configure sdn for release e2e tests

universal-itengineer · universal-itengineer · commit a83830ade663 · 2026-05-19T18:53:36.000+03:00
Signed-off-by: Nikita Korolev &lt;nikita.korolev@flant.com&gt;
diff --git a/.github/workflows/e2e-test-releases-reusable-pipeline.yml b/.github/workflows/e2e-test-releases-reusable-pipeline.yml
@@ -189,6 +189,8 @@ jobs:
           storageType: ${{ inputs.storage_type }}
           storageClass: ${defaultStorageClass}
           sa: dkp-sa
+          enabledModules:
+            - console
           deckhouse:
             channel: ${{ env.DECKHOUSE_CHANNEL }}
             podSubnetCIDR: ${{ inputs.pod_subnet_cidr }}
@@ -515,10 +517,171 @@ jobs:
           ```
           EOF
 
+  configure-sdn:
+    name: Configure SDN
+    runs-on: ubuntu-latest
+    needs: bootstrap
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Task
+        uses: go-task/setup-task@v2
+        with:
+          version: 3.x
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Setup d8
+        uses: ./.github/actions/install-d8
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install kubectl CLI
+        uses: azure/setup-kubectl@v4
+
+      - name: Check nested kube-api via generated kubeconfig
+        run: |
+          mkdir -p ~/.kube
+          echo "[INFO] Configure kubeconfig for nested cluster"
+          echo "${{ needs.bootstrap.outputs.kubeconfig }}" | base64 -d | base64 -d > ~/.kube/config
+
+          echo "[INFO] Show paths and files content"
+          ls -la ~/.kube
+          echo "[INFO] Set permissions for kubeconfig"
+          chmod 600 ~/.kube/config
+
+          echo "[INFO] Show current kubeconfig context"
+          kubectl config get-contexts
+
+          echo "[INFO] Show nodes in cluster"
+          # `kubectl get nodes` may return error, so we need to retry.
+          count=30
+          success=false
+          for i in $(seq 1 $count); do
+            echo "[INFO] Attempt $i/$count..."
+            if kubectl get nodes; then
+              echo "[SUCCESS] Successfully retrieved nodes."
+              success=true
+              break
+            fi
+
+            if [ $i -lt $count ]; then
+              echo "[INFO] Retrying in 10 seconds..."
+              sleep 10
+            fi
+          done
+
+          if [ "$success" = false ]; then
+            echo "[ERROR] Failed to retrieve nodes after $count attempts."
+            exit 1
+          fi
+      - name: Enable SDN
+        run: |
+          echo "[INFO] Enable SDN"
+          d8 system module enable sdn
+          echo "[INFO] Wait for sdn modules to be ready, timeout: 300s"
+          kubectl wait --for=jsonpath='{.status.phase}'=Ready modules sdn --timeout=300s
+          echo "[INFO] Wait for sdn deployments to be ready, timeout: 300s"
+          kubectl -n d8-sdn wait --for=condition=Available deploy --all --timeout 300s
+          echo "[INFO] Wait for sdn daemonset agent to be ready, timeout: 300s"
+          kubectl -n d8-sdn rollout status daemonset agent --timeout=300s
+          echo "[SUCCESS] Done"
+
+      - name: Wait for nodenetworkinterfaces to be ready
+        run: |
+          count=60
+          success=false
+          wait_time_seconds=5
+
+          for i in $(seq 1 $count); do
+            nodes=$(kubectl get nodes -o name | wc -l)
+            actual=$(kubectl get nodenetworkinterfaces -o json | jq -r '.items[] | select(.status.operationalState == "Up") | .metadata.name' | wc -l) || true
+            expected=$((nodes * 2))
+
+            echo "[INFO] Attempt $i/$count: expected=$expected, actual=$actual"
+
+            if [ "$actual" -ge "$expected" ]; then
+              echo "[SUCCESS] All nodenetworkinterfaces are present (expected=$expected, actual=$actual)"
+              kubectl get nodenetworkinterfaces
+              success=true
+              break
+            fi
+
+            if (( i % 5 == 0 )) ; then
+              echo "::group::[DEBUG] show namespaces d8-sdn"
+              kubectl -n d8-sdn get pods || true
+              echo "::endgroup::"
+
+              echo "::group::[DEBUG] show nodenetworkinterfaces d8-sdn"
+              kubectl get nodenetworkinterfaces || true
+              echo "::endgroup::"
+
+              echo "[INFO] Retrying in 10 seconds..."
+              sleep $wait_time_seconds
+            elif [ $i -lt $count ]; then
+              echo "[INFO] Retrying in 10 seconds..."
+              sleep $wait_time_seconds
+            fi
+          done
+
+          if [ "$success" = false ]; then
+            echo "[ERROR] Failed to get all nodenetworkinterfaces after $count attempts (expected=$expected)"
+            echo "[DEBUG] Show namespaces d8-sdn"
+            kubectl -n d8-sdn get pods || true
+            echo "[DEBUG] Show nodenetworkinterfaces d8-sdn"
+            kubectl get nodenetworkinterfaces || true
+            exit 1
+          fi
+
+      - name: Configure ClusterNetwork
+        run: |
+          extraNic=$(kubectl get nodenetworkinterfaces -l network.deckhouse.io/interface-type=NIC -o json | jq -r '.items[] | select(.status.operationalState == "Up") | select(.status.ifName != "eno1" and .status.ifName != "enp1s0") | .metadata.name')
+
+          for nic in $extraNic; do
+            echo "[INFO] Label nodenetworkinterface $nic nic-group=extra"
+            kubectl label nodenetworkinterfaces $nic nic-group=extra
+          done
+
+          kubectl get nodenetworkinterface -l nic-group=extra
+
+          cat <<'EOF' | kubectl apply -f -
+          ---
+          apiVersion: network.deckhouse.io/v1alpha1
+          kind: ClusterNetwork
+          metadata:
+            name: cn-4006-for-e2e-test
+          spec:
+            parentNodeNetworkInterfaces:
+              labelSelector:
+                matchLabels:
+                  nic-group: extra
+            type: Access
+          ---
+          apiVersion: network.deckhouse.io/v1alpha1
+          kind: ClusterNetwork
+          metadata:
+            name: cn-4007-for-e2e-test
+          spec:
+            parentNodeNetworkInterfaces:
+              labelSelector:
+                matchLabels:
+                  nic-group: extra
+            type: VLAN
+            vlan:
+              id: 4007
+          EOF
+
+          echo "[INFO] Wait for ClusterNetwork cn-4006-for-e2e-test to be ready"
+          kubectl wait clusternetworks.network.deckhouse.io --for=condition=Ready cn-4006-for-e2e-test --timeout=120s
+
+          echo "[INFO] Wait for ClusterNetwork cn-4007-for-e2e-test to be ready"
+          kubectl wait clusternetworks.network.deckhouse.io --for=condition=Ready cn-4007-for-e2e-test --timeout=120s
+
   configure-storage:
     name: Configure storage
     runs-on: ubuntu-latest
-    needs: bootstrap
+    needs:
+      - configure-sdn
+      - bootstrap
     steps:
       - uses: actions/checkout@v4
 
diff --git a/test/dvp-static-cluster/charts/cluster-config/templates/disabled-modules.yaml b/test/dvp-static-cluster/charts/cluster-config/templates/disabled-modules.yaml
@@ -1,6 +1,18 @@
-{{- $modules := list "upmeter" "local-path-provisioner" "pod-reloader" "secret-copier" "namespace-configurator" "observability" "dashboard" "loki" "log-shipper" "monitoring-applications" "admission-policy-engine" "sdn" -}}
+{{- $modules := list "upmeter" "local-path-provisioner" "pod-reloader" "secret-copier" "namespace-configurator" "observability" "console" "dashboard" "loki" "log-shipper" "monitoring-applications" "admission-policy-engine" "sdn" -}}
+{{- $enabledModules := .Values.enabledModules | default (list) -}}
+
+{{- range $enabledModules }}
+---
+apiVersion: deckhouse.io/v1alpha1
+kind: ModuleConfig
+metadata:
+  name: {{ . }}
+spec:
+  enabled: true
+{{- end }}
 
 {{- range $modules }}
+{{- if not (has . $enabledModules) }}
 ---
 apiVersion: deckhouse.io/v1alpha1
 kind: ModuleConfig
@@ -9,3 +21,4 @@ metadata:
 spec:
   enabled: false
 {{- end }}
+{{- end }}
