From d3a76c7958312cd6a9cd83682fa18f75e2baa0cd Mon Sep 17 00:00:00 2001 From: Xun Jiang Date: Sun, 26 Mar 2023 20:55:22 +0800 Subject: [PATCH] E2E test can read VC credential secret according to vSphere CSI driver version. Signed-off-by: Xun Jiang --- changelogs/CHANGELOG-0.9.md | 2 +- changelogs/CHANGELOG-1.8.md | 2 +- pkg/backup/backup_test.go | 8 ++-- .../content/docs/main/performance-guidance.md | 2 +- .../docs/v1.10/performance-guidance.md | 2 +- test/e2e/pv-backup/pv-backup-filter.go | 2 +- test/e2e/util/k8s/secret.go | 23 ----------- test/e2e/util/velero/install.go | 41 ++++++++++++++++++- 8 files changed, 49 insertions(+), 33 deletions(-) diff --git a/changelogs/CHANGELOG-0.9.md b/changelogs/CHANGELOG-0.9.md index 4b685b32e..f29a0d28e 100644 --- a/changelogs/CHANGELOG-0.9.md +++ b/changelogs/CHANGELOG-0.9.md @@ -154,7 +154,7 @@ * Skip completed jobs and pods when restoring (#463, @nrb) * Set namespace correctly when syncing backups from object storage (#472, @skriss) * When building on macOS, bind-mount volumes with delegated config (#478, @skriss) - * Add replica sets and daemonsets to cohabitating resources so they're not backed up twice (#482 #485, @skriss) + * Add replica sets and daemonsets to cohabiting resources so they're not backed up twice (#482 #485, @skriss) * Shut down the Ark server gracefully on SIGINT/SIGTERM (#483, @skriss) * Only back up resources that support GET and DELETE in addition to LIST and CREATE (#486, @nrb) * Show a better error message when trying to get an incomplete restore's logs (#496, @nrb) diff --git a/changelogs/CHANGELOG-1.8.md b/changelogs/CHANGELOG-1.8.md index 1e250f65d..7c8f01946 100644 --- a/changelogs/CHANGELOG-1.8.md +++ b/changelogs/CHANGELOG-1.8.md @@ -103,7 +103,7 @@ Also added DownloadTargetKindBackupItemSnapshots for retrieving the signed URL t * Fix CVE-2020-29652 and CVE-2020-26160 (#4274, @ywk253100) * Refine tag-release.sh to align with change in release process (#4185, @reasonerjt) * Fix plugins incompatible issue in upgrade test (#4141, @danfengliu) -* Verify group before treating resource as cohabitating (#4126, @sseago) +* Verify group before treating resource as cohabiting (#4126, @sseago) * Added ItemSnapshotter plugin definition and plugin framework - addresses #3533. Part of the Upload Progress enhancement (#3533) (#4077, @dsmithuchida) * Add upgrade test in E2E test (#4058, @danfengliu) diff --git a/pkg/backup/backup_test.go b/pkg/backup/backup_test.go index 56cbfe214..46aecf779 100644 --- a/pkg/backup/backup_test.go +++ b/pkg/backup/backup_test.go @@ -1002,7 +1002,7 @@ func TestBackupResourceCohabitation(t *testing.T) { }, }, { - name: "when deployments exist that are not in the cohabitating groups those are backed up along with apps/deployments", + name: "when deployments exist that are not in the cohabiting groups those are backed up along with apps/deployments", backup: defaultBackup().Result(), apiResources: []*test.APIResource{ test.VeleroDeployments( @@ -1046,11 +1046,11 @@ func TestBackupResourceCohabitation(t *testing.T) { } } -// TestBackupUsesNewCohabitatingResourcesForEachBackup ensures that when two backups are -// run that each include cohabitating resources, one copy of the relevant resources is +// TestBackupUsesNewCohabitingResourcesForEachBackup ensures that when two backups are +// run that each include cohabiting resources, one copy of the relevant resources is // backed up in each backup. Verification is done by looking at the contents of the backup // tarball. This covers a specific issue that was fixed by https://github.com/vmware-tanzu/velero/pull/485. -func