Skip to content

[NPM] Adding prefixes to IPSets in dataplane #1047

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Oct 11, 2021
Merged

[NPM] Adding prefixes to IPSets in dataplane #1047

merged 12 commits into from
Oct 11, 2021

Conversation

@vakalapa
Copy link
Contributor

@vakalapa vakalapa commented Oct 7, 2021
edited
Loading

This PR includes changes to distinguish different kinds of IPSets by expanding on existing prefixes we use. This PR also updates the existing Dataplane APIs now to take in IPSetMetaData struct instead of strings

// Prefixes for ipsets
NamedPortIPSetPrefix string = "namedport:"
NamespacePrefix      string = "ns-"
NamespaceLabelPrefix string = "nslabel-"
PodLabelPrefix       string = "podlabel-"
CIDRPrefix           string = "cidr-"
NestedLabelPrefix    string = "nestedlabel-"

huntergregory
huntergregory suggested changes Oct 8, 2021
View reviewed changes
Copy link
Contributor

@huntergregory huntergregory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look great. Noted a couple things about dataplane

npm/pkg/dataplane/dataplane.go Outdated
// Check if any 2nd level IPSets are generated by Controller with members
// Apply members to the list set
if set.Kind == ipsets.ListSet {
if ipsets.GetSetKind(set.Metadata.Type) == ipsets.ListSet {
Copy link
Contributor

@huntergregory huntergregory Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mismatched types Type and Kind

Copy link
Contributor

@huntergregory huntergregory Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we do a check in the first loop to see if len(set.MemberIPSets) > 0, then the metadata Type needs to be a list kind or we throw an error?

Copy link
Contributor

@huntergregory huntergregory Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same comments apply to deleteIPSetsAndReferences

Copy link
Contributor Author

@vakalapa vakalapa Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually we missed a case which if forgot to add, CIDR ipsets can be translated and provided to us, i will need to add CIDR block ips to corresponding IPSets, so we should not be throwing an error if it is not list

Copy link
Contributor

@huntergregory huntergregory Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But a CIDR is a hash set, right? why not make the members/list check still?

JungukCho
JungukCho reviewed Oct 8, 2021
View reviewed changes
npm/util/const.go
IpsetNomatch string = "nomatch"

// Prefixes for ipsets
NamedPortIPSetPrefix string = "namedport:"
Copy link
Contributor

@JungukCho JungukCho Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason to have ":" instead of "-" for NamedPortIPsetPrefix?

Copy link
Contributor Author

@vakalapa vakalapa Oct 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We used ":" name for this alone because k8s would not allow adding a ":" in labels. keeping it same in v2 even though there is no other reason apart from being backward compatible

huntergregory
huntergregory previously approved these changes Oct 8, 2021
View reviewed changes
matmerr
matmerr approved these changes Oct 11, 2021
View reviewed changes
network/hnswrapper/hnsv2wrapper.go
// Copyright 2017 Microsoft. All rights reserved.
// MIT License

//go:build windows
Copy link
Member

@matmerr matmerr Oct 11, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we add the _windows suffix to this filename?

@vakalapa vakalapa merged commit dfc70ac into master Oct 11, 2021
@vakalapa vakalapa deleted the vakr/setmanagerupdates branch October 11, 2021 20:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matmerr matmerr matmerr approved these changes

+2 more reviewers

@JungukCho JungukCho JungukCho left review comments

@huntergregory huntergregory huntergregory left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement npm Related to NPM.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@vakalapa @matmerr @JungukCho @huntergregory