e2e

package module
v0.0.0-...-d2c4c01 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2026 License: MIT Imports: 83 Imported by: 0

README

AgentBaker E2E Testing

This directory contains files related to the AgentBaker E2E testing framework.

Overview

AgentBaker E2E tests verify that node bootstrapping artifacts generated by the AgentBaker API are correct and capable of integrating Azure VMs into Azure Kubernetes Service (AKS) clusters.

The E2E scenario template is defined in RunScenario. From a high-level, for each scenario,

  1. a new VMSS containing a single VM will be created.
  2. CSE and custom data are generated, which will then be applied to the new VM so it can bootstrap and register with the AKS cluster apiserver.
  3. Liveness and health checks and then run to make sure the new VM's kubelet is posting NodeReady, and that workload pods can successfully be scheduled and run on the new node.

To write an E2E scenario,

  • choose a testing cluster. There are a few defined in cluster.go, e.g,
    • ClusterKubenetAirgap
    • ClusterAzureNetwork
    • ClusterKubenet
  • use NodeBootstrappingConfiugration (nbc) to setup your scenario. it is used to invoke the primary node-bootstrapping API GetLatestNodeBootstrapping. to modify agentpool properties, usually you need to set bothnbc.containerService.properties.AgentPoolProfiles[0].xxx as well as nbc.agentPoolProfile. It is because when RP invokes AgentBaker, it will set the properties in this way and in e2e we follow the pattern.
  • use VMConfigMutator to set VMSS properties such as SKU when needed. Check vmss for other configs. it is necessary to set nbc.agentPoolProfile.VMSize to match the VMSS SKU if you choose to change.
  • use Validator to include your own verification of the VM's live state, such as file existsnce, sysctl settings, etc.
sequenceDiagram
    E2E->>+ARM: Get or Create AKS Cluster
    ARM-->>-E2E: Cluster details
    E2E->>+AgentBakerCode: Fetch VM Configuration (include CSE)
    AgentBakerCode-->>-E2E: VM Configuration
    E2E->>+ARM: Create VM using fetched VM Config in cluster network
    ARM-->>-E2E: VM instance
    E2E->>+Bastion: Create SSH Tunnel
    Bastion->>+VM: Forward SSH Connection
    E2E->>VM: Healthcheck via SSH Tunnel
    VM-->>E2E: Healthcheck OK
    E2E->>+KubeAPI: Verify Node Ready
    KubeAPI-->>-E2E: Node Ready
    E2E->>VM: Execute test validators via SSH Tunnel
    VM-->>-E2E: Test results
    Bastion-->>-E2E: Close SSH Tunnel

Running Locally

Note: if you have changed code or artifacts used to generate custom data or custom script extension payloads, you should first run make generate from the root of the AgentBaker repository.

To run the E2E test suite locally, use e2e-local.sh. This script sets up the go test command.

Check config.go for the default configuration parameters. You can override these parameters by setting ENV variables.

Create a .env file in the e2e directory to set environment variables and avoid manual setup each time you run tests. Refer to .env.sample for an example.

Running Specific Tests

Use TAGS_TO_RUN= to specify scenarios based on tags. By default, all scenarios run. Multiple tags should be comma-separated and are case-insensitive. Check logs for test tags.

Example:

TAGS_TO_RUN="os=ubuntu,arch=amd64,wasm=false,gpu=false,imagename=2404gen2containerd" ./e2e-local.sh

To exclude scenarios, use TAGS_TO_SKIP=. Scenarios with any specified tags will be skipped (this logic is different to TAGS_TO_RUN).

To run a specific test, use the test name:

TAGS_TO_RUN="name=Test_azurelinuxv2" ./e2e-local.sh
# or
go test -run Test_azurelinuxv2 -v -timeout 90m
Debugging

Set KEEP_VMSS=true to retain bootstrapped VMs for debugging. Setting this will also have the VM's private SSH key included in each scenario's log bundle. When using this flag, please ensure to run only test you need to debug, as the VMs will not be deleted after the test run.

Running Tests Manually

Run tests with custom arguments after setting required environment variables:

go test -parallel 100 -timeout 90m -v -count 1

Important go test flags:

  • -v: Verbose output
  • -parallel 100: Run 100 tests in parallel, default is limited to the number of cores
  • -timeout 90m: Set timeout, default is 10 minutes which is often exceeded
  • -count 1: Disable test caching
Cleanup

Azure resources are deleted periodically by an external garbage collector. Locally stopped tests attempt a graceful shutdown to clean up resources. Old VMs are deleted on startup unless created with KEEP_VMSS=true.

IDE Configuration

Global Settings

Set GOFLAGS="-timeout=90m -parallel=100" in your shell configuration file.

GoLand

In Run > Edit Configurations..., set -timeout=90m -parallel=100 in the Go tool arguments field.

VSCode

Add to settings.json:

{
  "go.testFlags": [
    "-parallel=100",
    "-v"
  ],
  "go.testTimeout": "90m"
}

Package Structure

The top-level package of the Golang E2E implementation is named e2e and is entirely separate from all AgentBaker packages.

The definitions and entry points for each test scenario, ran by go test, are located in scenario_test.go.

E2E VHDs.

Node images are pushed to Shared Image Gallery (SIG). Each image is tagged with branch name and build id. By default E2E tests use latest version of images from SIG with branch=refs/heads/main tag.

Using VHD Images from Custom ADO Builds

Set SIG_VERSION_TAG_NAME and SIG_VERSION_TAG_VALUE to specify custom VHD builds:

SIG_VERSION_TAG_NAME=buildId SIG_VERSION_TAG_VALUE=123456789 TAGS_TO_RUN="os=ubuntu2204" ./e2e-local.sh
Registering New VHD SKUs

When adding tests for a new VHD image, ensure to add a delete-lock to prevent the garbage collector from deleting the image version.

Scenarios

E2E scenarios can be configured with VMSS configuration mutators that change/set properties on the VMSS model used to deploy the new VM to be bootstrapped. This is primarily useful when testing out different VM SKUs, especially for GPU-enabled scenarios which affect which code paths AgentBaker will use to generate CSE and custom data

Further, in order to support E2E scenarios which test different underlying AKS cluster configurations, such as the cluster's network plugin, each E2E scenario uses one of the predefined clusters. Same cluster can be reused in different test runs. If cluster doesn't exist a new one will be created automatically.

Lastly, E2E scenarios also consist of a list of live VM validators. Each live VM validator consists of a description, a bash command which will actually be run on the newly bootstrapped VM, and an "asserter" function that will perform assertions on the contents of both the stdout and stderr streams that result from the execution of the command. The validators can be used to assert on numerous types of properties of the live VM, such as the live file system and kernel state.

