From 2740974470d828afdd1a44c0262baad951f53e5e Mon Sep 17 00:00:00 2001 From: QxBytes Date: Mon, 11 Mar 2024 15:09:29 -0700 Subject: [PATCH 1/3] initial log cleanup --- cni/network/invoker_cns.go | 1 - cni/network/network.go | 8 ------ cni/network/plugin/main.go | 2 -- cni/network/stateless/main.go | 2 -- network/bridge_endpointclient_linux.go | 3 --- network/bridge_networkclient_linux.go | 5 +--- network/endpoint.go | 17 +++++------- network/endpoint_linux.go | 7 ++--- network/network_linux.go | 26 ++++++------------- network/networkutils/networkutils_linux.go | 3 --- network/ovs_endpointclient_linux.go | 16 +++--------- network/ovs_networkclient_linux.go | 8 +++--- network/ovsinfravnet/infravnet_linux.go | 9 ++++--- network/snat/snat_linux.go | 3 --- network/transparent_endpointclient_linux.go | 4 +-- .../transparent_vlan_endpointclient_linux.go | 3 +-- 16 files changed, 31 insertions(+), 86 deletions(-) diff --git a/cni/network/invoker_cns.go b/cni/network/invoker_cns.go index f3e75690f7..722f8380ba 100644 --- a/cni/network/invoker_cns.go +++ b/cni/network/invoker_cns.go @@ -88,7 +88,6 @@ func (invoker *CNSIPAMInvoker) Add(addConfig IPAMAddConfig) (IPAMAddResult, erro PodNamespace: invoker.podNamespace, } - logger.Info(podInfo.PodName) orchestratorContext, err := json.Marshal(podInfo) if err != nil { return IPAMAddResult{}, errors.Wrap(err, "Failed to unmarshal orchestrator context during add: %w") diff --git a/cni/network/network.go b/cni/network/network.go index 2381b8ffc4..b8a87eb5e7 100644 --- a/cni/network/network.go +++ b/cni/network/network.go @@ -980,9 +980,6 @@ func (plugin *NetPlugin) Delete(args *cniSkel.CmdArgs) error { logger.Info("Execution mode", zap.String("mode", nwCfg.ExecutionMode)) if nwCfg.ExecutionMode == string(util.Baremetal) { - - logger.Info("Baremetal mode. Calling vnet agent for delete container") - // schedule send metric before attempting delete defer sendMetricFunc() _, err = plugin.nnsClient.DeleteContainerNetworking(context.Background(), k8sPodName, args.Netns) @@ -1254,16 +1251,12 @@ func (plugin *NetPlugin) Update(args *cniSkel.CmdArgs) error { targetEpInfo := &network.EndpointInfo{} // get the target routes that should replace existingEpInfo.Routes inside the network namespace - logger.Info("Going to collect target routes for from targetNetworkConfig", - zap.String("pod", k8sPodName), - zap.String("namespace", k8sNamespace)) if targetNetworkConfig.Routes != nil && len(targetNetworkConfig.Routes) > 0 { for _, route := range targetNetworkConfig.Routes { logger.Info("Adding route from routes to targetEpInfo", zap.Any("route", route)) _, dstIPNet, _ := net.ParseCIDR(route.IPAddress) gwIP := net.ParseIP(route.GatewayIPAddress) targetEpInfo.Routes = append(targetEpInfo.Routes, network.RouteInfo{Dst: *dstIPNet, Gw: gwIP, DevName: existingEpInfo.IfName}) - logger.Info("Successfully added route from routes to targetEpInfo", zap.Any("route", route)) } } @@ -1278,7 +1271,6 @@ func (plugin *NetPlugin) Update(args *cniSkel.CmdArgs) error { gwIP := net.ParseIP(ipconfig.GatewayIPAddress) route := network.RouteInfo{Dst: dstIPNet, Gw: gwIP, DevName: existingEpInfo.IfName} targetEpInfo.Routes = append(targetEpInfo.Routes, route) - logger.Info("Successfully added route from cnetAddressspace to targetEpInfo", zap.Any("subnet", ipRouteSubnet)) } logger.Info("Finished collecting new routes in targetEpInfo", zap.Any("route", targetEpInfo.Routes)) diff --git a/cni/network/plugin/main.go b/cni/network/plugin/main.go index 89b36994ac..016313228a 100644 --- a/cni/network/plugin/main.go +++ b/cni/network/plugin/main.go @@ -90,8 +90,6 @@ func rootExecute() error { cniCmd := os.Getenv(cni.Cmd) if cniCmd != cni.CmdVersion { - logger.Info("Environment variable set", zap.String("CNI_COMMAND", cniCmd)) - cniReport.GetReport(pluginName, version, ipamQueryURL) var upTime time.Time diff --git a/cni/network/stateless/main.go b/cni/network/stateless/main.go index afd7ea1433..9836f2ab03 100644 --- a/cni/network/stateless/main.go +++ b/cni/network/stateless/main.go @@ -94,8 +94,6 @@ func rootExecute() error { cniCmd := os.Getenv(cni.Cmd) if cniCmd != cni.CmdVersion { - logger.Info("Environment variable set", zap.String("CNI_COMMAND", cniCmd)) - cniReport.GetReport(pluginName, version, ipamQueryURL) var upTime time.Time diff --git a/network/bridge_endpointclient_linux.go b/network/bridge_endpointclient_linux.go index 15851a4210..260800df93 100644 --- a/network/bridge_endpointclient_linux.go +++ b/network/bridge_endpointclient_linux.go @@ -84,14 +84,12 @@ func (client *LinuxBridgeEndpointClient) AddEndpointRules(epInfo *EndpointInfo) for _, ipAddr := range epInfo.IPAddresses { if ipAddr.IP.To4() != nil { // Add ARP reply rule. - logger.Info("Adding ARP reply rule for IP address", zap.String("address", ipAddr.String())) if err = ebtables.SetArpReply(ipAddr.IP, client.getArpReplyAddress(client.containerMac), ebtables.Append); err != nil { return err } } // Add MAC address translation rule. - logger.Info("Adding MAC DNAT rule for IP address", zap.String("address", ipAddr.String())) if err := ebtables.SetDnatForIPAddress(client.hostPrimaryIfName, ipAddr.IP, client.containerMac, ebtables.Append); err != nil { return err } @@ -126,7 +124,6 @@ func (client *LinuxBridgeEndpointClient) DeleteEndpointRules(ep *endpoint) { for _, ipAddr := range ep.IPAddresses { if ipAddr.IP.To4() != nil { // Delete ARP reply rule. - logger.Info("Deleting ARP reply rule for IP address on", zap.String("address", ipAddr.String()), zap.String("id", ep.Id)) err := ebtables.SetArpReply(ipAddr.IP, client.getArpReplyAddress(ep.MacAddress), ebtables.Delete) if err != nil { logger.Error("Failed to delete ARP reply rule for IP address", zap.String("address", ipAddr.String()), zap.Error(err)) diff --git a/network/bridge_networkclient_linux.go b/network/bridge_networkclient_linux.go index 48e3941701..325d4689e8 100644 --- a/network/bridge_networkclient_linux.go +++ b/network/bridge_networkclient_linux.go @@ -90,9 +90,8 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error { if err != nil { return err } - + logger.Info("Adding L2 Rules") // Add SNAT rule to translate container egress traffic. - logger.Info("Adding SNAT rule for egress traffic on", zap.String("hostInterfaceName", client.hostInterfaceName)) if err := ebtables.SetSnatForInterface(client.hostInterfaceName, hostIf.HardwareAddr, ebtables.Append); err != nil { return err } @@ -101,13 +100,11 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error { // ARP requests for all IP addresses are forwarded to the SDN fabric, but fabric // doesn't respond to ARP requests from the VM for its own primary IP address. primary := extIf.IPAddresses[0].IP - logger.Info("Adding ARP reply rule for primary IP address", zap.Any("address", primary)) if err := ebtables.SetArpReply(primary, hostIf.HardwareAddr, ebtables.Append); err != nil { return err } // Add DNAT rule to forward ARP replies to container interfaces. - logger.Info("Adding DNAT rule for ingress ARP traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName)) if err := ebtables.SetDnatForArpReplies(client.hostInterfaceName, ebtables.Append); err != nil { return err } diff --git a/network/endpoint.go b/network/endpoint.go index 19202c8be7..db2c2cf01e 100644 --- a/network/endpoint.go +++ b/network/endpoint.go @@ -309,20 +309,18 @@ func (ep *endpoint) detach() error { } // updateEndpoint updates an existing endpoint in the network. -func (nm *networkManager) updateEndpoint(nw *network, exsitingEpInfo *EndpointInfo, targetEpInfo *EndpointInfo) error { +func (nm *networkManager) updateEndpoint(nw *network, existingEpInfo, targetEpInfo *EndpointInfo) error { var err error - logger.Info("Updating existing endpoint in network to target", zap.Any("exsitingEpInfo", exsitingEpInfo), + logger.Info("Updating existing endpoint in network to target", zap.Any("existingEpInfo", existingEpInfo), zap.String("id", nw.Id), zap.Any("targetEpInfo", targetEpInfo)) defer func() { if err != nil { - logger.Error("Failed to update endpoint with err", zap.String("id", exsitingEpInfo.Id), zap.Error(err)) + logger.Error("Failed to update endpoint with err", zap.String("id", existingEpInfo.Id), zap.Error(err)) } }() - logger.Info("Trying to retrieve endpoint id", zap.String("id", exsitingEpInfo.Id)) - - ep := nw.Endpoints[exsitingEpInfo.Id] + ep := nw.Endpoints[existingEpInfo.Id] if ep == nil { return errEndpointNotFound } @@ -330,27 +328,24 @@ func (nm *networkManager) updateEndpoint(nw *network, exsitingEpInfo *EndpointIn logger.Info("Retrieved endpoint to update", zap.Any("ep", ep)) // Call the platform implementation. - ep, err = nm.updateEndpointImpl(nw, exsitingEpInfo, targetEpInfo) + ep, err = nm.updateEndpointImpl(nw, existingEpInfo, targetEpInfo) if err != nil { return err } // Update routes for existing endpoint - nw.Endpoints[exsitingEpInfo.Id].Routes = ep.Routes + nw.Endpoints[existingEpInfo.Id].Routes = ep.Routes return nil } func GetPodNameWithoutSuffix(podName string) string { nameSplit := strings.Split(podName, "-") - logger.Info("namesplit", zap.Any("nameSplit", nameSplit)) if len(nameSplit) > 2 { nameSplit = nameSplit[:len(nameSplit)-2] } else { return podName } - - logger.Info("Pod name after splitting based on", zap.Any("nameSplit", nameSplit)) return strings.Join(nameSplit, "-") } diff --git a/network/endpoint_linux.go b/network/endpoint_linux.go index 179d28cc8c..729fdb7c31 100644 --- a/network/endpoint_linux.go +++ b/network/endpoint_linux.go @@ -232,10 +232,9 @@ func (nw *network) newEndpointImpl( if epInfo.IPV6Mode != "" { // Enable ipv6 setting in container - logger.Info("Enable ipv6 setting in container.") nuc := networkutils.NewNetworkUtils(nl, plc) if epErr := nuc.UpdateIPV6Setting(0); epErr != nil { - return fmt.Errorf("Enable ipv6 in container failed:%w", epErr) + return fmt.Errorf("enable ipv6 in container failed:%w", epErr) } } @@ -270,7 +269,6 @@ func (nw *network) deleteEndpointImpl(nl netlink.NetlinkInterface, plc platform. if ep.VlanID != 0 { epInfo := ep.getInfo() if nw.Mode == opModeTransparentVlan { - logger.Info("Transparent vlan client") epClient = NewTransparentVlanEndpointClient(nw, epInfo, ep.HostIfName, "", ep.VlanID, ep.LocalIP, nl, plc, nsc, iptc) } else { @@ -462,7 +460,7 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo // we do not support enable/disable snat for now defaultDst := net.ParseIP("0.0.0.0") - logger.Info("Going to collect routes and skip default and infravnet routes if applicable.") + // collect routes and skip default and infravnet routes if applicable logger.Info("Key for default route", zap.String("route", defaultDst.String())) infraVnetKey := "" @@ -476,7 +474,6 @@ func (nm *networkManager) updateRoutes(existingEp *EndpointInfo, targetEp *Endpo logger.Info("Key for route to infra vnet", zap.String("infraVnetKey", infraVnetKey)) for _, route := range existingEp.Routes { destination := route.Dst.IP.String() - logger.Info("Checking destination as to skip or not", zap.String("destination", destination)) isDefaultRoute := destination == defaultDst.String() isInfraVnetRoute := targetEp.EnableInfraVnet && (destination == infraVnetKey) if !isDefaultRoute && !isInfraVnetRoute { diff --git a/network/network_linux.go b/network/network_linux.go index 47f68b420d..2b13c6c68b 100644 --- a/network/network_linux.go +++ b/network/network_linux.go @@ -97,16 +97,13 @@ func (nm *networkManager) newNetworkImpl(nwInfo *NetworkInfo, extIf *externalInt if err := nu.EnableIPV4Forwarding(); err != nil { return nil, errors.Wrap(err, "ipv4 forwarding failed") } - logger.Info("Ipv4 forwarding enabled") if err := nu.UpdateIPV6Setting(1); err != nil { return nil, errors.Wrap(err, "failed to disable ipv6 on vm") } - logger.Info("Disabled ipv6") // Blocks wireserver traffic from apipa nic if err := nu.BlockEgressTrafficFromContainer(nm.iptablesClient, iptables.V4, networkutils.AzureDNS, iptables.TCP, iptables.HTTPPort); err != nil { return nil, errors.Wrap(err, "unable to insert vm iptables rule drop wireserver packets") } - logger.Info("Block wireserver traffic rule added") default: return nil, errNetworkModeInvalid } @@ -469,7 +466,6 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI networkClient NetworkClient ) - logger.Info("Connecting interface", zap.String("Name", extIf.Name)) defer func() { logger.Info("Connecting interface completed", zap.String("Name", extIf.Name), zap.Error(err)) }() @@ -548,37 +544,35 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI } } + logger.Info("Modifying interfaces", zap.String("Name", hostIf.Name)) + // External interface down. - logger.Info("Setting link state down", zap.String("Name", hostIf.Name)) err = nm.netlink.SetLinkState(hostIf.Name, false) if err != nil { - return err + return errors.Wrap(err, "failed to set external interface down") } // Connect the external interface to the bridge. - logger.Info("Setting link master", zap.String("Name", hostIf.Name), zap.String("bridgeName", bridgeName)) if err = networkClient.SetBridgeMasterToHostInterface(); err != nil { - return err + return errors.Wrap(err, "failed to connect external interface to bridge") } // External interface up. - logger.Info("Setting link state up", zap.String("Name", hostIf.Name)) err = nm.netlink.SetLinkState(hostIf.Name, true) if err != nil { - return err + return errors.Wrap(err, "failed to set external interface up") } // Bridge up. - logger.Info("Setting link state up", zap.String("bridgeName", bridgeName)) err = nm.netlink.SetLinkState(bridgeName, true) if err != nil { - return err + return errors.Wrap(err, "failed to set bridge link state up") } // Add the bridge rules. err = networkClient.AddL2Rules(extIf) if err != nil { - return err + return errors.Wrap(err, "failed to add bridge rules") } // External interface hairpin on. @@ -597,8 +591,6 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI } if isGreaterOrEqualUbuntu17 && isSystemdResolvedActive { - logger.Info("Applying dns config on", zap.String("bridgeName", bridgeName)) - if err = nm.applyDNSConfig(extIf, bridgeName); err != nil { logger.Error("Failed to apply DNS configuration with", zap.Error(err)) return err @@ -635,9 +627,7 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI // DisconnectExternalInterface disconnects a host interface from its bridge. func (nm *networkManager) disconnectExternalInterface(extIf *externalInterface, networkClient NetworkClient) { - logger.Info("Disconnecting interface", zap.String("Name", extIf.Name)) - - logger.Info("Deleting bridge rules") + logger.Info("Disconnecting interface and deleting bridge rules", zap.String("Name", extIf.Name)) // Delete