New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bgpv1: Add support for setting BGP timer parameters in CiliumBGPNeighbor CRD #25408
Conversation
eebd777
to
76bce94
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor comments, overall looks good
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Made some comments. My main concern here is a validation of the timer values and how to feedback the wrong configurations to users.
I don't see any range checking on controller side and we currently let GoBGP to validate the value. That means we effectively leaking the underlying BGP's specification to CRD. Ideally, we should be able to control which value is valid and which is not.
Another problem of validating the value in GoBGP level is we don't have a good way to feedback the wrong configuration to users since the error happens during async reconciliation. Ideally, users should be able to notice the invalid value when they create/update the CRD. In that sense, it would be nice to validate configuration at k8s level (with OpenAPI constraint).
ffab248
to
6eaf608
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM for K8s and API
fbae65a
to
097a291
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now overall looks great! At last, let me ask you to consolidate the last two commits into the first commit for readability. You made an API response name changes and some logic changes in those commits, but the final form is only meaningful, so it's more reader-friendly to only show the final form. It's fine to do force-push. It's common to do that in this project for the clean commit history.
Consolidated into a single commit, as keeping the second one would require resolving too many conflicts and it was not that significant (just unit tests). Kept the gist of all commit messages in the final one. |
Consolidation looks good! And sorry, one more. I noticed I didn't answer to your question here. What I mean by "unit" here is like a "Seconds". |
Ah, so you meant including e.g. "Seconds" suffix for the timer intervals in the CRD API? I don't think it is necessary, as the datatype is |
Ah, alright. That's a good point, but since we internally round them up, better to mention it in the document. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now, LGTM! Thanks!
Fair point, added |
/test |
Extends the CiliumBGPNeighbor CRD with 3 new configuration options: ConnectRetryTime, HoldTime and KeepAliveTime. These can be used to fine-tune BGP peering, e.g. to achieve faster failover times. If not set, the default values for the affected timers remain the same as before this change. This also introduces a new UpdateNeighbor API for bgpv1, to support changes of an existing peering. During the update we first dump existing peer configuration from GoBGP and then perform the update on the dumped value. The reason for that is that many peer config fields are defaulted internally in GoBGP and would cause peer reset if not provided on update. Timer values are included in the state API of the BgpPeer. Since the applied values of HoldTime and KeepAliveTime may be different from the configured values (they also depend on negotiation during the session setup), the state API differentiates between "configured" and "applied" values of these timer intervals. Signed-off-by: Rastislav Szabo <rastislav.szabo@isovalent.com>
/test |
/test-runtime looks like a flake in bgpv1 Test_NeighborAddDel: #25637 (failed in https://jenkins.cilium.io/job/Cilium-PR-Runtime-kernel-net-next/120/) |
Extends the
CiliumBGPNeighbor
CRD with 3 new configuration options:ConnectRetryTime
,HoldTime
andKeepAliveTime
. These can be used to fine-tune BGP peering, e.g. to achieve faster failover times. If not set, the default values for the affected BGP timers remain the same as before this change.Example configuration:
Example state dump of peers after configuring:
Implementation notes:
CiliumBGPPeeringPolicy
at the BGP Agent level, so that the same defaults can be consistently applied across all future BGP backends.Router
interface has been extended with a new methodUpdateNeighbor
, which is called from the BGP Manager'sneighborReconciler
when a neighbor needs to be updated.