Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DNM] Ongoing work on BGP e2e tests #4791

Draft
wants to merge 22 commits into
base: master
Choose a base branch
from
Draft

Conversation

jcaamano
Copy link
Contributor

Ongoing work on BGP e2e tests.

@github-actions github-actions bot added kind/documentation All issues related to documentation feature/egress-ip Issues related to EgressIP feature area/unit-testing Issues related to adding/updating unit tests feature/services&endpoints All issues related to the Servces/Endpoints API labels Oct 22, 2024
@jcaamano jcaamano force-pushed the bgp-e2e branch 2 times, most recently from 05fec8b to 294b3a4 Compare October 24, 2024 11:53
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Adds to NetInfo the concept of reconcilable network information. This is
network information that can change dynamically and network controllers
should be able to reconcile. This includes NADs which is information
that network controllers should have already been capable of reconciling
although they currently don't (for example, for multinetwork policies).
Also includes VRFs the network is leaking/advertising to, per node, that
network controllers need to be aware of and rec0oncile as it changes.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Add the ability for network controllers to reconcile some network
information changes. Currently just changes of the VRFs the network is
leaking/advertising to. Support for reconciling NAD changes is not
included in this commit.

Currently reconciles if the network is advertised or not:
- for OVN network controller to configure or not the pod IP to node IP
  SNAT on the GR for a node of its zone
- for node network controller to configure or not br-ex flows to
  redirect pod IP ingress traffic to the OVN network

This should be enough to provide direct ingress capabilities for the
default network in SGW mode.

Note that secondary network controllers don't reconcile anything as
route advertising is not supported on them. Also cluster manager network
controllers don't reconcile much as they don't have the need.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
The plan is for the NAD controller to fetch route advertising
information on behalf of network controllers. It will have to do so for
the default network as well and will need access to its network
controller to reconcile that information.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
As node controllers will need to be informed of related events in new
level driven controllers to come.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
This annotation will be set by a future cluster manager controller on
the NADs and will list the names of route advertisements that apply to
the given NAD. This will ease processing time of other zone/node
controllers that need to track which route advertisements apply to a
network avoiding them from processing all route advertisements on each
of their reconciliation loops.

Note that this will happen for the default network as well. For that
probably a dummy NAD on ovn-kubernetes namespace is the best option.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
The network manager running within the NAD controller will, upon
ensuring a network, fetch the VRFs per node a pod network is being
leaked/advertised to from the applicable route advertisements
configuration, and include it in the network information used when
creating a network controller, or triggering a reconciliation if it was
already running.

This relies on annotations set by cluster manager on NADs pointing to
the route advertising configuration that applies to the network which
will come in a future PR/commit.

This includes the default network for which the ever existing default
network controller is used (instead of creating a new network
controller). If necessary, it is assumed that cluster manager will
create a dummy NAD for the default network in ovn-k namespace to set
annotations on. If no NADs for the default network exist or if they have
no annotations, network manager will reconcile the default network to a
default configuration (instead of destroying the network controller).

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Add retries to gateway reconciliation, that would otherwise log an error
upon first failure, now that it is part of the overall network
reconciliation.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Since it will be part of overall network reconciliation when its
advertising configuration changes.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Used on secondary nic flows, not needed if pod network is advertised as
traffic is supposed to reach the node hosting the pod directly.

However, we add an SNAT rule for local IPT traffic flows. Otherwise the
node masquerade address is used as it is set as the source address in
the services route. Note that in this case the linux source selection
algorithm just looks at the default routing table and does not look at
non default, at least when the ip rule is based on packet marks set
through conntrack.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
…tised

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/unit-testing Issues related to adding/updating unit tests feature/egress-ip Issues related to EgressIP feature feature/services&endpoints All issues related to the Servces/Endpoints API kind/documentation All issues related to documentation
Projects
Status: Todo
Development

Successfully merging this pull request may close these issues.

1 participant