Support updating kube-router in a local VM cluster (#116)

* gofmt
* docs: Remove manual AWS config reference. It's automatic now.
* Support updating kube-router in a running local VM cluster
- "make vagrant-image-update" target added
- Documentation added and small reorganization

Author: bzub

Documentation/bootkube.md

@@ -54,14 +54,6 @@ curl -L https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/con
 curl -L https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/contrib/bootkube/kube-router.yaml -o assets/manifests/kube-router.yaml
 ```
 
-## Additional steps when deploying on AWS
-
-Since kube-router uses node routing rules to directly route pod-to-pod traffic to destination node, nodes will send and recieve IP traffic with source and destination IP's from pod CIDR. AWS by default prevents sending and recieving traffic from ip different from instance private ip. So we need to relax this restricition. Please run below commnad on each of the node in the cluster to send and recieve traffic from pod IP's.
-
-```
-aws ec2 modify-instance-attribute --instance-id <instance id>--no-source-dest-check
-```
-
 ## Cluster Startup
 
 Finally, proceed by following the Bootkube documentation, which generally

Documentation/developing.md

@@ -49,76 +49,6 @@ kube-router images, cloudnativelabs/kube-router. You can push to a different
 repository by changing a couple settings, as described in [Image Options](#image-options)
 below.
 
-## Testing Code Changes
-
-### Running Your Code On A Local VM Cluster
-
-Running your code changes in a real Kubernetes cluster is easy. Just make sure
-you have Virtualbox, VMware Fusion, or VMware Workstation installed and run:
-```
-make vagrant-up-single-node
-```
-
-Alternatively if you have 6GB RAM for the VMs, you can run a multi-node cluster
-that consists of a dedicated etcd node, a controller node, and a worker node:
-```
-make vagrant-up-multi-node
-```
-
-You will see lots of output as the VMs are provisioned, and the first run may
-take some time as VM and container images are downloaded. After the cluster is
-up you will recieve instructions for using kubectl and gaining ssh access:
-```
-  SUCCESS! The local cluster is ready.
-
-  ### kubectl usage ###
-  # Quickstart - Use this kubeconfig for individual commands
-  KUBECONFIG=/tmp/kr-vagrant-shortcut/cluster/auth/kubeconfig kubectl get pods --all-namespaces -o wide
-  #
-  ## OR ##
-  #
-  # Use this kubeconfig for the current terminal session
-  KUBECONFIG=/tmp/kr-vagrant-shortcut/cluster/auth/kubeconfig
-  export KUBECONFIG
-  kubectl get pods --all-namespaces -o wide
-  #
-  ## OR ##
-  #
-  # Backup and replace your default kubeconfig
-  # Note: This will continue to work on recreated local clusters
-  mv ~/.kube/config ~/.kube/config-backup
-  ln -s /tmp/kr-vagrant-shortcut/cluster/auth/kubeconfig ~/.kube/config
-
-  ### SSH ###
-  # Get node names
-  make vagrant status
-  # SSH into a the controller node (c1)
-  make vagrant ssh c1
-```
-
-#### Managing A Local VM Cluster
-
-You can use [Vagrant](https://www.vagrantup.com/docs/cli/) commands against the
-running cluster with `make vagrant COMMANDS`.
-
-For example, `make vagrant status` outputs:
-```
-Current machine states:
-
-e1                        not created (virtualbox)
-c1                        not created (virtualbox)
-w1                        not created (virtualbox)
-
-This environment represents multiple VMs. The VMs are all listed
-above with their current state. For more information about a specific
-VM, run `vagrant status NAME`.
-```
-
-With this information you can ssh into any of the VMs listed:
-```
-make vagrant ssh c1
-```
-
 ### Makefile Options
 
 There are several variables which can be modified in the Makefile to customize
@@ -169,6 +99,10 @@ Successfully tagged quay.io/bzub/kube-router-git:custom
   for testing purposes.
   Example (DEV-SUFFIX=master-latest): quay.io/cloudnativelabs/kube-router-git:master-latest
 
+## Testing kube-router
+
+Please read the [testing documentation](testing.md) for details.
+
 ## Release Workflow
 
 These instructions show how official kube-router releases are performed.

Documentation/testing.md

@@ -0,0 +1,107 @@
+# Testing kube-router
+
+Our end-user testing goals are to:
+- Support easily running kube-router in any Kubernetes environment, new or
+  existing.
+- Provide tools to quickly collect information about a cluster to help with
+  troubleshooting kube-router issues.