Log Collection

Each E2E scenario will generate its own logs after execution. Currently, these logs consist of:

  • cluster-provision.log - CSE execution log, retrieved from /var/log/azure/aks/cluster-provision.log (collected in success and CSE failure cases)
  • kubelet.log - the kubelet systemd unit's logs retrived by running journalctl -u kubelet on the VM after bootstrapping has finished (collected in success and CSE failure cases)
  • vmssId.txt - a single line text file containing the unique resource ID of the VMSS created by the respective scenario, mainly collected for the purposes of posthoc resource deletion (collected in all cases where the VMSS is able to be created)

These logs will be uploaded in a bundle of the format:

└── scenario-logs
    └── <scenario>
        ├── cluster-provision.log
        ├── kubelet.log
        ├── vmssId.txt

Coverage report

After a PR is created in AgentBaker's repo on GitHub, a pipeline calculating code coverage changes will automatically run.

We are utilizing coveralls to display the coverage report. The coverage report will be available in the PR's description. You can also view previous runs for the AgentBaker repo here.

We calculate code coverage for both unit tests and E2E tests.

E2E coverage report

To generate E2E coverage reports, we use code coverage changes introduced in Go 1.20.

Coverage report is generated by running AgentBaker's API server locally as a binary created with the -cover flag. E2E tests are then ran against that binary.

The following packages are used during calculation of coverage for E2E tests:

- github.com/Azure/agentbaker/apiserver
- github.com/Azure/agentbaker/cmd
- github.com/Azure/agentbaker/cmd/starter
- github.com/Azure/agentbaker/pkg/agent
- github.com/Azure/agentbaker/pkg/agent/datamodel
- github.com/Azure/agentbaker/pkg/templates
Generating E2E coverage report locally

You can generate an E2E coverage report while running the E2E tests locally. To do so, follow the steps below:

  1. Build the AgentBaker server binary with -cover flag:
  cd cmd
  go build -cover -o baker -covermode count
  GOCOVERDIR=covdatafiles ./baker start &
  1. Create directory for coverage report files
  mkdir -p covdatafiles
  1. Run the binary
  GOCOVERDIR=covdatafiles ./baker start &
  1. Run the E2E tests locally
  /bin/bash e2e/e2e-local.sh
  1. Stop the binary - once the tests finish executing, you have to stop the binary with exit code 0 to generate the report. See the docs here.
  kill $(pgrep baker)
  1. Display the coverage report within the terminal
  go tool covdata percent -i=./cmd/somedata

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AllowedSSHPrefixes = []string{ssh.KeyAlgoED25519, ssh.KeyAlgoRSA, ssh.KeyAlgoRSASHA256, ssh.KeyAlgoRSASHA512}
View Source 
var CachedCompileAndUploadAKSNodeController = cachedFunc(compileAndUploadAKSNodeController)
View Source 
var CachedCreateGallery = cachedFunc(createGallery)
View Source 
var CachedCreateGalleryImage = cachedFunc(createGalleryImage)
View Source 
var CachedCreateVMManagedIdentity = cachedFunc(config.Azure.CreateVMManagedIdentity)
View Source 
var CachedEnsureResourceGroup = cachedFunc(ensureResourceGroup)
View Source 
var CachedGetLatestVMExtensionImageVersion = cachedFunc(
	func(ctx context.Context, req GetLatestExtensionVersionRequest) (string, error) {
		return config.Azure.GetLatestVMExtensionImageVersion(ctx, req.Location, req.ExtType, req.Publisher)
	},
)

CachedGetLatestVMExtensionImageVersion caches the result of querying the Azure API for the latest VM extension image version.

View Source 
var CachedIsVMSizeGen2Only = cachedFunc(func(ctx context.Context, req VMSizeSKURequest) (bool, error) {
	return config.Azure.IsVMSizeGen2Only(ctx, req.Location, req.VMSize)
})

CachedIsVMSizeGen2Only caches the result of querying the Azure Resource SKUs API to determine if a VM size only supports the Gen2 hypervisor.

View Source 
var CachedPrepareVHD = cachedFunc(prepareVHD)
View Source 
var CachedVMSizeSupportsNVMe = cachedFunc(func(ctx context.Context, req VMSizeSKURequest) (bool, error) {
	return config.Azure.VMSizeSupportsNVMe(ctx, req.Location, req.VMSize)
})

CachedVMSizeSupportsNVMe caches the result of querying the Azure Resource SKUs API to determine if a VM size supports the NVMe disk controller type.

View Source 
var ClusterAzureBootstrapProfileCache = cachedFunc(clusterAzureBootstrapProfileCache)
View Source 
var ClusterAzureNetwork = cachedFunc(clusterAzureNetwork)
View Source 
var ClusterAzureNetworkIsolated = cachedFunc(clusterAzureNetworkIsolated)
View Source 
var ClusterAzureOverlayNetwork = cachedFunc(clusterAzureOverlayNetwork)
View Source 
var ClusterAzureOverlayNetworkDualStack = cachedFunc(clusterAzureOverlayNetworkDualStack)
View Source 
var ClusterCiliumNetwork = cachedFunc(clusterCiliumNetwork)
View Source 
var ClusterKubenet = cachedFunc(clusterKubenet)
View Source 
var ClusterLatestKubernetesVersion = cachedFunc(clusterLatestKubernetesVersion)

Functions

func CreateImage 

func CreateImage(ctx context.Context, s *Scenario) *config.Image

func CreateSIGImageVersionFromDisk 

func CreateSIGImageVersionFromDisk(ctx context.Context, s *Scenario, version string, diskResourceID string) *config.Image

CreateSIGImageVersionFromDisk creates a new SIG image version directly from a VM disk

func CustomDataWithHack 

func CustomDataWithHack(s *Scenario, binaryURL string) (string, error)

CustomDataWithHack is similar to nodeconfigutils.CustomData, but it uses a hack to run new aks-node-controller binary. Original aks-node-controller isn't run because it fails systemd check validating aks-node-controller-config.json exists (check aks-node-controller.service for details).

