From b6af5a783a8bad2ed3a4325db0816d0705116d83 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Thu, 9 Jan 2025 14:21:53 -0600 Subject: [PATCH 01/19] Add Cilium BGP LB e2e test --- .github/workflows/ci.yml | 3 + Makefile | 38 ++++++++ devbox.json | 1 + e2e/lb-cilium-bgp/chainsaw-test.yaml | 109 ++++++++++++++++++++++ e2e/lb-cilium-bgp/create-pod-service.yaml | 24 +++++ 5 files changed, 175 insertions(+) create mode 100644 e2e/lb-cilium-bgp/chainsaw-test.yaml create mode 100644 e2e/lb-cilium-bgp/create-pod-service.yaml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e3760d9f..78394bd1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -156,6 +156,9 @@ jobs: - name: Run E2E Tests run: devbox run e2e-test + - name: Run Cilium BGP e2e test + run: devbox run e2e-test-bgp + - name: Cleanup Resources if: always() run: devbox run cleanup-cluster diff --git a/Makefile b/Makefile index d6685581..2e76d24c 100644 --- a/Makefile +++ b/Makefile @@ -195,6 +195,44 @@ e2e-test: LINODE_TOKEN=$(LINODE_TOKEN) \ chainsaw test e2e/test --parallel 2 +.PHONY: e2e-test-bgp +e2e-test-bgp: + # Patch CCM to enable BGPkubectl -n kube-system patch daemonset ccm-linode --patch '\ + spec:\ + template:\ + spec:\ + containers:\ + - name: ccm-linode\ + args:\ + - --leader-elect-resource-lock=leases\ + - --v=3\ + - --secure-port=10253\ + - --webhook-secure-port=0\ + - --enable-route-controller=true\ + - --vpc-name=capl-cluster\ + - --configure-cloud-routes=true\ + - --cluster-cidr=10.0.0.0/8\ + - --load-balancer-type=cilium-bgp\ + - --bgp-node-selector=cilium-bgp-peering=true\ + - --ip-holder-suffix=e2e-test + kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ + -p='[{\ + "op": "add",\ + "path": "/rules/-",\ + "value": {\ + "apiGroups": ["cilium.io"],\ + "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"],\ + "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ + }\ + }]' + # Run the test + CLUSTER_NAME=$(CLUSTER_NAME) \ + MGMT_KUBECONFIG=$(MGMT_KUBECONFIG_PATH) \ + KUBECONFIG=$(KUBECONFIG_PATH) \ + REGION=$(LINODE_REGION) \ + LINODE_TOKEN=$(LINODE_TOKEN) \ + chainsaw test e2e/test/lb-cilium-bgp + ##################################################################### # OS / ARCH ##################################################################### diff --git a/devbox.json b/devbox.json index d2a43fe8..ff3d96fa 100644 --- a/devbox.json +++ b/devbox.json @@ -21,6 +21,7 @@ "scripts": { "mgmt-and-capl-cluster": "make mgmt-and-capl-cluster", "e2e-test": "make e2e-test", + "e2e-test-bgp": "make e2e-test-bgp", "cleanup-cluster": "make cleanup-cluster" } }, diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/lb-cilium-bgp/chainsaw-test.yaml new file mode 100644 index 00000000..29edffc2 --- /dev/null +++ b/e2e/lb-cilium-bgp/chainsaw-test.yaml @@ -0,0 +1,109 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json +apiVersion: chainsaw.kyverno.io/v1alpha1 +kind: Test +metadata: + name: cilium-bgp-test +spec: + namespace: "cilium-bgp-test" + steps: + - name: Check if CCM is deployed + try: + - assert: + file: ../test/assert-ccm-resources.yaml + - name: Create a pod and service with load balancer type cilium-bgp + try: + - apply: + file: create-pod-service.yaml + catch: + - describe: + apiVersion: v1 + kind: Pod + - describe: + apiVersion: v1 + kind: Service + - name: Verify CiliumLoadBalancerIPPool creation + try: + - assert: + resource: + apiVersion: cilium.io/v2alpha1 + kind: CiliumLoadBalancerIPPool + metadata: + name: cilium-bgp-test-test-bgp-svc-pool + spec: + disabled: false + - name: Verify CiliumBGPPeeringPolicy + try: + - assert: + resource: + apiVersion: cilium.io/v2alpha1 + kind: CiliumBGPPeeringPolicy + metadata: + name: linode-ccm-bgp-peering + spec: + nodeSelector: + matchLabels: + cilium-bgp-peering: "true" + - name: Check LoadBalancer IP assignment + try: + - assert: + resource: + apiVersion: v1 + kind: Service + metadata: + name: test-bgp-svc + status: + conditions: + - status: "True" + type: cilium.io/IPAMRequestSatisfied + - name: Verify IP sharing on labeled nodes + try: + - script: + content: | + set -e + + # Get the LoadBalancer IP + LB_IP=$(kubectl get svc test-bgp-svc -n cilium-bgp-test -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + + # Get nodes with BGP label + BGP_NODES=$(kubectl get nodes -l cilium-bgp-peering=true -o name) + + if [ -z "$BGP_NODES" ]; then + echo "No nodes found with label cilium-bgp-peering=true" + exit 1 + fi + + # Check if IP