L1VH CNI first version #2465
L1VH CNI first version #2465
Conversation
Signed-off-by: Paul Yu <129891899+paulyufan2@users.noreply.github.com>
| @@ -8,7 +8,7 @@ require ( | |||
| github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0 | |||
| github.com/Masterminds/semver v1.5.0 | |||
| github.com/Microsoft/go-winio v0.6.1 | |||
| github.com/Microsoft/hcsshim v0.11.4 | |||
| github.com/Microsoft/hcsshim v0.12.0-rc.2 | |||
There was a problem hiding this comment.
What caused this update?
There was a problem hiding this comment.
we need to fetch this hcsshim version for:
hcnNetwork.Flags = hcn.DisableHostPort
There was a problem hiding this comment.
Considering it is a release candidate update. Can you also run CNI Release Test on this PR? Just want to ensure there are not additional changes that are breaking.
There was a problem hiding this comment.
we cannot merge with release candidate version.. have to get official version released
There was a problem hiding this comment.
This is in rc status as they are making 0.12.X dependent on containerd 2.0, which has not been released yet.
| // Add secondary interface info from podIPInfo to ipamAddResult | ||
| info.hostSubnet = response.PodIPInfo[i].HostSecondaryIPInfo.Subnet | ||
| info.hostPrimaryIP = response.PodIPInfo[i].HostSecondaryIPInfo.PrimaryIP | ||
| info.hostGateway = response.PodIPInfo[i].HostSecondaryIPInfo.Gateway | ||
|
|
There was a problem hiding this comment.
wont this affect AKS swift 2.0? it was using this before:
hostSubnet: response.PodIPInfo[i].HostPrimaryIPInfo.Subnet,
hostPrimaryIP: response.PodIPInfo[i].HostPrimaryIPInfo.PrimaryIP,
There was a problem hiding this comment.
it gets secondary interface info from HostSecondaryIPInfo
cni/network/network.go
Outdated
| @@ -45,6 +45,9 @@ const ( | |||
| ipv6FullMask = 128 | |||
| ) | |||
|
|
|||
| // Secondary interface NIC types | |||
| var secondaryInterfaceNICType = []string{cns.BackendNICNC, string(cns.DelegatedVMNIC)} | |||
There was a problem hiding this comment.
why typecasting for delegatedvmnic but not for backendnicnc
There was a problem hiding this comment.
I think it's because they are defined in different types on CNS codes, I can update CNS code
cni/network/network.go
Outdated
| cniResult := cniTypesCurr.Result{} | ||
| // Add secondaryInterface info to result if it exists; otherwise add default primary interface info to result | ||
| if hasSecondaryInterface(ipamAddResult) { | ||
| cniResult = *convertInterfaceInfoToCniResult(ipamAddResult.secondaryInterfacesInfo[0], args.IfName) |
There was a problem hiding this comment.
can it be cniResult = convertInterfaceInfoToCniResult(ipamAddResult.secondaryInterfacesInfo[0], args.IfName)
There was a problem hiding this comment.
if required , define a new variable.. but lets not make code convoluted
cni/network/invoker_cns.go
Outdated
| @@ -450,6 +455,13 @@ func configureSecondaryAddResult(info *IPResultInfo, addResult *IPAMAddResult, p | |||
| return errors.Wrap(err, "Invalid mac address") | |||
| } | |||
|
|
|||
| _, hostIPNet, err := net.ParseCIDR(info.hostSubnet) | |||
There was a problem hiding this comment.
because we do need "hostSubnetPrefix" to find master interface if you check findMasterInterface()
There was a problem hiding this comment.
we should check based on macAddress instead?
cni/network/network.go
Outdated
| @@ -45,6 +45,9 @@ const ( | |||
| ipv6FullMask = 128 | |||
| ) | |||
|
|
|||
| // Secondary interface NIC types | |||
| var secondaryInterfaceNICType = []string{cns.BackendNICNC, string(cns.DelegatedVMNIC)} | |||
There was a problem hiding this comment.
we should have enum for nic types.. we should resuse from cns package
cni/network/network.go
Outdated
| @@ -362,12 +386,18 @@ func (plugin *NetPlugin) Add(args *cniSkel.CmdArgs) error { | |||
| telemetry.SendCNIMetric(&cniMetric, plugin.tb) | |||
|
|
|||
| // Add Interfaces to result. | |||
| defaultCniResult := convertInterfaceInfoToCniResult(ipamAddResult.defaultInterfaceInfo, args.IfName) | |||
| cniResult := cniTypesCurr.Result{} | |||
| // Add secondaryInterface info to result if it exists; otherwise add default primary interface info to result | |||
There was a problem hiding this comment.