Uses a cloud-boothook to write the config file and create a systemd service unit early in boot (during cloud-init init). The systemd service waits for network-online.target before downloading the binary and running provisioning, avoiding the race condition where runcmd or boothook scripts execute before networking is available. Flatcar cannot use boothooks (coreos-cloudinit doesn't support MIME multipart), so it uses cloud-config with a coreos.units block to define and start the service instead.

func CustomDataWithNBCCmdHack 

func CustomDataWithNBCCmdHack(s *Scenario, customData, binaryURL string) (string, error)

CustomDataWithNBCCmdHack is similar to baker.boothooktemplate, but it uses a hack to run new aks-node-controller binary. Original aks-node-controller isn't run because it fails systemd check validating aks-node-controller-config.json exists (check aks-node-controller.service for details). with a coreos.units block to define and start the service instead.

func DialSSHOverBastion 

func DialSSHOverBastion(
	ctx context.Context,
	bastion *Bastion,
	vmPrivateIP string,
	sshPrivateKey []byte,
) (*ssh.Client, error)

func GetFieldFromJsonObjectOnNode 

func GetFieldFromJsonObjectOnNode(ctx context.Context, s *Scenario, fileName string, jsonPath string) string

func RestartNodeProblemDetector 

func RestartNodeProblemDetector(ctx context.Context, s *Scenario)

func RunCommand 

func RunCommand(ctx context.Context, s *Scenario, command string) (armcompute.RunCommandResult, error)

RunCommand executes a command on the VMSS VM with instance ID "0" and returns the raw JSON response from Azure Unlike default approach, it doesn't use SSH and uses Azure tooling This approach is generally slower, but it works even if SSH is not available

func RunScenario 

func RunScenario(t *testing.T, s *Scenario)

func ServiceCanRestartValidator 

func ServiceCanRestartValidator(ctx context.Context, s *Scenario, serviceName string, restartTimeoutInSeconds int)

func ValidateACLFIPSEnabled 

func ValidateACLFIPSEnabled(ctx context.Context, s *Scenario)

ValidateACLFIPSEnabled asserts ACL-specific FIPS markers are present on the node: the /etc/system-fips marker file written by vhdbuilder/scripts/linux/acl/tool_installs_acl.sh. Kernel FIPS mode (/proc/sys/crypto/fips_enabled == 1) is universal and is asserted by ValidateFIPSProvider; callers should compose the two validators when both are needed.

func ValidateAKSLocalDNSHostsSetupService 

func ValidateAKSLocalDNSHostsSetupService(ctx context.Context, s *Scenario)

ValidateAKSLocalDNSHostsSetupService checks that aks-localdns-hosts-setup.service ran successfully and the aks-localdns-hosts-setup.timer is active to ensure periodic refresh of /etc/localdns/hosts.

func ValidateAKSLogCollector 

func ValidateAKSLogCollector(ctx context.Context, s *Scenario)

func ValidateAppArmorBasic 

func ValidateAppArmorBasic(ctx context.Context, s *Scenario)

ValidateAppArmorBasic validates that AppArmor is running without requiring aa-status

func ValidateAzureNetworkFiles 

func ValidateAzureNetworkFiles(ctx context.Context, s *Scenario)

ValidateAzureNetworkFiles checks that udev rules files exist.

func ValidateCiliumIsNotRunningWindows 

func ValidateCiliumIsNotRunningWindows(ctx context.Context, s *Scenario)

func ValidateCiliumIsRunningWindows 

func ValidateCiliumIsRunningWindows(ctx context.Context, s *Scenario)

func ValidateCollectWindowsLogsScript 

func ValidateCollectWindowsLogsScript(ctx context.Context, s *Scenario)

ValidateCollectWindowsLogsScript runs c:\k\debug\collect-windows-logs.ps1 on the node and verifies that a zip archive was produced by the script.

func ValidateCommonLinux 

func ValidateCommonLinux(ctx context.Context, s *Scenario)

func ValidateCommonWindows 

func ValidateCommonWindows(ctx context.Context, s *Scenario)

func ValidateContainerRuntimePlugins 

func ValidateContainerRuntimePlugins(ctx context.Context, s *Scenario)

func ValidateContainerd2Properties 

func ValidateContainerd2Properties(ctx context.Context, s *Scenario, versions []string)

func ValidateDirectoryContent 

func ValidateDirectoryContent(ctx context.Context, s *Scenario, path string, files []string)

func ValidateDiskQueueService 

func ValidateDiskQueueService(ctx context.Context, s *Scenario)

func ValidateDllIsNotLoadedWindows 

func ValidateDllIsNotLoadedWindows(ctx context.Context, s *Scenario, dllName string)

func ValidateDllLoadedWindows 

func ValidateDllLoadedWindows(ctx context.Context, s *Scenario, dllName string)

func ValidateDotnetNotInstalledWindows 

func ValidateDotnetNotInstalledWindows(ctx context.Context, s *Scenario)

func ValidateEnableNvidiaResource 

func ValidateEnableNvidiaResource(ctx context.Context, s *Scenario)

func ValidateFIPSProvider 

func ValidateFIPSProvider(ctx context.Context, s *Scenario)

ValidateFIPSProvider verifies that FIPS is properly configured on the node:

  1. Kernel FIPS mode is enabled (/proc/sys/crypto/fips_enabled == 1).
  2. OpenSSL (3.x) has an active FIPS or SymCrypt provider loaded. The check is skipped on hosts shipping OpenSSL 1.1.x (e.g. Ubuntu 20.04 FIPS), which use the legacy FIPS module rather than the providers interface.
  3. /opt/cni/bin/portmap runs without panicking (regression guard for ICM 51000001009688 where the OpenSSL FIPS provider was not loaded on AzureLinux V3 FIPS nodes).

func ValidateFileDoesNotExist 

func ValidateFileDoesNotExist(ctx context.Context, s *Scenario, fileName string)

func ValidateFileExcludesContent 

func ValidateFileExcludesContent(ctx context.Context, s *Scenario, fileName string, contents string)

ValidateFileExcludesContent fails the test if the specified file contains the specified contents. The contents doesn't need to be surrounded by non-word characters. E.g.: searching "bcd" in "abcdef" is a match, thus the validation fails.

func ValidateFileExcludesExactContent 

func ValidateFileExcludesExactContent(ctx context.Context, s *Scenario, fileName string, contents string)

ValidateFileExcludesExactContent fails the test if the specified file contains the specified contents. The contents needs to be surrounded by non-word characters. E.g.: searching "bcd" in "abcdef" is not a match, thus the validation passes.

func ValidateFileExists 

func ValidateFileExists(ctx context.Context, s *Scenario, fileName string)

func ValidateFileHasContent 

func ValidateFileHasContent(ctx context.Context, s *Scenario, fileName string, contents string)

ValidateFileHasContent passes the test if the specified file contains the specified contents. The contents doesn't need to be surrounded by non-word characters. E.g.: searching "bcd" in "abcdef" is a match, thus the validation passes.

func ValidateFileIsRegularFile 

func ValidateFileIsRegularFile(ctx context.Context, s *Scenario, fileName string)

func ValidateGPUWorkloadSchedulable 

func ValidateGPUWorkloadSchedulable(ctx context.Context, s *Scenario, gpuCount int, resourceName string)

func ValidateIMDSRestrictionRule 

func ValidateIMDSRestrictionRule(ctx context.Context, s *Scenario, table string)

func ValidateIPTablesCompatibleWithCiliumEBPF 

func ValidateIPTablesCompatibleWithCiliumEBPF(ctx context.Context, s *Scenario)

