* xds-k8s: fix typo WORKLOAD_SERVICE_ACCOUNT to WORKLOAD_SA_EMAIL
also add content about image access and privateCAs
cluster create not to use beta and use mesh certs
Co-authored-by: Sergii Tkachenko <hi@sergii.org>
Error example:
google.protobuf.json_format.ParseError:
Failed to parse details field: Can not find message descriptor
by type_url: type.googleapis.com/google.rpc.BadRequest..
* xds/interop: turn on validate-for-proxyless for urlmap tests
It was turned off because retry and affinity configs were not allowed
for proxyless gRPC.
* REVERT THIS, regenerate resources
* Revert "REVERT THIS, regenerate resources"
This reverts commit a26e2916ef.
* Fix several minor issues with url-map k8s tests
* Revert changes about backend service
* Fix a k8s flag name
* Update tools/run_tests/xds_k8s_test_driver/config/local-dev.cfg.example
Co-authored-by: Sergii Tkachenko <hi@sergii.org>
Co-authored-by: Sergii Tkachenko <hi@sergii.org>
* wip: port non-security tests to k8s
* port forwarding offset
* combine and log health status changes
* split tests
* add remove_neg method
* implement assertRpcsEventuallyGoToGivenServers
* remove neg and change backend
* make maxRatePerEndpoint configurable
* _test suffix
* "rebase" onto master
* yapf and isort
* add to grpc_xds_k8s.sh
* undo change to run_test_server.py
* fix (avoid?) cleanup error with reuse_namespace=True when run with force_cleanup flag
otherwise cleaning up the secondary KubernetesServerRunner tries to
delete the namespace as well (since force overrides the reuse_namespace
flag in
https://github.com/grpc/grpc/blob/master/tools/run_tests/xds_k8s_test_driver/framework/test_app/base_runner.py#L76)
I'm not sure of the intended semantics of reuse_namespace and force, so
unclear if that conditional in base_runner.py should be changed to allow
the calls to cleanup the secondary KubernetesServerRunners continue to
forward the values of the cleanup/force_cleanup flags
* fix dates
* Add support for secondary kube context for failover test
* Revert "Add support for secondary kube context for failover test"
This reverts commit b7455f2a92.
* Revert "add to grpc_xds_k8s.sh"
This reverts commit 737f13fdc8.
Otherwise, unless force_cleanup is set to true, the HTTP target proxy
deletion fails but still unsets the target_proxy field, resulting in the
gRPC target proxy deletion being skipped (and preventing all subsequent
cleanup operations)
* Add xds retry interop test to GKE test framework
* s/Affinity/Retry/
* more informative test name
* enable retry
* update java test server
* add missing import
* Add isort_code.sh to sanity tests
* Run tools/distrib/isort_code.sh
* Fine tune the import order for relative imports
* Make pylint and project generation happy
* Fix a few corner cases
* Use --check instead of --diff
* The import order impacts test result somehow
* Make isort print diff and check output at the same time
* Let tools/run_tests/python_utils be firstparty library
* Run isort against latest HEAD
* affinity test
- most basic affinity test
- verify that the received RDS and CDS are correctly configured for affinity
- verify that all RPCs are only sent to the one backend
- verify that only one sub-channel is connected, the other 2 are IDLE
And infra changes:
- add argument to set affinity config when creating backend service
- add a new backend service "affinity" to be shared by all affinity test
- this backend service is configured to do header affinity
- it has 3 endpoints
- replica support copied from PR https://github.com/grpc/grpc/pull/26360
- update backend services from GRPC to HTTP2, to disable validate-for-proxyless
- this will be reverted later
- add channelz function to query subchannels
- add method to configure the initial RPC config (RPC types and RPC metadata) when creating the client
- set env var to enable RING_HASH support
* c1
* REVERT THIS: update strategy to trigger a manual build
* config: suffix to prefix
* Revert "REVERT THIS: update strategy to trigger a manual build"
This reverts commit 830776fef9.
In gRPC-Go repo, as part of the PSM security interop tests, we changed
the xDS interop server to register admin services (in both secure and
non-secure modes). Attempting to register CSDS without an xds bootstrap
file causes the server binary to exit.
While we work to find a graceful solution to the problem of registering
CSDS without an xds bootstrap file, adding the bootstrap generator to
the non-secure server deployment fixes the issue.
Also, it looks like we would need an xds bootstrap file for non-secure
servers in the near future to test other server features.
Lidi Zheng
sanjaypujare
Sergii Tkachenko
Richard Belleville
Menghan Li
Eric Gribkoff
ZHANG Dapeng
Easwar Swaminathan
Seth Vargo