Implement ExternalIPPool status

[wenqiq]

Implement ExternalIPPool status

Report the number of allocated versus free IPs to the status of the Egress ExternalIPPool.

For example:
kubectl get eip

kubectl get eip 
NAME            TOTAL   USED   AGE
eip-test-ipv4   345     1      20s

kubectl get eip -o yaml

  status:
    usage:
      total: 91
      used: 1

kubectl get eip -o yaml                     
apiVersion: v1
items:
- apiVersion: crd.antrea.io/v1alpha2
  kind: ExternalIPPool
  metadata:
    creationTimestamp: "2021-08-02T17:48:17Z"
    generation: 1
    name: eip-test-ipv4
    resourceVersion: "116090"
    uid: fbc8b2ac-a147-4937-b842-88ce6e261a33
  spec:
    ipRanges:
    - end: 10.10.10.100
      start: 10.10.10.10
    nodeSelector:
      matchExpressions:
      - key: kubernetes.io/hostname
        operator: In
        values:
        - kind-worker2
  status:
    usage:
      total: 91
      used: 1
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

For #2454

[antoninbas]

My initial suggestion (and the scope of #2454) was to report usage data (number of allocated IPs vs total number of IPs). It seems that this PR wants to return a list of allocated IPs, which could lead to a significantly large Status. Is this PR trying to address something else besides #2454? It seems that it is missing some context, as there is no explanation of what Preallocated is compared to Allocated.

[wenqiq]

My initial suggestion (and the scope of #2454) was to report usage data (number of allocated IPs vs total number of IPs). It seems that this PR wants to return a list of allocated IPs, which could lead to a significantly large Status.

I don't know whether it needs to be consistent with IPPool status describing in #2442?

I also think reporting usage data (number of allocated IPs vs total number of IPs) is better in ExternalIPPool status, this avoids a significantly large Status.

It seems that it is missing some context, as there is no explanation of what Preallocated is compared to Allocated.

‘Preallocated’ represents the IP allocated to Egress but not assigned to Node yet.

‘Allocated’ represents the IP allocated to Egress and has been assigned to Node.

If we report the status with a list of allocated IPs.

Is this PR trying to address something else besides #2454?

This PR is based on #2444, I was thinking rebase after merged, however they don't actually have dependencies. I will separate these two commits.

[codecov-commenter]

Codecov Report

Merging #2490 (dfe2676) into main (7f90fc0) will decrease coverage by 0.01%.
The diff coverage is 59.18%.

@@            Coverage Diff             @@
##             main    #2490      +/-   ##
==========================================
- Coverage   42.00%   41.98%   -0.02%     
==========================================
  Files         153      154       +1     
  Lines       18565    18658      +93     
==========================================
+ Hits         7798     7834      +36     
- Misses      10067    10118      +51     
- Partials      700      706       +6     

Flag	Coverage Δ
unit-tests	41.98% <59.18%> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/controller/egress/ipallocator/allocator.go	80.41% <0.00%> (-2.57%)	⬇️
pkg/controller/egress/controller.go	84.12% <63.04%> (-3.08%)	⬇️
pkg/ovs/openflow/ofctrl_packetout.go	66.96% <0.00%> (-0.61%)	⬇️
pkg/ovs/openflow/ofctrl_builder.go	18.34% <0.00%> (-0.27%)	⬇️
pkg/ovs/openflow/ofctrl_action.go	11.25% <0.00%> (-0.20%)	⬇️
pkg/agent/controller/networkpolicy/packetin.go	4.63% <0.00%> (-0.05%)	⬇️
pkg/ovs/openflow/ofctrl_group.go	0.00% <0.00%> (ø)
pkg/ovs/openflow/ofctrl_nxfields.go	12.50% <0.00%> (ø)
pkg/agent/openflow/pipeline.go	24.62% <0.00%> (+0.03%)	⬆️
pkg/antctl/command_definition.go	53.97% <0.00%> (+0.11%)	⬆️
... and 2 more

[tnqn]

This is not an encouraged usage, which misleads people that the types are in same package. Package qualifier is very useful to indicate where the dependency is. The code shouldn't pretend they are in same package which makes dividing them in different packages pointless.

[wenqiq]

Done

[tnqn]

‘Preallocated’ represents the IP allocated to Egress but not assigned to Node yet.

‘Allocated’ represents the IP allocated to Egress and has been assigned to Node.

This will then involve more components to achieve it and need a chain of reactions but I don't see much value it adds to the API. We already have enough information in Egress API about whether the Egress IP is just allocated or is configured on a Node.
My original thinking of the status is also just number of allocated IPs vs total number of IPs, which helps users to understand how many IPs have been used and whether they need to extend the pool.

[wenqiq]

As we discussed above, there is no need to keep the ExternalIPPool status consistent with IPPool status CRD. So I implemented the ExternalIPPool status with a new method which only reporting usage data (number of allocated IPs and total number of IPs).