ValidateIPTablesCompatibleWithCiliumEBPF validates that all iptables rules in each table match the provided patterns which are accounted for when eBPF host routing is enabled.

func ValidateInspektorGadget 

func ValidateInspektorGadget(ctx context.Context, s *Scenario)

func ValidateInstalledPackageVersion 

func ValidateInstalledPackageVersion(ctx context.Context, s *Scenario, component, version string)

func ValidateJournalctlOutput 

func ValidateJournalctlOutput(ctx context.Context, s *Scenario, serviceName string, expectedContent string)

ValidateJournalctlOutput checks if specific content exists in the systemd service logs

func ValidateJsonFileDoesNotHaveField 

func ValidateJsonFileDoesNotHaveField(ctx context.Context, s *Scenario, fileName string, jsonPath string, valueNotToBe string)

func ValidateJsonFileHasField 

func ValidateJsonFileHasField(ctx context.Context, s *Scenario, fileName string, jsonPath string, expectedValue string)

func ValidateKernelLogs 

func ValidateKernelLogs(ctx context.Context, s *Scenario)

ValidateKernelLogs checks kernel logs for critical errors across multiple categories: - Kernel panics/crashes (panic, oops, call trace, BUG, etc.) - CPU lockups/stalls (soft/hard lockup, RCU stall, hung task, watchdog) - Memory issues (OOM killer, page allocation failure, memory corruption) - I/O and filesystem errors (I/O error, filesystem errors, nvme/ata/scsi errors)

func ValidateKubeletHasFlags 

func ValidateKubeletHasFlags(ctx context.Context, s *Scenario, filePath string)

ValidateKubeletHasFlags checks kubelet is started with the right flags and configs.

func ValidateKubeletHasNotStopped 

func ValidateKubeletHasNotStopped(ctx context.Context, s *Scenario)

func ValidateKubeletNodeIP 

func ValidateKubeletNodeIP(ctx context.Context, s *Scenario)

func ValidateKubeletServingCertificateRotation 

func ValidateKubeletServingCertificateRotation(ctx context.Context, s *Scenario)

func ValidateLeakedSecrets 

func ValidateLeakedSecrets(ctx context.Context, s *Scenario)

func ValidateLocalDNSExporterMetrics 

func ValidateLocalDNSExporterMetrics(ctx context.Context, s *Scenario)

ValidateLocalDNSExporterMetrics checks if the localdns metrics exporter is working and exports the expected VnetDNS and KubeDNS forward IP metrics.

The validation script is too large (~18KB) to send as a single command over bastion SSH tunnels which have an 8KB WebSocket buffer limit. To work around this, we encode the script in base64, upload it in small chunks via multiple SSH commands, then decode and execute it on the VM.

func ValidateLocalDNSHostsFile 

func ValidateLocalDNSHostsFile(ctx context.Context, s *Scenario, fqdns []string)

ValidateLocalDNSHostsFile checks that /etc/localdns/hosts contains at least one IPv4 entry for each critical FQDN. This validation approach avoids flakiness with CDN/frontdoor-backed FQDNs (like mcr.microsoft.com) whose A records can rotate between queries. We verify presence, not exact IP matching. The hosts file is populated asynchronously by the aks-localdns-hosts-setup timer/service, so we poll with a timeout.

func ValidateLocalDNSHostsPluginBypass 

func ValidateLocalDNSHostsPluginBypass(ctx context.Context, s *Scenario)

ValidateLocalDNSHostsPluginBypass verifies that localdns serves FQDNs from /etc/localdns/hosts via the CoreDNS hosts plugin. It checks:

  1. The node has the kubernetes.azure.com/localdns-hosts-plugin=enabled annotation
  2. The Corefile has the hosts plugin configured in both VnetDNS and KubeDNS listeners
  3. The IPs returned by dig match the entries in /etc/localdns/hosts for the same FQDN

We intentionally do NOT assert on DNS flags (AA, RA) because CoreDNS can set these regardless of which plugin served the response.

func ValidateLocalDNSHostsPluginColdStart 

func ValidateLocalDNSHostsPluginColdStart(ctx context.Context, s *Scenario)

ValidateLocalDNSHostsPluginColdStart verifies that localdns works correctly when restarted with an empty hosts file — the exact scenario that occurs when localdns starts before aks-localdns-hosts-setup finishes resolving FQDNs.

Test flow:

  1. Truncate hosts file, restart localdns — CoreDNS starts fresh with empty hosts file and empty cache
  2. Verify critical and non-critical FQDNs resolve via fallthrough (upstream DNS)
  3. Populate hosts file with a canary entry (simulates aks-localdns-hosts-setup completing)
  4. Wait for CoreDNS reload (5s), verify canary resolves (hosts plugin picks up new file)
  5. Restore original hosts file and restart localdns to leave node in clean state

func ValidateLocalDNSHostsPluginIPv6 

func ValidateLocalDNSHostsPluginIPv6(ctx context.Context, s *Scenario)

ValidateLocalDNSHostsPluginIPv6 checks that IPv6 entries in /etc/localdns/hosts are properly served by CoreDNS's hosts plugin. If the hosts file has no IPv6 entries (some FQDNs don't have AAAA records), the test is skipped gracefully.

Test flow:

  1. Find the first FQDN with an IPv6 entry in the hosts file
  2. Query localdns for AAAA records for that FQDN
  3. Verify the returned IPv6 addresses match the hosts file entries

func ValidateLocalDNSResolution 

func ValidateLocalDNSResolution(ctx context.Context, s *Scenario, server string)

ValidateLocalDNSResolution checks if the DNS resolution for an external domain is successful from localdns clusterlistenerIP. It uses the 'dig' command to check the DNS resolution and expects a successful response.

func ValidateLocalDNSService 

func ValidateLocalDNSService(ctx context.Context, s *Scenario, state string)

ValidateLocalDNSService checks if the localdns service is in the expected state (enabled or disabled).