bridge rules set on the external interface. networkClient.DeleteL2Rules(extIf) diff --git a/network/networkutils/networkutils_linux.go b/network/networkutils/networkutils_linux.go index 519da94f9c..87cc35547f 100644 --- a/network/networkutils/networkutils_linux.go +++ b/network/networkutils/networkutils_linux.go @@ -82,7 +82,6 @@ func (nu NetworkUtils) CreateEndpoint(hostVethName, containerVethName string, ma return newErrorNetworkUtils(err.Error()) } - logger.Info("Setting link state up", zap.String("hostVethName", hostVethName)) err = nu.netlink.SetLinkState(hostVethName, true) if err != nil { return newErrorNetworkUtils(err.Error()) @@ -97,7 +96,6 @@ func (nu NetworkUtils) CreateEndpoint(hostVethName, containerVethName string, ma func (nu NetworkUtils) SetupContainerInterface(containerVethName, targetIfName string) error { // Interface needs to be down before renaming. - logger.Info("Setting link state down", zap.String("containerVethName", containerVethName)) if err := nu.netlink.SetLinkState(containerVethName, false); err != nil { return newErrorNetworkUtils(err.Error()) } @@ -113,7 +111,6 @@ func (nu NetworkUtils) SetupContainerInterface(containerVethName, targetIfName s } // Bring the interface back up. - logger.Info("Setting link state up.", zap.String("targetIfName", targetIfName)) err := nu.netlink.SetLinkState(targetIfName, true) if err != nil { return newErrorNetworkUtils(err.Error()) diff --git a/network/ovs_endpointclient_linux.go b/network/ovs_endpointclient_linux.go index 569232eb9a..69384e81d6 100644 --- a/network/ovs_endpointclient_linux.go +++ b/network/ovs_endpointclient_linux.go @@ -106,19 +106,18 @@ func (client *OVSEndpointClient) AddEndpoints(epInfo *EndpointInfo) error { } func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error { - logger.Info("[ovs] Setting link master", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName)) + logger.Info("[ovs] Adding endpoint rules", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName)) if err := client.ovsctlClient.AddPortOnOVSBridge(client.hostVethName, client.bridgeName, client.vlanID); err != nil { + logger.Error("[ovs] Setting link master failed with", zap.Error(err)) return err } - logger.Info("[ovs] Get ovs port for interface", zap.String("hostVethName", client.hostVethName)) containerOVSPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostVethName) if err != nil { logger.Error("[ovs] Get ofport failed with", zap.Error(err)) return err } - logger.Info("[ovs] Get ovs port for interface", zap.String("hostPrimaryIfName", client.hostPrimaryIfName)) hostPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostPrimaryIfName) if err != nil { logger.Error("[ovs] Get ofport failed with", zap.Error(err)) @@ -135,7 +134,6 @@ func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error { // IP SNAT Rule - Change src mac to VM Mac for packets coming from container host veth port. // This rule also checks if packets coming from right source ip based on the ovs port to prevent ip spoofing. // Otherwise it drops the packet. - logger.Info("[ovs] Adding IP SNAT rule for egress traffic on", zap.String("containerOVSPort", containerOVSPort)) if err := client.ovsctlClient.AddIPSnatRule(client.bridgeName, ipAddr.IP, client.vlanID, containerOVSPort, client.hostPrimaryMac, hostPort); err != nil { return err } @@ -157,35 +155,27 @@ func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error { } func (client *OVSEndpointClient) DeleteEndpointRules(ep *endpoint) { - logger.Info("[ovs] Get ovs port for interface", zap.String("HostIfName", ep.HostIfName)) + logger.Info("[ovs] Delete endpoint rules", zap.String("HostIfName", ep.HostIfName)) containerPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostVethName) if err != nil { logger.Error("[ovs] Get portnum failed with", zap.Error(err)) } - logger.Info("Get ovs port for interface", zap.String("hostPrimaryIfName", client.hostPrimaryIfName)) hostPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostPrimaryIfName) if err != nil { logger.Error("Get portnum failed with", zap.Error(err)) } // Delete IP SNAT - logger.Info("[ovs] Deleting IP SNAT for port", zap.String("containerPort", containerPort)) client.ovsctlClient.DeleteIPSnatRule(client.bridgeName, containerPort) // Delete Arp Reply Rules for container - logger.Info("[ovs] Deleting ARP reply rule for ip vlanid for container port", zap.String("address", ep.IPAddresses[0].IP.String()), - zap.Any("VlanID", ep.VlanID), zap.String("containerPort", containerPort)) client.ovsctlClient.DeleteArpReplyRule(client.bridgeName, containerPort, ep.IPAddresses[0].IP, ep.VlanID) // Delete MAC address translation rule. - logger.Info("[ovs] Deleting MAC DNAT rule for IP address and vlan", zap.String("address", ep.IPAddresses[0].IP.String()), - zap.Any("VlanID", ep.VlanID)) client.ovsctlClient.DeleteMacDnatRule(client.bridgeName, hostPort, ep.IPAddresses[0].IP, ep.VlanID) // Delete