+
+Our developer testing goals are to:
+- Provide tools to quickly build and test kube-router code and container images
+- Provide well-documented code testing protocols to ensure consistent code
+  quality for all contributions.
+- Support quickly testing code changes by spinning up test clusters in local
+  VMs, cloud environments, and via CI systems in pull requests.
+- Support running official Kubernetes e2e tests as well as custom e2e tests for
+  kube-router's exclusive features.
+
+## End Users
+
+We currently support running kube-router on local VMs via Vagrant. Follow the
+instructions in [Starting A Local VM Cluster](#starting-a-local-vm-cluster)
+to get started.
+
+## Developers
+
+### Option 1: Local VM Cluster
+
+#### Starting A Local VM Cluster
+
+Running your code changes or simply trying out kube-router as-is in a real
+Kubernetes cluster is easy. Just make sure you have Virtualbox, VMware Fusion,
+or VMware Workstation installed and run:
+```
+make vagrant-up-single-node
+```
+
+Alternatively if you have 6GB RAM for the VMs, you can run a multi-node cluster
+that consists of a dedicated etcd node, a controller node, and a worker node:
+```
+make vagrant-up-multi-node
+```
+
+You will see lots of output as the VMs are provisioned, and the first run may
+take some time as VM and container images are downloaded. After the cluster is
+up you will recieve instructions for using kubectl and gaining ssh access:
+```
+  SUCCESS! The local cluster is ready.
+
+  ### kubectl usage ###
+  # Quickstart - Use this kubeconfig for individual commands
+  KUBECONFIG=/tmp/kr-vagrant-shortcut/cluster/auth/kubeconfig kubectl get pods --all-namespaces -o wide
+  #
+  ## OR ##
+  #
+  # Use this kubeconfig for the current terminal session
+  KUBECONFIG=/tmp/kr-vagrant-shortcut/cluster/auth/kubeconfig
+  export KUBECONFIG
+  kubectl get pods --all-namespaces -o wide
+  #
+  ## OR ##
+  #
+  # Backup and replace your default kubeconfig
+  # Note: This will continue to work on recreated local clusters
+  mv ~/.kube/config ~/.kube/config-backup
+  ln -s /tmp/kr-vagrant-shortcut/cluster/auth/kubeconfig ~/.kube/config
+
+  ### SSH ###
+  # Get node names
+  make vagrant status
+  # SSH into a the controller node (c1)
+  make vagrant ssh c1
+```
+
+#### Managing Your Local VM Cluster
+
+You can use [Vagrant](https://www.vagrantup.com/docs/cli/) commands against the
+running cluster with `make vagrant COMMANDS`.
+
+For example, `make vagrant status` outputs:
+```
+Current machine states:
+
+e1                        not created (virtualbox)
+c1                        not created (virtualbox)
+w1                        not created (virtualbox)
+
+This environment represents multiple VMs. The VMs are all listed
+above with their current state. For more information about a specific
+VM, run `vagrant status NAME`.
+```
+
+With this information you can ssh into any of the VMs listed:
+```
+make vagrant ssh c1
+```
+
+#### Upgrading kube-router In Your Local VM Cluster
+
+If you make code changes or checkout a different branch/tag, you can easily
+build, install, and run these changes in your previously started local VM
+cluster.
+
+`make vagrant-image-update`
+
+Unlike `make vagrant-up-*` targets, this does not destroy and recreate the VMs,
+and instead does the updates live. This will save time if you aren't concerned
+about having a pristine OS/Kubernetes environment to test against.

Makefile

@@ -43,6 +43,11 @@ vagrant-destroy: ## Destroy a previously created local VM cluster
 vagrant-clean: vagrant-destroy ## Destroy a previously created local VM cluster and remove all downloaded/generated assets
 	@rm -rf hack/_output
 
+vagrant-image-update: export docker=$(DOCKER)
+vagrant-image-update: export DEV_IMG=$(REGISTRY_DEV):$(IMG_TAG)
+vagrant-image-update: all ## Rebuild kube-router, update image in local VMs, and restart kube-router pods.
+	@hack/vagrant-image-update.sh
+
 run: kube-router ## Runs "kube-router --help".