func ValidateMIGInstancesCreated 

func ValidateMIGInstancesCreated(ctx context.Context, s *Scenario, migProfile string)

func ValidateMIGModeEnabled 

func ValidateMIGModeEnabled(ctx context.Context, s *Scenario)

func ValidateMultipleKubeProxyVersionsExist 

func ValidateMultipleKubeProxyVersionsExist(ctx context.Context, s *Scenario)

func ValidateNPDFilesystemCorruption 

func ValidateNPDFilesystemCorruption(ctx context.Context, s *Scenario)

func ValidateNPDGPUCountAfterFailure 

func ValidateNPDGPUCountAfterFailure(ctx context.Context, s *Scenario)

func ValidateNPDGPUCountCondition 

func ValidateNPDGPUCountCondition(ctx context.Context, s *Scenario)

func ValidateNPDGPUCountPlugin 

func ValidateNPDGPUCountPlugin(ctx context.Context, s *Scenario)

func ValidateNPDHealthyNvidiaGridLicenseStatus 

func ValidateNPDHealthyNvidiaGridLicenseStatus(ctx context.Context, s *Scenario)

func ValidateNPDIBLinkFlappingAfterFailure 

func ValidateNPDIBLinkFlappingAfterFailure(ctx context.Context, s *Scenario)

func ValidateNPDIBLinkFlappingCondition 

func ValidateNPDIBLinkFlappingCondition(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaDCGMServices 

func ValidateNPDUnhealthyNvidiaDCGMServices(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaDCGMServicesAfterFailure 

func ValidateNPDUnhealthyNvidiaDCGMServicesAfterFailure(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaDCGMServicesCondition 

func ValidateNPDUnhealthyNvidiaDCGMServicesCondition(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaDevicePlugin 

func ValidateNPDUnhealthyNvidiaDevicePlugin(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaDevicePluginAfterFailure 

func ValidateNPDUnhealthyNvidiaDevicePluginAfterFailure(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaDevicePluginCondition 

func ValidateNPDUnhealthyNvidiaDevicePluginCondition(ctx context.Context, s *Scenario)

func ValidateNPDUnhealthyNvidiaGridLicenseStatusAfterFailure 

func ValidateNPDUnhealthyNvidiaGridLicenseStatusAfterFailure(ctx context.Context, s *Scenario)

func ValidateNetworkInterfaceConfig 

func ValidateNetworkInterfaceConfig(ctx context.Context, s *Scenario, nicConfig map[string]string)

ValidateNetworkInterfaceConfig validates network interface configuration settings using ethtool. It identifies network interfaces with slot names matching the enP* pattern (same logic as the udev rule), then verifies that each interface has the expected configuration settings (e.g., rx buffer size). The nicConfig map specifies the ethtool settings to validate (key: setting name, value: expected value).

func ValidateNoFailedSystemdUnits 

func ValidateNoFailedSystemdUnits(ctx context.Context, s *Scenario)

func ValidateNodeAdvertisesGPUResources 

func ValidateNodeAdvertisesGPUResources(ctx context.Context, s *Scenario, gpuCountExpected int64, resourceName string)

func ValidateNodeCanRunAPod 

func ValidateNodeCanRunAPod(ctx context.Context, s *Scenario)

func ValidateNodeExporter 

func ValidateNodeExporter(ctx context.Context, s *Scenario)

func ValidateNodeHasLabel 

func ValidateNodeHasLabel(ctx context.Context, s *Scenario, labelKey, expectedValue string)

ValidateNodeHasLabel checks if the node has the expected label with the expected value

func ValidateNodeProblemDetector 

func ValidateNodeProblemDetector(ctx context.Context, s *Scenario)

func ValidateNonEmptyDirectory 

func ValidateNonEmptyDirectory(ctx context.Context, s *Scenario, dirName string)

func ValidateNvidiaDCGMExporterIsScrapable 

func ValidateNvidiaDCGMExporterIsScrapable(ctx context.Context, s *Scenario)

func ValidateNvidiaDCGMExporterScrapeCommonMetric 

func ValidateNvidiaDCGMExporterScrapeCommonMetric(ctx context.Context, s *Scenario, metric string)

func ValidateNvidiaDCGMExporterSystemDServiceRunning 

func ValidateNvidiaDCGMExporterSystemDServiceRunning(ctx context.Context, s *Scenario)

func ValidateNvidiaDevicePluginServiceRunning 

func ValidateNvidiaDevicePluginServiceRunning(ctx context.Context, s *Scenario)

func ValidateNvidiaGRIDLicenseValid 

func ValidateNvidiaGRIDLicenseValid(ctx context.Context, s *Scenario)

func ValidateNvidiaModProbeInstalled 

func ValidateNvidiaModProbeInstalled(ctx context.Context, s *Scenario)

func ValidateNvidiaPersistencedRunning 

func ValidateNvidiaPersistencedRunning(ctx context.Context, s *Scenario)

func ValidateNvidiaSMIInstalled 

func ValidateNvidiaSMIInstalled(ctx context.Context, s *Scenario)

func ValidateNvidiaSMINotInstalled 

func ValidateNvidiaSMINotInstalled(ctx context.Context, s *Scenario)

func ValidatePodRunning 

func ValidatePodRunning(ctx context.Context, s *Scenario, pod *corev1.Pod)

func ValidatePodRunningWithRetry 

func ValidatePodRunningWithRetry(ctx context.Context, s *Scenario, pod *corev1.Pod, maxRetries int)

func ValidatePubkeySSHDisabled 

func ValidatePubkeySSHDisabled(ctx context.Context, s *Scenario)

ValidatePubkeySSHDisabled validates that SSH with private key authentication is disabled by checking sshd_config

func ValidateRuncVersion 

func ValidateRuncVersion(ctx context.Context, s *Scenario, versions []string)

func ValidateRxBufferDefault 

func ValidateRxBufferDefault(ctx context.Context, s *Scenario)

ValidateRxBufferDefault validates rx buffer config using default values based on VM's CPU count

func ValidateSSHServiceDisabled 

func ValidateSSHServiceDisabled(ctx context.Context, s *Scenario)

ValidateSSHServiceDisabled validates that the SSH daemon service is disabled and stopped on the node

func ValidateSSHServiceEnabled 

func ValidateSSHServiceEnabled(ctx context.Context, s *Scenario)

func ValidateScriptlessCSECmd 

func ValidateScriptlessCSECmd(ctx context.Context, s *Scenario)

ValidateScriptlessCSECmd checks if the node has scriptless cmd correctly enabled

func ValidateScriptlessNBCCSECmd 

func ValidateScriptlessNBCCSECmd(ctx context.Context, s *Scenario)

ValidateScriptlessNBCCSECmd checks if the node has scriptless NBCCSECmd correctly enabled

func ValidateServicesDoNotRestartKubelet 

func ValidateServicesDoNotRestartKubelet(ctx context.Context, s *Scenario)

func ValidateStaleCachedKubeBinariesRemoved 

func ValidateStaleCachedKubeBinariesRemoved(ctx context.Context, s *Scenario)

ValidateStaleCachedKubeBinariesRemoved validates that stale versioned kube binaries (e.g. kubelet-1.29.0, kubectl-1.29.0) have been removed from /opt/bin/ after the correct version is installed.

