Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

High-scale IPcache: Chapter 4 #25591

Merged
merged 3 commits into from May 24, 2023
Merged

High-scale IPcache: Chapter 4 #25591

merged 3 commits into from May 24, 2023

Conversation

pchaigno
Copy link
Member

This is in the context of the high-scale ipcache feature described at cilium/design-cfps#7.

This pull request adds support for GENEVE encapsulation in addition to the existing VXLAN support.

Updates: #25243.

Support GENEVE encapsulation with high-scale ipcache.

@pchaigno pchaigno added sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/minor This PR changes functionality that users may find relevant to operating Cilium. feature/high-scale-ipcache Relates to the high-scale ipcache feature. labels May 22, 2023
@pchaigno
bpf, datapath: Macro with tunneling protocol
631c70e 
This commit exposes the tunneling protocol from the agent to the BPF
code, to be used in a later commit. Two constants are also generated by
the agent to hold the values for tunneling protocols VXLAN and GENEVE.

Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
@pchaigno
bpf: Support GENEVE with high-scale ipcache mode
300844e 
In high-scale ipcache mode, we have a special tunnel where the outer IP
addresses are also the inner IP addresses. For that reason, we need to
manually (using BPF helpers) decapsulate the ingressing packets or the
Linux kernel would deliver encapsulated packets to the target pods.

This manual decapsulation is only performed for VXLAN now. The present
commit adds support for decapsulating GENEVE packets.

The GENEVE header consists of a fixed-length part, and variable-length
options. So when stripping off the encapsulation, also consider the
options.

Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
@pchaigno
test: Cover GENEVE in high-scale ipcache tests
4dd73e1 
This commit refactors the test logic into a function so that we can call
this code twice with the two supported tunneling protocols.

Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
@pchaigno
Copy link
Member Author

/test

@pchaigno pchaigno marked this pull request as ready for review May 23, 2023 08:57
@pchaigno pchaigno requested review from a team as code owners May 23, 2023 08:57
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label May 24, 2023
@pchaigno pchaigno merged commit 0074e97 into cilium:main May 24, 2023
58 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nebril nebril nebril approved these changes

@ti-mo ti-mo ti-mo approved these changes

@jschwinger233 jschwinger233 jschwinger233 approved these changes

Assignees
No one assigned
Labels
feature/high-scale-ipcache Relates to the high-scale ipcache feature. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/minor This PR changes functionality that users may find relevant to operating Cilium. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@pchaigno @nebril @ti-mo @jschwinger233