is shared on each BGP node + for node in $BGP_NODES; do + NODE_ID=$(kubectl get $node -o jsonpath='{.spec.providerID}' | sed 's|linode://||') + echo "Node ID: $NODE_ID" + + SHARED_IPS=$(curl -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NODE_ID/ips" | \ + jq -r '.ipv4.shared[].address') + echo "shared IPs: $SHARED_IPS" + + if ! echo "$SHARED_IPS" | grep -q "$LB_IP"; then + echo "LoadBalancer IP $LB_IP not found in shared IPs of node $node" + exit 1 + fi + + # Check if the nanode has the shared IP + NANODE_ID=$(curl -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances" | \ + jq -r '.data[] | select(.label | endswith("e2e-test")) | .id') + + NANODE_IPS=$(curl -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID/ips" | \ + jq -r '.ipv4.public[].address') + + if ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then + echo "LoadBalancer IP not found in nanode (IP placeholder) IPs" + exit 1 + fi + + done + check: + ($error == null): true + (contains($stdout, 'LoadBalancer IP not found in shared IPs of node')): false + (contains($stdout, 'LoadBalancer IP not found in nanode IPs')): false + diff --git a/e2e/lb-cilium-bgp/create-pod-service.yaml b/e2e/lb-cilium-bgp/create-pod-service.yaml new file mode 100644 index 00000000..46edebfe --- /dev/null +++ b/e2e/lb-cilium-bgp/create-pod-service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: test-pod-1 + labels: + app: test-bgp +spec: + containers: + - name: nginx + image: nginx:latest + ports: + - containerPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: test-bgp-svc +spec: + type: LoadBalancer + ports: + - port: 80 + targetPort: 80 + selector: + app: test-bgp \ No newline at end of file From bd9cb3fbb4f9288e178997c136b7565a20d11754 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Thu, 9 Jan 2025 14:23:08 -0600 Subject: [PATCH 02/19] Makefile fix --- Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 2e76d24c..1760e3d5 100644 --- a/Makefile +++ b/Makefile @@ -197,7 +197,7 @@ e2e-test: .PHONY: e2e-test-bgp e2e-test-bgp: - # Patch CCM to enable BGPkubectl -n kube-system patch daemonset ccm-linode --patch '\ + kubectl -n kube-system patch daemonset ccm-linode --patch '\ spec:\ template:\ spec:\ @@ -225,7 +225,6 @@ e2e-test-bgp: "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ }\ }]' - # Run the test CLUSTER_NAME=$(CLUSTER_NAME) \ MGMT_KUBECONFIG=$(MGMT_KUBECONFIG_PATH) \ KUBECONFIG=$(KUBECONFIG_PATH) \ From 104f1a5516397ef99ffc6c7697d293a9a5b72e71 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Thu, 9 Jan 2025 14:24:34 -0600 Subject: [PATCH 03/19] Adding nanode cleanup --- e2e/lb-cilium-bgp/chainsaw-test.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/lb-cilium-bgp/chainsaw-test.yaml index 29edffc2..f7868b2d 100644 --- a/e2e/lb-cilium-bgp/chainsaw-test.yaml +++ b/e2e/lb-cilium-bgp/chainsaw-test.yaml @@ -100,6 +100,10 @@ spec: echo "LoadBalancer IP not found in nanode (IP placeholder) IPs" exit 1 fi + + # Delete the nanode + curl -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID" done check: From 275cfc021e3e39fdcd0b29a4f4e3e5aa0d0eb0be Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Thu, 9 Jan 2025 14:26:51 -0600 Subject: [PATCH 04/19] nit fix: adding eod --- e2e/lb-cilium-bgp/create-pod-service.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e/lb-cilium-bgp/create-pod-service.yaml b/e2e/lb-cilium-bgp/create-pod-service.yaml index 46edebfe..b2f96238 100644 --- a/e2e/lb-cilium-bgp/create-pod-service.yaml +++ b/e2e/lb-cilium-bgp/create-pod-service.yaml @@ -21,4 +21,4 @@ spec: - port: 80 targetPort: 80 selector: - app: test-bgp \ No newline at end of file + app: test-bgp From bf4ed94089e02e8bd059b17d19d29eb11de20c64 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Thu, 9 Jan 2025 14:28:53 -0600 Subject: [PATCH 05/19] Adding right kubeconfig path for patchs in Makefile --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 1760e3d5..f1f33a2e 100644 --- a/Makefile +++ b/Makefile @@ -197,7 +197,7 @@ e2e-test: .PHONY: e2e-test-bgp e2e-test-bgp: - kubectl -n kube-system patch daemonset ccm-linode --patch '\ + KUBECONFIG=$(KUBECONFIG_PATH) kubectl -n kube-system patch daemonset ccm-linode --patch '\ spec:\ template:\ spec:\ @@ -215,7 +215,7 @@ e2e-test-bgp: - --load-balancer-type=cilium-bgp\ - --bgp-node-selector=cilium-bgp-peering=true\ - --ip-holder-suffix=e2e-test - kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ + KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ -p='[{\ "op": "add",\ "path": "/rules/-",\ From 4efe366c2a237e702f8b985cc9ec264d64512f74 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 11:45:05 -0600 Subject: [PATCH 06/19] fix up the test --- Makefile | 62 ++++++++++++++-------------- e2e/lb-cilium-bgp/chainsaw-test.yaml | 47 ++++++++++++--------- 2 files changed, 57 insertions(+), 52 deletions(-) diff --git a/Makefile b/Makefile index f1f33a2e..b98e613b 100644 --- a/Makefile +++ b/Makefile @@ -197,40 +197,38 @@ e2e-test: .PHONY: e2e-test-bgp e2e-test-bgp: - KUBECONFIG=$(KUBECONFIG_PATH) kubectl -n kube-system patch daemonset ccm-linode --patch '\ - spec:\ - template:\ - spec:\ - containers:\ - - name: ccm-linode\ - args:\ - - --leader-elect-resource-lock=leases\ - - --v=3\ - - --secure-port=10253\ - - --webhook-secure-port=0\ - - --enable-route-controller=true\ - - --vpc-name=capl-cluster\ - - --configure-cloud-routes=true\ - - --cluster-cidr=10.0.0.0/8\ - - --load-balancer-type=cilium-bgp\ - - --bgp-node-selector=cilium-bgp-peering=true\ - - --ip-holder-suffix=e2e-test + # Add bgp peering label to non control plane nodes + KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes $$(kubectl get nodes --no-headers |\ + grep -v control-plane | awk '{print $$1}') cilium-bgp-peering=true --overwrite + + # First patch: Add the necessary RBAC permissions KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ - -p='[{\ - "op": "add",\ - "path": "/rules/-",\ - "value": {\ - "apiGroups": ["cilium.io"],\ - "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"],\ - "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ - }\ - }]' + -p='[{\ + "op": "add",\ + "path": "/rules/-",\ + "value": {\ + "apiGroups": ["cilium.io"],\ + "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"],\ + "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ + }\ + }]' + + # Patch: Append new args to the existing ones + KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch daemonset ccm-linode -n kube-system --type='json' \ + -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--bgp-node-selector=cilium-bgp-peering=true"},\ + {"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--load-balancer-type=cilium-bgp"},\ + {"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--ip-holder-suffix=$(CLUSTER_NAME)"}]' + + # Wait for rollout + KUBECONFIG=$(KUBECONFIG_PATH) kubectl -n kube-system rollout status daemonset/ccm-linode --timeout=300s + + # Run the tests CLUSTER_NAME=$(CLUSTER_NAME) \ - MGMT_KUBECONFIG=$(MGMT_KUBECONFIG_PATH) \ - KUBECONFIG=$(KUBECONFIG_PATH) \ - REGION=$(LINODE_REGION) \ - LINODE_TOKEN=$(LINODE_TOKEN) \ - chainsaw test e2e/test/lb-cilium-bgp + MGMT_KUBECONFIG=$(MGMT_KUBECONFIG_PATH) \ + KUBECONFIG=$(KUBECONFIG_PATH) \ + REGION=$(LINODE_REGION) \ + LINODE_TOKEN=$(LINODE_TOKEN) \ + chainsaw test e2e/lb-cilium-bgp ##################################################################### # OS / ARCH diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/lb-cilium-bgp/chainsaw-test.yaml index f7868b2d..49040763 100644 --- a/e2e/lb-cilium-bgp/chainsaw-test.yaml +++ b/e2e/lb-cilium-bgp/chainsaw-test.yaml @@ -77,35 +77,42 @@ spec: NODE_ID=$(kubectl get $node -o jsonpath='{.spec.providerID}' | sed 's|linode://||') echo "Node ID: $NODE_ID" - SHARED_IPS=$(curl -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances/$NODE_ID/ips" | \ - jq -r '.ipv4.shared[].address') + # Get node IPs with error handling + NODE_IP_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NODE_ID/ips") + + # Check if shared IPs exist, if not use empty array + SHARED_IPS=$(echo "$NODE_IP_RESPONSE" | jq -r '.ipv4.shared[]?.address // empty') echo "shared IPs: $SHARED_IPS" - if ! echo "$SHARED_IPS" | grep -q "$LB_IP"; then + if [ -n "$SHARED_IPS" ] && ! echo "$SHARED_IPS" | grep -q "$LB_IP"; then echo "LoadBalancer IP $LB_IP not found in shared IPs of node $node" exit 1 fi + done # Check if the nanode has the shared IP - NANODE_ID=$(curl -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances" | \ - jq -r '.data[] | select(.label | endswith("e2e-test")) | .id') - - NANODE_IPS=$(curl -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances/$NANODE_ID/ips" | \ - jq -r '.ipv4.public[].address') + NANODE_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances") - if ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then - echo "LoadBalancer IP not found in nanode (IP placeholder) IPs" - exit 1 - fi + NANODE_ID=$(echo "$NANODE_RESPONSE" | \ + jq -r '.data[] | select(.label | endswith("$CLUSTER_NAME")) | .id') - # Delete the nanode - curl -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances/$NANODE_ID" - - done + if [ -n "$NANODE_ID" ]; then + NANODE_IP_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID/ips") + + NANODE_IPS=$(echo "$NANODE_IP_RESPONSE" | jq -r '.ipv4.public[]?.address // empty') + + if [ -n "$NANODE_IPS" ] && ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then + echo "LoadBalancer IP not found in nanode (IP placeholder) IPs" + exit 1 + fi + + # Delete the nanode + curl -s -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID" + fi check: ($error == null): true (contains($stdout, 'LoadBalancer IP not found in shared IPs of node')): false From 0359ebdc24665264fa21a799b8859648a7569bcb Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 12:12:47 -0600 Subject: [PATCH 07/19] debug --- .github/workflows/ci.yml | 4 ++-- Makefile | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 78394bd1..3ba37d40 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -153,8 +153,8 @@ jobs: - name: Setup CAPL Management Kind Cluster and CAPL Child Cluster For Testing run: devbox run mgmt-and-capl-cluster - - name: Run E2E Tests - run: devbox run e2e-test + # - name: Run E2E Tests + # run: devbox run e2e-test - name: Run Cilium BGP e2e test run: devbox run e2e-test-bgp diff --git a/Makefile b/Makefile index b98e613b..cf0c9c95 100644 --- a/Makefile +++ b/Makefile @@ -197,6 +197,11 @@ e2e-test: .PHONY: e2e-test-bgp e2e-test-bgp: + # Debugging: Print the nodes in the cluster + KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes -o wide + KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes --no-headers |\ + grep -v control-plane | awk '{print $$1}' + # Add bgp peering label to non control plane nodes KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes $$(kubectl get nodes --no-headers |\ grep -v control-plane | awk '{print $$1}') cilium-bgp-peering=true --overwrite From fce1d2aa1bb8ae0c59ad6be87bcf7ae18dcd7a5e Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 12:33:12 -0600 Subject: [PATCH 08/19] Handle multiple nodes for labeling --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index cf0c9c95..02470767 100644 --- a/Makefile +++ b/Makefile @@ -204,7 +204,7 @@ e2e-test-bgp: # Add bgp peering label to non control plane nodes KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes $$(kubectl get nodes --no-headers |\ - grep -v control-plane | awk '{print $$1}') cilium-bgp-peering=true --overwrite + grep -v control-plane | awk '{print $$1}' | paste -sd " " -) cilium-bgp-peering=true --overwrite # First patch: Add the necessary RBAC permissions KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ From 827b15389a12bdff4c296b9f7b928dc67b1320c3 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 14:30:00 -0600 Subject: [PATCH 09/19] fix? --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 02470767..91c5e883 100644 --- a/Makefile +++ b/Makefile @@ -203,8 +203,8 @@ e2e-test-bgp: grep -v control-plane | awk '{print $$1}' # Add bgp peering label to non control plane nodes - KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes $$(kubectl get nodes --no-headers |\ - grep -v control-plane | awk '{print $$1}' | paste -sd " " -) cilium-bgp-peering=true --overwrite + KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes --no-headers | grep -v control-plane |\ + awk '{print $1}' | xargs -I {} kubectl label nodes {} cilium-bgp-peering=true --overwrite # First patch: Add the necessary RBAC permissions KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ From b1ad112993ff7f689cde0cb00be6c6713086f2a3 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 14:31:32 -0600 Subject: [PATCH 10/19] Syntax fix --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 91c5e883..a187a23e 100644 --- a/Makefile +++ b/Makefile @@ -204,7 +204,7 @@ e2e-test-bgp: # Add bgp peering label to non control plane nodes KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes --no-headers | grep -v control-plane |\ - awk '{print $1}' | xargs -I {} kubectl label nodes {} cilium-bgp-peering=true --overwrite + awk '{print $$1}' | xargs -I {} kubectl label nodes {} cilium-bgp-peering=true --overwrite # First patch: Add the necessary RBAC permissions KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ From 422b7ca3c480534466d08e84b723d94294582dcb Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 