maintain cluster active connection counter for circuit breaker

[Okabe-Rintarou-0]

What type of PR is this?
feature

What this PR does / why we need it:

Which issue(s) this PR fixes:
Fixes #

Proposal here #397

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

[Okabe-Rintarou-0]

how should i get the cluster id? Using cluster name will exceed the stack size limit？
may be extract hashName to a public package?

[Okabe-Rintarou-0]

It's quite confusing

[LiZhenCheng9527]

Some files need to be updated, please run 'make gen' and include any changed files in your PR

[codecov]

Codecov Report

Attention: Patch coverage is 64.06250% with 23 lines in your changes missing coverage. Please review.

Project coverage is 49.54%. Comparing base (1902392) to head (e9af645).
Report is 48 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/cache/v2/cluster.go	79.41%	5 Missing and 2 partials ⚠️
pkg/bpf/bpf.go	0.00%	5 Missing ⚠️
pkg/utils/hash_name.go	0.00%	4 Missing ⚠️
pkg/controller/ads/cache.go	66.66%	3 Missing ⚠️
pkg/controller/controller.go	0.00%	3 Missing ⚠️
pkg/controller/workload/workload_processor.go	50.00%	1 Missing ⚠️

Files with missing lines	Coverage Δ
pkg/bpf/ads/loader.go	47.43% <100.00%> (+1.38%)	⬆️
pkg/bpf/workload/sock_connection.go	54.01% <ø> (ø)
pkg/bpf/workload/sock_ops.go	55.88% <ø> (ø)
pkg/bpf/workload/xdp.go	48.57% <ø> (ø)
pkg/controller/ads/ads_controller.go	80.70% <100.00%> (ø)
pkg/controller/ads/ads_processor.go	75.33% <100.00%> (ø)
pkg/controller/client.go	65.62% <100.00%> (ø)
pkg/controller/workload/workload_processor.go	61.67% <50.00%> (+2.51%)	⬆️
pkg/controller/ads/cache.go	48.67% <66.66%> (+0.16%)	⬆️
pkg/controller/controller.go	0.00% <0.00%> (ø)
... and 3 more

... and 10 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a4ca182...e9af645. Read the comment docs.

[Okabe-Rintarou-0]

/unhold

[Okabe-Rintarou-0]

I use a special way to reject connection, plz check MARK_REJECTED macro.

Tested in oe23.03.

[hzxuzhonghu]

mostly LGTM

Defer to @nlgwcy for the connection reset

[hzxuzhonghu]

weired, seems the tag number is random

[hzxuzhonghu]

would it happen delta = -1 here

[Okabe-Rintarou-0]

yes, need a check here.

[hzxuzhonghu]

We should always use 0 as success and negative number as error code

[Okabe-Rintarou-0]

ok

[hzxuzhonghu]

not sure what is this for

[Okabe-Rintarou-0]

cgroups/connect4 and sockops both use cluster_manager, without it will compile fail

[nlgwcy]

In kernel-native mode, if the running environment is not enhanced kernel(that is, L7 kernel traffic management is not supported), Kmesh completes L4 traffic management in the connect hook.

// cgroup_sock.c
cgroup_connect4_prog -> sock4_traffic_control -> listener_manager -> SEC_TAIL(KMESH_TAIL_CALL_FILTER_CHAIN) -> SEC_TAIL(KMESH_TAIL_CALL_FILTER) -> tcp_proxy_manager -> SEC_TAIL(KMESH_TAIL_CALL_CLUSTER) -> on_cluster_sock_bind

So, on this path, if circuit breaker is triggered, the service also needs to be rejected.

[hzxuzhonghu]

why set cb for inbound

[Okabe-Rintarou-0]

I will delete it

[hzxuzhonghu]

@nlgwcy to review

[hzxuzhonghu]

-1

[hzxuzhonghu]

remove

[hzxuzhonghu]

We have split bpf progs, should not revert

[hzxuzhonghu]

There is persisting in hashName, do we need it here?

[hzxuzhonghu]

If not, i would think we can pkg github.com/google/uuid to generate uuid

[hzxuzhonghu]

nit: remove

[hzxuzhonghu]

#570 (comment) can be done later

/lgtm

[kmesh-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hzxuzhonghu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [hzxuzhonghu]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment