`<< Back <../../kubernetes>`__
.. _6-special-interest-group-level-requirements:
6. Special Interest Group level requirements
============================================
.. raw:: html
Table of Contents
-----------------
- `6.1 Introduction <#6.1>`__
- `6.2 API Machinery Special Interest Group <#6.2>`__
- `6.3 Apps Special Interest Group <#6.3>`__
- `6.4 Auth Special Interest Group <#6.4>`__
- `6.5 Cluster Lifecycle Special Interest Group <#6.5>`__
- `6.6 Instrumentation Special Interest Group <#6.6>`__
- `6.7 Network Special Interest Group <#6.7>`__
- `6.8 Node Special Interest Group <#6.8>`__
- `6.9 Scheduling Special Interest Group <#6.9>`__
- `6.10 Storage Special Interest Group <#6.10>`__
.. _61-introduction:
6.1 Introduction
----------------
Kubernetes has defined `Testing Special Interest
Groups `__
to make it easier for the community to write and run tests, and to
contribute, analyze and act upon test results. This chapter basically
converts all the requirements written in the previous chapters as
mandatory Special Interest Group Features. It enforces the overall
requirements traceability to testing, especially those offered for
`End-to-End
Testing `__
The reference conformance, for its part, lists all regexes matching the
following Features tabs defined here.
.. _62-api-machinery-special-interest-group:
6.2 `API Machinery Special Interest Group `__
--------------------------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:Compreh | X | Namespaces should |
| ensiveNamespaceDraining | | always delete fast (ALL |
| | | of 100 namespaces in |
| | | 150 seconds) |
+-------------------------+---------------+-------------------------+
| Feature:Cr | | Should verify |
| ossNamespacePodAffinity | | ResourceQuota with |
| | | cross namespace pod |
| | | affinity scope using |
| | | scope-selectors |
+-------------------------+---------------+-------------------------+
| Feature:PodPriority | X | Verify ResourceQuota's |
| | | priority class scope |
| | | against a pod with |
| | | different priority |
| | | class |
+-------------------------+---------------+-------------------------+
| Feature:ScopeSelectors | X | Verify ResourceQuota |
| | | with terminating scopes |
| | | through scope selectors |
+-------------------------+---------------+-------------------------+
| Fe | | |
| ature:StorageVersionAPI | | |
+-------------------------+---------------+-------------------------+
.. _63-apps-special-interest-group:
6.3 `Apps Special Interest Group `__
--------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Featu | | Daemon set should surge |
| re:DaemonSetUpdateSurge | | pods onto nodes when |
| | | spec was updated and |
| | | update strategy is |
| | | RollingUpdate |
+-------------------------+---------------+-------------------------+
| Feature:IndexedJob | | Should create pods for |
| | | an Indexed job with |
| | | completion indexes |
+-------------------------+---------------+-------------------------+
| Feature:StatefulSet | | Should creating a |
| | | working zookeeper |
| | | cluster |
+-------------------------+---------------+-------------------------+
| Feature:StatefulUpgrade | | Stateful upgrade should |
| | | maintain a functioning |
| | | cluster |
+-------------------------+---------------+-------------------------+
| Feature:SuspendJob | | Should not create pods |
| | | when created in suspend |
| | | state |
+-------------------------+---------------+-------------------------+
| Feature:TaintEviction | | All pods on the |
| | | unreachable node should |
| | | be marked as NotReady |
| | | upon the node turn |
| | | NotReady AND all pods |
| | | should be evicted after |
| | | eviction timeout passes |
+-------------------------+---------------+-------------------------+
| F | X | Job should be deleted |
| eature:TTLAfterFinished | | once it finishes after |
| | | TTL seconds |
+-------------------------+---------------+-------------------------+
.. _64-auth-special-interest-group:
6.4 `Auth Special Interest Group `__
--------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:BoundSe | | ServiceAccount |
| rviceAccountTokenVolume | | admission controller |
| | | migration master |
| | | upgrade should maintain |
| | | a functioning cluster |
+-------------------------+---------------+-------------------------+
| Fe | X | The kubelet's main port |
| ature:NodeAuthenticator | | 10250 should reject |
| | | requests with no |
| | | credentials |
+-------------------------+---------------+-------------------------+
| Feature:NodeAuthorizer | X | Setting a non-existent |
| | | configmap should exit |
| | | with the Forbidden |
| | | error, not a NotFound |
| | | error |