can it be other way.. add secondary interface to result if default interface does not exist
There was a problem hiding this comment.
in design, we have both default and secondary interface info in ipamAddResult;
cni/network/network.go
Outdated
| @@ -460,6 +494,14 @@ func (plugin *NetPlugin) Add(args *cniSkel.CmdArgs) error { | |||
| zap.Any("results", ipamAddResult)) | |||
| return plugin.Errorf(errMsg) | |||
| } | |||
| } else if !nwCfg.MultiTenancy && nwCfg.IPAM.Type == network.AzureCNS { | |||
There was a problem hiding this comment.
wanted to understand why we need this change
There was a problem hiding this comment.
because for swiftv2 path, the nwconfig multitenancy must not be set to true which was confused before; and the nwcfg ipam type should be azureCNS
cni/network/invoker_cns.go
Outdated
| @@ -450,6 +455,13 @@ func configureSecondaryAddResult(info *IPResultInfo, addResult *IPAMAddResult, p | |||
| return errors.Wrap(err, "Invalid mac address") | |||
| } | |||
|
|
|||
| _, hostIPNet, err := net.ParseCIDR(info.hostSubnet) | |||
There was a problem hiding this comment.
we should check based on macAddress instead?
cni/network/network.go
Outdated
| @@ -78,6 +81,14 @@ type NetPlugin struct { | |||
| multitenancyClient MultitenancyClient | |||
| } | |||
|
|
|||
| // save secondary interface usage with ipNet and macAddress properties | |||
| var SecondaryInterfaces map[string]SecondaryInterfaceProperty | |||
There was a problem hiding this comment.
what's key here? Add a comment on it
cni/network/network.go
Outdated
| func hasSecondaryInterface(ipamAddResult IPAMAddResult) bool { | ||
| if ipamAddResult.secondaryInterfacesInfo != nil { | ||
| for _, interfaceNICType := range secondaryInterfaceNICType { | ||
| if string(ipamAddResult.secondaryInterfacesInfo[0].NICType) == interfaceNICType { | ||
| return true | ||
| } | ||
| } | ||
| } | ||
| return false | ||
| } |
There was a problem hiding this comment.
we should just check `len(secondaryInterfacesInfo)>0``
cni/network/network.go
Outdated
| interfaceInfo := network.InterfaceInfo{} | ||
| // find ipnet from secondaryInterfaceInfo if it exists; | ||
| if hasSecondaryInterface(ipamAddResult) { | ||
| interfaceInfo = ipamAddResult.secondaryInterfacesInfo[0] |
There was a problem hiding this comment.
lets iterate instead of assuming index 0 will be expected nic info
cni/network/network.go
Outdated
| macAddress = ipamAddResult.secondaryInterfacesInfo[0].MacAddress.String() | ||
| } | ||
|
|
||
| masterIfName := plugin.findMasterInterface(ipamAddConfig.nwCfg, &ipnet) |
There was a problem hiding this comment.
find master interface by macAddress if hostSubnetPrefix is not provided or interface couldn't find
cni/network/network.go
Outdated
| // Get secondary interface info from CNI state file and save them to ipamAddResult in CNI Delete call | ||
| secondaryInterfaceInfo, err := plugin.nm.GetNetworkSecondaryInterfaceInfo(endpointID) | ||
| if err != nil { | ||
| logger.Error("Failed to get secondaryInterfaceInfo", zap.Error(err)) |
There was a problem hiding this comment.
change level to info
log endpointID
cni/network/network.go
Outdated
| logger.Error("Failed to get secondaryInterfaceInfo", zap.Error(err)) | ||
| } | ||
|
|
||
| ipamAddResult.secondaryInterfacesInfo = []network.InterfaceInfo{} |
There was a problem hiding this comment.
if err == nil {
then set this
}
| endpointID := plugin.nm.GetEndpointID(args.ContainerID, args.IfName) | ||
|
|
||
| // Get secondary interface info from CNI state file and save them to ipamAddResult in CNI Delete call | ||
| secondaryInterfaceInfo, err := plugin.nm.GetNetworkSecondaryInterfaceInfo(endpointID) |
There was a problem hiding this comment.
