Anuket Project

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »


Intern

Accepted: Parth Inamdar

Type: Part-Time.


Weekly Meeting :

Every Thursday at UTC 8:30-9:30

https://zoom.us/j/95106311750

Tasks

Sl. NoTask

Week

*2 for part-time

Support from the TeamProgress: Update by Parth Inamdar
1.

Understanding existing tool

  • Pre-Deployment Validation Tools
  • Post-Deployment Validation Tools
1Knowledge sharing session.

Introduction to Kubernetes and OpenStack, PDF & Manifests, Process Workflow of existing validation tools & PDF Creation Tool, Airship Introduction and importance

2

Understanding PDF

  • Exercise1: Update PDF Creation Tool to newer version
  • Exercise2: Create PDF for Existing Testbed
1

Pod Details.

Tentative List.

[Test: Observability Pods]

1. Check if any of the containers are running in privileged mode?
2. Check if any host directories are mounted as volumes?
3. Check if host network namespace is used or not?
4. Check for NET_ADMIN and NET_RAW capabilities. Use capable tool?
5. Telemetry system - logs and monitoring
6. CPU manager - policy configuration.
7. Topology manager - policy
8. Traffic over main CNI?
9. Use of service mesh?
10. Approach used for Ingress/Egress Traffic
11. Helm V3 support.
12. No Access to Kubernetes API/Mgmt from the CNF.
13. Liveliness, Readiness startup probes -- recovery from failures.
14. Kubevirt support.
15. List of CNIs/Device plugins.


  • Understand Kuberef in Pod18.
  • Do the below exercise
  1. Connect to cluster.
  2. Check if there is monitoring namespace. If yes, get only pods within the monitoring namespace.... Check (4) within this.
  3. If Not, get all pods
  4. Check of the pods with following names: { prometheus, node-exporter }

Above exercise:  Wrote a separate program → Reuse the existing framework.

Current Post-Deployment Validation - Openstack

  1. Add differentiator (flag/variable/api-value) to the framework for Kubernetes.
    1. This differentiator decides the list*
  2. Move the above piece of code into this framework.
  3. Both Inamdar and Adarsh can work on this separate 'segment' of the code.
  4. 3 Levels:
    1. -- 3rd party repo – (manifests, charts, definitions, etc).  This may not be required.
    2. API level (kubectl cmds)
    3. Node-Level (login to the node to check)
    4. Pod-Level  (get into the pod to check it)
  5. List of Missing policies in PDF 2.0.
    1. Ex1: NET_ADMIN NET_RAW true/false.
    2. Ex2: Service mesh true/false.
    3. Ex3: TOPOLOGY_MANAGER policy is single_numa_*  





3

Update the Mapping of PDF-Keys to Airship 2.0 CRD Keys

  • Airship 2.0 Overview
2KT Session on Airship.
4Implement the validation of Manifests against the PDF2.5

5

Enlist Post-Validation (not covered by CNCF-Conformance and K8S E2E Tests tools)

  • Include Security too. 
  • At least 10.
1

Walkthrough of K8S E2E, CNCF-Conformance, etc.

CNTT-RC2/RA2


6Implement Post-Validation.2.5

7Integrate the implementations to the main branch and submit the patch.1

8Knowledge-Sharing, Handoff, (Buffer)1

  • No labels