Pod Traffic Across AZ Test.

orsenthil · Nov 22, 2023 · 38a1fc7 · 38a1fc7
1 parent 628ac23
commit 38a1fc7
Showing 1 changed file with 42 additions and 0 deletions.
diff --git a/test/integration/cni/pod_traffic_across_az_test.go b/test/integration/cni/pod_traffic_across_az_test.go
@@ -31,6 +31,10 @@ var _ = Describe("[STATIC_AZ] test pod networking", func() {
 		// tester pod to receiver pod
 		testConnectionCommandFunc func(serverPod coreV1.Pod, port int) []string
 
+		// The functions re-inforces that the positive test is working as
+		// expected by creating a negative test command that should fail
+		testFailedConnectionCommandFunc func(serverPod coreV1.Pod, port int) []string
+
 		// Expected stdout from the exec command on testing connection
 		// from tester to server
 		testerExpectedStdOut string
@@ -148,6 +152,12 @@ var _ = Describe("[STATIC_AZ] test pod networking", func() {
 				return []string{"ping", "-c", strconv.Itoa(packetCount), receiverPod.Status.PodIP}
 			}
 
+			// Create a negative test case with the wrong port number. This is to reinforce the
+			// positive test case work by verifying negative cases do throw error
+			testFailedConnectionCommandFunc = func(receiverPod coreV1.Pod, port int) []string {
+				return []string{"nc", "-u", "-v", "-w2", receiverPod.Status.PodIP, strconv.Itoa(port + 1)}
+			}
+
 		})
 
 		It("should allow ICMP traffic", func() {
@@ -182,6 +192,9 @@ var _ = Describe("[STATIC_AZ] test pod networking", func() {
 		It("connection should be established", func() {
 			fmt.Println("Test UDP Traffic for Daemonset.")
 			CheckConnectivityBetweenPods(azToPod, serverPort, testerExpectedStdOut, testerExpectedStdErr, testConnectionCommandFunc)
+
+			By("verifying connection fails for unreachable port")
+			VerifyConnectivityForNegativeCase(azToPod, serverPort, testFailedConnectionCommandFunc)
 		})
 	})
 
@@ -209,6 +222,7 @@ var _ = Describe("[STATIC_AZ] test pod networking", func() {
 
 		It("should allow connection across nodes and across interface types", func() {
 			CheckConnectivityBetweenPods(azToPod, serverPort, testerExpectedStdOut, testerExpectedStdErr, testConnectionCommandFunc)
+			VerifyConnectivityForNegativeCase(azToPod, serverPort, testFailedConnectionCommandFunc)
 		})
 	})
 
@@ -228,3 +242,31 @@ func CheckConnectivityBetweenPods(azToPod map[string]coreV1.Pod, port int, teste
 		}
 	}
 }
+
+func VerifyConnectivityForNegativeCase(azToPod map[string]coreV1.Pod, port int,
+	getTestCommandFunc func(receiverPod coreV1.Pod, port int) []string) {
+
+	for az1 := range azToPod {
+		for az2 := range azToPod {
+			if az1 != az2 {
+				fmt.Printf("Testing Connectivity from Pod IP1 %s (%s) to Pod IP2 %s (%s) \n",
+					azToPod[az1].Status.PodIP, az1, azToPod[az2].Status.PodIP, az2)
+
+				senderPod := azToPod[az1]
+				receiverPod := azToPod[az2]
+				testerCommand := getTestCommandFunc(receiverPod, port)
+
+				fmt.Fprintf(GinkgoWriter, "verifying connectivity fails from pod %s on node %s with IP %s to pod"+
+					" %s on node %s with IP %s\n", senderPod.Name, senderPod.Spec.NodeName, senderPod.Status.PodIP,
+					receiverPod.Name, receiverPod.Spec.NodeName, receiverPod.Status.PodIP)
+
+				_, _, err := f.K8sResourceManagers.PodManager().
+					PodExec(senderPod.Namespace, senderPod.Name, testerCommand)
+				Expect(err).To(HaveOccurred())
+				// single test is fine!
+				break
+			}
+		}
+	}
+
+}