Add trafficControlController to handle TrafficControl requests #3487

wenqiq · 2022-03-19T13:25:30Z

The Antrea Agent is responsible for realizing the traffic control request.
It watches the TrafficControl resources from the K8s API server and manages the container traffic with OpenFlow rules. Specifically, the agent executes the following steps for a TrafficControl resource:

Use label selectors to filter Pods running on this Node.
Translate the selected Pods to OVS ports, which will be used to filter traffic that should be mirrored or redirected.
Translate the target device to the OVS port, which will be used as the target port the traffic should be mirrored or redirected.
Install OpenFlow rules calculated using the above arguments.

Signed-off-by: Wenqi Qiu wenqiq@vmware.com
Signed-off-by: Hongliang Liu lhongliang@vmware.com
Signed-off-by: Quan Tian qtian@vmware.com

codecov-commenter · 2022-03-19T14:13:01Z

Codecov Report

Merging #3487 (bc3a01f) into main (dcd1019) will increase coverage by 7.91%.
The diff coverage is 82.84%.

@@            Coverage Diff             @@
##             main    #3487      +/-   ##
==========================================
+ Coverage   49.22%   57.14%   +7.91%     
==========================================
  Files         258      407     +149     
  Lines       37969    58784   +20815     
==========================================
+ Hits        18691    33591   +14900     
- Misses      17422    22478    +5056     
- Partials     1856     2715     +859

Flag	Coverage Δ
integration-tests	`37.44% <ø> (?)`
kind-e2e-tests	`51.12% <55.87%> (+1.89%)`	⬆️
unit-tests	`44.73% <70.19%> (?)`

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/ovs/ovsconfig/ovs_client.go	`47.79% <81.81%> (+1.78%)`	⬆️
pkg/agent/controller/trafficcontrol/controller.go	`82.64% <82.64%> (ø)`
pkg/agent/agent.go	`53.92% <100.00%> (+7.60%)`	⬆️
...gent/controller/noderoute/node_route_controller.go	`56.12% <100.00%> (+15.28%)`	⬆️
pkg/agent/interfacestore/types.go	`69.44% <100.00%> (+2.77%)`	⬆️
pkg/apis/crd/v1alpha2/register.go	`90.90% <100.00%> (+0.90%)`	⬆️
pkg/agent/nodeportlocal/k8s/annotations.go	`84.44% <0.00%> (-15.56%)`	⬇️
pkg/controller/networkpolicy/tier.go	`50.00% <0.00%> (-5.00%)`	⬇️
pkg/agent/nodeportlocal/k8s/npl_controller.go	`61.12% <0.00%> (-0.94%)`	⬇️
pkg/agent/route/route_linux.go	`48.08% <0.00%> (-0.10%)`	⬇️
... and 274 more

pkg/agent/controller/trafficcontrol/controller.go

pkg/ovs/ovsconfig/interfaces.go

tnqn · 2022-06-08T03:01:58Z

@jianjuns @wenyingd will you take another look at this PR? If not, I will merge it after tests pass.

hongliangl · 2022-06-08T03:14:07Z

/test-ipv6-e2e
/test-ipv6-only-e2e

hongliangl · 2022-06-08T04:54:55Z

/test-ipv6-e2e

wenyingd · 2022-06-08T06:43:40Z

@jianjuns @wenyingd will you take another look at this PR? If not, I will merge it after tests pass.

No comments from my side.

tnqn · 2022-06-08T15:11:25Z

/test-ipv6-e2e

jianjuns · 2022-06-08T16:41:25Z

I am good too.