14:54:03 -0600 Subject: [PATCH 11/19] fix? --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a187a23e..9c6e25ca 100644 --- a/Makefile +++ b/Makefile @@ -204,7 +204,7 @@ e2e-test-bgp: # Add bgp peering label to non control plane nodes KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes --no-headers | grep -v control-plane |\ - awk '{print $$1}' | xargs -I {} kubectl label nodes {} cilium-bgp-peering=true --overwrite + awk '{print $$1}' | xargs -I {} env KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes {} cilium-bgp-peering=true --overwrite # First patch: Add the necessary RBAC permissions KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ From fa28e568260008f7cac4b684723e6a6e2349e5fa Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 15:15:40 -0600 Subject: [PATCH 12/19] test --- Makefile | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index 9c6e25ca..e5f8b632 100644 --- a/Makefile +++ b/Makefile @@ -207,16 +207,9 @@ e2e-test-bgp: awk '{print $$1}' | xargs -I {} env KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes {} cilium-bgp-peering=true --overwrite # First patch: Add the necessary RBAC permissions - KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json' \ - -p='[{\ - "op": "add",\ - "path": "/rules/-",\ - "value": {\ - "apiGroups": ["cilium.io"],\ - "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"],\ - "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ - }\ - }]' + KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json'\ + -p='[{"op": "add", "path": "/rules/-", "value": {"apiGroups": ["cilium.io"], "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"], "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]}}]' + # Patch: Append new args to the existing ones KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch daemonset ccm-linode -n kube-system --type='json' \ From 6190572b9927221ad5d7520f22d6fe6f3b858354 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 15:37:13 -0600 Subject: [PATCH 13/19] fix --- Makefile | 41 +++++++++++++++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index e5f8b632..c097bc5d 100644 --- a/Makefile +++ b/Makefile @@ -207,16 +207,41 @@ e2e-test-bgp: awk '{print $$1}' | xargs -I {} env KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes {} cilium-bgp-peering=true --overwrite # First patch: Add the necessary RBAC permissions - KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole --type='json'\ - -p='[{"op": "add", "path": "/rules/-", "value": {"apiGroups": ["cilium.io"], "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"], "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]}}]' - + KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole \ + --type='json' \ + -p='[\ + {\ + "op": "add",\ + "path": "/rules/-",\ + "value": {\ + "apiGroups": ["cilium.io"],\ + "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"],\ + "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ + }\ + }\ + ]' # Patch: Append new args to the existing ones - KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch daemonset ccm-linode -n kube-system --type='json' \ - -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--bgp-node-selector=cilium-bgp-peering=true"},\ - {"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--load-balancer-type=cilium-bgp"},\ - {"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--ip-holder-suffix=$(CLUSTER_NAME)"}]' - + KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch daemonset ccm-linode -n kube-system \ + --type='json' \ + -p='[\ + {\ + "op": "add",\ + "path": "/spec/template/spec/containers/0/args/-",\ + "value": "--bgp-node-selector=cilium-bgp-peering=true"\ + },\ + {\ + "op": "add",\ + "path": "/spec/template/spec/containers/0/args/-",\ + "value": "--load-balancer-type=cilium-bgp"\ + },\ + {\ + "op": "add",\ + "path": "/spec/template/spec/containers/0/args/-",\ + "value": "--ip-holder-suffix=ccm-8039dcf"\ + }\ + ]' + # Wait for rollout KUBECONFIG=$(KUBECONFIG_PATH) kubectl -n kube-system rollout status daemonset/ccm-linode --timeout=300s From 4c3ef4401bfe7a9a09d3ff2e3719187343b30afd Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 16:12:23 -0600 Subject: [PATCH 14/19] Using bash/shell script to patch to make thing reabable and fix issue with makefile patches --- Makefile | 48 +++------------------------------------ e2e/setup/cilium-setup.sh | 32 ++++++++++++++++++++++++++ 2 