Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated cherry pick of #4295: Add unit test for pkg/agent/route #4419: Set NO_FLOOD to IPsec tunnel ports #4470: Fix that Service routes may get lost when starting on Windows #4654: Restore NO_FLOOD to OVS ports after reconnecting the OVS #4711: Fix route deletion for Service ClusterIP and LoadBalancerIP #4766

Merged
merged 6 commits into from
Mar 28, 2023
Merged

Automated cherry pick of #4295: Add unit test for pkg/agent/route #4419: Set NO_FLOOD to IPsec tunnel ports #4470: Fix that Service routes may get lost when starting on Windows #4654: Restore NO_FLOOD to OVS ports after reconnecting the OVS #4711: Fix route deletion for Service ClusterIP and LoadBalancerIP #4766

merged 6 commits into from
Mar 28, 2023

Conversation

luolanzone
Copy link
Contributor

@luolanzone luolanzone commented Mar 27, 2023
edited
Loading

Cherry pick of #4295 #4419 #4470 #4654 #4711 #4674 on release-1.7.

#4295: Add unit test for pkg/agent/route
#4419: Set NO_FLOOD to IPsec tunnel ports
#4470: Fix that Service routes may get lost when starting on Windows
#4654: Restore NO_FLOOD to OVS ports after reconnecting the OVS
#4711: Fix route deletion for Service ClusterIP and LoadBalancerIP
#4674: Ensure OVS port is valid before setting NO_FLOOD

For details on the cherry pick process, see the cherry pick requests page.

tnqn and others added 5 commits March 27, 2023 21:38
@tnqn @luolanzone
Add unit test for pkg/agent/route
b6f9bf7 
Signed-off-by: Quan Tian <[email protected]>
@xliuxu @luolanzone
Set NO_FLOOD to IPsec tunnel ports
82f1862 
Set NO_FLOOD to IPsec tunnel ports to avoid ARP flooding.

Signed-off-by: Xu Liu <[email protected]>
@hongliangl @luolanzone
Fix that Service routes may get lost when starting on Windows
a98f31b 
Fix antrea-io#4467

Signed-off-by: Hongliang Liu <[email protected]>
@xliuxu @luolanzone
Restore NO_FLOOD to OVS ports after reconnecting the OVS bridge
5edfff4 
The NO_FLOOD configuration is lost when the OVS daemon is restarted.
Currently, the only way to recover this configuration is by restarting
the agent. This pull request adds logic to recover the configuration
when receiving OVS reconnection events.

Signed-off-by: Xu Liu <[email protected]>
@tnqn @luolanzone
Fix route deletion for Service ClusterIP and LoadBalancerIP
7c56e89 
When proxyAll is enabled, AntreaProxy needs to install routes in the
host network namespace to redirect traffic to OVS for load balancing.
For a Service with multiple ports, multiple ServicePorts are generated
and processed. The previous code installed the route for a ClusterIP or
a LoadBalancerIP multiple times when such a Service was created, and
uninstalled the route multiple times when it was deleted, leading to a
few problems.

This patch adds a serviceIPRouteReferences which tracks the references
of Service IPs' routes. The key is the Service IP and the value is the
the set of ServiceInfo strings. With the references, we install a route
exactly once as long as it's used by any ServicePorts and uninstall it
exactly once when it's no longer used by any ServicePorts.

This patch also fixes an issue that the route for ClusterIP was not
removed on Windows Nodes after the Service was removed.

Fixes antrea-io#4361

Signed-off-by: Quan Tian <[email protected]>
@luolanzone luolanzone added the kind/cherry-pick Categorizes issue or PR as related to the cherry-pick of a bug fix from the main branch to a release label Mar 27, 2023
@codecov
Copy link

codecov bot commented Mar 27, 2023
edited
Loading

Codecov Report

Merging #4766 (64772db) into release-1.7 (0037700) will decrease coverage by 17.09%.
The diff coverage is 42.31%.

❗ Current head 64772db differs from pull request most recent head 1518b39. Consider uploading reports for the commit 1518b39 to get more accurate results

Impacted file tree graph

@@               Coverage Diff                @@
##           release-1.7    #4766       +/-   ##
================================================
- Coverage        61.76%   44.68%   -17.09%     
================================================
  Files              298      259       -39     
  Lines            44437    39303     -5134     
================================================
- Hits             27446    17562     -9884     
- Misses           14803    19975     +5172     
+ Partials          2188     1766      -422
Flag Coverage Δ
e2e-tests 44.68% <42.31%> (?)
kind-e2e-tests ?
unit-tests ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
pkg/agent/nodeportlocal/rules/iptable_rule.go 55.78% <0.00%> (ø)
pkg/agent/util/net_linux.go 30.28% <ø> (+1.16%) ⬆️
pkg/controller/networkpolicy/clustergroup.go 3.35% <0.00%> (-73.72%) ⬇️
...g/controller/networkpolicy/store/appliedtogroup.go 68.57% <0.00%> (-19.05%) ⬇️
...kg/controller/networkpolicy/store/networkpolicy.go 81.60% <ø> (+4.52%) ⬆️
...g/controller/networkpolicy/clusternetworkpolicy.go 9.30% <4.44%> (-59.92%) ⬇️
pkg/controller/networkpolicy/crd_utils.go 15.10% <10.71%> (-77.49%) ⬇️
pkg/agent/route/route_linux.go 28.04% <13.58%> (-18.61%) ⬇️
pkg/agent/proxy/proxier.go 44.01% <14.92%> (-18.30%) ⬇️
pkg/agent/config/node_config.go 53.12% <35.00%> (-46.88%) ⬇️
... and 12 more

... and 183 files with indirect coverage changes

@tnqn
Copy link
Member

tnqn commented Mar 27, 2023

/test-all

@tnqn @luolanzone
Ensure OVS port is valid before setting NO_FLOOD (antrea-io#4674)
1518b39 
There could be some cases that OVS ports are left invalid. Setting
NO_FLOOD for these ports will fail for sure and restarting agents would
just meet the same error. Later we should enhance the port cleanup
logic, either when they are firstly identified, or when their owners do
the initialization. For now, as there could be invalid ports in
interface cache, we should ensure a port is valid before setting
NO_FLOOD.

Signed-off-by: Quan Tian <[email protected]>
@luolanzone luolanzone force-pushed the automated-cherry-pick-of-#4295-#4419-#4470-#4654-#4711-upstream-release-1.7 branch from bd890d2 to 1518b39 Compare March 28, 2023 05:48
@tnqn
Copy link
Member

tnqn commented Mar 28, 2023

/test-all

@tnqn tnqn merged commit cba501f into antrea-io:release-1.7 Mar 28, 2023
@luolanzone luolanzone deleted the automated-cherry-pick-of-#4295-#4419-#4470-#4654-#4711-upstream-release-1.7 branch March 30, 2023 11:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tnqn tnqn tnqn approved these changes

Assignees
No one assigned
Labels
kind/cherry-pick Categorizes issue or PR as related to the cherry-pick of a bug fix from the main branch to a release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@luolanzone @tnqn @xliuxu @hongliangl