docs(smoke-test-preflight): smoke test pre-flight checklist guide v1 (with §7 CoreDNS)#71
Open
docs(smoke-test-preflight): smoke test pre-flight checklist guide v1 (with §7 CoreDNS)#71
Conversation
7-section preflight for KB addon smoke runs covering: (1) BackupRepo precondition, (2) StorageClass per-vcluster setup, (3) ImagePullPolicy / sideload audit, (4) autopatcher daemon pattern (alpine compatibility), (5) kubeconfig isolation SOP, (6) test-runner artifact directory ready check, (7) vcluster CoreDNS image preflight — newly added based on 2026-05-05 idc4 incident. Section 7 doctrine: if dataprotection / cross-pod-network test cases fail at first run but cluster Running and smoke T01-T07 PASS, check coredns BEFORE addon code. Symptom is pod-level DNS resolution failure but cluster surface looks healthy because exec-based smoke tests do not need DNS. Case study appendix: Oracle 19c T08 ORA-12154 to CoreDNS root cause investigation, image swap fix on idc4 (docker.io/coredns/coredns:1.10.1 ImagePullBackOff swapped to registry.aliyuncs.com/google_containers/coredns:1.10.1 Running 1/1 in 9s). Backup o19-i4-8854-rman19c-w7verify2 Status=Completed, 553MB, 2m32s after fix. One-shot preflight script updated: 7-item check covering all sections + coredns Running validation as item 7. This guide is the proactive "before-smoke" counterpart to first-blocker / smoke result classification doctrine (PR #69). Cross-refs to: - addon-vanilla-vcluster-bootstrap-guide.md (autopatcher + dual-image setup) - addon-idc-vcluster-migration-checklist-guide.md (Alice IDC checklist owner) - addon-kb-schema-version-preflight-guide.md (schema-side preflight, PR #70) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
8 tasks
weicao
pushed a commit
that referenced
this pull request
May 5, 2026
…ection Allen curator pass 4 mandatory fixes (PR #72 c472d1e2): - Status: stable -> draft (v1) (5-field intro) - SKILL-INDEX 文档全列表 entry added (paste-ready wording) - Line 552/577 addon-smoke-test-pre-flight-checklist-guide.md marked (planned, PR #71) for forward-decl - Lines 574/576/702 addon-idc-image-registry-mirror-guide.md backtick -> clickable markdown (landed doc on main) - Line 576 addon-host-runner-job-pattern-guide.md also linkified (landed doc on main) James jsonpath correction (PR #72 1c15cbb5): Step 3.5 audit shape was wrong. DP_DB_USER / DP_DB_PASSWORD are NOT declared in ActionSet spec.env at all -- KB dataprotection Job runner auto-injects them based on BackupPolicy.spec.backupMethods[] .target.account (which references systemAccount name). The W8 contract boundary lives at BackupPolicy layer, not ActionSet layer. Corrected audit: 1. cluster-side: kubectl get backuppolicy ... .spec.backupMethods[]. target.account vs kubectl get cmpd ... .spec.systemAccounts[].name diff 2. chart-side: yq diff cmpd-19c.yaml systemAccounts vs backuppolicytemplate.yaml backupMethods[].target.account 3. Added "Audit shape 关键澄清" paragraph documenting that systemAccount -> DP_DB_* contract is at BackupPolicy layer W8 grounded form documented: addons/oracle/templates/ backuppolicytemplate.yaml line 33 references account: kbdataprotection but cmpd-19c.yaml does not declare it -> KB never generates secret -> CreateContainerConfigError on 19c. Doctrine B 5-pattern grep on this commit: clean.
Contributor
Author
|
Curator review blockers from the 2026-05-06 doc sweep:
The PR is mergeable at the git layer, but I am not merging until these doc-quality blockers are fixed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
addon-smoke-test-pre-flight-checklist-guide.md(307 lines) — proactive 5-min "before-smoke" preflight counterpart to first-blocker / smoke result classification doctrine (PR docs: add soak test result classification guide (4-state schema + N>=3 evidence threshold) #69)§7 (CoreDNS) doctrine — high value
Symptom is pod-level DNS resolution failure but cluster surface looks healthy because exec-based smoke tests don't need DNS. Layer 2 archetype (vcluster substrate bootstrap precondition) — independent root cause from chart-side / runtime-env-side gaps.
Source evidence (Layer 2 case)
2026-05-05 idc4 incident:
o19-i4-8854(Oracle 19c standalone) Running, smoke T01-T07 PASS, but every Backup attempt hit ORA-12154 (TNS:could not resolve)docker.io/coredns/coredns:1.10.1ImagePullBackOff on idc4 (private idc can't pull docker.io)kubectl set image deployment/coredns -n kube-system coredns=registry.aliyuncs.com/google_containers/coredns:1.10.1→ Running 1/1 in 9so19-i4-8854-rman19c-w7verify2Status=Completed, 553MB, 2m32s after fixFirst-attempt mirror miss:
apecloud-registry.cn-zhangjiakou.cr.aliyuncs.com/apecloud/coredns:1.10.1returnednot found— sediments aliyuncs vs apecloud-registry mirror selection caveat.Evidence pack:
work/oracle-idc4-migration/W7-verify-evidence/(Oracle workspace).Cross-ref strategy
This guide is the diagnostic / 工艺锚 for §7 CoreDNS issue. Companion docs:
addon-kb-schema-version-preflight-guide.md(PR docs(kb-schema-preflight): three-layer KB version preflight guide v1 #70) §6.3 — Layer 2 archetype root cause analysis (theoretical)addon-idc-vcluster-migration-checklist-guide.md(Alice owner) — actualkubectl set imagecommand template + mirror selection ladderBidirectional cross-refs added to both directions.
Test plan