6. Special Interest Group level requirements ¶
Table of Contents ¶
6.1 Introduction ¶
Kubernetes has defined Testing Special Interest Groups to make it easier for the community to write and run tests, and to contribute, analyze and act upon test results. This chapter basically converts all the requirements written in the previous chapters as mandatory Special Interest Group Features. It enforces the overall requirements traceability to testing, especially those offered for End-to-End Testing The reference conformance, for its part, lists all regexes matching the following Features tabs defined here.
6.2 API Machinery Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:Compreh ensiveNamespaceDraining |
X |
Namespaces should always delete fast (ALL of 100 namespaces in 150 seconds) |
Feature:Cr ossNamespacePodAffinity |
Should verify ResourceQuota with cross namespace pod affinity scope using scope-selectors |
|
Feature:PodPriority |
X |
Verify ResourceQuota’s priority class scope against a pod with different priority class |
Feature:ScopeSelectors |
X |
Verify ResourceQuota with terminating scopes through scope selectors |
Fe ature:StorageVersionAPI |
6.3 Apps Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Featu re:DaemonSetUpdateSurge |
Daemon set should surge pods onto nodes when spec was updated and update strategy is RollingUpdate |
|
Feature:IndexedJob |
Should create pods for an Indexed job with completion indexes |
|
Feature:StatefulSet |
Should creating a working zookeeper cluster |
|
Feature:StatefulUpgrade |
Stateful upgrade should maintain a functioning cluster |
|
Feature:SuspendJob |
Should not create pods when created in suspend state |
|
Feature:TaintEviction |
All pods on the unreachable node should be marked as NotReady upon the node turn NotReady AND all pods should be evicted after eviction timeout passes |
|
F eature:TTLAfterFinished |
X |
Job should be deleted once it finishes after TTL seconds |
6.4 Auth Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:BoundSe rviceAccountTokenVolume |
ServiceAccount admission controller migration master upgrade should maintain a functioning cluster |
|
Fe ature:NodeAuthenticator |
X |
The kubelet’s main port 10250 should reject requests with no credentials |
Feature:NodeAuthorizer |
X |
Setting a non-existent configmap should exit with the Forbidden error, not a NotFound error |
Fe ature:PodSecurityPolicy |
Should enforce the restricted p olicy.PodSecurityPolicy |
|
NodeFeature:FSGroup |
X |
ServiceAccounts should set ownership and permission when RunAsUser or FsGroup is present |
6.5 Cluster Lifecycle Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:BootstrapTokens |
X |
Should delete the token secret when the secret expired |
6.6 Instrumentation Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:Elasticsearch |
Should check that the Kibana logging instance is alive |
|
Feature:Stackdriv erAcceleratorMonitoring |
Stackdriver Monitoring should have accelerator metrics |
|
Feature:S tackdriverCustomMetrics |
Stackdriver Monitoring should run Custom Metrics - Stackdriver Adapter for new resource model |
|
Feature:Sta ckdriverExternalMetrics |
Stackdriver Monitoring should run Custom Metrics - Stackdriver Adapter for external metrics |
|
Feature:S tackdriverMetadataAgent |
Stackdriver Monitoring should run Stackdriver Metadata Agent |
|
Featur e:StackdriverMonitoring |
6.7 Network Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:Example |
Should create pod that uses DNS |
|
Feature:Ingress |
Should prevent Ingress creation if more than 1 IngressClass marked as default |
|
Feature:IPv6DualStack |
Services Secondary IP Family should function for endpoint-Service: http… |
|
Feature:kubemci |
Should create ingress with pre-shared certificate |
|
Feature:Kube ProxyDaemonSetMigration |
Upgrade kube-proxy from static pods to a DaemonSet should maintain a functioning cluster |
|
Feature:Ku beProxyDaemonSetUpgrade |
Upgrade kube-proxy from static pods to a DaemonSet should maintain a functioning cluster |
|
Feature:NEG |
Should sync endpoints to NEG |
|
Feature:NoSNAT |
X |
Should be able to send traffic between Pods without SNAT |
Feature:Networking-IPv4 |
X |
Networking should provide Internet connection for containers |
Feature:Networking-IPv6 |
Networking should provide Internet connection for containers |
|
Feature :Networking-Performance |
X |
run iperf2 |
Feature:NetworkPolicy |
NetworkPolicy between server and client should enforce policy to allow traffic only from a different namespace, based on NamespaceSelector |
|
Feature:PerformanceDNS |
Should answer DNS query for maximum number of services per cluster |
|
Feature:SCTP |
should allow creating a basic SCTP service with pod and endpoints |
|
F eature:SCTPConnectivity |
Pods should function for intra-pod communication: sctp |
6.8 Node Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:Example |
X |
Liveness pods should be automatically restarted |
Feature:Experiment alResourceUsageTracking |
Resource tracking for 100 pods per node |
|
Feature:GPUUpgrade |
Master upgrade should NOT disrupt GPU Pod |
|
Feat ure:PodGarbageCollector |
Should handle the creation of 1000 pods |
|
Feature:Regul arResourceUsageTracking |
Resource tracking for 0 pods per node |
|
Feature:Prob eTerminationGracePeriod |
X |
Probing container should override ti meoutGracePeriodSeconds when LivenessProbe field is set |
NodeFeatu re:DownwardAPIHugePages |
Downward API tests for hugepages should provide container’s lim its.hugepages-pagesize; and reque sts.hugepages-pagesize& as env vars |
|
NodeF eature:PodReadinessGate |
X |
Pods should support pod readiness gates |
Nod eFeature:RuntimeHandler |
RuntimeClass should run a Pod requesting a RuntimeClass with a configured handler |
|
NodeFeature:Sysctls |
X |
Should not launch unsafe, but not explicitly enabled sysctls on the node |
6.9 Scheduling Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:GPUDevicePlugin |
Run Nvidia GPU Device Plugin tests |
|
Feature:LocalS torageCapacityIsolation |
X |
Validates local ephemeral storage resource limits of pods that are allowed to run |
Feature:Recreate |
Run Nvidia GPU Device Plugin tests with a recreation |
6.10 Storage Special Interest Group ¶
Labels |
Mandatory |
Description |
---|---|---|
Conformance |
X |
Kubernetes conformance test |
None |
X |
Kubernetes mainstream features |
Feature:Expan dInUsePersistentVolumes |
||
Feature:Flexvolumes |
||
Feature:GKELocalSSD |
||
Feature:V olumeSnapshotDataSource |
||
Feature:Volumes |
||
Feature:vsphere |
||
Feature:Windows |
||
NodeF eature:EphemeralStorage |
||
NodeFeature:FSGroup |
X |