perform the gateway check but ignore the result when the annotation o…

…f subnet is ‘disableGatewayCheck=true’ to make sure of the first network packet (#2290) * fix wrong network interface name in gateway check * perform the gateway check but ignore the result when the annotation of subnet is disableGatewayCheck=true to make sure of the first network packet --------- Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
kubeovn · Feb 13, 2023 · f7f2375 · f7f2375
1 parent 0bd7c7e
commit f7f2375
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 28 deletions.
diff --git a/pkg/daemon/handler.go b/pkg/daemon/handler.go
@@ -27,6 +27,8 @@ const (
 	gatewayModeDisabled = iota
 	gatewayCheckModePing
 	gatewayCheckModeArping
+	gatewayCheckModePingNotConcerned
+	gatewayCheckModeArpingNotConcerned
 )
 
 type cniServerHandler struct {
@@ -225,9 +227,15 @@ func (csh cniServerHandler) handleAdd(req *restful.Request, resp *restful.Respon
 
 		//skip ping check gateway for pods during live migration
 		if pod.Annotations[fmt.Sprintf(util.LiveMigrationAnnotationTemplate, podRequest.Provider)] != "true" {
-			if !podSubnet.Spec.DisableGatewayCheck {
-				if podSubnet.Spec.Vlan != "" && !podSubnet.Spec.LogicalGateway {
+			if podSubnet.Spec.Vlan != "" && !podSubnet.Spec.LogicalGateway {
+				if podSubnet.Spec.DisableGatewayCheck {
+					gatewayCheckMode = gatewayCheckModeArpingNotConcerned
+				} else {
 					gatewayCheckMode = gatewayCheckModeArping
+				}
+			} else {
+				if podSubnet.Spec.DisableGatewayCheck {
+					gatewayCheckMode = gatewayCheckModePingNotConcerned
 				} else {
 					gatewayCheckMode = gatewayCheckModePing
 				}

diff --git a/pkg/daemon/ovs.go b/pkg/daemon/ovs.go
@@ -14,15 +14,15 @@ import (
 
 const gatewayCheckMaxRetry = 200
 
-func pingGateway(gw, src string, verbose bool) error {
+func pingGateway(gw, src string, verbose bool, maxRetry int) error {
 	pinger, err := goping.NewPinger(gw)
 	if err != nil {
 		return fmt.Errorf("failed to init pinger: %v", err)
 	}
 	pinger.SetPrivileged(true)
 	// CNITimeoutSec = 220, cannot exceed
-	pinger.Count = gatewayCheckMaxRetry
-	pinger.Timeout = gatewayCheckMaxRetry * time.Second
+	pinger.Count = maxRetry
+	pinger.Timeout = time.Duration(maxRetry) * time.Second
 	pinger.Interval = time.Second
 
 	var success bool
@@ -34,7 +34,7 @@ func pingGateway(gw, src string, verbose bool) error {
 
 	cniConnectivityResult.WithLabelValues(nodeName).Add(float64(pinger.PacketsSent))
 	if !success {
-		return fmt.Errorf("%s network not ready after %d ping %s", src, gatewayCheckMaxRetry, gw)
+		return fmt.Errorf("%s network not ready after %d ping %s", src, maxRetry, gw)
 	}
 	if verbose {
 		klog.Infof("%s network ready after %d ping, gw %s", src, pinger.PacketsSent, gw)

diff --git a/pkg/daemon/ovs_linux.go b/pkg/daemon/ovs_linux.go
@@ -308,36 +308,47 @@ func configureContainerNic(nicName, ifName string, ipAddr, gateway string, isDef
 		}
 
 		if gwCheckMode != gatewayModeDisabled {
-			underlayGateway := gwCheckMode == gatewayCheckModeArping
+			var (
+				underlayGateway = gwCheckMode == gatewayCheckModeArping || gwCheckMode == gatewayCheckModeArpingNotConcerned
+				interfaceName   = nicName
+			)
 
-			if u2oInterconnectionIP != "" {
-				if nicType != util.InternalType {
-					if err := waitNetworkReady(ifName, ipAddr, u2oInterconnectionIP, false, true); err != nil {
-						return err
-					}
-				} else {
-					if err := waitNetworkReady(nicName, ipAddr, u2oInterconnectionIP, false, true); err != nil {
-						return err
-					}
-				}
+			if nicType != util.InternalType {
+				interfaceName = ifName
 			}
 