+-------------------------+---------------+-------------------------+
| Fe | | Should enforce the |
| ature:PodSecurityPolicy | | restricted |
| | | p |
| | | olicy.PodSecurityPolicy |
+-------------------------+---------------+-------------------------+
| NodeFeature:FSGroup | X | ServiceAccounts should |
| | | set ownership and |
| | | permission when |
| | | RunAsUser or FsGroup is |
| | | present |
+-------------------------+---------------+-------------------------+
.. _65-cluster-lifecycle-special-interest-group:
6.5 `Cluster Lifecycle Special Interest Group `__
----------------------------------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:BootstrapTokens | X | Should delete the token |
| | | secret when the secret |
| | | expired |
+-------------------------+---------------+-------------------------+
.. _66-instrumentation-special-interest-group:
6.6 `Instrumentation Special Interest Group `__
------------------------------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:Elasticsearch | | Should check that the |
| | | Kibana logging instance |
| | | is alive |
+-------------------------+---------------+-------------------------+
| Feature:Stackdriv | | Stackdriver Monitoring |
| erAcceleratorMonitoring | | should have accelerator |
| | | metrics |
+-------------------------+---------------+-------------------------+
| Feature:S | | Stackdriver Monitoring |
| tackdriverCustomMetrics | | should run Custom |
| | | Metrics - Stackdriver |
| | | Adapter for new |
| | | resource model |
+-------------------------+---------------+-------------------------+
| Feature:Sta | | Stackdriver Monitoring |
| ckdriverExternalMetrics | | should run Custom |
| | | Metrics - Stackdriver |
| | | Adapter for external |
| | | metrics |
+-------------------------+---------------+-------------------------+
| Feature:S | | Stackdriver Monitoring |
| tackdriverMetadataAgent | | should run Stackdriver |
| | | Metadata Agent |
+-------------------------+---------------+-------------------------+
| Featur | | |
| e:StackdriverMonitoring | | |
+-------------------------+---------------+-------------------------+
.. _67-network-special-interest-group:
6.7 `Network Special Interest Group `__
--------------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:Example | | Should create pod that |
| | | uses DNS |
+-------------------------+---------------+-------------------------+
| Feature:Ingress | | Should prevent Ingress |
| | | creation if more than 1 |
| | | IngressClass marked as |
| | | default |
+-------------------------+---------------+-------------------------+
| Feature:IPv6DualStack | | Services Secondary IP |
| | | Family should function |
| | | for endpoint-Service: |
| | | http... |
+-------------------------+---------------+-------------------------+
| Feature:kubemci | | Should create ingress |
| | | with pre-shared |
| | | certificate |
+-------------------------+---------------+-------------------------+
| Feature:Kube | | Upgrade kube-proxy from |
| ProxyDaemonSetMigration | | static pods to a |
| | | DaemonSet should |
| | | maintain a functioning |
| | | cluster |
+-------------------------+---------------+-------------------------+
| Feature:Ku | | Upgrade kube-proxy from |
| beProxyDaemonSetUpgrade | | static pods to a |
| | | DaemonSet should |
| | | maintain a functioning |
| | | cluster |
+-------------------------+---------------+-------------------------+
| Feature:NEG | | Should sync endpoints |
| | | to NEG |
+-------------------------+---------------+-------------------------+
| Feature:NoSNAT | X | Should be able to send |
| | | traffic between Pods |
| | | without SNAT |
+-------------------------+---------------+-------------------------+
| Feature:Networking-IPv4 | X | Networking should |
| | | provide Internet |
| | | connection for |
| | | containers |
+-------------------------+---------------+-------------------------+
| Feature:Networking-IPv6 | | Networking should |
| | | provide Internet |
| | | connection for |
| | | containers |
+-------------------------+---------------+-------------------------+
| Feature | X | run iperf2 |
| :Networking-Performance | | |
+-------------------------+---------------+-------------------------+
| Feature:NetworkPolicy | | NetworkPolicy between |
| | | server and client |
| | | should enforce policy |
| | | to allow traffic only |
| | | from a different |
| | | namespace, based on |
| | | NamespaceSelector |
+-------------------------+---------------+-------------------------+
| Feature:PerformanceDNS | | Should answer DNS query |
| | | for maximum number of |
| | | services per cluster |