func ValidateSysctlConfig 

func ValidateSysctlConfig(ctx context.Context, s *Scenario, customSysctls map[string]string)

func ValidateSystemdUnitIsNotFailed 

func ValidateSystemdUnitIsNotFailed(ctx context.Context, s *Scenario, serviceName string)

func ValidateSystemdUnitIsNotRunning 

func ValidateSystemdUnitIsNotRunning(ctx context.Context, s *Scenario, serviceName string)

func ValidateSystemdUnitIsRunning 

func ValidateSystemdUnitIsRunning(ctx context.Context, s *Scenario, serviceName string)

func ValidateSystemdWatchdogForKubernetes132Plus 

func ValidateSystemdWatchdogForKubernetes132Plus(ctx context.Context, s *Scenario)

func ValidateTLSBootstrapping 

func ValidateTLSBootstrapping(ctx context.Context, s *Scenario)

func ValidateTaints 

func ValidateTaints(ctx context.Context, s *Scenario, expectedTaints string)

ValidateTaints checks if the node has the expected taints that are set in the kubelet config with --register-with-taints flag

func ValidateUlimitSettings 

func ValidateUlimitSettings(ctx context.Context, s *Scenario, ulimits map[string]string)

func ValidateVulnerableKernelModulesDisabled 

func ValidateVulnerableKernelModulesDisabled(ctx context.Context, s *Scenario)

ValidateVulnerableKernelModulesDisabled verifies that kernel modules with known LPE vulnerabilities are blocked via modprobe config, not loaded, and cannot be loaded. Covers: CVE-2026-31431 (algif_aead), DirtyFrag (esp4, esp6, rxrpc). To add a new CVE mitigation, append the module name to the list below.

func ValidateWaagentLog 

func ValidateWaagentLog(ctx context.Context, s *Scenario)

ValidateWaagentLog checks /var/log/waagent.log for expected agent behavior: - AutoUpdate is disabled as expected - The correct version is running as ExtHandler - No errors from ExtHandler Skipped on Flatcar and OSGuard VHDs which manage WALinuxAgent independently.

func ValidateWindowsCiliumIsNotRunning 

func ValidateWindowsCiliumIsNotRunning(ctx context.Context, s *Scenario)

func ValidateWindowsCiliumIsRunning 

func ValidateWindowsCiliumIsRunning(ctx context.Context, s *Scenario)

func ValidateWindowsDisplayVersion 

func ValidateWindowsDisplayVersion(ctx context.Context, s *Scenario, displayVersion string)

func ValidateWindowsProcessContainsArgumentStrings 

func ValidateWindowsProcessContainsArgumentStrings(ctx context.Context, s *Scenario, processName string, substrings []string)

func ValidateWindowsProcessDoesNotContainArgumentStrings 

func ValidateWindowsProcessDoesNotContainArgumentStrings(ctx context.Context, s *Scenario, processName string, substrings []string)

func ValidateWindowsProcessHasCliArguments 

func ValidateWindowsProcessHasCliArguments(ctx context.Context, s *Scenario, processName string, arguments []string)

func ValidateWindowsProductName 

func ValidateWindowsProductName(ctx context.Context, s *Scenario, productName string)

func ValidateWindowsServiceIsNotRunning 

func ValidateWindowsServiceIsNotRunning(ctx context.Context, s *Scenario, serviceName string)

func ValidateWindowsServiceIsRunning 

func ValidateWindowsServiceIsRunning(ctx context.Context, s *Scenario, serviceName string)

func ValidateWindowsSystemServiceRestartConfiguration 

func ValidateWindowsSystemServiceRestartConfiguration(ctx context.Context, s *Scenario, serviceName string)

func ValidateWindowsSystemServicesRestartConfiguration 

func ValidateWindowsSystemServicesRestartConfiguration(ctx context.Context, s *Scenario)

func ValidateWindowsVersionFromWindowsSettings 

func ValidateWindowsVersionFromWindowsSettings(ctx context.Context, s *Scenario, windowsVersion string)

Types

type Bastion 

type Bastion struct {
	// contains filtered or unexported fields
}

func NewBastion 

func NewBastion(credential *azidentity.AzureCLICredential, subscriptionID, resourceGroupName, dnsName string) *Bastion

func (*Bastion) NewTunnelSession 

func (b *Bastion) NewTunnelSession(ctx context.Context, targetHost string, port uint16) (*tunnelSession, error)

type CSEProvisionTiming 

type CSEProvisionTiming struct {
	ExitCode            string          `json:"ExitCode"`
	ExecDuration        string          `json:"ExecDuration"`
	KernelStartTime     string          `json:"KernelStartTime"`
	CloudInitLocalStart string          `json:"CloudInitLocalStartTime"`
	CloudInitStart      string          `json:"CloudInitStartTime"`
	CloudFinalStart     string          `json:"CloudFinalStartTime"`
	CSEStartTime        string          `json:"CSEStartTime"`
	GuestAgentStartTime string          `json:"GuestAgentStartTime"`
	SystemdSummary      string          `json:"SystemdSummary"`
	BootDatapoints      json.RawMessage `json:"BootDatapoints"`
}

CSEProvisionTiming represents the overall provisioning timing from provision.json.

type CSETaskTiming 

type CSETaskTiming struct {
	TaskName  string
	StartTime time.Time
	EndTime   time.Time
	Duration  time.Duration
	Message   string
}

CSETaskTiming represents the timing of a single CSE task.

type CSETimingReport 

type CSETimingReport struct {
	Tasks     []CSETaskTiming
	Provision *CSEProvisionTiming
	// contains filtered or unexported fields
}

CSETimingReport holds all parsed timing data from a VM.

func ExtractCSETimings 

func ExtractCSETimings(ctx context.Context, s *Scenario) (*CSETimingReport, error)

ExtractCSETimings SSHes into the scenario VM and extracts all CSE task timings. Returns an error if no tasks could be parsed, since an empty report would make regression detection ineffective.

func ValidateCSETimings 

func ValidateCSETimings(ctx context.Context, s *Scenario, thresholds CSETimingThresholds) *CSETimingReport

ValidateCSETimings extracts CSE task timings from the VM, logs them, and validates against thresholds. Each threshold check runs as a t.Run() sub-test so that ADO Pipeline Analytics (via gotestsum → JUnit XML → PublishTestResults) can track individual CSE task pass/fail and duration trends over time.

func (*CSETimingReport) GetTask 

func (r *CSETimingReport) GetTask(name string) *CSETaskTiming

GetTask returns the timing for a specific task, or nil if not found.

func (*CSETimingReport) LogReport 

func (r *CSETimingReport) LogReport(_ context.Context, t interface{ Logf(string, ...any) })

LogReport logs all task timings to the test logger.

func (*CSETimingReport) TotalCSEDuration 

func (r *CSETimingReport) TotalCSEDuration() time.Duration

TotalCSEDuration returns the duration of the cse_start task if present.

type CSETimingThresholds 

type CSETimingThresholds struct {
	// TaskThresholds maps task name suffixes to maximum duration.
	// Task names are matched by suffix to allow flexible matching
	// (e.g., "installDebPackageFromFile" matches "AKS.CSE.installkubelet.installDebPackageFromFile").
	TaskThresholds map[string]time.Duration