TestBackupUsesNewCohabitatingResourcesForEachBackup(t *testing.T) { +func TestBackupUsesNewCohabitingResourcesForEachBackup(t *testing.T) { h := newHarness(t) // run and verify backup 1 diff --git a/site/content/docs/main/performance-guidance.md b/site/content/docs/main/performance-guidance.md index 0388799b7..dc8284ecf 100644 --- a/site/content/docs/main/performance-guidance.md +++ b/site/content/docs/main/performance-guidance.md @@ -81,7 +81,7 @@ Server: Below we've done 6 groups of tests, for each single group of test, we used limited resources (1 core CPU 2 GB memory or 4 cores CPU 4 GB memory) to do Velero file system backup under Restic path and Kopia path, and then compare the results. -Recorded the metrics of time consumption, maximum CPU usage, maximum memory usage, and minio strorage usage for node-agent daemonset, and the metrics of Velero deployment are not included since the differences are not obvious by whether using Restic uploader or Kopia uploader. +Recorded the metrics of time consumption, maximum CPU usage, maximum memory usage, and minio storage usage for node-agent daemonset, and the metrics of Velero deployment are not included since the differences are not obvious by whether using Restic uploader or Kopia uploader. Compression is either disabled or not unavailable for both uploader. diff --git a/site/content/docs/v1.10/performance-guidance.md b/site/content/docs/v1.10/performance-guidance.md index 0388799b7..dc8284ecf 100644 --- a/site/content/docs/v1.10/performance-guidance.md +++ b/site/content/docs/v1.10/performance-guidance.md @@ -81,7 +81,7 @@ Server: Below we've done 6 groups of tests, for each single group of test, we used limited resources (1 core CPU 2 GB memory or 4 cores CPU 4 GB memory) to do Velero file system backup under Restic path and Kopia path, and then compare the results. -Recorded the metrics of time consumption, maximum CPU usage, maximum memory usage, and minio strorage usage for node-agent daemonset, and the metrics of Velero deployment are not included since the differences are not obvious by whether using Restic uploader or Kopia uploader. +Recorded the metrics of time consumption, maximum CPU usage, maximum memory usage, and minio storage usage for node-agent daemonset, and the metrics of Velero deployment are not included since the differences are not obvious by whether using Restic uploader or Kopia uploader. Compression is either disabled or not unavailable for both uploader. diff --git a/test/e2e/pv-backup/pv-backup-filter.go b/test/e2e/pv-backup/pv-backup-filter.go index 4cef609d3..a531ee149 100644 --- a/test/e2e/pv-backup/pv-backup-filter.go +++ b/test/e2e/pv-backup/pv-backup-filter.go @@ -115,7 +115,7 @@ func (p *PVBackupFiltering) CreateResources() error { }) } }) - By(fmt.Sprintf("Polulate all pods %s with file %s", p.podsList, FILE_NAME), func() { + By(fmt.Sprintf("Populate all pods %s with file %s", p.podsList, FILE_NAME), func() { for index, ns := range *p.NSIncluded { By(fmt.Sprintf("Creating file in all pods to start %d in namespace %s", index, ns), func() { WaitForPods(p.Ctx, p.Client, ns, p.podsList[index]) diff --git a/test/e2e/util/k8s/secret.go b/test/e2e/util/k8s/secret.go index 3c3682c93..21c5271c9 100644 --- a/test/e2e/util/k8s/secret.go +++ b/test/e2e/util/k8s/secret.go @@ -22,7 +22,6 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" - "golang.org/x/net/context" v1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -73,25 +72,3 @@ func WaitForSecretsComplete(c clientset.Interface, ns, secretName string) error func