+-------------------------+---------------+-------------------------+
| Feature:SCTP | | should allow creating a |
| | | basic SCTP service with |
| | | pod and endpoints |
+-------------------------+---------------+-------------------------+
| F | | Pods should function |
| eature:SCTPConnectivity | | for intra-pod |
| | | communication: sctp |
+-------------------------+---------------+-------------------------+
.. _68-node-special-interest-group:
6.8 `Node Special Interest Group `__
--------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:Example | X | Liveness pods should be |
| | | automatically restarted |
+-------------------------+---------------+-------------------------+
| Feature:Experiment | | Resource tracking for |
| alResourceUsageTracking | | 100 pods per node |
+-------------------------+---------------+-------------------------+
| Feature:GPUUpgrade | | Master upgrade should |
| | | NOT disrupt GPU Pod |
+-------------------------+---------------+-------------------------+
| Feat | | Should handle the |
| ure:PodGarbageCollector | | creation of 1000 pods |
+-------------------------+---------------+-------------------------+
| Feature:Regul | | Resource tracking for 0 |
| arResourceUsageTracking | | pods per node |
+-------------------------+---------------+-------------------------+
| Feature:Prob | X | Probing container |
| eTerminationGracePeriod | | should override |
| | | ti |
| | | meoutGracePeriodSeconds |
| | | when LivenessProbe |
| | | field is set |
+-------------------------+---------------+-------------------------+
| NodeFeatu | | Downward API tests for |
| re:DownwardAPIHugePages | | hugepages should |
| | | provide container's |
| | | lim |
| | | its.hugepages-pagesize; |
| | | and |
| | | reque |
| | | sts.hugepages-pagesize& |
| | | as env vars |
+-------------------------+---------------+-------------------------+
| NodeF | X | Pods should support pod |
| eature:PodReadinessGate | | readiness gates |
+-------------------------+---------------+-------------------------+
| Nod | | RuntimeClass should run |
| eFeature:RuntimeHandler | | a Pod requesting a |
| | | RuntimeClass with a |
| | | configured handler |
+-------------------------+---------------+-------------------------+
| NodeFeature:Sysctls | X | Should not launch |
| | | unsafe, but not |
| | | explicitly enabled |
| | | sysctls on the node |
+-------------------------+---------------+-------------------------+
.. _69-scheduling-special-interest-group:
6.9 `Scheduling Special Interest Group `__
--------------------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:GPUDevicePlugin | | Run Nvidia GPU Device |
| | | Plugin tests |
+-------------------------+---------------+-------------------------+
| Feature:LocalS | X | Validates local |
| torageCapacityIsolation | | ephemeral storage |
| | | resource limits of pods |
| | | that are allowed to run |
+-------------------------+---------------+-------------------------+
| Feature:Recreate | | Run Nvidia GPU Device |
| | | Plugin tests with a |
| | | recreation |
+-------------------------+---------------+-------------------------+
.. _610-storage-special-interest-group:
6.10 `Storage Special Interest Group `__
---------------------------------------------------------------------------------------------------------
+-------------------------+---------------+-------------------------+
| **Labels** | **Mandatory** | **Description** |
+=========================+===============+=========================+
| Conformance | X | Kubernetes conformance |
| | | test |
+-------------------------+---------------+-------------------------+
| None | X | Kubernetes mainstream |
| | | features |
+-------------------------+---------------+-------------------------+
| Feature:Expan | | |
| dInUsePersistentVolumes | | |
+-------------------------+---------------+-------------------------+
| Feature:Flexvolumes | | |
+-------------------------+---------------+-------------------------+
| Feature:GKELocalSSD | | |
+-------------------------+---------------+-------------------------+
| Feature:V | | |
| olumeSnapshotDataSource | | |
+-------------------------+---------------+-------------------------+
| Feature:Volumes | | |
+-------------------------+---------------+-------------------------+
| Feature:vsphere | | |
+-------------------------+---------------+-------------------------+
| Feature:Windows | | |
+-------------------------+---------------+-------------------------+
| NodeF | | |
| eature:EphemeralStorage | | |
+-------------------------+---------------+-------------------------+
| NodeFeature:FSGroup | X | |
+-------------------------+---------------+-------------------------+