Conformance tests

    This document enumerates the steps required to run conformance tests for various platforms supported by Lokomotive.

    Step 1: Platform specific preparations

    Step 1.1: AWS

    For AWS you need to make sure that node ports are allowed in the security group. To do so, make sure you set the expose_nodeports cluster property to true in the AWS config. Read more about this flag in the AWS reference docs .

    To install the AWS cluster, follow the AWS quick start guide .

    Step 1.2: Packet

    Step 1.2.1: Cluster Requirements

    Create a cluster with at least two worker nodes. Follow the Packet quick start guide to install a cluster.

    Step 1.2.2: Expose kube-proxy

    Edit the kube-proxy Daemonset config to expose the metrics port on all interfaces. Run the following command to edit the configuration:

    kubectl -n kube-system edit ds kube-proxy

    Change the following flag from - --metrics-bind-address=$(HOST_IP) to - --metrics-bind-address=0.0.0.0.

    Step 1.2.3: Expose the node ports on the worker nodes

    Apply the following Calico configuration to expose the ports in the default node port range 30000 to 32767:

    echo "
apiVersion: crd.projectcalico.org/v1
kind: GlobalNetworkPolicy
metadata:
  name: allow-nodeport
spec:
  applyOnForward: true
  ingress:
  - action: Allow
    destination:
      ports:
      - 30000:32767
    protocol: TCP
  order: 20
  preDNAT: true
  selector: nodetype == 'worker'
" | kubectl apply -f -

    Step 2: Disable the mutating webhook server

    Run the following commands to disable the mutating webhook server that disallows the usage default service account tokens:

    kubectl delete MutatingWebhookConfiguration admission-webhook-server

    Step 3: Running conformance tests

    Follow the canonical document here which instructs on installing sonobuoy and running tests.

    github Edit this page github File documentation issue