Implement GC for per-cluster CT/SNAT maps #24576
Conversation
maintainer-s-little-helper
bot
added
the
dont-merge/needs-release-note-label
YutaroHayakawa
force-pushed
the
yutaro/oss/clustermesh-overlapping-podcidr/per-cluster-map-gc
branch
from
8f2c665
to
8e51b54
Compare
YutaroHayakawa
added
sig/datapath
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-release-note-label
|
/test |
pkg/maps/ctmap/per_cluster_ctmap.go
Outdated
| } else { | ||
| ret = append(ret, im) | ||
| } | ||
| if im, err := gm.any6.getClusterMap(clusterID); err != nil || im == nil { |
There was a problem hiding this comment.
It returns an empty list on err != nil and on im == nil, however, only the case of err != nil is handled in the defer block above. That means, if we fail at any point because of im == nil, we don't clean up the maps that we put into ret.
There was a problem hiding this comment.
This part was not required for these GC changes. I messed up the commit while I moved these commits from my dev branch. Let me delete this.
pkg/maps/ctmap/per_cluster_ctmap.go
Outdated
| @@ -221,6 +223,51 @@ func (gm *perClusterCTMaps) DeleteClusterCTMaps(clusterID uint32) error { | |||
| return nil | |||
| } | |||
|
|
|||
| func (gm *perClusterCTMaps) GetClusterCTMaps(clusterID uint32) []*Map { | |||
There was a problem hiding this comment.
This function doesn't seem to be used anywhere. What is it for?
There was a problem hiding this comment.
Same as above. Let me delete this.
pkg/maps/ctmap/ctmap.go
Outdated
| } else { | ||
| natMap = nil | ||
| } | ||
| } |
There was a problem hiding this comment.
Why is this block removed? It's kept in goGC6, and it seems needed.
There was a problem hiding this comment.
Indeed it is needed, thanks! I'll revive it.
Introduce a new field clusterID into ctmap.Map struct. This indicates which cluster the CT maps are associated. Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
Implement CT/NAT GC for per-cluster maps. When we perform GC for global maps, we'll GC per-cluster maps together. Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
YutaroHayakawa
force-pushed
the
yutaro/oss/clustermesh-overlapping-podcidr/per-cluster-map-gc
branch
from
8e51b54
to
5562ce2
Compare
|
/test |
|
ConformanceGKE: #22368 |
|
/ci-gke |
|
/test-1.25-4.19 Job 'Cilium-PR-K8s-1.25-kernel-4.19' failed: Click to show.Test NameFailure OutputIf it is a flake and a GitHub issue doesn't already exist to track it, comment |
|
k8s-1.25-kernel-4.19: #24625 |
|
/test-1.25-4.19 |
|
Actually, k8s-1.25-kernel-4.19 was a known flake and was solved by this PR (#24557). I think it's not worth rebasing as it is not related to this change and tests are succeeding in other test cases. |
YutaroHayakawa
added
the
ready-to-merge
| @@ -213,6 +213,10 @@ type Map struct { | |||
| // define maps to the macro used in the datapath portion for the map | |||
| // name, for example 'CT_MAP4'. | |||
| define string | |||
|
|
|||
| // This field indicates which cluster this ctmap is. Zero for global | |||
There was a problem hiding this comment.
nit: We should probably start revising our usage of "global" to mean "the local cluster", since global sounds confusingly like all clusters. I know the naming is grandfathered in since it was referring to "globally across the node" instead of "per-endpoint CT" so the naming is not super easy here, but there's lots of opportunity to further confuse readers by continuing to use the global phrasing going forward.
Please see individual commits for more details. This is disabled by default, so doesn't affect to existing code.