Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect Network Instance IP subnet conflict #3823

Merged
merged 2 commits into from
Mar 20, 2024
Merged

Detect Network Instance IP subnet conflict #3823

merged 2 commits into from
Mar 20, 2024

Commits on Mar 19, 2024

  1. Detect Network Instance IP subnet conflict 

    Zedrouter is able to detect if NI IP subnet overlaps with the subnet
of another NI or with a device port network. When a conflict is detected
for a new NI, it is blocked from being created. If IP conflict arises
for an already created NI (e.g. a device port later received IP from
an overlapping subnet), the NI is unconfigured and VIFs are set DOWN
(not deleted). In both cases an error is reported for the NI.

This is crucial because, previously, an NI with a subnet overlapping with
a device port network would result in the device permanently losing
controller connectivity (due to routing conflicts), with very limited
options to restore connectivity and make the device manageable again.
Instead, the device should remain online, inform the user about the issue,
and allow to correct the IP configuration.

When IP conflict is detected for an already created NI with an app
connected to it, we intentionally do not halt and undeploy the app.
Instead, the app is left running, just VIFs connected to the problematic
NI lose their connectivity. This allows the user to fix the network
config or at least backup the application data when IP conflict arises.

To enable the deletion of NI when an IP conflict is detected, followed
by its later recreation when the conflict is resolved, and to reconnect
already running apps, few enhancements had to be made to the NI Reconciler,
particularly in the area of VIF bridging.

Signed-off-by: Milan Lenco <milan@zededa.com>
    @milan-zededa
    milan-zededa committed Mar 19, 2024
    Configuration menu
    Copy the full SHA
    638828f View commit details
    Browse the repository at this point in the history

  2. Return error from zedrouter.init (instead of os.Exit) 

    zedrouter.Run() already calls log.Fatal (with os.Exit inside) when error
is returned from init() or run() methods.

Signed-off-by: Milan Lenco <milan@zededa.com>
    @milan-zededa
    milan-zededa committed Mar 19, 2024
    Configuration menu
    Copy the full SHA
    7aa32d4 View commit details
    Browse the repository at this point in the history