Create pod objects.

sivakami · sivakami · commit 95af596b6407 · 2025-11-09T08:13:18.000-08:00
diff --git a/.pipelines/swiftv2-long-running/scripts/create_aks.sh b/.pipelines/swiftv2-long-running/scripts/create_aks.sh
@@ -44,20 +44,31 @@ for i in $(seq 1 "$CLUSTER_COUNT"); do
   AZCLI=az REGION=$LOCATION \
   SUB=$SUBSCRIPTION_ID \
   GROUP=$RG \
-  CLUSTER=$CLUSTER_NAME \
-  # NODE_COUNT=$DEFAULT_NODE_COUNT \
-  # VM_SIZE=$VM_SKU_DEFAULT \
+  CLUSTER=$CLUSTER_NAME 
 
   echo " - waiting for AKS provisioning state..."
   wait_for_provisioning "$RG" "$CLUSTER_NAME"
 
+
   echo "Adding multi-tenant nodepool ' to '$CLUSTER_NAME'"
   make -C ./hack/aks linux-swiftv2-nodepool-up \
   AZCLI=az REGION=$LOCATION \
   GROUP=$RG \
   VM_SIZE=$VM_SKU_HIGHNIC \
   CLUSTER=$CLUSTER_NAME \
-  SUB=$SUBSCRIPTION_ID \
+  SUB=$SUBSCRIPTION_ID 
+
+  KUBECONFIG_PATH="/tmp/${CLUSTER_NAME}.kubeconfig"
+  echo "Exporting admin kubeconfig for '$CLUSTER_NAME' to ${KUBECONFIG_PATH}..."
+
+  az aks get-credentials \
+    --resource-group "$RG" \
+    --name "$CLUSTER_NAME" \
+    --overwrite-existing \
+    --admin \
+    --file "$KUBECONFIG_PATH"
+
+  echo "Kubeconfig saved: ${KUBECONFIG_PATH}"
 
 done
 echo "All done. Created $CLUSTER_COUNT cluster set(s)."
diff --git a/.pipelines/swiftv2-long-running/scripts/create_pn.sh b/.pipelines/swiftv2-long-running/scripts/create_pn.sh
@@ -16,6 +16,7 @@ if [[ -z "$KUBECONFIG_PATH" || -z "$POD_NETWORK_NAME" || -z "$VNET_GUID" || -z "
 fi
 
 # === STEP 2: Build PodNetwork YAML ===
+export KUBECONFIG=$KUBECONFIG_PATH
 TMPFILE=$(mktemp)
 
 if [[ -n "$SUBNET_TOKEN" ]]; then
@@ -47,7 +48,7 @@ fi
 
 # === STEP 3: Apply the PodNetwork CRD ===
 echo "Creating PodNetwork ${POD_NETWORK_NAME}..."
-kubectl --kubeconfig="$KUBECONFIG_PATH" apply -f "$TMPFILE" || true
+kubectl apply -f "$TMPFILE" || true
 
 # === STEP 4: Wait until the CRD becomes Ready (if subnetToken not provided) ===
 if [[ -z "$SUBNET_TOKEN" ]]; then
diff --git a/.pipelines/swiftv2-long-running/scripts/create_pni.sh b/.pipelines/swiftv2-long-running/scripts/create_pni.sh
@@ -16,17 +16,22 @@ PNI_NAME=$3
 POD_NETWORK_NAME=$4
 PNI_TYPE=$5           # "explicit" or "implicit"
 RESERVATIONS=${6:-0}  # only used for explicit
-DEFAULT_DENY=${7:-false} # true or false
 
 export KUBECONFIG=$KUBECONFIG_PATH
 
-echo "🔧 Creating PodNetworkInstance:"
+if ! kubectl get namespace "$NAMESPACE" >/dev/null 2>&1; then
+  echo "Namespace '$NAMESPACE' not found. Creating it..."
+  kubectl create namespace "$NAMESPACE"
+else
+  echo "Namespace '$NAMESPACE' already exists."
+fi
+
+echo "Creating PodNetworkInstance:"
 echo "  Namespace:      $NAMESPACE"
 echo "  Name:           $PNI_NAME"
 echo "  Network:        $POD_NETWORK_NAME"
 echo "  Type:           $PNI_TYPE"
 echo "  Reservations:   $RESERVATIONS"
-echo "  Default Deny:   $DEFAULT_DENY"
 echo
 