files changed, 35 insertions(+), 45 deletions(-) create mode 100755 e2e/setup/cilium-setup.sh diff --git a/Makefile b/Makefile index c097bc5d..cb447e09 100644 --- a/Makefile +++ b/Makefile @@ -197,51 +197,9 @@ e2e-test: .PHONY: e2e-test-bgp e2e-test-bgp: - # Debugging: Print the nodes in the cluster - KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes -o wide - KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes --no-headers |\ - grep -v control-plane | awk '{print $$1}' - - # Add bgp peering label to non control plane nodes - KUBECONFIG=$(KUBECONFIG_PATH) kubectl get nodes --no-headers | grep -v control-plane |\ - awk '{print $$1}' | xargs -I {} env KUBECONFIG=$(KUBECONFIG_PATH) kubectl label nodes {} cilium-bgp-peering=true --overwrite - - # First patch: Add the necessary RBAC permissions - KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch clusterrole ccm-linode-clusterrole \ - --type='json' \ - -p='[\ - {\ - "op": "add",\ - "path": "/rules/-",\ - "value": {\ - "apiGroups": ["cilium.io"],\ - "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"],\ - "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"]\ - }\ - }\ - ]' - - # Patch: Append new args to the existing ones - KUBECONFIG=$(KUBECONFIG_PATH) kubectl patch daemonset ccm-linode -n kube-system \ - --type='json' \ - -p='[\ - {\ - "op": "add",\ - "path": "/spec/template/spec/containers/0/args/-",\ - "value": "--bgp-node-selector=cilium-bgp-peering=true"\ - },\ - {\ - "op": "add",\ - "path": "/spec/template/spec/containers/0/args/-",\ - "value": "--load-balancer-type=cilium-bgp"\ - },\ - {\ - "op": "add",\ - "path": "/spec/template/spec/containers/0/args/-",\ - "value": "--ip-holder-suffix=ccm-8039dcf"\ - }\ - ]' - + # Setup Cilium BGP peering + KUBECONFIG=$(KUBECONFIG_PATH) CLUSTER_SUFFIX=$(CLUSTER_NAME) ./e2e/setup/cilium-setup.sh + # Wait for rollout KUBECONFIG=$(KUBECONFIG_PATH) kubectl -n kube-system rollout status daemonset/ccm-linode --timeout=300s diff --git a/e2e/setup/cilium-setup.sh b/e2e/setup/cilium-setup.sh new file mode 100755 index 00000000..e26107da --- /dev/null +++ b/e2e/setup/cilium-setup.sh @@ -0,0 +1,32 @@ +#!/bin/bash +set -euo pipefail + +# Add bgp peering label to non control plane nodes +kubectl get nodes --no-headers | grep -v control-plane |\ + awk '{print $1}' | xargs -I {} kubectl label nodes {} cilium-bgp-peering=true --overwrite + +# Add RBAC permissions +kubectl patch clusterrole ccm-linode-clusterrole --type='json' -p='[{ + "op": "add", + "path": "/rules/-", + "value": { + "apiGroups": ["cilium.io"], + "resources": ["ciliumloadbalancerippools", "ciliumbgppeeringpolicies"], + "verbs": ["get", "list", "watch", "create", "update", "patch", "delete"] + } +}]' + +# Patch DaemonSet +kubectl patch daemonset ccm-linode -n kube-system --type='json' -p='[{ + "op": "add", + "path": "/spec/template/spec/containers/0/args/-", + "value": "--bgp-node-selector=cilium-bgp-peering=true" +}, { + "op": "add", + "path": "/spec/template/spec/containers/0/args/-", + "value": "--load-balancer-type=cilium-bgp" +}, { + "op": "add", + "path": "/spec/template/spec/containers/0/args/-", + "value": "--ip-holder-suffix='"${CLUSTER_SUFFIX}"'" +}]' From 738fb4b481563208c032c688c053a2baacc24a14 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Fri, 10 Jan 2025 16:30:46 -0600 Subject: [PATCH 15/19] Enable old tests back and some clean up --- .github/workflows/ci.yml | 4 ++-- Makefile | 5 ----- e2e/setup/cilium-setup.sh | 2 +- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3ba37d40..78394bd1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -153,8 +153,8 @@ jobs: - name: Setup CAPL Management Kind Cluster and CAPL Child Cluster For Testing run: devbox run mgmt-and-capl-cluster - # - name: Run E2E Tests - # run: devbox run e2e-test + - name: Run E2E Tests + run: devbox run e2e-test - name: Run Cilium BGP e2e test run: devbox run e2e-test-bgp diff --git a/Makefile b/Makefile index cb447e09..8db3207a 100644 --- a/Makefile +++ b/Makefile @@ -197,13 +197,8 @@ e2e-test: .PHONY: e2e-test-bgp e2e-test-bgp: - # Setup Cilium BGP peering KUBECONFIG=$(KUBECONFIG_PATH) CLUSTER_SUFFIX=$(CLUSTER_NAME) ./e2e/setup/cilium-setup.sh - - # Wait for rollout KUBECONFIG=$(KUBECONFIG_PATH) kubectl -n kube-system rollout status daemonset/ccm-linode --timeout=300s - - # Run the tests CLUSTER_NAME=$(CLUSTER_NAME) \ MGMT_KUBECONFIG=$(MGMT_KUBECONFIG_PATH) \ KUBECONFIG=$(KUBECONFIG_PATH) \ diff --git a/e2e/setup/cilium-setup.sh b/e2e/setup/cilium-setup.sh index e26107da..9e8a7afb 100755 --- a/e2e/setup/cilium-setup.sh +++ b/e2e/setup/cilium-setup.sh @@ -1,7 +1,7 @@ #!