Merge pull request #641 from TrekkieCoder/main

PR : LB-VIP maintenance reworked
loxilb-io · Apr 17, 2024 · fc5b5a4 · fc5b5a4
2 parents ba06e9d + 338757d
commit fc5b5a4
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 20 deletions.
diff --git a/pkg/loxinet/layer3.go b/pkg/loxinet/layer3.go
@@ -287,7 +287,7 @@ func (l3 *L3H) IfaSelect(Obj string, addr net.IP, findAny bool) (int, net.IP, st
 	}
 
 	for _, ifaEnt := range ifa.Ifas {
-		if ifaEnt.Secondary == true {
+		if ifaEnt.Secondary {
 			continue
 		}
 
@@ -300,7 +300,7 @@ func (l3 *L3H) IfaSelect(Obj string, addr net.IP, findAny bool) (int, net.IP, st
 		}
 	}
 
-	if findAny == false {
+	if !findAny {
 		return L3AddrErr, net.IPv4(0, 0, 0, 0), ""
 	}
 
@@ -418,7 +418,7 @@ func (l3 *L3H) IfaSelectAny(addr net.IP, findAny bool) (int, net.IP, string) {
 		}
 
 		for _, ifaEnt := range ifa.Ifas {
-			if ifaEnt.Secondary == true {
+			if ifaEnt.Secondary {
 				continue
 			}
 

diff --git a/pkg/loxinet/port.go b/pkg/loxinet/port.go
@@ -393,12 +393,14 @@ func (P *PortsH) PortAdd(name string, osid int, ptype int, zone string,
 
 	P.portSmap[name] = p
 	P.portImap[rid] = p
-	P.portOmap[osid] = p
+	if osid > 0 {
+		P.portOmap[osid] = p
+	}
 
 	mh.zn.ZonePortAdd(name, zone)
 	p.DP(DpCreate)
 
-	tk.LogIt(tk.LogDebug, "port added - %s:%d\n", name, p.PortNo)
+	tk.LogIt(tk.LogDebug, "port added - %s:%d OSID %d\n", name, p.PortNo, osid)
 
 	return 0, nil
 }

diff --git a/pkg/loxinet/route.go b/pkg/loxinet/route.go
@@ -312,17 +312,20 @@ func (r *RtH) RtAdd(Dst net.IPNet, Zone string, Ra RtAttr, Na []RtNhAttr) (int,
 	}
 	//}
 
-	var tret int
+	tret := 0
 	var tR *tk.TrieRoot
 	if tk.IsNetIPv4(Dst.IP.String()) {
 		tR = r.Trie4
 	} else {
 		tR = r.Trie6
 	}
-	if len(rt.NextHops) > 0 {
-		tret = tR.AddTrie(Dst.String(), rt.NextHops[0])
-	} else {
-		tret = tR.AddTrie(Dst.String(), &rt.Attr.Ifi)
+	ones, _ := Dst.Mask.Size()
+	if (ones != 32 && ones != 128) || !r.Zone.Rules.IsIPRuleVIP(Dst.IP) {
+		if len(rt.NextHops) > 0 {
+			tret = tR.AddTrie(Dst.String(), rt.NextHops[0])
+		} else {
+			tret = tR.AddTrie(Dst.String(), &rt.Attr.Ifi)
+		}
 	}
 	if tret != 0 {
 		// Delete any neigbors created here
@@ -417,10 +420,13 @@ func (r *RtH) rtDeleteCommon(Dst net.IPNet, Zone string, host bool) (int, error)
 	} else {
 		tR = r.Trie6
 	}
-	tret := tR.DelTrie(Dst.String())
-	if tret != 0 {
-		tk.LogIt(tk.LogError, "rt delete - %s:%s lpm not found\n", Dst.String(), Zone)
-		return RtTrieDelErr, errors.New("rt-lpm delete error")
+	ones, _ := Dst.Mask.Size()
+	if (ones != 32 && ones != 128) || !r.Zone.Rules.IsIPRuleVIP(Dst.IP) {
+		tret := tR.DelTrie(Dst.String())
+		if tret != 0 {
+			tk.LogIt(tk.LogError, "rt delete - %s:%s lpm not found\n", Dst.String(), Zone)
+			return RtTrieDelErr, errors.New("rt-lpm delete error")
+		}
 	}
 
 	delete(r.RtMap, rt.Key)

diff --git a/pkg/loxinet/rules.go b/pkg/loxinet/rules.go
@@ -91,6 +91,7 @@ const (
 	MaxEndPointCheckers        = 4         // Maximum helpers to check endpoint health
 	EndPointCheckerDuration    = 2         // Duration at which ep-helpers will run
 	MaxEndPointSweeps          = 20        // Maximum end-point sweeps per round
+	VIPSweepDuration           = 30        // Duration of periodic VIP maintenance
 )
 
 type ruleTType uint
@@ -329,6 +330,7 @@ type RuleH struct {
 	epMx       sync.RWMutex
 	rootCAPool *x509.CertPool
 	tlsCert    tls.Certificate
+	vipST      time.Time
 }
 