 # --- Apply PNI manifest ---
@@ -41,7 +46,6 @@ spec:
   podNetworkConfigs:
   - podNetwork: $POD_NETWORK_NAME
     podIPReservationSize: $RESERVATIONS
-  defaultDenyACL: $DEFAULT_DENY
 EOF
 else
 cat <<EOF | kubectl apply -f -
@@ -53,14 +57,13 @@ metadata:
 spec:
   podNetworkConfigs:
   - podNetwork: $POD_NETWORK_NAME
-  defaultDenyACL: $DEFAULT_DENY
 EOF
 fi
 
 echo "PodNetworkInstance '$PNI_NAME' applied."
 
 # --- Wait for readiness ---
-echo "⏳ Waiting for PodNetworkInstance '$PNI_NAME' to become Ready..."
+echo "Waiting for PodNetworkInstance '$PNI_NAME' to become Ready..."
 
 MAX_ATTEMPTS=30
 SLEEP_INTERVAL=10
diff --git a/.pipelines/swiftv2-long-running/scripts/create_pod.sh b/.pipelines/swiftv2-long-running/scripts/create_pod.sh
@@ -1,42 +1,60 @@
 #!/bin/bash
 # Usage:
-# ./create_pod.sh <RESOURCE_GROUP> <CLUSTER_NAME> <NAMESPACE> <POD_NAME> <NODE_NAME> [IMAGE]
+# ./create_pod.sh <POD_NAME> <NODE_NAME> <OS> <PN_NAME> <PNI_NAME> [IMAGE]
+# Example:
+# ./create_pod.sh netpod1 aks-node1 linux podnet-a pni-exp praqma/network-multitool
 
 set -euo pipefail
 
-RESOURCE_GROUP=$1
-CLUSTER_NAME=$2
-NAMESPACE=$3
-POD_NAME=$4
-NODE_NAME=$5
-IMAGE=${6:-nginx}
-
-echo "Getting AKS credentials..."
-az aks get-credentials -g "$RESOURCE_GROUP" -n "$CLUSTER_NAME" --overwrite-existing
-
-echo "Creating namespace (if not exists)..."
-kubectl get ns "$NAMESPACE" >/dev/null 2>&1 || kubectl create ns "$NAMESPACE"
+POD_NAME=$1
+NODE_NAME=$2
+OS=$3
+PN_NAME=$4
+PNI_NAME=$5
+IMAGE=${6:-weibeld/ubuntu-networking}
+KUBECONFIG_PATH=$7
 
 echo "Creating pod '$POD_NAME' on node '$NODE_NAME' using image '$IMAGE'..."
+echo "PodNetwork: $PN_NAME, PodNetworkInstance: $PNI_NAME, OS: $OS"
 
+export KUBECONFIG=$KUBECONFIG_PATH
 cat <<EOF | kubectl apply -f -
 apiVersion: v1
 kind: Pod
 metadata:
   name: $POD_NAME
-  namespace: $NAMESPACE
   labels:
-    app: $POD_NAME
+    kubernetes.azure.com/pod-network-instance: $PNI_NAME
+    kubernetes.azure.com/pod-network: $PN_NAME
 spec:
+  nodeName: $NODE_NAME
   nodeSelector:
-    kubernetes.io/hostname: $NODE_NAME
+    kubernetes.io/os: $OS
   containers:
-  - name: main
+  - name: net-debugger
     image: $IMAGE
-    command: ["sleep", "3600"]
-    imagePullPolicy: IfNotPresent
+    command: ["/bin/sh", "-c"]
+    args:
+      - |
+        echo "Pod Network Diagnostics started on \$(hostname)";
+        echo "----------------------------------------------";
+        while true; do
+          echo "[$(date)] Running net tests...";
+          ip addr show;
+          ip route show;
+          sleep 60;
+        done
+    resources:
+      limits:
+        cpu: 300m
+        memory: 600Mi
+      requests:
+        cpu: 300m
+        memory: 600Mi
+    securityContext:
+      privileged: true
   restartPolicy: Always
 EOF
 