jianjuns · 2022-06-08T16:42:09Z

/test-ipv6-e2e
/test-ipv6-only-e2e

tnqn · 2022-06-09T05:05:26Z

/test-ipv6-e2e this should be fixed now

ipv6-only-e2e will be fixed by #3869

tnqn · 2022-06-09T06:27:05Z

    trafficcontrol_test.go:324: Error when waiting for Pod 'pod-to-create-veth-pair' to be in the Running state
=== CONT  TestTrafficControl
    fixtures.go:278: Exporting test logs to '/var/lib/jenkins/workspace/antrea-ipv6-ds-e2e-for-pull-request/antrea-test-logs/TestTrafficControl/beforeTeardown.Jun09-06-18-37'
    fixtures.go:390: Error when exporting kubelet logs: error when running journalctl on Node 'antrea-ipv6-9-0', is it available? Error: <nil>
    fixtures.go:423: Deleting 'testtrafficcontrol-2rc6dkh2' K8s Namespace
I0609 06:18:48.947620   25762 framework.go:643] Deleting Namespace testtrafficcontrol-2rc6dkh2 took 3.959952ms
--- FAIL: TestTrafficControl (147.71s)
    --- PASS: TestTrafficControl/TestMirrorToRemote (3.54s)
    --- PASS: TestTrafficControl/TestMirrorToLocal (4.59s)
    --- FAIL: TestTrafficControl/TestRedirectToLocal (90.02s)

hongliangl · 2022-06-09T08:51:21Z

--- FAIL: TestTrafficControl/TestRedirectToLocal (90.02s)

I'll fix this.

hongliangl · 2022-06-09T09:21:00Z

/test-ipv6-e2e
/test-ipv6-only-e2e
/test-e2e

tnqn · 2022-06-09T10:48:03Z

Perhaps the issue is because previous failure left stale devices on testbeds, you may clean that port first ip link del dev xxx || true && ip link add ...

hongliangl · 2022-06-09T11:21:00Z

Perhaps the issue is because previous failure left stale devices on testbeds, you may clean that port first ip link del dev xxx || true && ip link add ...

Make sense.

hongliangl · 2022-06-09T11:28:03Z

/test-all
/test-ipv6-e2e
/test-ipv6-only-e2e

hongliangl · 2022-06-09T11:42:35Z

/test-ipv6-e2e
/test-ipv6-only-e2e

hongliangl · 2022-06-09T14:00:23Z

/test-e2e

hongliangl · 2022-06-09T14:42:33Z

/test-e2e
/test-ipv6-e2e
/test-ipv6-only-e2e

hongliangl · 2022-06-10T00:05:34Z

/test-all
/test-ipv6-only-e2e

- Use label selectors to filter Pods running on current Node. - Translate the selected Pods to OVS ports, which will be used to filter the packets that should be mirrored or redirected. - Translate the target device to the OVS port, which will be used as the target port the traffic should be mirrored or redirected. - Install OpenFlow rules calculated using the above arguments. Signed-off-by: Hongliang Liu <lhongliang@vmware.com> Co-authored-by: Quan Tian <qtian@vmware.com> Co-authored-by: Wenqi Qiu <wenqiq@vmware.com>

hongliangl · 2022-06-10T01:56:00Z

/test-e2e
/test-ipv6-e2e
/test-ipv6-only-e2e

hongliangl · 2022-06-10T03:11:32Z

/test-ipv6-e2e

tnqn · 2022-06-10T09:45:39Z

/test-integration
/test-networkpolicy
/test-conformance

wenqiq mentioned this pull request Mar 21, 2022

Support Pod traffic control in Antrea #3324

Closed

5 tasks

wenqiq force-pushed the traffic-control branch 3 times, most recently from 2420fab to 31e4dd0 Compare April 12, 2022 15:10

wenqiq changed the title ~~[WIP]Unify AppliedToGroup of NetworkPolicy/Egress and add trafficControl API~~ [WIP]Add trafficControlController to handle TrafficControl requests Apr 12, 2022

wenqiq force-pushed the traffic-control branch 4 times, most recently from 9dd56c3 to a5543b2 Compare April 16, 2022 11:13

wenqiq changed the title ~~[WIP]Add trafficControlController to handle TrafficControl requests~~ Add trafficControlController to handle TrafficControl requests Apr 18, 2022

wenqiq force-pushed the traffic-control branch 2 times, most recently from 35583b4 to 81b6c1f Compare April 21, 2022 01:00

