e test

* add ovn load balancer e2e test

Author: neoaggelos

hack/scripts/ci/setup-e2e.sh

@@ -0,0 +1,56 @@
+#!/bin/bash -xeu
+
+########################################################################
+### Usage:
+###   $ CLI=incus ./common-e2e.sh
+###   $ CLI=lxc ./common-e2e.sh
+
+# instance profiles
+LXC_PROFILE_NAME=default
+
+# local bridge network (10.200.1.0/24)
+LXC_NETWORK_NAME="testbr0"
+LXC_NETWORK_IPV6="none"
+LXC_NETWORK_IPV4="10.200.1.1/24"
+LXC_NETWORK_IPV4_DHCP="10.200.1.10-10.200.1.100"
+LXC_NETWORK_IPV4_OVN="10.200.1.101-10.200.1.150"
+LXC_NETWORK_IPV4_KUBE_VIP="10.200.1.151"
+
+# local OVN network (192.168.200.0/24)
+LXC_OVN_NETWORK_NAME="testovn0"
+LXC_OVN_NETWORK_IPV6="none"
+LXC_OVN_NETWORK_IPV4="192.168.200.1/24"
+LXC_OVN_NETWORK_IPV4_LB="10.200.1.201"
+
+########################################################################
+
+# install and configure OVN
+sudo apt install ovn-host ovn-central -y
+sudo ovs-vsctl set open_vswitch . external_ids:ovn-encap-ip="127.0.0.1"
+sudo ovs-vsctl set open_vswitch . external_ids:ovn-encap-type="geneve"
+sudo ovs-vsctl set open_vswitch . external_ids:ovn-remote="unix:/run/ovn/ovnsb_db.sock"
+
+########################################################################
+
+# configure default network. the user.capl.e2e.kube-vip-address annotation is used by "QuickStart KubeVIP"
+if ! "${CLI}" network show "${LXC_NETWORK_NAME}" 2> /dev/null; then
+  "${CLI}" network create "${LXC_NETWORK_NAME}" --type=bridge \
+    ipv4.address="${LXC_NETWORK_IPV4}" ipv4.nat=true \
+    ipv6.address="${LXC_NETWORK_IPV6}" ipv6.nat=true \
+    ipv4.dhcp.ranges="${LXC_NETWORK_IPV4_DHCP}" \
+    ipv4.ovn.ranges="${LXC_NETWORK_IPV4_OVN}" \
+    user.capl.e2e.kube-vip-address="${LXC_NETWORK_IPV4_KUBE_VIP}"
+fi
+
+# configure ovn network. the user.capl.e2e.ovn-lb-address annotation is used by "QuickStart OVN"
+if ! "${CLI}" network show "${LXC_OVN_NETWORK_NAME}" 2> /dev/null; then
+  "${CLI}" network create "${LXC_OVN_NETWORK_NAME}" --type=ovn \
+    network="${LXC_NETWORK_NAME}" \
+    ipv4.address="${LXC_OVN_NETWORK_IPV4}" ipv4.nat=true \
+    ipv6.address="${LXC_OVN_NETWORK_IPV6}" ipv6.nat=true \
+    user.capl.e2e.ovn-lb-address="${LXC_OVN_NETWORK_IPV4_LB}"
+fi
+
+# configure default profile
+"${CLI}" profile device set "${LXC_PROFILE_NAME}" eth0 type=nic network="${LXC_NETWORK_NAME}"
+"${CLI}" profile show default

hack/scripts/ci/setup-incus.sh

@@ -37,4 +37,7 @@ data:
   server-crt: '$(cat ~/.config/incus/servercerts/local-https.crt | base64 -w0)'
   client-crt: '$(cat ~/.config/incus/client.crt | base64 -w0)'
   client-key: '$(cat ~/.config/incus/client.key | base64 -w0)'
-" | tee "${DIR}/../../lxc-secret.yaml"
+" | tee "${DIR}/../../../lxc-secret.yaml"
+
+# Setup local Incus daemon for e2e tests
+CLI=incus "${DIR}/setup-e2e.sh"

hack/scripts/ci/setup-lxd.sh

@@ -40,4 +40,7 @@ data:
   server-crt: '$(cat ~/snap/lxd/common/config/servercerts/local-https.crt | base64 -w0)'
   client-crt: '$(cat ~/snap/lxd/common/config/client.crt | base64 -w0)'
   client-key: '$(cat ~/snap/lxd/common/config/client.key | base64 -w0)'
-" | tee "${DIR}/../../lxc-secret.yaml"
+" | tee "${DIR}/../../../lxc-secret.yaml"
+
+# Setup local LXD daemon for e2e tests
+CLI=lxc "${DIR}/setup-e2e.sh"

test/e2e/shared/defaults.go

@@ -40,6 +40,9 @@ const (
 	// Name of secret for LXC credentials
 	LXCSecretName = "LXC_SECRET_NAME"
 