-echo "Pod '$POD_NAME' created successfully in namespace '$NAMESPACE'."
-kubectl get pod "$POD_NAME" -n "$NAMESPACE" -o wide
+echo "Pod '$POD_NAME' created successfully."
+kubectl get pod "$POD_NAME" -o wide
diff --git a/.pipelines/swiftv2-long-running/scripts/datapath_tests.sh b/.pipelines/swiftv2-long-running/scripts/datapath_tests.sh
@@ -0,0 +1,142 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# --------------------------
+# Parameters / Environment
+# --------------------------
+RG=$1
+BUILD_ID=$2
+
+# Clusters
+CLUSTER1="aks-1"
+CLUSTER2="aks-2"
+
+# VNet/Subnet mappings for test
+declare -A VN_SUB_MAP
+VN_SUB_MAP["vnet_a1"]="s1 s2"
+VN_SUB_MAP["vnet_a2"]="s1"
+VN_SUB_MAP["vnet_a3"]="s1"
+VN_SUB_MAP["vnet_b1"]="s1"
+
+# PN/PNI base names
+PN_PREFIX="pn-${BUILD_ID}"
+PNI_PREFIX="pni-${BUILD_ID}"
+
+source ./helpers_network_ids.sh
+
+# Create PodNetwork in a specific cluster
+create_pn() {
+    local cluster_context=$1   # kubeconfig or context name
+    local pn_name=$2            # PodNetwork name
+    local vnet_name=$3
+    local subnet_name=$4
+
+    echo "=== Creating PodNetwork ${pn_name} in cluster ${cluster_context} ==="
+
+    # --- Fetch IDs ---
+    VNET_GUID=$(get_vnet_guid "$RG" "$vnet_name")
+    SUBNET_ARM_ID=$(get_subnet_arm_id "$RG" "$vnet_name" "$subnet_name")
+    SUBNET_GUID=$(get_subnet_guid "$RG" "$vnet_name" "$subnet_name")
+
+    echo "VNET_GUID: $VNET_GUID"
+    echo "SUBNET_GUID: $SUBNET_GUID"
+    echo "SUBNET_ARM_ID: $SUBNET_ARM_ID"
+
+    # --- Create PodNetwork ---
+    ./create_pn.sh \
+        "$cluster_context" \
+        "$pn_name" \
+        "$VNET_GUID" \
+        "$SUBNET_GUID" \
+        "$SUBNET_ARM_ID"
+
+    echo "PodNetwork ${pn_name} submitted successfully."
+}
+
+
+create_pni() {
+    local KUBECONFIG_PATH=$1
+    local NAMESPACE=$2
+    local pni_name=$3
+    local pod_network_name=$4
+    local pni_type=$5
+    local reservations=${6:-0}
+    local cluster=$7
+
+    echo "Creating PodNetworkInstance $pni_name for PN $pod_network_name on $cluster"
+    ./create_pni.sh "$KUBECONFIG_PATH" "$NAMESPACE" "$pni_name" "$pod_network_name" "$pni_type" "$reservations" "$cluster"
+}
+
+create_pod_on_node() {
+    local cluster="$1"
+    local pn_name="$2"
+    local pni_name="$3"
+    local node_name="$4"
+    local pod_name="$5"
+
+    KUBECONFIG_PATH="/tmp/${cluster}.kubeconfig"
+    echo "Creating pod '$pod_name' on node '$node_name' (PN: $pn_name, PNI: $pni_name)..."
+    ./create_pod.sh "$pod_name" "$node_name" "linux" "$pn_name" "$pni_name" "weibeld/ubuntu-networking" "$KUBECONFIG_PATH"
+}
+
+get_nodes() {
+    local cluster=$1
+    kubectl --context "$cluster" get nodes -o name | sed 's|node/||'
+}
+
+
+# --- Part 1: Customer2 in aks-2 / vnet_b1/s1 ---
+PN_C2="${PN_PREFIX}-c2"
+PNI_C2="${PNI_PREFIX}-c2"
+
+create_pn "/tmp/${CLUSTER2}.kubeconfig" "$PN_C2" "vnet_b1" "s1"
+create_pni "/tmp/${CLUSTER2}.kubeconfig" "$PN_C2" "$PNI_C2" "$PN_C2" "explicit" "2" "$CLUSTER2"
+
+# Create 2 pods for Customer2, one per node in aks-2
+NODES_CLUSTER2=($(get_nodes "$CLUSTER2"))