wenqiq marked this pull request as ready for review April 21, 2022 10:47

tnqn reviewed Apr 26, 2022

View reviewed changes

wenqiq force-pushed the traffic-control branch 2 times, most recently from 22b4aa2 to 17721ef Compare April 27, 2022 07:41

tnqn reviewed Apr 27, 2022

View reviewed changes

wenqiq force-pushed the traffic-control branch 4 times, most recently from ec4041b to 08b62b2 Compare May 4, 2022 06:20

wenqiq force-pushed the traffic-control branch from 08b62b2 to 684c994 Compare May 5, 2022 06:27

tnqn reviewed May 5, 2022

View reviewed changes

pkg/agent/controller/trafficcontrol/controller.go Outdated Show resolved Hide resolved

tnqn reviewed May 5, 2022

View reviewed changes

pkg/agent/controller/trafficcontrol/controller.go Outdated Show resolved Hide resolved

wenqiq force-pushed the traffic-control branch 3 times, most recently from fc4e3ec to d9c8913 Compare May 6, 2022 09:38

tnqn reviewed May 6, 2022

View reviewed changes

hongliangl force-pushed the traffic-control branch from d9c8913 to 0683c74 Compare May 7, 2022 07:06

hongliangl dismissed tnqn’s stale review via fefc28f June 9, 2022 09:20

hongliangl force-pushed the traffic-control branch from 92b2358 to fefc28f Compare June 9, 2022 09:20

hongliangl force-pushed the traffic-control branch from fefc28f to be78394 Compare June 9, 2022 11:27

hongliangl force-pushed the traffic-control branch from be78394 to 80bdd13 Compare June 9, 2022 11:34

hongliangl force-pushed the traffic-control branch from 80bdd13 to a0841ed Compare June 9, 2022 14:42

hongliangl force-pushed the traffic-control branch from a0841ed to bc3a01f Compare June 10, 2022 01:14

tnqn approved these changes Jun 10, 2022

View reviewed changes

tnqn merged commit 4e60600 into antrea-io:main Jun 10, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add trafficControlController to handle TrafficControl requests #3487

Add trafficControlController to handle TrafficControl requests #3487

wenqiq commented Mar 19, 2022 •

edited by hongliangl

codecov-commenter commented Mar 19, 2022 •

edited

tnqn commented Jun 8, 2022

hongliangl commented Jun 8, 2022

hongliangl commented Jun 8, 2022

wenyingd commented Jun 8, 2022

tnqn commented Jun 8, 2022

jianjuns commented Jun 8, 2022

jianjuns commented Jun 8, 2022

tnqn commented Jun 9, 2022

tnqn commented Jun 9, 2022

hongliangl commented Jun 9, 2022 •

edited

hongliangl commented Jun 9, 2022

tnqn commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 10, 2022

hongliangl commented Jun 10, 2022

hongliangl commented Jun 10, 2022

tnqn commented Jun 10, 2022

Add trafficControlController to handle TrafficControl requests #3487

Add trafficControlController to handle TrafficControl requests #3487

Conversation

wenqiq commented Mar 19, 2022 • edited by hongliangl

codecov-commenter commented Mar 19, 2022 • edited

Codecov Report

tnqn commented Jun 8, 2022

hongliangl commented Jun 8, 2022

hongliangl commented Jun 8, 2022

wenyingd commented Jun 8, 2022

tnqn commented Jun 8, 2022

jianjuns commented Jun 8, 2022

jianjuns commented Jun 8, 2022

tnqn commented Jun 9, 2022

tnqn commented Jun 9, 2022

hongliangl commented Jun 9, 2022 • edited

hongliangl commented Jun 9, 2022

tnqn commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 9, 2022

hongliangl commented Jun 10, 2022

hongliangl commented Jun 10, 2022

hongliangl commented Jun 10, 2022

tnqn commented Jun 10, 2022

wenqiq commented Mar 19, 2022 •

edited by hongliangl

codecov-commenter commented Mar 19, 2022 •

edited

hongliangl commented Jun 9, 2022 •

edited