 	./kube-router --help
 

app/watchers/network_policy_watcher.go

@@ -1,10 +1,10 @@
 package watchers
 
 import (
+	"errors"
 	"reflect"
 	"strconv"
 	"time"
-	"errors"
 
 	"github.com/cloudnativelabs/kube-router/utils"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -81,7 +81,7 @@ func StartNetworkPolicyWatcher(clientset *kubernetes.Clientset, resyncPeriod tim
 	v1NetworkPolicy := true
 	v, err := clientset.Discovery().ServerVersion()
 	if err != nil {
-       return nil, errors.New("Failed to get API server version due to " + err.Error()) 
+		return nil, errors.New("Failed to get API server version due to " + err.Error())
 	}
 
 	minorVer, _ := strconv.Atoi(v.Minor)

hack/sync-image-cache.sh

@@ -36,9 +36,9 @@ else
     echo "INFO: Location: ${HACK_DOCKER_CACHE_FILE}"
   else
     echo "INFO: Fetching ${HYPERKUBE_IMG_URL} Docker image."
-    "${docker}" pull "${HYPERKUBE_IMG_URL}"
+    eval "${docker}" pull "${HYPERKUBE_IMG_URL}"
 
     echo "INFO: Saving ${HYPERKUBE_IMG_URL} Docker image to cache directory."
-    "${docker}" save "${HYPERKUBE_IMG_URL}" -o "${HACK_DOCKER_CACHE_FILE}"
+    eval "${docker}" save "${HYPERKUBE_IMG_URL}" -o "${HACK_DOCKER_CACHE_FILE}"
   fi
 fi

hack/vagrant-common.sh

@@ -50,3 +50,22 @@ HACK_ACI_CACHE_FILE="${HACK_IMG_CACHE_DIR}/hyperkube-${HYPERKUBE_IMG_TAG}.aci"
 export HACK_ACI_CACHE_FILE
 HACK_DOCKER_CACHE_FILE="${HACK_IMG_CACHE_DIR}/hyperkube-${HYPERKUBE_IMG_TAG}.docker"
 export HACK_DOCKER_CACHE_FILE
+
+# Export the kube-router container image
+export_latest_image() {
+  mkdir -p "${HACK_IMG_CACHE_DIR}"
+  eval "${docker}" tag ${DEV_IMG} "${KR_IMAGE_TAG}"
+  eval "${docker}" save "${KR_IMAGE_TAG}" -o "${HACK_IMG_CACHE_DIR}/kube-router.docker"
+}
+
+# Re-pull the kube-router container image file within the VM
+# Usage: update_image_in_vm() VM_NAME
+update_image_in_vm() {
+  if [ -z "${1}" ]; then
+    echo "ERROR: VM name required."
+    echo "Usage: update_image_in_vm() VM_NAME"
+    return 1
+  fi
+
+  vagrant ssh "${i}" -c "docker load -i /var/tmp/images/kube-router.docker"
+}

hack/vagrant-image-update.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env sh
+# vim: noai:ts=2:sw=2:set expandtab
+set -e
+
+HACK_DIR="$(CDPATH='' cd -- "$(dirname -- "$0")" && pwd -P)"
+export HACK_DIR
+
+# shellcheck source=vagrant-common.sh
+. "${HACK_DIR}/vagrant-common.sh"
+
+if [ ! -d "${BK_SHORTCUT_DIR}" ]; then
+  echo "INFO: bootkube hack shortcut is not initialized."
+  echo "INFO: \"vagrant up\" has not been run yet."
+  exit 0
+fi
+
+echo "INFO: Exporting your kube-router container image."
+export_latest_image
+
+cd "${BK_SHORTCUT_DIR}"
+
+if [ "$(basename "$(readlink "${PWD}")")" = "single-node" ]; then
+    NODES="default"
+else # multi-node
+    NODES="c1 w1"
+fi
+
+for i in ${NODES}; do
+  echo "INFO: Importing your kube-router container image in VM \"${i}\""
+  update_image_in_vm "${i}"
+done
+
+echo "INFO: Restarting all kube-router pods"
+kubectl --kubeconfig="${BK_SHORTCUT_DIR}/cluster/auth/kubeconfig" \
+  --namespace=kube-system delete pod -l k8s-app=kube-router

hack/vagrant-up.sh

@@ -39,13 +39,9 @@ else
   git clone --depth=1 --branch "${BK_VERSION}" "${BK_CLONE_URL}" "${BK_CLONE_DIR}"
 fi
 
-# Export the kube-router container image
 echo "INFO: Exporting your kube-router container image."
-mkdir -p "${HACK_IMG_CACHE_DIR}"
-eval "${docker} tag ${DEV_IMG} ${KR_IMAGE_TAG}"
-eval "${docker} save ${KR_IMAGE_TAG} -o ${HACK_IMG_CACHE_DIR}/kube-router.docker"
+export-latest-image
 
-# Copy cached images to Bootkube local-images directory
 echo "INFO: Caching hyperkube images to Bootkube local-images directory."
 "${HACK_DIR}/sync-image-cache.sh"