+for i in 0 1; do
+    POD_NAME="pod-c2-$i"
+    NODE_NAME="${NODES_CLUSTER2[$i]}"
+    create_pod_on_node "$CLUSTER2" "$PN_C2" "$PNI_C2" "$NODE_NAME" "$POD_NAME"
+done
+
+# # --- Part 2: Other PNs/PNIs across multiple subnets ---
+# PN_LIST=()
+# PNI_LIST=()
+
+# for vnet in "${!VN_SUB_MAP[@]}"; do
+#     for subnet in ${VN_SUB_MAP[$vnet]}; do
+#         PN_NAME="${PN_PREFIX}-${vnet}-${subnet}"
+#         PNI_NAME="${PNI_PREFIX}-${vnet}-${subnet}"
+#         PN_LIST+=("$PN_NAME")
+#         PNI_LIST+=("$PNI_NAME")
+#         # Assume cluster selection: default to aks-1 unless aks-2 needs pods
+#         CLUSTER="$CLUSTER1"
+#         create_pn "$CLUSTER" "$PN_NAME"
+#         create_pni "$CLUSTER" "$PNI_NAME" "$PN_NAME" "$vnet" "$subnet"
+#     done
+# done
+
+# # --- Part 3: Create 6 pods under these PN/PNI ---
+# # 4 pods go to aks-1 nodes, 2 pods go to remaining aks-2 nodes
+
+# # Get node lists
+# NODES_CLUSTER1=($(get_nodes "$CLUSTER1"))
+# NODES_CLUSTER2=($(get_nodes "$CLUSTER2")) 
+
+# # 4 pods in aks-1, assign one per node
+# for i in 0 1 2 3; do
+#     POD_NAME="pod-${BUILD_ID}-c1-$i"
+#     PN_IDX=$((i % ${#PN_LIST[@]}))
+#     create_pod_on_node "$CLUSTER1" "${PN_LIST[$PN_IDX]}" "${PNI_LIST[$PN_IDX]}" "${NODES_CLUSTER1[$i]}" "$POD_NAME"
+# done
+
+# # Remaining 2 pods in aks-2, assign to leftover nodes
+# for i in 0 1; do
+#     POD_NAME="pod-${BUILD_ID}-c2-$i"
+#     PN_IDX=$(( (i+4) % ${#PN_LIST[@]} ))
+#     NODE_IDX=$i
+#     create_pod_on_node "$CLUSTER2" "${PN_LIST[$PN_IDX]}" "${PNI_LIST[$PN_IDX]}" "${NODES_CLUSTER2[$NODE_IDX]}" "$POD_NAME"
+# done
+
+# echo "Datapath test pods created successfully."
diff --git a/.pipelines/swiftv2-long-running/template/long-running-pipeline-template.yaml b/.pipelines/swiftv2-long-running/template/long-running-pipeline-template.yaml
@@ -140,3 +140,29 @@ stages:
                 ${{ parameters.location }}
                 ${{ parameters.resourceGroupName }}
                 $(CreateStorageAccounts.StorageAccount1)
+  # =================================================================
+  # Stage 2: Datapath Tests
+  # =================================================================
+  - stage: DataPathTests
+    displayName: "Stage: Swiftv2 Data Path Tests"
+    dependsOn: AKSClusterAndNetworking
+    condition: succeeded()
+    jobs:
+      - job: RunDataPathTests
+        displayName: "Run PodNetwork and Data Path Tests"
+        timeoutInMinutes: 0   # Run indefinitely
+        pool:
+          vmImage: ubuntu-latest
+        steps:
+          - checkout: self
+
+          - task: AzureCLI@2
+            displayName: "Run datapath_tests.sh to create PN, PNI, and pods"
+            inputs:
+              azureSubscription: ${{ parameters.serviceConnection }}
+              scriptType: bash
+              scriptLocation: scriptPath
+              scriptPath: ".pipelines/swiftv2-long-running/scripts/datapath_tests.sh"
+              arguments: >
+                ${{ parameters.resourceGroupName }}
+                $(Build.BuildId)