-			if nicType != util.InternalType {
-				return waitNetworkReady(ifName, ipAddr, gateway, underlayGateway, true)
+			if u2oInterconnectionIP != "" {
+				if err := checkGatewayReady(gwCheckMode, interfaceName, ipAddr, u2oInterconnectionIP, false, true); err != nil {
+					return err
+				}
 			}
-			return waitNetworkReady(nicName, ipAddr, gateway, underlayGateway, true)
+			return checkGatewayReady(gwCheckMode, interfaceName, ipAddr, gateway, underlayGateway, true)
 		}
 
 		return nil
 	})
 }
 
-func waitNetworkReady(nic, ipAddr, gateway string, underlayGateway, verbose bool) error {
+func checkGatewayReady(gwCheckMode int, intr, ipAddr, gateway string, underlayGateway, verbose bool) error {
+	var err error
+
+	if gwCheckMode == gatewayCheckModeArpingNotConcerned || gwCheckMode == gatewayCheckModePingNotConcerned {
+		// ignore error while ‘disableGatewayCheck=true’
+		if err = waitNetworkReady(intr, ipAddr, gateway, underlayGateway, verbose, 1); err != nil {
+			err = nil
+		}
+	} else {
+		err = waitNetworkReady(intr, ipAddr, gateway, underlayGateway, verbose, gatewayCheckMaxRetry)
+	}
+	return err
+}
+
+func waitNetworkReady(nic, ipAddr, gateway string, underlayGateway, verbose bool, maxRetry int) error {
 	ips := strings.Split(ipAddr, ",")
 	for i, gw := range strings.Split(gateway, ",") {
 		src := strings.Split(ips[i], "/")[0]
 		if underlayGateway && util.CheckProtocol(gw) == kubeovnv1.ProtocolIPv4 {
-			mac, count, err := util.ArpResolve(nic, src, gw, time.Second, gatewayCheckMaxRetry)
+			mac, count, err := util.ArpResolve(nic, src, gw, time.Second, maxRetry)
 			cniConnectivityResult.WithLabelValues(nodeName).Add(float64(count))
 			if err != nil {
 				err = fmt.Errorf("network %s with gateway %s is not ready for interface %s after %d checks: %v", ips[i], gw, nic, count, err)
@@ -349,7 +360,7 @@ func waitNetworkReady(nic, ipAddr, gateway string, underlayGateway, verbose bool
 				klog.Infof("network %s with gateway %s is ready for interface %s after %d checks", ips[i], gw, nic, count)
 			}
 		} else {
-			if err := pingGateway(gw, src, verbose); err != nil {
+			if err := pingGateway(gw, src, verbose, maxRetry); err != nil {
 				return err
 			}
 		}
@@ -383,7 +394,7 @@ func configureNodeNic(portName, ip, gw string, macAddr net.HardwareAddr, mtu int
 
 	// ping ovn0 gw to activate the flow
 	klog.Infof("wait ovn0 gw ready")
-	if err := waitNetworkReady(util.NodeNic, ip, gw, false, true); err != nil {
+	if err := waitNetworkReady(util.NodeNic, ip, gw, false, true, gatewayCheckMaxRetry); err != nil {
 		klog.Errorf("failed to init ovn0 check: %v", err)
 		return err
 	}
@@ -410,7 +421,7 @@ func (c *Controller) loopOvn0Check() {
 	}
 	ip := node.Annotations[util.IpAddressAnnotation]
 	gw := node.Annotations[util.GatewayAnnotation]
-	if err := waitNetworkReady(util.NodeNic, ip, gw, false, false); err != nil {
+	if err := waitNetworkReady(util.NodeNic, ip, gw, false, false, gatewayCheckMaxRetry); err != nil {
 		util.LogFatalAndExit(err, "failed to ping ovn0 gateway %s", gw)
 	}
 }

diff --git a/pkg/daemon/ovs_windows.go b/pkg/daemon/ovs_windows.go
@@ -237,12 +237,12 @@ func generateNicName(containerID, ifname string) (string, string) {
 	return fmt.Sprintf("%s_%s_h", containerID[0:12-len(ifname)], ifname), fmt.Sprintf("%s_%s_c", containerID[0:12-len(ifname)], ifname)
 }
 
-func waitNetworkReady(nic, ipAddr, gateway string, underlayGateway, verbose bool) error {
+func waitNetworkReady(nic, ipAddr, gateway string, underlayGateway, verbose bool, maxRetry int) error {
 	ips := strings.Split(ipAddr, ",")
 	for i, gw := range strings.Split(gateway, ",") {
 		src := strings.Split(ips[i], "/")[0]
 		if !underlayGateway || util.CheckProtocol(gw) == kubeovnv1.ProtocolIPv6 {
-			if err := pingGateway(gw, src, verbose); err != nil {
+			if err := pingGateway(gw, src, verbose, maxRetry); err != nil {
 				return err
 			}
 		}
@@ -267,7 +267,7 @@ func configureNodeNic(portName, ip, gw string, macAddr net.HardwareAddr, mtu int
 
 	// ping ovn0 gw to activate the flow
 	klog.Infof("wait ovn0 gw ready")
-	if err := waitNetworkReady(util.NodeNic, ip, gw, false, true); err != nil {
+	if err := waitNetworkReady(util.NodeNic, ip, gw, false, true, gatewayCheckMaxRetry); err != nil {
 		klog.Errorf("failed to init ovn0 check: %v", err)
 		return err
 	}