port from ovs bridge - logger.Info("[ovs] Deleting MAC DNAT rule for IP address and vlan", zap.String("address", ep.IPAddresses[0].IP.String()), - zap.Any("VlanID", ep.VlanID)) if err := client.ovsctlClient.DeletePortFromOVS(client.bridgeName, client.hostVethName); err != nil { logger.Error("[ovs] Deletion of interface from bridge failed", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName)) } diff --git a/network/ovs_networkclient_linux.go b/network/ovs_networkclient_linux.go index 88a7bf54f7..8dee873641 100644 --- a/network/ovs_networkclient_linux.go +++ b/network/ovs_networkclient_linux.go @@ -116,6 +116,8 @@ func (client *OVSNetworkClient) DeleteBridge() error { } func (client *OVSNetworkClient) AddL2Rules(extIf *externalInterface) error { + logger.Info("[ovs] Adding L2 Rules") + mac := extIf.MacAddress.String() macHex := strings.Replace(mac, ":", "", -1) @@ -124,13 +126,11 @@ func (client *OVSNetworkClient) AddL2Rules(extIf *externalInterface) error { return err } - // Arp SNAT Rule - logger.Info("[ovs] Adding ARP SNAT rule for egress traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName)) + // Arp SNAT Rule for egress traffic on interface if err := client.ovsctlClient.AddArpSnatRule(client.bridgeName, mac, macHex, ofport); err != nil { return err } - - logger.Info("[ovs] Adding DNAT rule for ingress ARP traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName)) + // DNAT rule for ingress ARP traffic on interface err = client.ovsctlClient.AddArpDnatRule(client.bridgeName, ofport, macHex) if err != nil { return newErrorOVSNetworkClient(err.Error()) diff --git a/network/ovsinfravnet/infravnet_linux.go b/network/ovsinfravnet/infravnet_linux.go index 0a6fca229c..957ec5bcd6 100644 --- a/network/ovsinfravnet/infravnet_linux.go +++ b/network/ovsinfravnet/infravnet_linux.go @@ -139,21 +139,22 @@ func (client *OVSInfraVnetClient) DeleteInfraVnetRules( infraIP net.IPNet, hostPort string, ) { + logger.Info("[ovs] Deleting Infra Vnet Rules") ovs := ovsctl.NewOvsctl() - logger.Info("[ovs] Deleting MAC DNAT rule for infravnet IP address", zap.String("IP", infraIP.IP.String())) + // Delete MAC DNAT rule for infravnet IP address ovs.DeleteMacDnatRule(bridgeName, hostPort, infraIP.IP, 0) - logger.Info("[ovs] Get ovs port for infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName)) + // Get ovs port for infravnet interface infraContainerPort, err := ovs.GetOVSPortNumber(client.hostInfraVethName) if err != nil { logger.Error("[ovs] Get infravnet portnum failed with", zap.Error(err)) } - logger.Info("Deleting IP SNAT for infravnet port", zap.String("infraContainerPort", infraContainerPort)) + // Delete IP SNAT for infravnet port ovs.DeleteIPSnatRule(bridgeName, infraContainerPort) - logger.Info("[ovs] Deleting infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName)) + // Delete infravnet interface if err := ovs.DeletePortFromOVS(bridgeName, client.hostInfraVethName); err != nil { logger.Error("[ovs] Deletion of infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName)) } diff --git a/network/snat/snat_linux.go b/network/snat/snat_linux.go index fb7f348b78..8150161d77 100644 --- a/network/snat/snat_linux.go +++ b/network/snat/snat_linux.go @@ -68,7 +68,6 @@ func NewSnatClient(hostIfName string, plClient platform.ExecClient, iptc ipTablesClient, ) Client { - logger.Info("Initialize new snat client") snatClient := Client{ hostSnatVethName: hostIfName, containerSnatVethName: contIfName, @@ -446,8 +445,6 @@ func (client *Client) createSnatBridge(snatBridgeIP, hostPrimaryMac string) erro return err } - logger.Info("Setting snat bridge mac", zap.String("hostPrimaryMac", hostPrimaryMac)) - ip, addr, _ := net.ParseCIDR(snatBridgeIP) err = client.netlink.AddIPAddress(SnatBridgeName, ip, addr) if err != nil && !strings.Contains(strings.ToLower(err.Error()), "file exists") { diff --git a/network/transparent_endpointclient_linux.go b/network/transparent_endpointclient_linux.go index f39986c0e4..db4935aceb 100644 --- a/network/transparent_endpointclient_linux.go +++ b/network/transparent_endpointclient_linux.go @@ -286,8 +286,6 @@ func (client *TransparentEndpointClient) ConfigureContainerInterfacesAndRoutes(e } func (client *TransparentEndpointClient) setupIPV6Routes() error { - logger.Info("Setting up ipv6 routes in container") - // add route for virtualgwip // ip -6 route add fe80::1234:5678:9abc/128 dev eth0 virtualGwIP, virtualGwNet, _ := net.ParseCIDR(virtualv6GwString) @@ -298,7 +296,7 @@ func (client *TransparentEndpointClient) setupIPV6Routes() error { // ip -6 route add default via fe80::1234:5678:9abc dev eth0 _, defaultIPNet, _ := net.ParseCIDR(defaultv6Cidr) - logger.Info("defaultv6ipnet", zap.Any("defaultIPNet", defaultIPNet)) + logger.Info("Setting up ipv6 routes in container", zap.Any("defaultIPNet", defaultIPNet)) defaultRoute := RouteInfo{ Dst: *defaultIPNet, Gw: virtualGwIP, diff --git a/network/transparent_vlan_endpointclient_linux.go b/network/transparent_vlan_endpointclient_linux.go index 6fcf9719e9..7c6d5d2869 100644 --- a/network/transparent_vlan_endpointclient_linux.go +++ b/network/transparent_vlan_endpointclient_linux.go @@ -212,7 +212,6 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er return errors.Wrap(err, "failed to get vm ns handle") } - logger.Info("Checking if NS exists...") var existingErr error client.vnetNSFileDescriptor, existingErr = client.netnsClient.GetFromName(client.vnetNSName) // If the ns does not exist, the below code will trigger to create it @@ -308,7 +307,7 @@ func (client *TransparentVlanEndpointClient) PopulateVM(epInfo *EndpointInfo) er // Get the default constant host veth mac mac, err := net.ParseMAC(defaultHostVethHwAddr) if err != nil { - logger.Info("Failed to parse the mac addrress", zap.String("defaultHostVethHwAddr", defaultHostVethHwAddr)) + logger.Info("Failed to parse the mac address", zap.String("defaultHostVethHwAddr", defaultHostVethHwAddr)) } // Create veth pair From 68e137b97577f738ec6f8280e8c86a1ec9041b8a Mon Sep 17 00:00:00 2001 From: QxBytes Date: Thu, 14 Mar 2024 13:36:19 -0700 Subject: [PATCH 2/3] address feedback --- cni/network/invoker_cns.go | 1 + cni/network/network.go | 2 +- cni/network/plugin/main.go | 1 + cni/network/stateless/main.go | 1 + 4 files changed, 4 insertions(+), 1 deletion(-) diff --git a/cni/network/invoker_cns.go b/cni/network/invoker_cns.go index 722f8380ba..1a832ac09a 100644 --- a/cni/network/invoker_cns.go +++ b/cni/network/invoker_cns.go @@ -90,6 +90,7 @@ func (invoker *CNSIPAMInvoker) Add(addConfig IPAMAddConfig) (IPAMAddResult, erro orchestratorContext, err := json.Marshal(podInfo) if err != nil { + logger.Info(podInfo.PodName) return IPAMAddResult{}, errors.Wrap(err, "Failed to unmarshal orchestrator context during add: %w") } diff --git a/cni/network/network.go b/cni/network/network.go index b8a87eb5e7..813c58e376 100644 --- a/cni/network/network.go +++ b/cni/network/network.go @@ -1253,7 +1253,7 @@ func (plugin *NetPlugin) Update(args *cniSkel.CmdArgs) error { // get the target routes that should replace existingEpInfo.Routes inside the network namespace if targetNetworkConfig.Routes != nil && len(targetNetworkConfig.Routes) > 0 { for _, route := range targetNetworkConfig.Routes { - logger.Info("Adding route from routes to targetEpInfo", zap.Any("route", route)) + logger.Info("Adding route from routes from targetNetworkConfig to targetEpInfo", zap.Any("route", route)) _, dstIPNet, _ := net.ParseCIDR(route.IPAddress) gwIP := net.ParseIP(route.GatewayIPAddress) targetEpInfo.Routes = append(targetEpInfo.Routes, network.RouteInfo{Dst: *dstIPNet, Gw: gwIP, DevName: existingEpInfo.IfName}) diff --git a/cni/network/plugin/main.go b/cni/network/plugin/main.go index 016313228a..3ca79abc42 100644 --- a/cni/network/plugin/main.go +++ b/cni/network/plugin/main.go @@ -90,6 +90,7 @@ func rootExecute() error { cniCmd := os.Getenv(cni.Cmd) if cniCmd != cni.CmdVersion { + logger.Info("Environment variable set", zap.String("CNI_COMMAND", cniCmd)) cniReport.GetReport(pluginName, version, ipamQueryURL) var upTime time.Time diff --git a/cni/network/stateless/main.go b/cni/network/stateless/main.go index 9836f2ab03..52cfe55265 100644 --- a/cni/network/stateless/main.go +++ b/cni/network/stateless/main.go @@ -94,6 +94,7 @@ func rootExecute() error { cniCmd := os.Getenv(cni.Cmd) if cniCmd != cni.CmdVersion { + logger.Info("Environment variable set", zap.String("CNI_COMMAND", cniCmd)) cniReport.GetReport(pluginName, version, ipamQueryURL) var upTime time.Time From 0ff3e6f3f803f20f0275ca7987f960c3fb136c25 Mon Sep 17 00:00:00 2001 From: QxBytes Date: Thu, 14 Mar 2024 13:42:00 -0700 Subject: [PATCH 3/3] undo modifying deprecated mode files --- cni/network/plugin/main.go | 1 + cni/network/stateless/main.go | 1 + network/bridge_endpointclient_linux.go | 3 +++ network/bridge_networkclient_linux.go | 5 ++++- network/ovs_endpointclient_linux.go | 16 +++++++++++++--- network/ovs_networkclient_linux.go | 8 ++++---- network/ovsinfravnet/infravnet_linux.go | 9 ++++----- 7 files changed, 30 insertions(+), 13 deletions(-) diff --git a/cni/network/plugin/main.go b/cni/network/plugin/main.go index 3ca79abc42..89b36994ac 100644 --- a/cni/network/plugin/main.go +++ b/cni/network/plugin/main.go @@ -91,6 +91,7 @@ func rootExecute() error { if cniCmd != cni.CmdVersion { logger.Info("Environment variable set", zap.String("CNI_COMMAND", cniCmd)) + cniReport.GetReport(pluginName, version, ipamQueryURL) var upTime time.Time diff --git a/cni/network/stateless/main.go b/cni/network/stateless/main.go index 52cfe55265..afd7ea1433 100644 --- a/cni/network/stateless/main.go +++ b/cni/network/stateless/main.go @@ -95,6 +95,7 @@ func rootExecute() error { if