[tnqn]

question: if they are set to "required", does it mean we must set it even when creating a new pool?

[wenqiq]

Thanks for feedbacks. I have verified that it can work and create a ExternalIPPool successfully, It seems status.usage is not required.

[tnqn]

This method can be called concurrently in pool's eventHandler and egress's workers. So it seems that a race condition can make they override each other and the final value in API may be wrong. Maybe creating multiple Egresses can reproduce it.
If this is true, I would suggest have dedicated workers to sync pool's status, other places only enqueue a pool that needs to sync.

[wenqiq]

Good consideration. Will reproduce and fix it.

[tnqn]

LGTM overall, some minor comments

[tnqn]

It's more natural to call it eipQueue, but I think poolQueue is better.

[wenqiq]

Done

[tnqn]

Suggested change

	assert.NoError(t, err)
	require.NoError(t, err)

[wenqiq]

Done

[tnqn]

Suggested change

	t.Logf("pool %s status: %v", pool.Name, pool.Status)
	t.Logf("ExternalPool %s status: %v", pool.Name, pool.Status)

[wenqiq]

Done

[tnqn]

Maybe you can add expectedTotal to the table and check it too.

[wenqiq]

Done

[tnqn]

nit: apierrors

[wenqiq]

Done

[tnqn]

Suggested change

	// poolQueue maintains the ExternalIPpool objects that need to be synced.
	// poolQueue maintains the ExternalIPPool objects that need to be synced.

[wenqiq]

Done

[tnqn]

LGTM. @antoninbas do you want to take a look since you suggested the enhancement?

[tnqn]

/test-all

[antoninbas]

LGTM, thanks for working on this

[antoninbas]

@tnqn we don't need omitempty for this? I know that when kubebuilder generates CRD types, it always adds the omitempty tag for the Status field.

I also see it for upstream resources (at least for Pod)

[wenqiq]

It seems that there is no omitempty tag for all the Status field in the project. I think we can take another PR to implement it? @antoninbas @tnqn

[tnqn]

Although it's set for many Status fields of native Kubernetes resources, I just found it doesn't have any impact as long as the field is a customized struct. I tried marshalling an empty ExternalIPPool, it got the same result regardless of omitempty is set:

{
  "metadata": {
    "creationTimestamp": null
  },
  "spec": {
    "ipRanges": null,
    "nodeSelector": {}
  },
  "status": {
    "usage": {
      "total": 0,
      "used": 0
    }
  }
}

According to https://golang.google.cn/pkg/encoding/json/#Marshal, it works for the built-in types only.

The "omitempty" option specifies that the field should be omitted from the encoding if the field has an empty value, defined as false, 0, a nil pointer, a nil interface value, and any empty array, slice, map, or string.

[antoninbas]

Thanks for confirming guys.

[antoninbas]

Suggested change

	assert.NoError(t, err)
	require.NoError(t, err)

assert will continue with the test, even though eip will be nil in case of an error

[wenqiq]

Done

[antoninbas]

Suggested change

	assert.Equal(t, 1, usage.Used, fmt.Sprintf("ExternalIPPool status not match: %v", usage))
	assert.Equal(t, 1, usage.Used, "Expected one used IP in EgressIPPool Status")

[wenqiq]

Done

[antoninbas]

LGTM

[antoninbas]

/test-all

[tnqn]

@wenqiq e2e failed:

=== RUN   TestEgress/testEgressCRUD
=== RUN   TestEgress/testEgressCRUD/single_matching_Node
    egress_test.go:320: 
        	Error Trace:	egress_test.go:320
        	Error:      	Not equal: 
        	            	expected: 1
        	            	actual  : 0
        	Test:       	TestEgress/testEgressCRUD/single_matching_Node
        	Messages:   	ExternalIPPool status usage used num not match
    egress_test.go:322: ExternalPool pool-tk58b status: {{2 0}}
=== RUN   TestEgress/testEgressCRUD/two_matching_Nodes
    egress_test.go:320: 
        	Error Trace:	egress_test.go:320
        	Error:      	Not equal: 
        	            	expected: 1
        	            	actual  : 0
        	Test:       	TestEgress/testEgressCRUD/two_matching_Nodes
        	Messages:   	ExternalIPPool status usage used num not match
    egress_test.go:322: ExternalPool pool-jdsn5 status: {{2 0}}
=== RUN   TestEgress/testEgressCRUD/no_matching_Node
    egress_test.go:320: 
        	Error Trace:	egress_test.go:320
        	Error:      	Not equal: 
        	            	expected: 1
        	            	actual  : 0
        	Test:       	TestEgress/testEgressCRUD/no_matching_Node
        	Messages:   	ExternalIPPool status usage used num not match

[wenqiq]

Fixed ExternalIPPool status checking logic order in Egress e2e test case.
/test-all

[wenqiq]

/test-all

[tnqn]

LGTM

[antoninbas]

All the e2e test failures are unrelated to this PR: see #2618