diff --git a/test/extended/router/stress.go b/test/extended/router/stress.go index dad54a855a91..446933a2fe6a 100644 --- a/test/extended/router/stress.go +++ b/test/extended/router/stress.go @@ -78,6 +78,22 @@ var _ = g.Describe("[sig-network][Feature:Router][apigroup:route.openshift.io]", Name: "system:router", }, }, metav1.CreateOptions{}) + // Router pod needs anyuid, but system:router defaults to the restricted-v2 SCC, which does not provide it. + _, err = oc.AdminKubeClient().RbacV1().RoleBindings(ns).Create(context.Background(), &rbacv1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: "router-anyuid", + }, + Subjects: []rbacv1.Subject{ + { + Kind: "ServiceAccount", + Name: "default", + }, + }, + RoleRef: rbacv1.RoleRef{ + Kind: "ClusterRole", + Name: "system:openshift:scc:anyuid", + }, + }, metav1.CreateOptions{}) o.Expect(err).NotTo(o.HaveOccurred()) }) @@ -552,11 +568,40 @@ func scaledRouter(name, image string, args []string) *appsv1.ReplicaSet { Containers: []corev1.Container{ { Env: []corev1.EnvVar{ - {Name: "NAME", ValueFrom: &corev1.EnvVarSource{FieldRef: &corev1.ObjectFieldSelector{FieldPath: "metadata.name"}}}, + { + Name: "NAME", ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.name", + }, + }, + }, + { + Name: "POD_NAMESPACE", + ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.namespace", + }, + }, + }, }, Name: "router", Image: image, - Args: args, + Args: append(args, "--stats-port=1936", "--metrics-type=haproxy"), + Ports: []corev1.ContainerPort{ + { + ContainerPort: 1936, + Name: "stats", + Protocol: corev1.ProtocolTCP, + }, + }, + ReadinessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/healthz/ready", + Port: intstr.FromInt32(1936), + }, + }, + }, }, }, },