Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fqdn: add fqdn proxy interface #17318

Merged
merged 2 commits into from Sep 28, 2021
Merged

fqdn: add fqdn proxy interface #17318

merged 2 commits into from Sep 28, 2021

Conversation

nebril
Copy link
Member

@nebril nebril commented Sep 6, 2021

This change allows us to delete some of the test-specific code in agent and adds an interface for FQDN proxy.

@nebril nebril requested a review from a team September 6, 2021 11:24
@nebril nebril requested review from a team as code owners September 6, 2021 11:24
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Sep 6, 2021
@nebril nebril force-pushed the pr/nebril/fqdn-proxy-interface branch from 8454020 to acd7c5a Compare September 6, 2021 11:27
@nebril
Copy link
Member Author

nebril commented Sep 6, 2021
edited by maintainer-s-little-helper bot

test-me-please

Job 'Cilium-PR-K8s-1.16-net-next' has 3 failures but they might be new flakes since it also hit 1 known flakes: #17060 (83.27)

@maintainer-s-little-helper maintainer-s-little-helper bot mentioned this pull request Sep 6, 2021
Closed
@nebril nebril force-pushed the pr/nebril/fqdn-proxy-interface branch from acd7c5a to f217162 Compare September 7, 2021 10:48
@nebril
Copy link
Member Author

nebril commented Sep 7, 2021
edited by maintainer-s-little-helper bot

test-me-please

Job 'Cilium-PR-Runtime-net-next' failed and has not been observed before, so may be related to your PR:

Click to show.

Test Name

RuntimePrivilegedUnitTests Run Tests

Failure Output

FAIL: Failed to run privileged unit tests

If it is a flake, comment /mlh new-flake Cilium-PR-Runtime-net-next so I can create a new GitHub issue to track it.

jibi
jibi reviewed Sep 7, 2021
View reviewed changes
pkg/fqdn/proxy/proxy.go
)

type FQDNProxy interface {
GetRules(uint16) (restore.DNSRules, error)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does this need to return also an error given that both the DNSProxy and the MockFQDNProxy implementations cannot fail?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW the DNSProxy implementation does have error conditions, we just don't hand them back up the stack at the moment. Ultimately I think that the current error condition should not be blocking the implementation of DNS policy so it doesn't make a huge difference where we handle that error, but technically it could be up to the parent functions to handle those errors appropriately (for instance, by outputting them to the endpoint-specific log rather than spamming the global log like the current implementation does).

@nebril nebril force-pushed the pr/nebril/fqdn-proxy-interface branch from f217162 to 0ee8a1c Compare September 7, 2021 16:13
@nebril
Copy link
Member Author

nebril commented Sep 7, 2021
edited by maintainer-s-little-helper bot

test-me-please

Job 'Cilium-PR-Runtime-net-next' failed and has not been observed before, so may be related to your PR:

Click to show.

Test Name

RuntimePrivilegedUnitTests Run Tests

Failure Output

FAIL: Failed to run privileged unit tests

If it is a flake, comment /mlh new-flake Cilium-PR-Runtime-net-next so I can create a new GitHub issue to track it.

Job 'Cilium-PR-K8s-1.16-net-next' failed and has not been observed before, so may be related to your PR:

Click to show.

Test Name

K8sPolicyTest Multi-node policy test with L7 policy using connectivity-check to check datapath

Failure Output

FAIL: cannot install connectivity-check

If it is a flake, comment /mlh new-flake Cilium-PR-K8s-1.16-net-next so I can create a new GitHub issue to track it.