+	// KubeVIP address to use for kube-vip tests
+	KubeVIPAddress = "KUBE_VIP_ADDRESS"
+
 	FlavorDefault     = ""
 	FlavorDevelopment = "development"
 	FlavorAutoscaler  = "autoscaler"

test/e2e/suites/e2e/quick_start_kube_vip_test.go

@@ -0,0 +1,75 @@
+//go:build e2e
+
+package e2e
+
+import (
+	"context"
+	"fmt"
+
+	"sigs.k8s.io/cluster-api/test/e2e"
+
+	"github.com/neoaggelos/cluster-api-provider-lxc/internal/incus"
+	"github.com/neoaggelos/cluster-api-provider-lxc/internal/ptr"
+	"github.com/neoaggelos/cluster-api-provider-lxc/test/e2e/shared"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("QuickStart", func() {
+	Context("KubeVIP", Label("PRBlocking"), func() {
+		var (
+			clusterctlVariables map[string]string
+		)
+		BeforeEach(func(ctx context.Context) {
+			if v := e2eCtx.E2EConfig.GetVariableBestEffort(shared.KubeVIPAddress); v != "" {
+				shared.Logf("Using kube-vip address %q (from environment variable KUBE_VIP_ADDRESS)", v)
+				clusterctlVariables = map[string]string{
+					"LOAD_BALANCER": fmt.Sprintf("kube-vip: {host: %q}", v),
+				}
+				return
+			}
+
+			// KUBE_VIP_ADDRESS is not set, look for a network
+			client, err := incus.New(ctx, e2eCtx.Settings.LXCClientOptions)
+			Expect(err).ToNot(HaveOccurred())
+			networks, err := client.Client.GetNetworks()
+			Expect(err).ToNot(HaveOccurred())
+
+			// find network with the annotations below
+			// -- user.capl.e2e.kube-vip-address = "<ip address>"
+			for _, network := range networks {
+				if v, ok := network.Config["user.capl.e2e.kube-vip-address"]; ok {
+					shared.Logf("Using kube-vip address %q (from network %q)", v, network.Name)
+					clusterctlVariables = map[string]string{
+						"LOAD_BALANCER":                 fmt.Sprintf("kube-vip: {host: '%s'}", v),
+						"CONTROL_PLANE_MACHINE_DEVICES": fmt.Sprintf("['eth0,type=nic,network=%s']", network.Name),
+						"WORKER_MACHINE_DEVICES":        fmt.Sprintf("['eth0,type=nic,network=%s']", network.Name),
+					}
+					return
+				}
+			}
+
+			Skip("Did not find any network with configuration 'user.capl.e2e.kube-vip-address', and KUBE_VIP_ADDRESS is not set")
+		})
+
+		e2e.QuickStartSpec(context.TODO(), func() e2e.QuickStartSpecInput {
+			return e2e.QuickStartSpecInput{
+				E2EConfig:              e2eCtx.E2EConfig,
+				ClusterctlConfigPath:   e2eCtx.Environment.ClusterctlConfigPath,
+				BootstrapClusterProxy:  e2eCtx.Environment.BootstrapClusterProxy,
+				ArtifactFolder:         e2eCtx.Settings.ArtifactFolder,
+				SkipCleanup:            e2eCtx.Settings.SkipCleanup,
+				PostNamespaceCreated:   e2eCtx.DefaultPostNamespaceCreated(),
+				ControlPlaneWaiters:    e2eCtx.DefaultControlPlaneWaiters(),
+				InfrastructureProvider: ptr.To("lxc:v0.88.99"),
+
+				Flavor:                   ptr.To(shared.FlavorDefault),
+				ControlPlaneMachineCount: ptr.To[int64](3),
+				WorkerMachineCount:       ptr.To[int64](0),
+
+				ClusterctlVariables: clusterctlVariables,
+			}
+		})
+	})
+})

test/e2e/suites/e2e/quick_start_oci_test.go

@@ -4,6 +4,7 @@ package e2e
 
 import (
 	"context"
+	"fmt"
 
