Skip to content

Add basic aga controller e2e tests #4485

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wweiwei-li wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add basic aga controller e2e tests #4485

wweiwei-li wants to merge 1 commit into from
+2,281 −94

Conversation

@wweiwei-li
Copy link
Collaborator

@wweiwei-li wweiwei-li commented Dec 4, 2025
edited
Loading

Description

Test Files:

  • globalaccelerator_suite_test.go - Test suite setup, checks commercial partition requirement
  • service_endpoint_test.go - Service endpoint tests
  • ingress_endpoint_test.go - Ingress endpoint tests
  • multi_endpoint_test.go - Multiple endpoint types
  • gateway_endpoint_test.go - Gateway API endpoint tests

Helper Files:

  • resource_stack.go - ResourceStack for deploying/cleaning up GlobalAccelerator CRs.
  • aga_verifier.go - Verification types & functions for AWS GlobalAccelerator configuration
  • test_helpers.go - Helper functions for creating test resources (deployments, services, ingresses, GlobalAccelerator CRs)
  • Uses ResourceStack from service/ingress/gateway packages directly for backend endpoint resources

Tests coverred:

Note: These tests require --enable-aga-tests flag to run (local testing only, not in CI). Make sure set up your local controller with https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/main/docs/guide/globalaccelerator/installation.md

Service Endpoint Tests (service_endpoint_test.go):
✅ IP target type lifecycle - Create, verify, update , verify traffic
✅ Instance target type scheme change - Deploy with internet-facing, change to internal, verify endpoint replacement
✅ Direct endpoint ID - Create GlobalAccelerator with direct load balancer ARN reference

Ingress Endpoint Tests (ingress_endpoint_test.go):
✅ Basic Ingress lifecycle - Create, verify configuration, traffic flow
✅ Auto-discovery - Automatically discover protocol and ports from Ingress
✅ IPV4 to DUAL_STACK migration - Migrate address type and verify dual-stack DNS
✅ Port overrides- Configure port overrides for listeners

Multi-Endpoint Tests (multi_endpoint_test.go):
✅ Service + Ingress endpoints - Multiple endpoint types in same namespace

Gateway Endpoint Tests (gateway_endpoint_test.go):
✅ ALB Gateway endpoint - Create GlobalAccelerator with ALB Gateway, verify configuration and traffic
✅ NLB Gateway endpoint - Create GlobalAccelerator with NLB Gateway, verify configuration and traffic

Checklist

  • Added tests that cover your change (if possible)
  • Added/modified documentation as required (such as the README.md, or the docs directory)
  • Manually tested
  • Made sure the title of the PR is a good description that can go into the release notes

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

  • Backfilled missing tests for code in same general area 🎉
  • Refactored something and made the world a better place 🌟

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. approved Indicates a PR has been approved by an approver from all required OWNERS files. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Dec 4, 2025
shraddhabang
shraddhabang reviewed Dec 4, 2025
View reviewed changes
shraddhabang
shraddhabang reviewed Dec 4, 2025
View reviewed changes
shraddhabang
shraddhabang reviewed Dec 4, 2025
View reviewed changes
shraddhabang
shraddhabang reviewed Dec 4, 2025
View reviewed changes
shraddhabang
shraddhabang reviewed Dec 4, 2025
View reviewed changes
@wweiwei-li wweiwei-li force-pushed the aga-e2e branch 2 times, most recently from ab72dbe to 3808a8d Compare December 4, 2025 22:03
@wweiwei-li wweiwei-li changed the title Add basic aga controller e2e tests Add basic aga controller e2e tests (WIP) Dec 5, 2025
shraddhabang
shraddhabang reviewed Dec 5, 2025
View reviewed changes
@wweiwei-li wweiwei-li changed the title Add basic aga controller e2e tests (WIP) Add basic aga controller e2e tests Dec 8, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Dec 8, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: shraddhabang, wweiwei-li

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [shraddhabang,wweiwei-li]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

zac-nixon
zac-nixon reviewed Dec 8, 2025
View reviewed changes
test/e2e/globalaccelerator/aga_verifier.go Outdated
dnsName := stack.GetGlobalAcceleratorDualStackDNSName()
listenerPort := 80
if len(port) > 0 {
listenerPort = port[0]
Copy link
Collaborator

@zac-nixon zac-nixon Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just wondering, why are you using an array when you only use the first value?

Copy link
Collaborator Author

@wweiwei-li wweiwei-li Dec 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You reminded me ... actually I was planning to have a test for multiple listeners and check traffic for multiple listening ports. Updated the helper and also added a multiple listener test. Should create GlobalAccelerator with two listeners on ports 80 and 443

zac-nixon
zac-nixon reviewed Dec 8, 2025
View reviewed changes
test/e2e/globalaccelerator/ingress_endpoint_test.go
aga = createAGAWithIngressEndpoint(gaName, namespace, acceleratorName, ingName, agav1beta1.IPAddressTypeIPV4,
&[]agav1beta1.GlobalAcceleratorListener{{
Protocol: &protocol,
PortRanges: &[]agav1beta1.PortRange{{FromPort: 443, ToPort: 443}},
Copy link
Collaborator

@zac-nixon zac-nixon Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see a test where you validate that we can support a port range e.g. ports 100 to 200.

Copy link
Collaborator Author

@wweiwei-li wweiwei-li Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. I added a test for Should create GlobalAccelerator with port range 80-443

zac-nixon
zac-nixon reviewed Dec 8, 2025
View reviewed changes
test/framework/utils/aws.go

// IsCommercialPartition returns true if the region is in the commercial AWS partition
func IsCommercialPartition(region string) bool {
unsupportedPrefixes := []string{"cn-", "us-gov-", "us-iso", "eu-isoe-"}
Copy link
Collaborator

@zac-nixon zac-nixon Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Do you have an ARN you can parse instead? If so, it makes this check more robust.

Copy link
Collaborator Author

@wweiwei-li wweiwei-li Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, there's no ARN available in BeforeSuite.

zac-nixon
zac-nixon reviewed Dec 8, 2025
View reviewed changes
test/e2e/globalaccelerator/gateway_endpoint_test.go
gwv1 "sigs.k8s.io/gateway-api/apis/v1"
)

var _ = Describe("GlobalAccelerator with Gateway endpoint", func() {
Copy link
Collaborator

@zac-nixon zac-nixon Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does accelerator controller read the route data? If so, it would be interesting to validate that cross namespace routes work. If the accelerator controller doesn't read route data, then that test case doesn't seem necessarily.

Copy link
Collaborator Author

@wweiwei-li wweiwei-li Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aga controller does not read route data. Also, for initial release, aga controller does not support cross namespace. So the test actually only verify that the gateway itself can be referenced and it's load balancer can be resolved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zac-nixon zac-nixon zac-nixon left review comments

@shraddhabang shraddhabang shraddhabang approved these changes

@M00nF1sh M00nF1sh Awaiting requested review from M00nF1sh

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@wweiwei-li @k8s-ci-robot @zac-nixon @shraddhabang