Categorygithub.com/kiagnose/kubevirt-dpdk-checkup
repository
0.5.0
Repository: https://github.com/kiagnose/kubevirt-dpdk-checkup.git
Documentation: pkg.go.dev
Overview
Dependencies
0
Dependents
0

# Packages

No description provided by the author
No description provided by the author
No description provided by the author

# README

kubevirt-dpdk-checkup

checkup validating DPDK readiness of cluster, using the Kiagnose engine

Permissions

You need to be a namespace-admin in order to execute this checkup. The checkup requires the following permissions:

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: dpdk-checkup-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: kiagnose-configmap-access
rules:
  - apiGroups: [ "" ]
    resources: [ "configmaps" ]
    verbs: [ "get", "update" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: kiagnose-configmap-access
subjects:
  - kind: ServiceAccount
    name: dpdk-checkup-sa
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kiagnose-configmap-access
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: kubevirt-dpdk-checker
rules:
  - apiGroups: [ "kubevirt.io" ]
    resources: [ "virtualmachineinstances" ]
    verbs: [ "create", "get", "delete" ]
  - apiGroups: [ "subresources.kubevirt.io" ]
    resources: [ "virtualmachineinstances/console" ]
    verbs: [ "get" ]
  - apiGroups: [ "" ]
    resources: [ "configmaps" ]
    verbs: [ "create", "delete" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: kubevirt-dpdk-checker
subjects:
  - kind: ServiceAccount
    name: dpdk-checkup-sa
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kubevirt-dpdk-checker

Configuration

KeyDescriptionIs MandatoryRemarks
spec.timeoutHow much time before the checkup will try to close itselfTrue
spec.param.networkAttachmentDefinitionNameNetworkAttachmentDefinition name of the SR-IOV NICs connectedTrueAssumed to be in the same namespace
spec.param.trafficGenContainerDiskImageTraffic generator's container disk imageTrue
spec.param.trafficGenTargetNodeNameNode Name on which the traffic generator VM will be scheduled toFalseAssumed to be configured to Nodes that allow DPDK traffic
spec.param.trafficGenPacketsPerSecondAmount of packets per second. format: [/k/m] k-kilo; m-millionFalseDefaults to 8m
spec.param.vmUnderTestContainerDiskImageVM under test container disk imageTrue
spec.param.vmUnderTestTargetNodeNameNode Name on which the VM under test will be scheduled toFalseAssumed to be configured to Nodes that allow DPDK traffic
spec.param.testDurationHow much time will the traffic generator will runFalseDefaults to 5 Minutes
spec.param.portBandwidthGbpsSR-IOV NIC max bandwidthFalseDefaults to 10Gbps
spec.param.verboseIncreases checkup's log verbosityFalse"true" / "false". Defaults to "false"

Example

apiVersion: v1
kind: ConfigMap
metadata:
  name: dpdk-checkup-config
data:
  spec.timeout: 10m
  spec.param.networkAttachmentDefinitionName: <network-name>
  spec.param.trafficGenContainerDiskImage: quay.io/kiagnose/kubevirt-dpdk-checkup-traffic-gen:main
  spec.param.vmUnderTestContainerDiskImage: quay.io/kiagnose/kubevirt-dpdk-checkup-vm:main

Execution

In order to execute the checkup, fill in the required data and apply this manifest:

apiVersion: batch/v1
kind: Job
metadata:
  name: dpdk-checkup
spec:
  backoffLimit: 0
  template:
    spec:
      serviceAccountName: dpdk-checkup-sa
      restartPolicy: Never
      containers:
        - name: dpdk-checkup
          image: quay.io/kiagnose/kubevirt-dpdk-checkup:main
          imagePullPolicy: Always
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop: [ "ALL" ]
            runAsNonRoot: true
            seccompProfile:
              type: "RuntimeDefault"
          env:
            - name: CONFIGMAP_NAMESPACE
              value: <target-namespace>
            - name: CONFIGMAP_NAME
              value: dpdk-checkup-config
            - name: POD_UID
              valueFrom:
                fieldRef:
                  fieldPath: metadata.uid

Checkup Results Retrieval

After the checkup Job had completed, the results are made available at the user-supplied ConfigMap object:

kubectl get configmap dpdk-checkup-config -n <target-namespace> -o yaml
KeyDescriptionRemarks
status.succeededSpecifies if the checkup is successful (true) or not (false)
status.failureReasonThe reason for failure if the checkup fails
status.startTimestampThe time when the checkup startedRFC 3339
status.completionTimestampThe time when the checkup has completedRFC 3339
status.result.trafficGenSentPacketsThe number of packets sent from the traffic generator
status.result.trafficGenOutputErrorPacketsThe number of error packets sent from the traffic generator
status.result.trafficGenInputErrorPacketsThe number of error packets received by the traffic generator
status.result.trafficGenActualNodeNameThe node on which the traffic generator VM was scheduled
status.result.vmUnderTestActualNodeNameThe node on which the VM under test was scheduled
status.result.vmUnderTestReceivedPacketsThe number of packets received on the VM under test
status.result.vmUnderTestRxDroppedPacketsThe ingress traffic packets that were dropped by the DPDK application
status.result.vmUnderTestTxDroppedPacketsThe egress traffic packets that were dropped from the DPDK application