From 13ce93eadd5683c18c6430de362e730bfa7f0fbd Mon Sep 17 00:00:00 2001 From: vanhalenar Date: Wed, 27 May 2026 13:13:28 +0000 Subject: [PATCH 1/5] C2CC IPv6 scenarios --- test/resources/c2cc.resource | 13 +- .../el10/presubmits/el102-src@c2cc-ipv6.sh | 187 ++++++++++++++++++ .../el10/presubmits/el102-src@c2cc.sh | 1 + .../el9/presubmits/el98-src@c2cc-ipv6.sh | 187 ++++++++++++++++++ .../el9/presubmits/el98-src@c2cc.sh | 1 + test/suites/c2cc/cleanup.robot | 12 +- test/suites/c2cc/reconciliation.robot | 14 +- 7 files changed, 402 insertions(+), 13 deletions(-) create mode 100644 test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh create mode 100644 test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh diff --git a/test/resources/c2cc.resource b/test/resources/c2cc.resource index 0cc408bc8e..3399bb9d03 100644 --- a/test/resources/c2cc.resource +++ b/test/resources/c2cc.resource @@ -32,6 +32,7 @@ ${KUBECONFIG_C} ${EMPTY} &{C2CC_KUBECONFIGS} &{EMPTY} &{C2CC_SSH_IDS} &{EMPTY} @{C2CC_REMOTE_ALIASES} @{EMPTY} +${IP_FAMILY} ipv4 *** Keywords *** @@ -135,27 +136,31 @@ Oc Apply On Cluster Verify Routes In Table 200 [Documentation] Check that routes for the given CIDRs exist in table 200. [Arguments] ${alias} ${remote_pod_cidr} ${remote_svc_cidr} - ${stdout}= Command On Cluster ${alias} ip route show table 200 + ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 + ${stdout}= Command On Cluster ${alias} ${ip_cmd} route show table 200 Should Contain ${stdout} ${remote_pod_cidr} Should Contain ${stdout} ${remote_svc_cidr} Verify IP Rules For Table 200 [Documentation] Check that IP rules at priority 100 exist for the given CIDRs. [Arguments] ${alias} ${remote_pod_cidr} ${remote_svc_cidr} - ${stdout}= Command On Cluster ${alias} ip rule show + ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 + ${stdout}= Command On Cluster ${alias} ${ip_cmd} rule show Should Contain ${stdout} to ${remote_pod_cidr} lookup 200 Should Contain ${stdout} to ${remote_svc_cidr} lookup 200 Verify Routes In Table 201 [Documentation] Check that service routes exist in table 201 for the local service CIDR. [Arguments] ${alias} ${local_svc_cidr} - ${stdout}= Command On Cluster ${alias} ip route show table 201 + ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 + ${stdout}= Command On Cluster ${alias} ${ip_cmd} route show table 201 Should Contain ${stdout} ${local_svc_cidr} Verify Service IP Rules [Documentation] Check that IP rules at priority 99 exist for cross-cluster service routing. [Arguments] ${alias} ${remote_pod_cidr} ${remote_svc_cidr} ${local_svc_cidr} - ${stdout}= Command On Cluster ${alias} ip rule show + ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 + ${stdout}= Command On Cluster ${alias} ${ip_cmd} rule show Should Contain ${stdout} from ${remote_pod_cidr} to ${local_svc_cidr} lookup 201 Should Contain ${stdout} from ${remote_svc_cidr} to ${local_svc_cidr} lookup 201 diff --git a/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh b/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh new file mode 100644 index 0000000000..111efad568 --- /dev/null +++ b/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh @@ -0,0 +1,187 @@ +#!