GetSecret(c clientset.Interface, ns, secretName string) (*v1.Secret, error) { return c.CoreV1().Secrets(ns).Get(context.TODO(), secretName, metav1.GetOptions{}) } - -//CreateVCCredentialSecret refer to https://github.com/vmware-tanzu/velero-plugin-for-vsphere/blob/v1.3.0/docs/vanilla.md -func CreateVCCredentialSecret(c clientset.Interface, veleroNamespace string) error { - secret, err := GetSecret(c, "kube-system", "vsphere-config-secret") - if err != nil { - return err - } - vsphereCfg, exist := secret.Data["csi-vsphere.conf"] - if !exist { - return errors.New("failed to retrieve csi-vsphere config") - } - se := &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "velero-vsphere-config-secret", - Namespace: veleroNamespace, - }, - Type: v1.SecretTypeOpaque, - Data: map[string][]byte{"csi-vsphere.conf": vsphereCfg}, - } - _, err = c.CoreV1().Secrets(veleroNamespace).Create(context.TODO(), se, metav1.CreateOptions{}) - return err -} diff --git a/test/e2e/util/velero/install.go b/test/e2e/util/velero/install.go index 2c8938976..0bfd9068f 100644 --- a/test/e2e/util/velero/install.go +++ b/test/e2e/util/velero/install.go @@ -42,6 +42,11 @@ import ( . "github.com/vmware-tanzu/velero/test/e2e/util/k8s" ) +const ( + KubeSystemNamespace = "kube-system" + VSphereCSIControllerNamespace = "vmware-system-csi" +) + // we provide more install options other than the standard install.InstallOptions in E2E test type installOptions struct { *install.InstallOptions @@ -121,7 +126,7 @@ func configvSpherePlugin(cli TestClient) error { if err := CreateNamespace(context.Background(), cli, VeleroCfg.VeleroNamespace); err != nil { return errors.WithMessagef(err, "Failed to create Velero %s namespace", VeleroCfg.VeleroNamespace) } - if err := CreateVCCredentialSecret(cli.ClientGo, VeleroCfg.VeleroNamespace); err != nil { + if err := createVCCredentialSecret(cli.ClientGo, VeleroCfg.VeleroNamespace); err != nil { return errors.WithMessagef(err, "Failed to create virtual center credential secret in %s namespace", VeleroCfg.VeleroNamespace) } if err := WaitForSecretsComplete(cli.ClientGo, VeleroCfg.VeleroNamespace, vsphereSecret); err != nil { @@ -427,3 +432,37 @@ func VeleroUninstall(ctx context.Context, cli, namespace string) error { fmt.Println("Velero uninstalled ⛵") return nil } + +// createVCCredentialSecret refer to https://github.com/vmware-tanzu/velero-plugin-for-vsphere/blob/v1.3.0/docs/vanilla.md +func createVCCredentialSecret(c clientset.Interface, veleroNamespace string) error { + secret, err := getVCCredentialSecret(c) + if err != nil { + return err + } + vsphereCfg, exist := secret.Data["csi-vsphere.conf"] + if !exist { + return errors.New("failed to retrieve csi-vsphere config") + } + se := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "velero-vsphere-config-secret", + Namespace: veleroNamespace, + }, + Type: corev1.SecretTypeOpaque, + Data: map[string][]byte{"csi-vsphere.conf": vsphereCfg}, + } + _, err = c.CoreV1().Secrets(veleroNamespace).Create(context.TODO(), se, metav1.CreateOptions{}) + return err +} + +// Reference https://github.com/vmware-tanzu/velero-plugin-for-vsphere/blob/main/docs/vanilla.md#create-vc-credential-secret +// Read secret from kube-system namespace first, if not found, try with vmware-system-csi. +func getVCCredentialSecret(c clientset.Interface) (secret *corev1.Secret, err error) { + secret, err = GetSecret(c, KubeSystemNamespace, "vsphere-config-secret") + if err != nil { + if apierrors.IsNotFound(err) { + secret, err = GetSecret(c, VSphereCSIControllerNamespace, "vsphere-config-secret") + } + } + return +}