	// TotalCSEThreshold is the maximum acceptable total CSE duration.
	TotalCSEThreshold time.Duration

	// DefaultTaskThreshold is the threshold applied to any task that exceeds it
	// but has no specific entry in TaskThresholds. This ensures that ALL slow tasks
	// appear as sub-tests in ADO Pipeline Analytics, even newly added ones.
	// Tasks below this threshold are silently skipped.
	// Set to 0 to disable dynamic tracking.
	DefaultTaskThreshold time.Duration
}

CSETimingThresholds defines maximum acceptable durations for CSE tasks.

type Cluster 

type Cluster struct {
	Model           *armcontainerservice.ManagedCluster
	Kube            *Kubeclient
	KubeletIdentity *armcontainerservice.UserAssignedIdentity
	SubnetID        string
	ClusterParams   *ClusterParams
	Bastion         *Bastion
	ProxyURL        string
}

func (*Cluster) IsAzureCNI 

func (c *Cluster) IsAzureCNI() (bool, error)

Returns true if the cluster is configured with Azure CNI

func (*Cluster) MaxPodsPerNode 

func (c *Cluster) MaxPodsPerNode() (int, error)

Returns the maximum number of pods per node of the cluster's agentpool

type ClusterParams 

type ClusterParams struct {
	CACert         []byte
	BootstrapToken string
	FQDN           string
}

type ClusterRequest 

type ClusterRequest struct {
	Location         string
	K8sSystemPoolSKU string
}

ClusterRequest represents the parameters needed to create a cluster

type Config 

type Config struct {
	// Cluster creates, updates or re-uses an AKS cluster for the scenario
	Cluster func(ctx context.Context, request ClusterRequest) (*Cluster, error)

	// VHD is the node image used by the scenario.
	VHD *config.Image

	// BootstrapConfigMutator is a function which mutates the base NodeBootstrappingConfig according to the scenario's requirements
	BootstrapConfigMutator func(*Cluster, *datamodel.NodeBootstrappingConfiguration)

	// AKSNodeConfigMutator if defined then aks-node-controller will be used to provision nodes
	AKSNodeConfigMutator func(*Cluster, *aksnodeconfigv1.Configuration)

	// VMConfigMutator is a function which mutates the base VMSS model according to the scenario's requirements
	VMConfigMutator func(*armcompute.VirtualMachineScaleSet)

	// CustomDataWriteFiles injects additional cloud-init write_files entries into rendered customData.
	// This is for e2e-only validation scenarios.
	CustomDataWriteFiles []CustomDataWriteFile

	// Validator is a function where the scenario can perform any extra validation checks
	Validator func(ctx context.Context, s *Scenario)

	// SkipDefaultValidation is a flag to indicate whether the common validation (like spawning a pod) should be skipped.
	// It shouldn't be used for majority of scenarios, currently only used for preparing VHD in a two-stage scenario
	SkipDefaultValidation bool

	// SkipSSHConnectivityValidation is a flag to indicate whether the ssh connectivity validation should be skipped.
	// It shouldn't be used for majority of scenarios, currently only used for scenarios where the node is not expected to be reachable via ssh
	SkipSSHConnectivityValidation bool

	// WaitForSSHAfterReboot if set to non-zero duration, SSH connectivity validation will retry with exponential backoff
	// for up to this duration when encountering reboot-related errors. This is useful for scenarios where the node
	// reboots during provisioning (e.g., MIG-enabled GPU nodes). Default (zero value) means no retry.
	WaitForSSHAfterReboot time.Duration

	// if VHDCaching is set then a VHD will be created first for the test scenario and then a VM will be created from that VHD.
	// The main purpose is to validate VHD Caching logic and ensure a reboot step between basePrep and nodePrep doesn't break anything.
	VHDCaching bool

	// ExpectedError, when set, indicates that VMSS creation is expected to fail with an error containing this substring.
	// The assertion is performed inside the scenario's subtest.
	ExpectedError string

	// UseNVMe indicates whether to use NVMe-based disk placement/controller. This is required for certain VM sizes (e.g., v6 and v7 series) which only support NVMe disk controllers.
	UseNVMe bool

	// SkipScriptlessNBC when true prevents the automatic scriptless_nbc sub-test from being generated.
	// Use this for scenarios that depend on CSE script execution (e.g., CSE timing validation)
	// which is not available in scriptless mode.
	SkipScriptlessNBC bool

	// EagerCSETimingExtraction when true causes CSE timing events to be extracted
	// immediately after SSH is established, before other validators run.
	// This prevents the Guest Agent from sweeping events before they can be read.
	// Only set this on CSE performance test scenarios.
	EagerCSETimingExtraction bool
}

Config represents the configuration of an AgentBaker E2E scenario.

type CreateGalleryImageRequest 

type CreateGalleryImageRequest struct {
	ResourceGroup    string
	GalleryName      string
	Location         string
	Arch             string
	Windows          bool
	HyperVGeneration *armcompute.HyperVGeneration
}

type CreateGalleryRequest 

type CreateGalleryRequest struct {
	Location      string
	ResourceGroup string
}

type CustomDataWriteFile 

type CustomDataWriteFile struct {
	Path        string
	Permissions string
	Owner       string
	Content     string
}

CustomDataWriteFile defines an e2e-only cloud-init write_files entry.

type GetLatestExtensionVersionRequest 

type GetLatestExtensionVersionRequest struct {
	Location  string
	ExtType   string
	Publisher string
}

GetLatestExtensionVersionRequest is the cache key for VM extension version lookups.

type GetVHDRequest 

type GetVHDRequest struct {
	Location string
	Image    config.Image
}

type Kubeclient 

type Kubeclient struct {
	Dynamic    client.Client
	Typed      kubernetes.Interface
	RESTConfig *rest.Config
	KubeConfig []byte
}

func (*Kubeclient) CreateDaemonset 

func (k *Kubeclient) CreateDaemonset(ctx context.Context, ds *appsv1.DaemonSet) error

func (*Kubeclient) EnsureDebugDaemonsets 

func (k *Kubeclient) EnsureDebugDaemonsets(ctx context.Context, isNetworkIsolated bool, privateACRName string) error

this is a bit ugly, but we don't want to execute this piece concurrently with other tests

func (*Kubeclient) GetPodNetworkDebugPodForNode 

func (k *Kubeclient) GetPodNetworkDebugPodForNode(ctx context.Context, kubeNodeName string) (*corev1.Pod, error)

GetPodNetworkDebugPodForNode returns a pod that's a member of the 'debugnonhost' daemonset running in the cluster - this will return the name of the pod that is running on the node created for specifically for the test case which is running validation checks.