 	"sigs.k8s.io/cluster-api/test/e2e"
 
@@ -24,7 +25,7 @@ var _ = Describe("QuickStart", func() {
 			err = client.SupportsInstanceOCI()
 			Expect(err).To(Or(Succeed(), MatchError(incus.IsTerminalError, "IsTerminalError")))
 			if err != nil {
-				Skip("Server does not support OCI instances")
+				Skip(fmt.Sprintf("Server does not support OCI instances: %v", err))
 			}
 		})
 

test/e2e/suites/e2e/quick_start_ovn_test.go

@@ -0,0 +1,75 @@
+//go:build e2e
+
+package e2e
+
+import (
+	"context"
+	"fmt"
+
+	"sigs.k8s.io/cluster-api/test/e2e"
+
+	"github.com/neoaggelos/cluster-api-provider-lxc/internal/incus"
+	"github.com/neoaggelos/cluster-api-provider-lxc/internal/ptr"
+	"github.com/neoaggelos/cluster-api-provider-lxc/test/e2e/shared"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("QuickStart", func() {
+	Context("OVN", Label("PRBlocking"), func() {
+		var (
+			lbAddress   string
+			networkName string
+		)
+		BeforeEach(func(ctx context.Context) {
+			client, err := incus.New(ctx, e2eCtx.Settings.LXCClientOptions)
+			Expect(err).ToNot(HaveOccurred())
+
+			err = client.SupportsNetworkLoadBalancer()
+			Expect(err).To(Or(Succeed(), MatchError(incus.IsTerminalError, "IsTerminalError")))
+			if err != nil {
+				Skip(fmt.Sprintf("Server does not support network load balancer: %v", err))
+			}
+
+			networks, err := client.Client.GetNetworks()
+			Expect(err).ToNot(HaveOccurred())
+
+			// find network with the annotations below
+			// -- user.capl.e2e.ovn-lb-address = "<ip address>"
+			for _, network := range networks {
+				if v, ok := network.Config["user.capl.e2e.ovn-lb-address"]; ok {
+					networkName = network.Name
+					lbAddress = v
+					shared.Logf("Using OVN network %q with LoadBalancer address %q", networkName, lbAddress)
+					return
+				}
+			}
+
+			Skip("Did not find any network with configuration 'user.capl.e2e.ovn-lb-address'")
+		})
+
+		e2e.QuickStartSpec(context.TODO(), func() e2e.QuickStartSpecInput {
+			return e2e.QuickStartSpecInput{
+				E2EConfig:              e2eCtx.E2EConfig,
+				ClusterctlConfigPath:   e2eCtx.Environment.ClusterctlConfigPath,
+				BootstrapClusterProxy:  e2eCtx.Environment.BootstrapClusterProxy,
+				ArtifactFolder:         e2eCtx.Settings.ArtifactFolder,
+				SkipCleanup:            e2eCtx.Settings.SkipCleanup,
+				PostNamespaceCreated:   e2eCtx.DefaultPostNamespaceCreated(),
+				ControlPlaneWaiters:    e2eCtx.DefaultControlPlaneWaiters(),
+				InfrastructureProvider: ptr.To("lxc:v0.88.99"),
+
+				Flavor:                   ptr.To(shared.FlavorDefault),
+				ControlPlaneMachineCount: ptr.To[int64](3),
+				WorkerMachineCount:       ptr.To[int64](0),
+
+				ClusterctlVariables: map[string]string{
+					"LOAD_BALANCER":                 fmt.Sprintf("ovn: {host: '%s', networkName: '%s'}", lbAddress, networkName),
+					"CONTROL_PLANE_MACHINE_DEVICES": fmt.Sprintf("['eth0,type=nic,network=%s']", networkName),
+					"WORKER_MACHINE_DEVICES":        fmt.Sprintf("['eth0,type=nic,network=%s']", networkName),
+				},
+			}
+		})
+	})
+})