cniCmd != cni.CmdVersion { logger.Info("Environment variable set", zap.String("CNI_COMMAND", cniCmd)) + cniReport.GetReport(pluginName, version, ipamQueryURL) var upTime time.Time diff --git a/network/bridge_endpointclient_linux.go b/network/bridge_endpointclient_linux.go index 260800df93..15851a4210 100644 --- a/network/bridge_endpointclient_linux.go +++ b/network/bridge_endpointclient_linux.go @@ -84,12 +84,14 @@ func (client *LinuxBridgeEndpointClient) AddEndpointRules(epInfo *EndpointInfo) for _, ipAddr := range epInfo.IPAddresses { if ipAddr.IP.To4() != nil { // Add ARP reply rule. + logger.Info("Adding ARP reply rule for IP address", zap.String("address", ipAddr.String())) if err = ebtables.SetArpReply(ipAddr.IP, client.getArpReplyAddress(client.containerMac), ebtables.Append); err != nil { return err } } // Add MAC address translation rule. + logger.Info("Adding MAC DNAT rule for IP address", zap.String("address", ipAddr.String())) if err := ebtables.SetDnatForIPAddress(client.hostPrimaryIfName, ipAddr.IP, client.containerMac, ebtables.Append); err != nil { return err } @@ -124,6 +126,7 @@ func (client *LinuxBridgeEndpointClient) DeleteEndpointRules(ep *endpoint) { for _, ipAddr := range ep.IPAddresses { if ipAddr.IP.To4() != nil { // Delete ARP reply rule. + logger.Info("Deleting ARP reply rule for IP address on", zap.String("address", ipAddr.String()), zap.String("id", ep.Id)) err := ebtables.SetArpReply(ipAddr.IP, client.getArpReplyAddress(ep.MacAddress), ebtables.Delete) if err != nil { logger.Error("Failed to delete ARP reply rule for IP address", zap.String("address", ipAddr.String()), zap.Error(err)) diff --git a/network/bridge_networkclient_linux.go b/network/bridge_networkclient_linux.go index 325d4689e8..48e3941701 100644 --- a/network/bridge_networkclient_linux.go +++ b/network/bridge_networkclient_linux.go @@ -90,8 +90,9 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error { if err != nil { return err } - logger.Info("Adding L2 Rules") + // Add SNAT rule to translate container egress traffic. + logger.Info("Adding SNAT rule for egress traffic on", zap.String("hostInterfaceName", client.hostInterfaceName)) if err := ebtables.SetSnatForInterface(client.hostInterfaceName, hostIf.HardwareAddr, ebtables.Append); err != nil { return err } @@ -100,11 +101,13 @@ func (client *LinuxBridgeClient) AddL2Rules(extIf *externalInterface) error { // ARP requests for all IP addresses are forwarded to the SDN fabric, but fabric // doesn't respond to ARP requests from the VM for its own primary IP address. primary := extIf.IPAddresses[0].IP + logger.Info("Adding ARP reply rule for primary IP address", zap.Any("address", primary)) if err := ebtables.SetArpReply(primary, hostIf.HardwareAddr, ebtables.Append); err != nil { return err } // Add DNAT rule to forward ARP replies to container interfaces. + logger.Info("Adding DNAT rule for ingress ARP traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName)) if err := ebtables.SetDnatForArpReplies(client.hostInterfaceName, ebtables.Append); err != nil { return err } diff --git a/network/ovs_endpointclient_linux.go b/network/ovs_endpointclient_linux.go index 69384e81d6..569232eb9a 100644 --- a/network/ovs_endpointclient_linux.go +++ b/network/ovs_endpointclient_linux.go @@ -106,18 +106,19 @@ func (client *OVSEndpointClient) AddEndpoints(epInfo *EndpointInfo) error { } func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error { - logger.Info("[ovs] Adding endpoint rules", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName)) + logger.Info("[ovs] Setting link master", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName)) if err := client.ovsctlClient.AddPortOnOVSBridge(client.hostVethName, client.bridgeName, client.vlanID); err != nil { - logger.Error("[ovs] Setting link master failed with", zap.Error(err)) return err } + logger.Info("[ovs] Get ovs port for interface", zap.String("hostVethName", client.hostVethName)) containerOVSPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostVethName) if err != nil { logger.Error("[ovs] Get ofport failed with", zap.Error(err)) return err } + logger.Info("[ovs] Get ovs port for interface", zap.String("hostPrimaryIfName", client.hostPrimaryIfName)) hostPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostPrimaryIfName) if err != nil { logger.Error("[ovs] Get ofport failed with", zap.Error(err)) @@ -134,6 +135,7 @@ func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error { // IP SNAT Rule - Change src mac to VM Mac for packets coming from container host veth port. // This rule also checks if packets coming from right source ip based on the ovs port to prevent ip spoofing. // Otherwise it drops the packet. + logger.Info("[ovs] Adding IP SNAT rule for egress traffic on", zap.String("containerOVSPort", containerOVSPort)) if err := client.ovsctlClient.AddIPSnatRule(client.bridgeName, ipAddr.IP, client.vlanID, containerOVSPort, client.hostPrimaryMac, hostPort); err != nil { return err } @@ -155,27 +157,35 @@ func (client *OVSEndpointClient) AddEndpointRules(epInfo *EndpointInfo) error { } func (client *OVSEndpointClient) DeleteEndpointRules(ep *endpoint) { - logger.Info("[ovs] Delete endpoint rules", zap.String("HostIfName", ep.HostIfName)) + logger.Info("[ovs] Get ovs port for interface", zap.String("HostIfName", ep.HostIfName)) containerPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostVethName) if err != nil { logger.Error("[ovs] Get portnum failed with", zap.Error(err)) } + logger.Info("Get ovs port for interface", zap.String("hostPrimaryIfName", client.hostPrimaryIfName)) hostPort, err := client.ovsctlClient.GetOVSPortNumber(client.hostPrimaryIfName) if err != nil { logger.Error("Get portnum failed with", zap.Error(err)) } // Delete IP SNAT + logger.Info("[ovs] Deleting IP SNAT for port", zap.String("containerPort", containerPort)) client.ovsctlClient.DeleteIPSnatRule(client.bridgeName, containerPort) // Delete Arp Reply Rules for container + logger.Info("[ovs] Deleting ARP reply rule for ip vlanid for container port", zap.String("address", ep.IPAddresses[0].IP.String()), + zap.Any("VlanID", ep.VlanID), zap.String("containerPort", containerPort)) client.ovsctlClient.DeleteArpReplyRule(client.bridgeName, containerPort, ep.IPAddresses[0].IP, ep.VlanID) // Delete MAC address translation rule. + logger.Info("[ovs] Deleting MAC DNAT rule for IP address and vlan", zap.String("address", ep.IPAddresses[0].IP.String()), + zap.Any("VlanID", ep.VlanID)) client.ovsctlClient.DeleteMacDnatRule(client.bridgeName, hostPort, ep.IPAddresses[0].IP, ep.VlanID) // Delete port from ovs bridge + logger.Info("[ovs] Deleting MAC DNAT rule for IP address and vlan", zap.String("address", ep.IPAddresses[0].IP.String()), + zap.Any("VlanID", ep.VlanID)) if err := client.ovsctlClient.DeletePortFromOVS(client.bridgeName, client.hostVethName); err != nil { logger.Error("[ovs] Deletion of interface from bridge failed", zap.String("hostVethName", client.hostVethName), zap.String("bridgeName", client.bridgeName)) } diff --git a/network/ovs_networkclient_linux.go b/network/ovs_networkclient_linux.go index 8dee873641..88a7bf54f7 100644 --- a/network/ovs_networkclient_linux.go +++ b/network/ovs_networkclient_linux.go @@ -116,8 +116,6 @@ func (client *OVSNetworkClient) DeleteBridge() error { } func (client *OVSNetworkClient) AddL2Rules(extIf *externalInterface) error { - logger.Info("[ovs] Adding L2 Rules") - mac := extIf.MacAddress.String() macHex := strings.Replace(mac, ":", "", -1) @@ -126,11 +124,13 @@ func (client *OVSNetworkClient) AddL2Rules(extIf *externalInterface) error { return err } - // Arp SNAT Rule for egress traffic on interface + // Arp SNAT Rule + logger.Info("[ovs] Adding ARP SNAT rule for egress traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName)) if err := client.ovsctlClient.AddArpSnatRule(client.bridgeName, mac, macHex, ofport); err != nil { return err } - // DNAT rule for ingress ARP traffic on interface + + logger.Info("[ovs] Adding DNAT rule for ingress ARP traffic on interface", zap.String("hostInterfaceName", client.hostInterfaceName)) err = client.ovsctlClient.AddArpDnatRule(client.bridgeName, ofport, macHex) if err != nil { return newErrorOVSNetworkClient(err.Error()) diff --git a/network/ovsinfravnet/infravnet_linux.go b/network/ovsinfravnet/infravnet_linux.go index 957ec5bcd6..0a6fca229c 100644 --- a/network/ovsinfravnet/infravnet_linux.go +++ b/network/ovsinfravnet/infravnet_linux.go @@ -139,22 +139,21 @@ func (client *OVSInfraVnetClient) DeleteInfraVnetRules( infraIP net.IPNet, hostPort string, ) { - logger.Info("[ovs] Deleting Infra Vnet Rules") ovs := ovsctl.NewOvsctl() - // Delete MAC DNAT rule for infravnet IP address + logger.Info("[ovs] Deleting MAC DNAT rule for infravnet IP address", zap.String("IP", infraIP.IP.String())) ovs.DeleteMacDnatRule(bridgeName, hostPort, infraIP.IP, 0) - // Get ovs port for infravnet interface + logger.Info("[ovs] Get ovs port for infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName)) infraContainerPort, err := ovs.GetOVSPortNumber(client.hostInfraVethName) if err != nil { logger.Error("[ovs] Get infravnet portnum failed with", zap.Error(err)) } - // Delete IP SNAT for infravnet port + logger.Info("Deleting IP SNAT for infravnet port", zap.String("infraContainerPort", infraContainerPort)) ovs.DeleteIPSnatRule(bridgeName, infraContainerPort) - // Delete infravnet interface + logger.Info("[ovs] Deleting infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName)) if err := ovs.DeletePortFromOVS(bridgeName, client.hostInfraVethName); err != nil { logger.Error("[ovs] Deletion of infravnet interface", zap.String("hostInfraVethName", client.hostInfraVethName), zap.String("bridgeName", bridgeName)) }