@nebril nebril force-pushed the pr/nebril/fqdn-proxy-interface branch from 0ee8a1c to 95d1297 Compare September 8, 2021 07:44
@nebril
Copy link
Member Author

nebril commented Sep 8, 2021

test-me-please

@nebril nebril added the release-note/misc This PR makes changes that have no direct user impact. label Sep 8, 2021
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Sep 8, 2021
joestringer
joestringer reviewed Sep 13, 2021
View reviewed changes
pkg/fqdn/proxy/proxy.go Outdated Show resolved Hide resolved
pkg/fqdn/proxy/proxy.go
)

type FQDNProxy interface {
GetRules(uint16) (restore.DNSRules, error)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW the DNSProxy implementation does have error conditions, we just don't hand them back up the stack at the moment. Ultimately I think that the current error condition should not be blocking the implementation of DNS policy so it doesn't make a huge difference where we handle that error, but technically it could be up to the parent functions to handle those errors appropriately (for instance, by outputting them to the endpoint-specific log rather than spamming the global log like the current implementation does).

jrajahalme
jrajahalme approved these changes Sep 14, 2021
View reviewed changes
Copy link
Member

@jrajahalme jrajahalme left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but consider the interface name change proposed by Joe.

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Sep 14, 2021
@christarazi christarazi added dont-merge/bad-bot To prevent MLH from marking ready-to-merge. and removed ready-to-merge This PR has passed all tests and received consensus from code owners to merge. labels Sep 16, 2021
christarazi
christarazi requested changes Sep 16, 2021
View reviewed changes
pkg/fqdn/proxy/proxy.go Outdated Show resolved Hide resolved
@nebril nebril force-pushed the pr/nebril/fqdn-proxy-interface branch from 95d1297 to 4c9955d Compare September 16, 2021 11:04
@nebril
Copy link
Member Author

nebril commented Sep 16, 2021
edited by maintainer-s-little-helper bot

test-me-please

Job 'Cilium-PR-K8s-GKE' failed and has not been observed before, so may be related to your PR:

Click to show.

Test Name

K8sUpdates Tests upgrade and downgrade from a Cilium stable image to master

Failure Output

FAIL: Test pods are not ready after timeout

If it is a flake, comment /mlh new-flake Cilium-PR-K8s-GKE so I can create a new GitHub issue to track it.

@christarazi christarazi added area/daemon Impacts operation of the Cilium daemon. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/enhancement This would improve or streamline existing functionality. and removed dont-merge/bad-bot To prevent MLH from marking ready-to-merge. labels Sep 16, 2021
@nebril
fqdn: Add proxy interface
2278f2d 
This change adds interface for abstracting away FQDN proxy

Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
@nebril
daemon: add mock dns proxy to tests
b0876c6 
This change allows for daemon integration tests to run with mock DNS
proxy

Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
@nebril nebril force-pushed the pr/nebril/fqdn-proxy-interface branch from 4c9955d to b0876c6 Compare September 22, 2021 12:57
@nebril
Copy link
Member Author

nebril commented Sep 22, 2021

test-me-please

@nebril
Copy link
Member Author

nebril commented Sep 24, 2021

Hit #16938 in both conformance kind and eks tests

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Sep 28, 2021
@nebril nebril merged commit 0666f53 into cilium:master Sep 28, 2021
@nebril nebril deleted the pr/nebril/fqdn-proxy-interface branch September 28, 2021 11:28
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from master in 1.10.5 Oct 11, 2021
@errordeveloper errordeveloper mentioned this pull request Oct 12, 2021
Merged
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from master to Backport pending to v1.10 in 1.10.5 Oct 12, 2021
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.10 to Backport done to v1.10 in 1.10.5 Oct 13, 2021
@joestringer joestringer mentioned this pull request Oct 13, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joestringer joestringer joestringer left review comments

@jibi jibi jibi approved these changes

@christarazi christarazi christarazi approved these changes

@jrajahalme jrajahalme jrajahalme approved these changes

Assignees
No one assigned
Labels
area/daemon Impacts operation of the Cilium daemon. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/enhancement This would improve or streamline existing functionality. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
No open projects
1.10.5
Backport done to v1.10
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@nebril @jibi @joestringer @christarazi @jrajahalme @errordeveloper