 // RulesInit - initialize the Rules subsystem
@@ -386,6 +388,7 @@ func RulesInit(zone *Zone) *RuleH {
 		nRh.tlsCert = cert
 	}
 	nRh.wg.Add(MaxEndPointCheckers)
+	nRh.vipST = time.Now()
 
 	return nRh
 }
@@ -1461,6 +1464,14 @@ func (R *RuleH) AddNatLbRule(serv cmn.LbServiceArg, servSecIPs []cmn.LbSecIPArg,
 		if R.vipMap[sNetAddr.IP.String()] == 1 {
 			R.AdvRuleVIPIfL2(sNetAddr.IP)
 		}
+
+		// Take care of any secondary VIPs
+		for _, sVIP := range r.secIP {
+			R.vipMap[sVIP.sIP.String()]++
+			if R.vipMap[sVIP.sIP.String()] == 1 {
+				R.AdvRuleVIPIfL2(sVIP.sIP)
+			}
+		}
 	}
 
 	r.DP(DpCreate)
@@ -1538,6 +1549,22 @@ func (R *RuleH) DeleteNatLbRule(serv cmn.LbServiceArg) (int, error) {
 			}
 			delete(R.vipMap, sNetAddr.IP.String())
 		}
+
+		// Take care of any secondary VIPs
+		for _, sVIP := range rule.secIP {
+			R.vipMap[sVIP.sIP.String()]--
+			if R.vipMap[sVIP.sIP.String()] == 0 {
+				if utils.IsIPHostAddr(sVIP.sIP.String()) {
+					loxinlp.DelAddrNoHook(sVIP.sIP.String()+"/32", "lo")
+				}
+				dev := fmt.Sprintf("llb-rule-%s", sVIP.sIP.String())
+				ret, _ := mh.zr.L3.IfaFind(dev, sVIP.sIP)
+				if ret == 0 {
+					mh.zr.L3.IfaDelete(dev, sVIP.sIP.String()+"/32")
+				}
+				delete(R.vipMap, sVIP.sIP.String())
+			}
+		}
 	}
 
 	tk.LogIt(tk.LogDebug, "nat lb-rule deleted %s-%s\n", rule.tuples.String(), rule.act.String())
@@ -2185,11 +2212,14 @@ func (R *RuleH) RulesSync() {
 		}
 	}
 
-	for vip := range R.vipMap {
-		ip := net.ParseIP(vip)
-		if ip != nil {
-			R.AdvRuleVIPIfL2(ip)
+	if time.Duration(time.Since(R.vipST).Seconds()) > time.Duration(VIPSweepDuration) {
+		for vip := range R.vipMap {
+			ip := net.ParseIP(vip)
+			if ip != nil {
+				R.AdvRuleVIPIfL2(ip)
+			}
 		}
+		R.vipST = time.Now()
 	}
 
 	for _, rule := range R.tables[RtFw].eMap {
@@ -2606,7 +2636,7 @@ func (r *ruleEnt) DP(work DpWorkT) int {
 		return 0
 	}
 
-	if isNat == true {
+	if isNat {
 		return r.Nat2DP(work)
 	}
 
@@ -2632,7 +2662,7 @@ func (R *RuleH) AdvRuleVIPIfL2(IP net.IP) error {
 				}
 				loxinlp.DelNeighNoHook(IP.String(), "")
 			}
-			ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
+			ctx, cancel := context.WithTimeout(context.Background(), 300*time.Millisecond)
 			defer cancel()
 			rCh := make(chan int)
 			go utils.GratArpReqWithCtx(ctx, rCh, IP, iface)
@@ -2676,3 +2706,10 @@ func (R *RuleH) RuleVIPSyncToClusterState() {
 		}
 	}
 }
+
+func (R *RuleH) IsIPRuleVIP(IP net.IP) bool {
+	if _, found := R.vipMap[IP.String()]; found {
+		return true
+	}
+	return false
+}