should not be specfic call for each interface, instead it should fetch all interface associated with that containerID
There was a problem hiding this comment.
will address in stateless cni
cni/network/network.go
Outdated
| @@ -1032,6 +1120,16 @@ func (plugin *NetPlugin) Delete(args *cniSkel.CmdArgs) error { | |||
| err = plugin.Errorf("Failed to extract network name from network config. error: %v", err) | |||
| return err | |||
| } | |||
|
|
|||
| // cleanup interfaces usage map for swiftv2 L1VH and delete hnsNetwork associated with this networkID | |||
| if &ipamAddResult != nil && ipamAddResult.secondaryInterfacesInfo != nil { | |||
There was a problem hiding this comment.
change ipamAddResult to pointer otherwise
| @@ -1049,7 +1147,6 @@ func (plugin *NetPlugin) Delete(args *cniSkel.CmdArgs) error { | |||
| } | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
this line is on line 1082, just moved to the above
| @@ -1049,7 +1147,6 @@ func (plugin *NetPlugin) Delete(args *cniSkel.CmdArgs) error { | |||
| } | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
this line is on line 1082, just moved to the above
cni/network/network.go
Outdated
| // save secondary interface property | ||
| // key is secondary interface name and value is its macAddress | ||
| var SecondaryInterfaces map[string]SecondaryInterfaceProperty | ||
|
|
||
| type SecondaryInterfaceProperty struct { | ||
| macAddress string | ||
| } |
There was a problem hiding this comment.
if its not required, lets remove
cni/network/network.go
Outdated
| @@ -217,6 +226,14 @@ func (plugin *NetPlugin) findMasterInterface(nwCfg *cni.NetworkConfig, subnetPre | |||
| subnetPrefixString := subnetPrefix.String() | |||
| interfaces, _ := net.Interfaces() | |||
| for _, iface := range interfaces { | |||
| if subnetPrefixString == "" { | |||
There was a problem hiding this comment.
add a new function findMasterInterfaceByMac
There was a problem hiding this comment.
how would be branch to this vs the default function used by other paths?
cni/network/network.go
Outdated
| @@ -362,12 +387,17 @@ func (plugin *NetPlugin) Add(args *cniSkel.CmdArgs) error { | |||
| telemetry.SendCNIMetric(&cniMetric, plugin.tb) | |||
|
|
|||
| // Add Interfaces to result. | |||
| defaultCniResult := convertInterfaceInfoToCniResult(ipamAddResult.defaultInterfaceInfo, args.IfName) | |||
| cniResult := &cniTypesCurr.Result{} | |||
| cniResult = convertInterfaceInfoToCniResult(ipamAddResult.defaultInterfaceInfo, args.IfName) | |||
| cniResult := &cniTypesCurr.Result{} | ||
| cniResult = convertInterfaceInfoToCniResult(ipamAddResult.defaultInterfaceInfo, args.IfName) | ||
| // if defaultInterfaceInfo does not exist, then try to use secondaryInterfaceInfo | ||
| if cniResult == nil && hasSecondaryInterface(ipamAddResult) { |
There was a problem hiding this comment.
should append to result.Interface since its an array and not overwrite it
There was a problem hiding this comment.
I checked with Kshitija and we only add one NC at a time and the secondary interface is always the first element of the secondaryInterfacesInfo
cni/network/network.go
Outdated
|
|
||
| options := make(map[string]any) | ||
| ipamAddConfig := IPAMAddConfig{nwCfg: nwCfg, args: args, options: options} |
There was a problem hiding this comment.
if not required, lets remove it
|
This pull request is stale because it has been open for 2 weeks with no activity. Remove stale label or comment or this will be closed in 7 days |
|
Pull request closed due to inactivity. |
Reason for Change:
This implementation is to support swiftv2 L1VH CNI feature:
CNI receives goal state from CNS and create linux/windows pod on Windows VM/Node in swiftv2 L1VH path;
The container pod is using secondary interface with its mac address and NIC type(Delegated NIC or Accelnet) to be created;
We support up to 8 pods to be created by using different interfaces along with different hnsNetwork; CNI supports hnsNetwork creation(when pod is added to the VM) and deletion(when pod is removed from VM) to prevent leakage;
Issue Fixed:
Requirements:
Notes: