feat: [NPM] call policy reconcile in dataplane #1188
Conversation
|
|
||
| // 3. Delete policy chains in the background. | ||
| // lock here since stale chains are only affected if we successfully remove policies | ||
| pMgr.staleChains.forceLock() |
There was a problem hiding this comment.
- calculate creator:
- acquire reconcileLock (stalechain lock )
- Delete jump rules
- restore
npm/pkg/dataplane/dataplane.go
Outdated
| *ipsets.IPSetManagerCfg | ||
| *policies.PolicyManagerCfg | ||
| // helpful for UTs (defaults to false for external packages) | ||
| disableGoRoutines bool |
There was a problem hiding this comment.
can we rename this to something like concurrencyEnabled or concurrencyDisabled
There was a problem hiding this comment.
Looking at what it does below - maybe something like disableReconcile?
npm/pkg/dataplane/dataplane.go
Outdated
| if !dp.disableGoRoutines { | ||
| dp.policyMgr.Reconcile(dp.stopChannel) | ||
| } |
There was a problem hiding this comment.
so if this is disabled we're not running reconcile at all? 😕 or am I misunderstanding this
There was a problem hiding this comment.
yes, this is just for unit testing because we test exec calls, and don't want to intermingle exec calls from reconciling with other exec calls
| pMgr.reconcileManager.Lock() | ||
| defer pMgr.reconcileManager.Unlock() | ||
| start <- struct{}{} | ||
| require.NoError(t, pMgr.cleanupChains(testChains)) |
There was a problem hiding this comment.
for cleanupChains function can we move
default case in the select loop above it?
test/integration/npm/main.go
Outdated
|
|
||
| func main() { | ||
| dp, err := dataplane.NewDataPlane(nodeName, common.NewIOShim(), dpCfg) | ||
| dp, err := dataplane.NewDataPlane(nodeName, common.NewIOShim(), dpCfg, nil) |
There was a problem hiding this comment.
Any reason to keep the stop channel nil? Can we pass a legit channel?
There was a problem hiding this comment.
no reason. I can do that
nitishm
left a comment
nitishm
left a comment
There was a problem hiding this comment.
functionality wise I think it LGTM. But I have some nits and comments/questions
npm/pkg/dataplane/dataplane.go
Outdated
| return nil, err | ||
| } | ||
| // necessary for UTs because of ioshim | ||
| if !dp.disableReconcileForUTs { |
There was a problem hiding this comment.
Just call it disableReconcile, and if needed we can make this as a toggle tomorrow to stop if required.
There was a problem hiding this comment.
Or should we remove this flag, and move reconcile to a function called RunDPTasks, and call RunDPTasks in relevant place after newDP is created ? We can skip running this for UTs, and in main.go we can call dp.RunDPTasks.
There was a problem hiding this comment.
Removed this flag and created a dp.RunPeriodicTasks()
Adds a go-routine for policy manager reconciling, which:
Lock stale chains when:
staleChains(inreconcile())staleChainsAs an optimization, policy manager can "force lock"
staleChains, which pauses stale chain deletion until next reconcile period.