/bin/bash set -euo pipefail -# Add bgp peering label to non control plane nodes +# Add bgp peering label to non control plane nodes. Needed to update the shared IP on the nodes kubectl get nodes --no-headers | grep -v control-plane |\ awk '{print $1}' | xargs -I {} kubectl label nodes {} cilium-bgp-peering=true --overwrite From 1f3acdffc5906fd0928175652c267249eb4e2a30 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Mon, 13 Jan 2025 14:22:14 -0600 Subject: [PATCH 16/19] Address comments --- e2e/lb-cilium-bgp/chainsaw-test.yaml | 38 +++++++++++++++++----------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/lb-cilium-bgp/chainsaw-test.yaml index 49040763..b121e015 100644 --- a/e2e/lb-cilium-bgp/chainsaw-test.yaml +++ b/e2e/lb-cilium-bgp/chainsaw-test.yaml @@ -86,7 +86,7 @@ spec: echo "shared IPs: $SHARED_IPS" if [ -n "$SHARED_IPS" ] && ! echo "$SHARED_IPS" | grep -q "$LB_IP"; then - echo "LoadBalancer IP $LB_IP not found in shared IPs of node $node" + echo "LoadBalancer IP not found in shared IPs of node" exit 1 fi done @@ -98,23 +98,31 @@ spec: NANODE_ID=$(echo "$NANODE_RESPONSE" | \ jq -r '.data[] | select(.label | endswith("$CLUSTER_NAME")) | .id') - if [ -n "$NANODE_ID" ]; then - NANODE_IP_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances/$NANODE_ID/ips") - - NANODE_IPS=$(echo "$NANODE_IP_RESPONSE" | jq -r '.ipv4.public[]?.address // empty') - - if [ -n "$NANODE_IPS" ] && ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then - echo "LoadBalancer IP not found in nanode (IP placeholder) IPs" - exit 1 - fi + # Validate NANODE_ID is not null or empty + if [ -z "$NANODE_ID" ]; then + echo "No nanode found" + exit 1 + fi - # Delete the nanode - curl -s -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances/$NANODE_ID" + NANODE_IP_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID/ips") + + NANODE_IPS=$(echo "$NANODE_IP_RESPONSE" | jq -r '.ipv4.public[]?.address // empty') + + if [ -n "$NANODE_IPS" ] && ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then + echo "LoadBalancer IP not found in nanode IPs" + exit 1 + else + echo "Successfully found LoadBalancer IP in nanode IPs" fi + + # Delete the nanode + curl -s -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID" check: ($error == null): true (contains($stdout, 'LoadBalancer IP not found in shared IPs of node')): false (contains($stdout, 'LoadBalancer IP not found in nanode IPs')): false - + (contains($stdout, 'No nanode found')): false + (contains($stdout, 'Successfully found LoadBalancer IP in nanode IPs')): true + (contains($stdout, 'No nodes found with label cilium-bgp-peering=true')): false From 5ceecb0d4334d24ef82f534294c5603b6c801e48 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Mon, 13 Jan 2025 14:37:11 -0600 Subject: [PATCH 17/19] fixes --- e2e/lb-cilium-bgp/chainsaw-test.yaml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/lb-cilium-bgp/chainsaw-test.yaml index b121e015..a3165f43 100644 --- a/e2e/lb-cilium-bgp/chainsaw-test.yaml +++ b/e2e/lb-cilium-bgp/chainsaw-test.yaml @@ -86,7 +86,7 @@ spec: echo "shared IPs: $SHARED_IPS" if [ -n "$SHARED_IPS" ] && ! echo "$SHARED_IPS" | grep -q "$LB_IP"; then - echo "LoadBalancer IP not found in shared IPs of node" + echo "LoadBalancer IP $LB_IP not found in shared IPs of node $node" exit 1 fi done @@ -96,12 +96,11 @@ spec: "https://api.linode.com/v4/linode/instances") NANODE_ID=$(echo "$NANODE_RESPONSE" | \ - jq -r '.data[] | select(.label | endswith("$CLUSTER_NAME")) | .id') - - # Validate NANODE_ID is not null or empty + jq -r --arg cluster "$CLUSTER_NAME" '.data[] | select(.label | endswith($cluster)) | .id') + if [ -z "$NANODE_ID" ]; then - echo "No nanode found" - exit 1 + echo "No nanode found for cluster $CLUSTER_NAME" + exit 0 fi NANODE_IP_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ @@ -112,10 +111,10 @@ spec: if [ -n "$NANODE_IPS" ] && ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then echo "LoadBalancer IP not found in nanode IPs" exit 1 - else - echo "Successfully found LoadBalancer IP in nanode IPs" fi + echo "Successfully found LoadBalancer IP in nanode IPs" + # Delete the nanode curl -s -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ "https://api.linode.com/v4/linode/instances/$NANODE_ID" @@ -123,6 +122,5 @@ spec: ($error == null): true (contains($stdout, 'LoadBalancer IP not found in shared IPs of node')): false (contains($stdout, 'LoadBalancer IP not found in nanode IPs')): false - (contains($stdout, 'No nanode found')): false (contains($stdout, 'Successfully found LoadBalancer IP in nanode IPs')): true - (contains($stdout, 'No nodes found with label cilium-bgp-peering=true')): false + From 130e5be327309243fd0c6bc3746f40b3ac0f8914 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Mon, 13 Jan 2025 15:12:50 -0600 Subject: [PATCH 18/19] Delete nanode incase we hit some error case --- e2e/lb-cilium-bgp/chainsaw-test.yaml | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/lb-cilium-bgp/chainsaw-test.yaml index a3165f43..40c65d95 100644 --- a/e2e/lb-cilium-bgp/chainsaw-test.yaml +++ b/e2e/lb-cilium-bgp/chainsaw-test.yaml @@ -61,6 +61,19 @@ spec: content: | set -e + delete_nanode() { + local NANODE_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances") + + local NANODE_ID=$(echo "$NANODE_RESPONSE" | \ + jq -r --arg cluster "$CLUSTER_NAME" '.data[] | select(.label | endswith($cluster)) | .id') + + if [ -n "$NANODE_ID" ]; then + curl -s -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ + "https://api.linode.com/v4/linode/instances/$NANODE_ID" || true + fi + } + # Get the LoadBalancer IP LB_IP=$(kubectl get svc test-bgp-svc -n cilium-bgp-test -o jsonpath='{.status.loadBalancer.ingress[0].ip}') @@ -69,6 +82,7 @@ spec: if [ -z "$BGP_NODES" ]; then echo "No nodes found with label cilium-bgp-peering=true" + delete_nanode exit 1 fi @@ -77,16 +91,15 @@ spec: NODE_ID=$(kubectl get $node -o jsonpath='{.spec.providerID}' | sed 's|linode://||') echo "Node ID: $NODE_ID" - # Get node IPs with error handling NODE_IP_RESPONSE=$(curl -s -H "Authorization: Bearer $LINODE_TOKEN" \ "https://api.linode.com/v4/linode/instances/$NODE_ID/ips") - # Check if shared IPs exist, if not use empty array SHARED_IPS=$(echo "$NODE_IP_RESPONSE" | jq -r '.ipv4.shared[]?.address // empty') echo "shared IPs: $SHARED_IPS" if [ -n "$SHARED_IPS" ] && ! echo "$SHARED_IPS" | grep -q "$LB_IP"; then echo "LoadBalancer IP $LB_IP not found in shared IPs of node $node" + delete_nanode exit 1 fi done @@ -110,14 +123,14 @@ spec: if [ -n "$NANODE_IPS" ] && ! echo "$NANODE_IPS" | grep -q "$LB_IP"; then echo "LoadBalancer IP not found in nanode IPs" + delete_nanode exit 1 fi echo "Successfully found LoadBalancer IP in nanode IPs" - # Delete the nanode - curl -s -X DELETE -H "Authorization: Bearer $LINODE_TOKEN" \ - "https://api.linode.com/v4/linode/instances/$NANODE_ID" + # Delete the nanode on success + delete_nanode check: ($error == null): true (contains($stdout, 'LoadBalancer IP not found in shared IPs of node')): false From 9a2038046888d76e596c04d92042f1e26d3f3f18 Mon Sep 17 00:00:00 2001 From: Khaja Omer Date: Mon, 13 Jan 2025 15:27:55 -0600 Subject: [PATCH 19/19] Change the dir structure --- Makefile | 2 +- e2e/{ => bgp-test}/lb-cilium-bgp/chainsaw-test.yaml | 2 +- e2e/{ => bgp-test}/lb-cilium-bgp/create-pod-service.yaml | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename e2e/{ => bgp-test}/lb-cilium-bgp/chainsaw-test.yaml (98%) rename e2e/{ => bgp-test}/lb-cilium-bgp/create-pod-service.yaml (100%) diff --git a/Makefile b/Makefile index 8db3207a..23b36978 100644 --- a/Makefile +++ b/Makefile @@ -204,7 +204,7 @@ e2e-test-bgp: KUBECONFIG=$(KUBECONFIG_PATH) \ REGION=$(LINODE_REGION) \ LINODE_TOKEN=$(LINODE_TOKEN) \ - chainsaw test e2e/lb-cilium-bgp + chainsaw test e2e/bgp-test/lb-cilium-bgp ##################################################################### # OS / ARCH diff --git a/e2e/lb-cilium-bgp/chainsaw-test.yaml b/e2e/bgp-test/lb-cilium-bgp/chainsaw-test.yaml similarity index 98% rename from e2e/lb-cilium-bgp/chainsaw-test.yaml rename to e2e/bgp-test/lb-cilium-bgp/chainsaw-test.yaml index 40c65d95..979bcac6 100644 --- a/e2e/lb-cilium-bgp/chainsaw-test.yaml +++ b/e2e/bgp-test/lb-cilium-bgp/chainsaw-test.yaml @@ -9,7 +9,7 @@ spec: - name: Check if CCM is deployed try: - assert: - file: ../test/assert-ccm-resources.yaml + file: ../../test/assert-ccm-resources.yaml - name: Create a pod and service with load balancer type cilium-bgp try: - apply: diff --git a/e2e/lb-cilium-bgp/create-pod-service.yaml b/e2e/bgp-test/lb-cilium-bgp/create-pod-service.yaml similarity index 100% rename from e2e/lb-cilium-bgp/create-pod-service.yaml rename to e2e/bgp-test/lb-cilium-bgp/create-pod-service.yaml