/bin/bash + +# Sourced from scenario.sh and uses functions defined there. +export TEST_RANDOMIZATION=none + +# Redefine network-related settings to use the dedicated IPv6 network bridge +# shellcheck disable=SC2034 # used elsewhere +VM_BRIDGE_IP="$(get_vm_bridge_ip "${VM_IPV6_NETWORK}")" +# shellcheck disable=SC2034 # used elsewhere +WEB_SERVER_URL="http://[${VM_BRIDGE_IP}]:${WEB_SERVER_PORT}" +# Using `hostname` here instead of a raw ip because skopeo only allows either +# ipv4 or fqdn's, but not ipv6. Since the registry is hosted on the ipv6 +# network gateway in the host, we need to use a combination of the hostname +# plus /etc/hosts resolution (which is taken care of by kickstart). +# shellcheck disable=SC2034 # used elsewhere +MIRROR_REGISTRY_URL="$(hostname):${MIRROR_REGISTRY_PORT}/microshift" + +# Cluster A (host1): non-overlapping CIDRs +CLUSTER_A_POD_CIDR="fd01::/48" +CLUSTER_A_SVC_CIDR="fd02::/48" +CLUSTER_A_DOMAIN="cluster-a.remote" + +# Cluster B (host2): non-overlapping CIDRs +CLUSTER_B_POD_CIDR="fd04::/48" +CLUSTER_B_SVC_CIDR="fd05::/48" +CLUSTER_B_DOMAIN="cluster-b.remote" + +# Cluster C (host3): non-overlapping CIDRs +CLUSTER_C_POD_CIDR="fd07::/48" +CLUSTER_C_SVC_CIDR="fd08::/48" +CLUSTER_C_DOMAIN="cluster-c.remote" + +wait_for_greenboot_on_hosts() { + local junit_label=$1 + local host + for host in host1 host2 host3; do + local host_ip full_host + host_ip=$(get_vm_property "${host}" ip) + full_host=$(full_vm_name "${host}") + if ! wait_for_greenboot "${full_host}" "${host_ip}"; then + record_junit "${host}" "${junit_label}" "FAILED" + return 1 + fi + record_junit "${host}" "${junit_label}" "OK" + done +} + +configure_c2cc_host() { + local host=$1 + shift + # Remaining args are sets of 4: remote_ip remote_pod_cidr remote_svc_cidr remote_domain (repeat) + + run_command_on_vm "${host}" "sudo mkdir -p /etc/microshift/config.d" + + # Build the YAML config with all remote clusters + local yaml_content + yaml_content="clusterToCluster:"$'\n'" remoteClusters:" + local firewall_cidrs=() + + while [ $# -gt 0 ]; do + local remote_ip=$1 + local remote_pod_cidr=$2 + local remote_svc_cidr=$3 + local remote_domain=$4 + shift 4 + + yaml_content+=$'\n'" - nextHop: ${remote_ip}" + yaml_content+=$'\n'" clusterNetwork:" + yaml_content+=$'\n'" - ${remote_pod_cidr}" + yaml_content+=$'\n'" serviceNetwork:" + yaml_content+=$'\n'" - ${remote_svc_cidr}" + yaml_content+=$'\n'" domain: ${remote_domain}" + + firewall_cidrs+=("${remote_pod_cidr}" "${remote_svc_cidr}") + done + + run_command_on_vm "${host}" "sudo tee /etc/microshift/config.d/50-c2cc.yaml > /dev/null <> "${host2_ks_dir}/post-microshift.cfg" <>/etc/microshift/config.yaml <> "${host3_ks_dir}/post-microshift.cfg" <>/etc/microshift/config.yaml < /dev/null <> "${host2_ks_dir}/post-microshift.cfg" <>/etc/microshift/config.yaml <> "${host3_ks_dir}/post-microshift.cfg" <>/etc/microshift/config.yaml < Date: Mon, 1 Jun 2026 09:53:24 +0000 Subject: [PATCH 2/5] Change prefix length --- test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh | 6 +++--- test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh b/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh index 111efad568..8a7d9674e9 100644 --- a/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh +++ b/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh @@ -17,17 +17,17 @@ MIRROR_REGISTRY_URL="$(hostname):${MIRROR_REGISTRY_PORT}/microshift" # Cluster A (host1): non-overlapping CIDRs CLUSTER_A_POD_CIDR="fd01::/48" -CLUSTER_A_SVC_CIDR="fd02::/48" +CLUSTER_A_SVC_CIDR="fd02::/112" CLUSTER_A_DOMAIN="cluster-a.remote" # Cluster B (host2): non-overlapping CIDRs CLUSTER_B_POD_CIDR="fd04::/48" -CLUSTER_B_SVC_CIDR="fd05::/48" +CLUSTER_B_SVC_CIDR="fd05::/112" CLUSTER_B_DOMAIN="cluster-b.remote" # Cluster C (host3): non-overlapping CIDRs CLUSTER_C_POD_CIDR="fd07::/48" -CLUSTER_C_SVC_CIDR="fd08::/48" +CLUSTER_C_SVC_CIDR="fd08::/112" CLUSTER_C_DOMAIN="cluster-c.remote" wait_for_greenboot_on_hosts() { diff --git a/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh b/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh index 825e35cfbf..d198b1fb8d 100644 --- a/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh +++ b/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh @@ -17,17 +17,17 @@ MIRROR_REGISTRY_URL="$(hostname):${MIRROR_REGISTRY_PORT}/microshift" # Cluster A (host1): non-overlapping CIDRs CLUSTER_A_POD_CIDR="fd01::/48" -CLUSTER_A_SVC_CIDR="fd02::/48" +CLUSTER_A_SVC_CIDR="fd02::/112" CLUSTER_A_DOMAIN="cluster-a.remote" # Cluster B (host2): non-overlapping CIDRs CLUSTER_B_POD_CIDR="fd04::/48" -CLUSTER_B_SVC_CIDR="fd05::/48" +CLUSTER_B_SVC_CIDR="fd05::/112" CLUSTER_B_DOMAIN="cluster-b.remote" # Cluster C (host3): non-overlapping CIDRs CLUSTER_C_POD_CIDR="fd07::/48" -CLUSTER_C_SVC_CIDR="fd08::/48" +CLUSTER_C_SVC_CIDR="fd08::/112" CLUSTER_C_DOMAIN="cluster-c.remote" wait_for_greenboot_on_hosts() { From f6940dd2bebe27d16c3f88081184b5dd4afcfc7e Mon Sep 17 00:00:00 2001 From: vanhalenar Date: Mon, 1 Jun 2026 12:08:25 +0000 Subject: [PATCH 3/5] Wrap IPv6 address in square brackets --- test/suites/c2cc/connectivity.robot | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/suites/c2cc/connectivity.robot b/test/suites/c2cc/connectivity.robot index e645045243..3d2f14f6e0 100644 --- a/test/suites/c2cc/connectivity.robot +++ b/test/suites/c2cc/connectivity.robot @@ -123,6 +123,7 @@ Get Curl Pod IP Curl From Cluster [Documentation] Exec curl from curl-pod on the given cluster to the target IP and port. [Arguments] ${alias} ${ip} ${port} + ${url}= Set Variable If '${IP_FAMILY}' == 'ipv6' http://[${ip}]:${port}/cgi-bin/hello http://${ip}:${port}/cgi-bin/hello ${stdout}= Oc On Cluster ${alias} - ... oc exec curl-pod -n ${NAMESPACES}[${alias}] -- curl -sS --max-time 10 http://${ip}:${port}/cgi-bin/hello + ... oc exec curl-pod -n ${NAMESPACES}[${alias}] -- curl -sS --max-time 10 ${url} RETURN ${stdout} From 78498ed3ae087b982a90d888682d9d747e9ef824 Mon Sep 17 00:00:00 2001 From: vanhalenar Date: Mon, 1 Jun 2026 12:38:43 +0000 Subject: [PATCH 4/5] Appease Robocop again --- test/suites/c2cc/connectivity.robot | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/test/suites/c2cc/connectivity.robot b/test/suites/c2cc/connectivity.robot index 3d2f14f6e0..acad9b8f18 100644 --- a/test/suites/c2cc/connectivity.robot +++ b/test/suites/c2cc/connectivity.robot @@ -123,7 +123,10 @@ Get Curl Pod IP Curl From Cluster [Documentation] Exec curl from curl-pod on the given cluster to the target IP and port. [Arguments] ${alias} ${ip} ${port} - ${url}= Set Variable If '${IP_FAMILY}' == 'ipv6' http://[${ip}]:${port}/cgi-bin/hello http://${ip}:${port}/cgi-bin/hello + ${url}= Set Variable If + ... '${IP_FAMILY}' == 'ipv6' + ... http://[${ip}]:${port}/cgi-bin/hello + ... http://${ip}:${port}/cgi-bin/hello ${stdout}= Oc On Cluster ${alias} ... oc exec curl-pod -n ${NAMESPACES}[${alias}] -- curl -sS --max-time 10 ${url} RETURN ${stdout} From a5b7b7c6f7270591a666b305e1cd462b6e6784fb Mon Sep 17 00:00:00 2001 From: vanhalenar Date: Tue, 2 Jun 2026 13:15:01 +0000 Subject: [PATCH 5/5] Address comments --- test/resources/c2cc.resource | 15 ++++++--------- .../el10/presubmits/el102-src@c2cc-ipv6.sh | 2 +- .../el9/presubmits/el98-src@c2cc-ipv6.sh | 2 +- test/suites/c2cc/cleanup.robot | 12 ++++-------- test/suites/c2cc/reconciliation.robot | 12 ++++-------- 5 files changed, 16 insertions(+), 27 deletions(-) diff --git a/test/resources/c2cc.resource b/test/resources/c2cc.resource index 3399bb9d03..6748f3bf1f 100644 --- a/test/resources/c2cc.resource +++ b/test/resources/c2cc.resource @@ -32,7 +32,8 @@ ${KUBECONFIG_C} ${EMPTY} &{C2CC_KUBECONFIGS} &{EMPTY} &{C2CC_SSH_IDS} &{EMPTY} @{C2CC_REMOTE_ALIASES} @{EMPTY} -${IP_FAMILY} ipv4 +${IP_FAMILY} ${EMPTY} +${IP_CMD} ${{'ip -6' if '${IP_FAMILY}' == 'ipv6' else 'ip -4'}} *** Keywords *** @@ -136,31 +137,27 @@ Oc Apply On Cluster Verify Routes In Table 200 [Documentation] Check that routes for the given CIDRs exist in table 200. [Arguments] ${alias} ${remote_pod_cidr} ${remote_svc_cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster ${alias} ${ip_cmd} route show table 200 + ${stdout}= Command On Cluster ${alias} ${IP_CMD} route show table 200 Should Contain ${stdout} ${remote_pod_cidr} Should Contain ${stdout} ${remote_svc_cidr} Verify IP Rules For Table 200 [Documentation] Check that IP rules at priority 100 exist for the given CIDRs. [Arguments] ${alias} ${remote_pod_cidr} ${remote_svc_cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster ${alias} ${ip_cmd} rule show + ${stdout}= Command On Cluster ${alias} ${IP_CMD} rule show Should Contain ${stdout} to ${remote_pod_cidr} lookup 200 Should Contain ${stdout} to ${remote_svc_cidr} lookup 200 Verify Routes In Table 201 [Documentation] Check that service routes exist in table 201 for the local service CIDR. [Arguments] ${alias} ${local_svc_cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster ${alias} ${ip_cmd} route show table 201 + ${stdout}= Command On Cluster ${alias} ${IP_CMD} route show table 201 Should Contain ${stdout} ${local_svc_cidr} Verify Service IP Rules [Documentation] Check that IP rules at priority 99 exist for cross-cluster service routing. [Arguments] ${alias} ${remote_pod_cidr} ${remote_svc_cidr} ${local_svc_cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster ${alias} ${ip_cmd} rule show + ${stdout}= Command On Cluster ${alias} ${IP_CMD} rule show Should Contain ${stdout} from ${remote_pod_cidr} to ${local_svc_cidr} lookup 201 Should Contain ${stdout} from ${remote_svc_cidr} to ${local_svc_cidr} lookup 201 diff --git a/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh b/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh index 8a7d9674e9..87c59d9de1 100644 --- a/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh +++ b/test/scenarios-bootc/el10/presubmits/el102-src@c2cc-ipv6.sh @@ -1,7 +1,7 @@ #!/bin/bash # Sourced from scenario.sh and uses functions defined there. -export TEST_RANDOMIZATION=none +export TEST_RANDOMIZATION=suites # Redefine network-related settings to use the dedicated IPv6 network bridge # shellcheck disable=SC2034 # used elsewhere diff --git a/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh b/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh index d198b1fb8d..0aa851eff5 100644 --- a/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh +++ b/test/scenarios-bootc/el9/presubmits/el98-src@c2cc-ipv6.sh @@ -1,7 +1,7 @@ #!