func (*Kubeclient) GetProxyURL 

func (k *Kubeclient) GetProxyURL(ctx context.Context) (string, error)

GetProxyURL returns the proxy URL after verifying the proxy pod is ready on at least one system pool node.

func (*Kubeclient) WaitUntilNodeReady 

func (k *Kubeclient) WaitUntilNodeReady(ctx context.Context, t testing.TB, vmssName string) string

func (*Kubeclient) WaitUntilPodRunning 

func (k *Kubeclient) WaitUntilPodRunning(ctx context.Context, namespace string, labelSelector string, fieldSelector string) (*corev1.Pod, error)

func (*Kubeclient) WaitUntilPodRunningWithRetry 

func (k *Kubeclient) WaitUntilPodRunningWithRetry(ctx context.Context, namespace string, labelSelector string, fieldSelector string, maxRetries int) (*corev1.Pod, error)

type Scenario 

type Scenario struct {
	// Description is a short description of what the scenario does and tests for
	Description string

	// Tags are used for filtering scenarios to run based on the tags provided
	Tags Tags

	// Config contains the configuration of the scenario
	Config

	// Location is the Azure location where the scenario will run. This can be
	// used to override the default location.
	Location string

	// K8sSystemPoolSKU is the VM size to use for the system nodepool. If empty,
	// a default size will be used.
	K8sSystemPoolSKU string

	// Runtime contains the runtime state of the scenario. It's populated in the beginning of the test run
	Runtime *ScenarioRuntime
	T       testing.TB
}

Scenario represents an AgentBaker E2E scenario.

func (*Scenario) GetClientPrivateKey 

func (s *Scenario) GetClientPrivateKey() string

func (*Scenario) GetContainerRegistryFQDN 

func (s *Scenario) GetContainerRegistryFQDN() string

GetContainerRegistryFQDN returns the container registry FQDN for the cloud environment determined by the cluster's location. Uses Runtime.Cluster.Model.Location so it works for both legacy (NBC) and scriptless (AKSNodeConfig) bootstrap paths.

func (*Scenario) GetDefaultFQDNsForValidation 

func (s *Scenario) GetDefaultFQDNsForValidation() []string

GetDefaultFQDNsForValidation returns the public cloud FQDNs to validate in hosts file checks. AgentBaker e2e only runs in public cloud, so sovereign cloud branches are unnecessary.

func (*Scenario) GetK8sVersion 

func (s *Scenario) GetK8sVersion() string

func (*Scenario) GetServicePrincipalSecret 

func (s *Scenario) GetServicePrincipalSecret() string

func (*Scenario) GetTLSBootstrapToken 

func (s *Scenario) GetTLSBootstrapToken() string

func (*Scenario) HasServicePrincipalData 

func (s *Scenario) HasServicePrincipalData() bool

func (*Scenario) IsHostsPluginEnabled 

func (s *Scenario) IsHostsPluginEnabled() bool

IsHostsPluginEnabled returns true if the hosts plugin is explicitly enabled via either NBC (traditional) or AKSNodeConfig (scriptless) paths.

func (*Scenario) IsLinux 

func (s *Scenario) IsLinux() bool

func (*Scenario) IsWindows 

func (s *Scenario) IsWindows() bool

func (*Scenario) KubeletConfigFileEnabled 

func (s *Scenario) KubeletConfigFileEnabled() bool

func (*Scenario) PrepareAKSNodeConfig 

func (s *Scenario) PrepareAKSNodeConfig()

func (*Scenario) PrepareVMSSModel 

func (s *Scenario) PrepareVMSSModel(ctx context.Context, t testing.TB, vmss *armcompute.VirtualMachineScaleSet)

PrepareVMSSModel mutates the input VirtualMachineScaleSet based on the scenario's VMConfigMutator, if configured. This method will also use the scenario's configured VHD selector to modify the input VMSS to reference the correct VHD resource.

func (*Scenario) SecureTLSBootstrappingEnabled 

func (s *Scenario) SecureTLSBootstrappingEnabled() bool

type ScenarioRuntime 

type ScenarioRuntime struct {
	NBC                       *datamodel.NodeBootstrappingConfiguration
	AKSNodeConfig             *aksnodeconfigv1.Configuration
	Cluster                   *Cluster
	VM                        *ScenarioVM
	VMSSName                  string
	EnableScriptlessNBCCSECmd bool
	CSETimingReport           *CSETimingReport // eagerly extracted before GA can sweep events
}

type ScenarioVM 

type ScenarioVM struct {
	KubeName  string
	VMSS      *armcompute.VirtualMachineScaleSet
	VM        *armcompute.VirtualMachineScaleSetVM
	PrivateIP string
	SSHClient *ssh.Client
}

func ConfigureAndCreateVMSS 

func ConfigureAndCreateVMSS(ctx context.Context, s *Scenario) (*ScenarioVM, error)

func CreateVMSS 

func CreateVMSS(ctx context.Context, s *Scenario, resourceGroupName string) (*ScenarioVM, error)

func CreateVMSSWithRetry 

func CreateVMSSWithRetry(ctx context.Context, s *Scenario) (*ScenarioVM, error)

type Tags 

type Tags struct {
	Name                   string
	ImageName              string
	OS                     string
	Arch                   string
	NetworkIsolated        bool
	NonAnonymousACR        bool
	GPU                    bool
	WASM                   bool
	BootstrapTokenFallback bool
	KubeletCustomConfig    bool
	Scriptless             bool
	VHDCaching             bool
	MockAzureChinaCloud    bool
	VMSeriesCoverageTest   bool
}

func (Tags) MatchesAnyFilter 

func (t Tags) MatchesAnyFilter(filters string) (bool, error)

MatchesAnyFilter checks if the Tags struct matches at least one of the given filters. Filters are comma-separated "key=value" pairs (e.g., "gpu=true,os=x64"). Returns true if any filter matches, false if none match. Errors on invalid input.

func (Tags) MatchesFilters 

func (t Tags) MatchesFilters(filters string) (bool, error)

MatchesFilters checks if the Tags struct matches all given filters. Filters are comma-separated "key=value" pairs (e.g., "gpu=true,os=x64"). Returns true if all filters match, false otherwise. Errors on invalid input.

type VMSizeSKURequest 

type VMSizeSKURequest struct {
	Location string
	VMSize   string
}

VMSizeSKURequest is the cache key for Resource SKU lookups by VM size and location.

type VNet 

type VNet struct {
	// contains filtered or unexported fields
}

Source Files

View all Source files

Directories

Path Synopsis
Package dag provides a lightweight, type-safe DAG executor for running concurrent tasks with dependency tracking.
 Package dag provides a lightweight, type-safe DAG executor for running concurrent tasks with dependency tracking.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.