You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 14
Next »
Intern
Accepted: Parth Inamdar
Type: Part-Time.
Weekly Meeting :
Every Thursday at UTC 8:30-9:30
https://zoom.us/j/95106311750
Tasks
Sl. No | Task | Week *2 for part-time | Support from the Team | Progress: Update by Parth Inamdar |
---|
1. | Understanding existing tool - Pre-Deployment Validation Tools
- Post-Deployment Validation Tools
| 1 | Knowledge sharing session. | Introduction to Kubernetes and OpenStack, PDF & Manifests, Process Workflow of existing validation tools & PDF Creation Tool, Airship Introduction and importance |
2 | Understanding PDF - Exercise1: Update PDF Creation Tool to newer version
- Exercise2: Create PDF for Existing Testbed
| 1 | Pod Details. Tentative List. [Test: Observability Pods] 1. Check if any of the containers are running in privileged mode? 2. Check if any host directories are mounted as volumes? 3. Check if host network namespace is used or not? 4. Check for NET_ADMIN and NET_RAW capabilities. Use capable tool? 5. Telemetry system - logs and monitoring 6. CPU manager - policy configuration. 7. Topology manager - policy 8. Traffic over main CNI? 9. Use of service mesh? 10. Approach used for Ingress/Egress Traffic 11. Helm V3 support. 12. No Access to Kubernetes API/Mgmt from the CNF. 13. Liveliness, Readiness startup probes -- recovery from failures. 14. Kubevirt support. 15. List of CNIs/Device plugins. CMKVsDefault.pptx | - Understand Kuberef in Pod18.
- Do the below exercise
- Connect to cluster.
- Check if there is monitoring namespace. If yes, get only pods within the monitoring namespace.... Check (4) within this.
- If Not, get all pods
- Check of the pods with following names: { prometheus, node-exporter }
Above exercise: Wrote a separate program → Reuse the existing framework. Current Post-Deployment Validation - Openstack - Add differentiator (flag/variable/api-value) to the framework for Kubernetes.
- This differentiator decides the list*
- Move the above piece of code into this framework.
- Both Inamdar and Adarsh can work on this separate 'segment' of the code.
- 3 Levels:
- -- 3rd party repo – (manifests, charts, definitions, etc). This may not be required.
- API level (kubectl cmds)
- Node-Level (login to the node to check)
- Pod-Level (get into the pod to check it)
- List of Missing policies in PDF 2.0.
- Ex1: NET_ADMIN NET_RAW true/false.
- Ex2: Service mesh true/false.
- Ex3: TOPOLOGY_MANAGER policy is single_numa_*
|
|
|
|
|
|
3 | Update the Mapping of PDF-Keys to Airship 2.0 CRD Keys | 2 | KT Session on Airship. |
|
4 | Implement the validation of Manifests against the PDF | 2.5 |
|
|
5 | Enlist Post-Validation (not covered by CNCF-Conformance and K8S E2E Tests tools) - Include Security too.
- At least 10.
| 1 | Walkthrough of K8S E2E, CNCF-Conformance, etc. CNTT-RC2/RA2 |
|
6 | Implement Post-Validation. | 2.5 |
|
|
7 | Integrate the implementations to the main branch and submit the patch. | 1 |
|
|
8 | Knowledge-Sharing, Handoff, (Buffer) | 1 |
|
|