/bin/bash # Sourced from scenario.sh and uses functions defined there. -export TEST_RANDOMIZATION=none +export TEST_RANDOMIZATION=suites # Redefine network-related settings to use the dedicated IPv6 network bridge # shellcheck disable=SC2034 # used elsewhere diff --git a/test/suites/c2cc/cleanup.robot b/test/suites/c2cc/cleanup.robot index 81c69e0851..d38c92ef5b 100644 --- a/test/suites/c2cc/cleanup.robot +++ b/test/suites/c2cc/cleanup.robot @@ -23,8 +23,7 @@ ${C2CC_CONFIG_PATH} /etc/microshift/config.d/50-c2cc.yaml *** Test Cases *** No Linux Routes In Table 200 After Disable [Documentation] Routes to remote CIDRs in table 200 should be gone. - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster cluster-a ${ip_cmd} route show table 200 + ${stdout}= Command On Cluster cluster-a ${IP_CMD} route show table 200 FOR ${cidr} IN ... ${CLUSTER_B_POD_CIDR} ... ${CLUSTER_B_SVC_CIDR} @@ -35,8 +34,7 @@ No Linux Routes In Table 200 After Disable No IP Rules For Table 200 After Disable [Documentation] IP rules directing to table 200 should be gone. - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster cluster-a ${ip_cmd} rule show + ${stdout}= Command On Cluster cluster-a ${IP_CMD} rule show FOR ${cidr} IN ... ${CLUSTER_B_POD_CIDR} ... ${CLUSTER_B_SVC_CIDR} @@ -47,14 +45,12 @@ No IP Rules For Table 200 After Disable No Service Routes In Table 201 After Disable [Documentation] Service routes in table 201 should be gone. - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster cluster-a ${ip_cmd} route show table 201 + ${stdout}= Command On Cluster cluster-a ${IP_CMD} route show table 201 Should Not Contain ${stdout} ${CLUSTER_A_SVC_CIDR} No Service IP Rules After Disable [Documentation] Service IP rules for table 201 should be gone. - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - ${stdout}= Command On Cluster cluster-a ${ip_cmd} rule show + ${stdout}= Command On Cluster cluster-a ${IP_CMD} rule show FOR ${cidr} IN ... ${CLUSTER_B_POD_CIDR} ... ${CLUSTER_B_SVC_CIDR} diff --git a/test/suites/c2cc/reconciliation.robot b/test/suites/c2cc/reconciliation.robot index 8c362eed28..44eef57677 100644 --- a/test/suites/c2cc/reconciliation.robot +++ b/test/suites/c2cc/reconciliation.robot @@ -111,27 +111,23 @@ Get Node Name On Cluster Delete Route From Table 200 On Cluster [Documentation] Delete a specific route from policy routing table 200. [Arguments] ${alias} ${cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - Disruptive Command On Cluster ${alias} ${ip_cmd} route del ${cidr} table 200 + Disruptive Command On Cluster ${alias} ${IP_CMD} route del ${cidr} table 200 Delete IP Rule For Table 200 On Cluster [Documentation] Delete an IP rule directing traffic to table 200. [Arguments] ${alias} ${cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - Disruptive Command On Cluster ${alias} ${ip_cmd} rule del to ${cidr} lookup 200 + Disruptive Command On Cluster ${alias} ${IP_CMD} rule del to ${cidr} lookup 200 Delete Service Route From Table 201 On Cluster [Documentation] Delete a service route from table 201. [Arguments] ${alias} ${cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 - Disruptive Command On Cluster ${alias} ${ip_cmd} route del ${cidr} table 201 + Disruptive Command On Cluster ${alias} ${IP_CMD} route del ${cidr} table 201 Delete Service IP Rule On Cluster [Documentation] Delete a service IP rule from table 201. [Arguments] ${alias} ${from_cidr} ${to_cidr} - ${ip_cmd}= Set Variable If '${IP_FAMILY}' == 'ipv6' ip -6 ip -4 Disruptive Command On Cluster ${alias} - ... ${ip_cmd} rule del from ${from_cidr} to ${to_cidr} lookup 201 + ... ${IP_CMD} rule del from ${from_cidr} to ${to_cidr} lookup 201 Delete NFTables C2CC Rule On Cluster [Documentation] Delete an nftables bypass rule by discovering its handle.