datapath/linux: Implement DevicesController

DevicesController populates the devices and routes tables. To avoid large refactoring of the existing code around option.Config.GetDevices() this opts for an incremental approach: keep the DeviceManager API as-is and reuse its test to validate that the existing functionality does not break. The tests required some slight adaptation: the "DeviceManager" is re-created after each test case to recreate the initial devices table. Signed-off-by: Jussi Maki <jussi@isovalent.com>
cilium · Aug 2, 2023 · 03ad61b · 03ad61b
1 parent e0c94c8
commit 03ad61b
Show file tree

Hide file tree

Showing 7 changed files with 1,369 additions and 524 deletions.
diff --git a/daemon/cmd/daemon.go b/daemon/cmd/daemon.go
@@ -506,11 +506,6 @@ func newDaemon(ctx context.Context, cleaner *daemonCleanup, params *daemonParams
 
 	nd := nodediscovery.NewNodeDiscovery(params.NodeManager, params.Clientset, mtuConfig, params.CNIConfigManager.GetCustomNetConf())
 
-	devMngr, err := linuxdatapath.NewDeviceManager()
-	if err != nil {
-		return nil, nil, err
-	}
-
 	d := Daemon{
 		ctx:               ctx,
 		clientset:         params.Clientset,
@@ -519,7 +514,7 @@ func newDaemon(ctx context.Context, cleaner *daemonCleanup, params *daemonParams
 		compilationMutex:  new(lock.RWMutex),
 		mtuConfig:         mtuConfig,
 		datapath:          params.Datapath,
-		deviceManager:     devMngr,
+		deviceManager:     params.DeviceManager,
 		nodeDiscovery:     nd,
 		nodeLocalStore:    params.LocalNodeStore,
 		endpointCreations: newEndpointCreationManager(params.Clientset),
@@ -904,14 +899,16 @@ func newDaemon(ctx context.Context, cleaner *daemonCleanup, params *daemonParams
 	// This is because the device detection requires self (Cilium)Node object,
 	// and the k8s service watcher depends on option.Config.EnableNodePort flag
 	// which can be modified after the device detection.
-	devices, err := d.deviceManager.Detect(params.Clientset.IsEnabled())
-	if err != nil {
-		if option.Config.AreDevicesRequired() {
-			// Fail hard if devices are required to function.
-			return nil, nil, fmt.Errorf("failed to detect devices: %w", err)
+	var devices []string
+	if d.deviceManager != nil {
+		if _, err := d.deviceManager.Detect(params.Clientset.IsEnabled()); err != nil {
+			if option.Config.AreDevicesRequired() {
+				// Fail hard if devices are required to function.
+				return nil, nil, fmt.Errorf("failed to detect devices: %w", err)
+			}
+			log.WithError(err).Warn("failed to detect devices, disabling BPF NodePort")
+			disableNodePort()
 		}
-		log.WithError(err).Warn("failed to detect devices, disabling BPF NodePort")
-		disableNodePort()
 	}
 
 	if d.l2announcer != nil {
@@ -1209,7 +1206,7 @@ func newDaemon(ctx context.Context, cleaner *daemonCleanup, params *daemonParams
 	identitymanager.Subscribe(d.policy)
 
 	// Start listening to changed devices if requested.
-	if option.Config.EnableRuntimeDeviceDetection {
+	if option.Config.EnableRuntimeDeviceDetection && d.deviceManager != nil {
 		if option.Config.AreDevicesRequired() {
 			devicesChan, err := d.deviceManager.Listen(ctx)
 			if err != nil {

diff --git a/daemon/cmd/daemon_main.go b/daemon/cmd/daemon_main.go
@@ -1643,6 +1643,7 @@ type daemonParams struct {
 	Settings             cellSettings
 	HealthProvider       cell.Health
 	HealthReporter       cell.HealthReporter
+	DeviceManager        *linuxdatapath.DeviceManager `optional:"true"`
 }
 
 func newDaemonPromise(params daemonParams) promise.Promise[*Daemon] {

diff --git a/pkg/datapath/cells.go b/pkg/datapath/cells.go
@@ -71,6 +71,15 @@ var Cell = cell.Module(
 	cell.Provide(func(dp types.Datapath) types.NodeIDHandler {
 		return dp.NodeIDs()
 	}),
+
+	// DevicesController manages the devices and routes tables
+	linuxdatapath.DevicesControllerCell,
+	cell.Provide(func(cfg *option.DaemonConfig) linuxdatapath.DevicesConfig {
+		// Provide the configured devices to the devices controller.
+		// This is temporary until DevicesController takes ownership of the
+		// device-related configuration options.
+		return linuxdatapath.DevicesConfig{Devices: cfg.GetDevices()}
+	}),
 )
 
 func newWireguardAgent(lc hive.Lifecycle, localNodeStore *node.LocalNodeStore) *wg.Agent {
@@ -143,4 +152,9 @@ type datapathParams struct {
 	BpfMaps []bpf.BpfMap `group:"bpf-maps"`
 
 	NodeMap nodemap.Map
+
+	// Depend on DeviceManager to ensure devices have been resolved.
+	// This is required until option.Config.GetDevices() has been removed and
+	// uses of it converted to Table[Device].
+	DeviceManager *linuxdatapath.DeviceManager
 }